Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 03-02-2025
Exécuté par rpgis (07-02-2025 19:49:04)
Exécuté depuis C:\Users\rpgis\OneDrive\Bureau
Microsoft Windows 11 Famille Version 24H2 26100.2894 (X64) (2024-10-24 18:32:52)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
Administrateur (S-1-5-21-684664964-2853107246-2488223059-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-684664964-2853107246-2488223059-503 - Limited - Disabled)
Invité (S-1-5-21-684664964-2853107246-2488223059-501 - Limited - Disabled)
rpgis (S-1-5-21-684664964-2853107246-2488223059-1001 - Administrator - Enabled) => C:\Users\rpgis
WDAGUtilityAccount (S-1-5-21-684664964-2853107246-2488223059-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Security (Enabled - Up to date) {F55BE278-BCE3-5EE9-7A2E-5F716BE02F32}
AV: Norton Security Ultra (Disabled - Out of date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
FW: Norton Security Ultra (Disabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
FW: Avira Security (Enabled) {53C47F3A-6D33-C18B-B172-2A5508198379}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
7-Zip 24.09 (x64) (HKLM\...\7-Zip) (Version: 24.09 - Igor Pavlov)
Acer Configuration Manager (HKLM-x32\...\{8CB1A03C-9849-4744-AD56-341A18F9E3E2}) (Version: 2.5.22250 - Acer)
Acer Jumpstart (HKLM-x32\...\{0C5ED25A-B8D1-4E71-BFCB-6B370A4EA19C}) (Version: 3.5.22220.20 - Acer)
Action! (HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\Mirillis Action!) (Version: 4.44.0 - Mirillis)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1036-1033-7760-BC15014EA700}) (Version: 24.005.20399 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601108}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
App Explorer (HKU\S-1-5-19\...\Host App Service) (Version: 0.273.4.240 - SweetLabs) <==== ATTENTION
App Explorer (HKU\S-1-5-20\...\Host App Service) (Version: 0.273.4.240 - SweetLabs) <==== ATTENTION
Avira Fallback Updater (HKLM-x32\...\Avira Fallback Updater) (Version: - ) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.44.1.19908 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.106.1577 - Avira Operations GmbH) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 7.4.0.511 - Avira Operations GmbH) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version: 7.1.5.2460 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
Care Center Service (HKLM\...\{AFB52E98-7597-4484-9202-58F0FD3512ED}) (Version: 4.00.3042 - Acer Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 6.32 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.1.0.2037 - Disc Soft Ltd)
Debut - Logiciel de capture vidéo (HKLM-x32\...\Debut) (Version: 8.91 - NCH Software)
D-Fend Reloaded 1.4.4 (Désinstaller) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.4.4 - Alexander Herzog)
Diablo II (HKLM-x32\...\Diablo II) (Version: - )
Dragon (HKLM-x32\...\{3C8FA4F4-8471-4C60-9002-9B9F78B7B483}) (Version: 4 - Realtek)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3026 - Acer Incorporated)
Dynamic Application Loader Host Interface Service (HKLM\...\{A28339C8-E641-4CCE-A316-56F405D1C245}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Endpoint Protection SDK (HKLM\...\{68E1CCB4-4965-4713-BDEB-77F6D6C9BF9D}_is1) (Version: 1.0.2501.4776 - Avira Operations GmbH) Hidden
ExpressVPN (HKLM-x32\...\{5B1D5290-DC0D-43D1-8220-8BB29BDDA0BE}) (Version: 2.5.22300.30 - Acer)
HP Dropbox Plugin (HKLM-x32\...\{45E639F6-2949-4047-82DD-1FAF69DD6B62}) (Version: 40.13.54.81239 - HP)
HP Google Drive Plugin (HKLM-x32\...\{A70D2B56-7CF3-4392-B7B8-49A3DD9B9F34}) (Version: 40.13.54.81239 - HP)
Intel(R) Chipset Device Software (HKLM\...\{06D713D6-9845-436D-B857-5BF2596B4554}) (Version: 10.1.18634.8254 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{99926fb7-5da9-4101-b79f-eec3674ca64b}) (Version: 10.1.18634.8254 - Intel(R) Corporation)
Intel(R) LMS (HKLM\...\{A0983640-26D2-4CD8-A512-747BF3CF3F82}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2101.15.0.2080 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{21468D61-6A78-4358-B346-F4D37C6D55CC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{788371EA-0B02-40AD-85D0-21BE107E3628}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{2F171580-9C56-4A25-A5D5-CBBAA025BFA6}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Logiciel de base du périphérique HP OfficeJet Pro 6960 (HKLM\...\{F827F934-1CB5-43CF-82EC-0A5465F557F7}) (Version: 40.16.1234.2248 - HP Inc.)
Malwarebytes version 4.6.17.334 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.17.334 - Malwarebytes)
Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.18429.20132 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 132.0.2957.140 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 132.0.2957.140 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.005.0112.0003 - Microsoft Corporation)
Microsoft OneNote - fr-fr (HKLM\...\OneNoteFreeRetail - fr-fr) (Version: 16.0.18429.20132 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.19202 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433 (HKLM-x32\...\{804e7d66-ccc2-4c12-84ba-476da31d103d}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34433 (HKLM-x32\...\{e7802eac-3305-4da0-9378-e55d1ed05518}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34433 (HKLM\...\{E1902FC6-C423-4719-AB8A-AC7B2694B367}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34433 (HKLM\...\{382F1166-A409-4C5B-9B1E-85ED538B8291}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34433 (HKLM-x32\...\{84E3E712-6343-484B-8B6C-9F145F019A70}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34433 (HKLM-x32\...\{C2BB95AA-90F3-4891-81C1-A7E565BB836C}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Movavi Gecata 6 (HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\Movavi Gecata 6) (Version: 6.1.2 - Movavi)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 135.0 (x64 en-US)) (Version: 135.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 135.0 - Mozilla)
NitroSense Service (HKLM\...\{9089CCF1-ABBE-4271-A0F0-5119BF339A83}) (Version: 3.00.3008 - Acer Incorporated)
Norton Security Ultra (HKLM-x32\...\NGC) (Version: 22.24.8.36 - NortonLifeLock Inc)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA Pilote graphique 551.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.83 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18429.20044 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18429.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.18429.20044 - Microsoft Corporation) Hidden
OpenOffice 4.1.15 (HKLM-x32\...\{DC8B4E0E-87B2-46D7-9FBA-B55470DC3B9A}) (Version: 4.115.9813 - Apache Software Foundation)
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: 1.6.0 - PCSX2 Team)
Planet9 Stub (HKLM\...\18eae271-44ac-5152-b237-7dac60ccd85a) (Version: 1.0.142 - Acer Inc.)
PlugY, The Survival Kit (HKLM-x32\...\PlugY, The Survival Kit) (Version: v14.03 - )
Prism Convertisseur Vidéo (HKLM-x32\...\Prism) (Version: 11.02 - NCH Software)
Quick Access Service (HKLM\...\{AB25551C-74EF-4BAB-9989-891517FCF9FF}) (Version: 3.00.3038 - Acer Incorporated)
Quick Share (HKLM\...\{E8E4AB67-FD4E-4B36-A317-81EE323832E3}) (Version: 1.0.2113.1 - Google LLC)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9225.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.50.511.2021 - Realtek)
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.59.0 - Samsung Electronics Co., Ltd.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.23081.1 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.23081.1 - Samsung Electronics Co., Ltd.)
SpywareBlaster 6.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 6.0.0 - BrightFort LLC)
Starcraft (HKLM-x32\...\Starcraft) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
User Experience Improvement Program Service (HKLM\...\{323EA05D-046D-449D-9D7C-89243C957CCE}) (Version: 5.00.3012 - Acer Incorporated)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.21 - VideoLAN)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version: - )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.7) (Version: 1.3.7 - Xvid Team)
Packages:
=========
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4 [2023-06-08] (Acer Incorporated)
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2025-02-02] ()
Adobe Express -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeCreativeCloudExpress_2.1.1.0_neutral__ynb6jyjzte8ga [2024-10-20] (Adobe Inc.)
Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3042.0_x64__48frkmn4z8aw4 [2022-11-06] (Acer Incorporated)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_2024.3.211.0_neutral__6rarf9sa4v8jt [2024-10-20] (Disney)
drawnames.fr -> C:\Program Files\WindowsApps\www.drawnames.fr-79F3DA02_1.0.0.0_neutral__51t7cj20mkstt [2024-11-23] (www.drawnames.fr)
Dropbox - offre promotionnelle -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.30.0_x64__xbfy0k16fey96 [2025-02-06] (Dropbox Inc.)
DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2025.1.1.0_x64__t5j2fzbtdg37r [2025-01-29] (DTS, Inc.)
DTS:X Ultra -> C:\Program Files\WindowsApps\DTSInc.DTSXUltra_1.13.5.0_x64__t5j2fzbtdg37r [2024-10-22] (DTS, Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_157.1.1186.0_x64__v10z8vjag6ke6 [2025-01-12] (HP Inc.)
Intel® Optane⢠Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1041.0_x64__8j3eq9eme6ctt [2024-10-22] (INTEL CORP)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2250.0.0.0_x64__8xx8rvfyw5nnt [2025-01-15] (Meta)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2412.12002.0_x64__8wekyb3d8bbwe [2025-01-09] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-14] (Microsoft Corp.)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.235.0_x64__8wekyb3d8bbwe [2025-02-02] (Microsoft Corporation)
Nearby Share -> C:\Program Files\Google\NearbyShare [2025-02-06] (Google LLC)
NitroSense_DT_V30 -> C:\Program Files\WindowsApps\AcerIncorporated.NitroSenseDTV30_3.0.3008.0_x64__48frkmn4z8aw4 [2022-11-02] (Acer Incorporated)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2024-12-30] (NVIDIA Corp.)
OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_19.23.19.0_x64__8wekyb3d8bbwe [2024-10-08] (Microsoft Corporation)
PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.6428.0_x64__ypz87dpxkv292 [2022-11-02] (CYBERLINK COM CORP)
PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2022-11-02] (CYBERLINK COM CORP)
Quick Share -> C:\Program Files\Google\NearbyShare [2025-02-06] (Google LLC)
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3038.0_x64__48frkmn4z8aw4 [2022-11-03] (Acer Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.27.254.0_x64__dt26b99r8h8gj [2022-11-02] (Realtek Semiconductor Corp)
shellmenua -> C:\Program Files (x86)\NCH Software\Components\Shared\shellmenu [2024-04-07] ()
shellmenub -> C:\Program Files (x86)\NCH Software\Components\Shared\shellmenu [2024-04-07] ()
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0 [2025-01-30] (Spotify AB) [Startup Task]
User Experience Improvement Program V5 -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgramV_5.0.3012.0_x64__48frkmn4z8aw4 [2022-11-02] (Acer Incorporated)
WinRAR -> C:\Program Files\WinRAR [2025-02-05] (win.rar GmbH)
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-684664964-2853107246-2488223059-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [Fichier non signé]
CustomCLSID: HKU\S-1-5-21-684664964-2853107246-2488223059-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-684664964-2853107246-2488223059-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\rpgis\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.19202\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-684664964-2853107246-2488223059-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-684664964-2853107246-2488223059-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [Fichier non signé]
CustomCLSID: HKU\S-1-5-21-684664964-2853107246-2488223059-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [Fichier non signé]
CustomCLSID: HKU\S-1-5-21-684664964-2853107246-2488223059-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) [Fichier non signé]
CustomCLSID: HKU\S-1-5-21-684664964-2853107246-2488223059-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) [Fichier non signé]
CustomCLSID: HKU\S-1-5-21-684664964-2853107246-2488223059-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [Fichier non signé]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_97174385c3b19a28\OptaneShellExt.dll [2021-04-02] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.24.8.36\buShell.dll [2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.24.8.36\buShell.dll [2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.24.8.36\buShell.dll [2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.24.8.36\buShell.dll [2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.24.8.36\buShell.dll [2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.24.8.36\buShell.dll [2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.24.8.36\buShell.dll [2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.24.8.36\NavShExt.dll [2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2024-10-01] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2025-01-13] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2022-11-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.24.8.36\NavShExt.dll [2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2025-01-13] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2022-11-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-02-05] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_97174385c3b19a28\OptaneShellExt.dll [2021-04-02] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2024-10-01] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvae.inf_amd64_6cfe691434859c61\nvshext.dll [2024-03-25] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2024-10-01] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.24.8.36\buShell.dll [2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-02-05] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.24.8.36\NavShExt.dll [2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
==================== Codecs (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x64.dll [662408 2023-09-06] (Mirillis Sp. z o.o. -> )
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\system32\xvidvfw.dll [251392 2019-12-28] () [Fichier non signé]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.x264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [Fichier non signé]
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [651144 2023-09-06] (Mirillis Sp. z o.o. -> )
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2019-12-28] () [Fichier non signé]
HKLM\...\Drivers32: [VIDC.ZMBV] => C:\Windows\SysWOW64\zmbv.dll [94208 2010-04-09] () [Fichier non signé]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [Fichier non signé]
==================== Raccourcis & WMI ========================
==================== Modules chargés (Avec liste blanche) =============
2022-11-04 16:21 - 2024-11-29 19:00 - 000101376 _____ (Igor Pavlov) [Fichier non signé] C:\Program Files\7-Zip\7-zip.dll
==================== Alternate Data Streams (Avec liste blanche) ========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [136]
==================== Mode sans échec (Avec liste blanche) ==================
==================== Association (Avec liste blanche) =================
==================== Internet Explorer (Avec liste blanche) =============
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-02-03] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\1001movie.com -> 1001movie.com
Il y a 6091 plus de sites.
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2021-06-05 13:08 - 2021-06-05 13:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-684664964-2853107246-2488223059-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\rpgis\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\3533203211260745533\133829892954176394.jpg
DNS Servers: 172.16.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.
Network Binding:
=============
Connexion réseau Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet: Realtek Gaming GbE Family Controller -> rt640x64.sys
Wi-Fi: Intel(R) Wi-Fi 6 AX201 160MHz -> Netwtw10.sys
nt_rtf64: Realtek LightWeight Filter (NDIS6.40)
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{AF86B5EA-F107-4417-8212-3F0D270BE00E}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24215.1105.3082.1600_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{69806306-7373-4EF7-8748-B8EB42BFB653}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24215.1105.3082.1600_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{84B65D3A-C7B2-472C-B46D-D7256DDE55D3}C:\emulateurs\vbalink180b\visualboyadvance.exe] => (Allow) C:\emulateurs\vbalink180b\visualboyadvance.exe (None) [Fichier non signé]
FirewallRules: [TCP Query User{686D3407-3EB1-4D49-837B-8C1990B502EE}C:\emulateurs\vbalink180b\visualboyadvance.exe] => (Allow) C:\emulateurs\vbalink180b\visualboyadvance.exe (None) [Fichier non signé]
FirewallRules: [{AF7C1793-774D-418A-97EB-E6FE42743B70}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{CDC0C0C4-027D-432E-8DC9-23F7ABA4EEA1}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{0D32AAE3-D669-4C3A-AA37-41C81307910C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Baldur's Gate II Enhanced Edition\Baldur.exe (Overhaul Gamesâ¢) [Fichier non signé]
FirewallRules: [{8E8D83FB-DFCA-46A7-B9C5-F35098337CF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Baldur's Gate II Enhanced Edition\Baldur.exe (Overhaul Gamesâ¢) [Fichier non signé]
FirewallRules: [{33BDCB3A-6743-40D2-BC0D-A25ED67B8115}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deus Ex\System\DeusEx.exe (Marijn Kentie) [Fichier non signé]
FirewallRules: [{8ED5E9EB-2FA6-47EB-B7BB-67FC8426E06B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deus Ex\System\DeusEx.exe (Marijn Kentie) [Fichier non signé]
FirewallRules: [{ED16F2E3-6A8B-4478-9AAF-369176AE1571}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\cshlp.exe (GSC Game World -> )
FirewallRules: [{E6440DA2-B439-4C28-B41D-20D15AAE5038}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\cshlp.exe (GSC Game World -> )
FirewallRules: [{E6B2FCA9-4F16-4215-B7CC-038328C60013}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\ScenarioEditor.exe (GSC Game World -> )
FirewallRules: [{327B0F1B-3107-4875-B83C-CAD544C89582}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\ScenarioEditor.exe (GSC Game World -> )
FirewallRules: [{D3BDF084-2A0E-4110-9050-960BF76F49D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\HView.exe (GSC Game World -> )
FirewallRules: [{A53FAEC4-969A-487F-9548-ACAEDFBBBAFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\HView.exe (GSC Game World -> )
FirewallRules: [{20A0D8F9-BC1A-4477-865A-F3E477C082E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\csbtw.exe (GSC Game World -> GSC Game World)
FirewallRules: [{60C50A74-1133-4F5C-80C5-1850EEC20CAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\csbtw.exe (GSC Game World -> GSC Game World)
FirewallRules: [{E34DA406-D2CA-438B-BBEC-4FEDE3870AE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Siege 1\DungeonSiege.exe (Gas Powered Games) [Fichier non signé]
FirewallRules: [{8B734483-82BC-47E4-A2E6-B1C3796322DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Siege 1\DungeonSiege.exe (Gas Powered Games) [Fichier non signé]
FirewallRules: [{9276B553-7560-4E82-8DE9-73A02503F038}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beyond Good and Evil\SettingsApplication.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{213FD224-BFFE-4027-8863-39A8C2048B0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beyond Good and Evil\SettingsApplication.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{39487DF9-5E44-4D9D-88DA-422705622D98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beyond Good and Evil\BGE.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{C92D6222-EAE0-45A6-B1D7-3B2F4179D1CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beyond Good and Evil\BGE.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{0D0EAD82-7637-4895-83EA-C556BA61D434}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{160DEA10-9E62-4522-B3D1-E7208782E6E6}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{F2D08E27-ECAE-4CC2-9CC7-221F46D481F2}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [{1FC3A3D4-967F-4222-943C-FB715BD182D5}] => (Allow) LPort=5357
FirewallRules: [{FDAFD889-A992-42E3-B490-9E39535003FA}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\DeviceSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{578EACAE-FBFC-4851-A5E9-C590A164BC78}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\bin\FaxPrinterUtility.exe (HP Inc. -> HP Inc.)
FirewallRules: [{E4B2AD47-1803-4896-9043-7BB856791D1E}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\bin\SendAFax.exe (HP Inc. -> HP Inc.)
FirewallRules: [{84185EB7-5FF8-4FA3-A746-03B8A022F001}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\bin\DigitalWizards.exe (HP Inc. -> HP Inc.)
FirewallRules: [{44715D03-DACD-4B8B-A19B-953710198C63}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\bin\FaxApplications.exe (HP Inc. -> HP Inc.)
FirewallRules: [{7E5AD7A8-EAE6-4403-A58D-6D72E52FBAFE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7D8E5F8E-DD8F-4F2F-8F2B-2CAEB36AB1DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6EFE0162-D2A6-4BA0-8424-EA59DF4DF46D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7706B263-A767-43DC-B782-9C25683FA496}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FA4F331F-0FD3-498D-B877-0E55BD1A7E39}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D5541E13-142F-44F2-A899-0BAEA60AE4D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6869360C-88F9-494F-AC8F-6BD9D2BDE907}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => Pas de fichier
FirewallRules: [{0FD53439-2148-4C7F-95EB-D8E65C6AD08A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => Pas de fichier
FirewallRules: [{408B989F-2FD2-45EF-B991-F0F940696C62}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B370F000-4153-4684-9823-985AB0B551E3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{910DDFA2-B2CB-4803-B62B-4F58BFA9FC90}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E71E87AC-62C2-45E2-973B-CE4B34EFF8B9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{375661F2-AA38-4468-B54B-0001731B29E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY FFX&FFX-2 HD Remaster\FFX&X-2_LAUNCHER.exe (SQUARE ENIX CO., LTD.) [Fichier non signé]
FirewallRules: [{D7BA4012-D2DC-4029-9D46-77F2759953D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY FFX&FFX-2 HD Remaster\FFX&X-2_LAUNCHER.exe (SQUARE ENIX CO., LTD.) [Fichier non signé]
FirewallRules: [{A7BDE892-D1C8-4DB0-99B6-665A331DE5D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Max Payne FR\MaxPayne.exe (Remedy Entertainment) [Fichier non signé]
FirewallRules: [{2042A53A-69AD-4CB3-9FBE-E7F01F4FF25B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Max Payne FR\MaxPayne.exe (Remedy Entertainment) [Fichier non signé]
FirewallRules: [{467A138B-9E34-4F67-80A4-74A949DD377C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE.exe (DEVOLVER DIGITAL, INC -> )
FirewallRules: [{0DDE058A-B2A9-40C8-A5BA-575E731CF3C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE.exe (DEVOLVER DIGITAL, INC -> )
FirewallRules: [{DD7A9516-630E-48A3-8744-6D22AD283429}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE_Unrestricted.exe (DEVOLVER DIGITAL, INC -> )
FirewallRules: [{D0F7D137-9FD9-4461-937F-05511A5FD935}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE_Unrestricted.exe (DEVOLVER DIGITAL, INC -> )
FirewallRules: [{50C706DD-864C-4CC3-A4FF-DC430B724F49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unreal Tournament\System\UnrealTournament.exe () [Fichier non signé]
FirewallRules: [{9F479C8B-9496-4FFC-ADE5-549B57098EF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unreal Tournament\System\UnrealTournament.exe () [Fichier non signé]
FirewallRules: [{0E9EAEAF-0100-4B95-9E90-85E461A48EA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve Corp. -> Valve)
FirewallRules: [{4872765E-E6B2-4029-9799-ECEFA4E04207}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve Corp. -> Valve)
FirewallRules: [{4899C5C0-0EBB-4A7B-A774-BD9094DAEB7D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.127\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FCB0E26E-B87C-4ABA-9848-610FC461D7F7}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25007.607.3371.8436_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2F52DAE9-0F76-40BB-A2FE-1C279080E0B8}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25007.607.3371.8436_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F502E0E5-EDF8-47D1-91A6-8A404D484990}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FDD406B8-C684-4636-8777-BE78525C4B0A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{00895CE8-3F52-4A19-8C97-26DF1C2750B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F48BB2EE-A4C2-4AE4-ADCC-CB788139C353}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4E1A0A29-37DF-42A2-A1DC-C13536259D85}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8B6404B3-B8F1-4038-89CD-B76A4BED52EE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C8B72D6C-7F25-4BBA-B55E-A8FB203E660B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{879C9BB5-13D1-4D5D-94DD-194A11530E64}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A4F8CB08-1D04-4D0A-A0ED-33F4750998AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{880258AB-B5A1-4BB7-9737-B1363F0B5EB5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{96A94645-0B39-4D92-807D-7A8E59E78901}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3DDF8964-A03F-44BA-8392-C9E40662D5AA}] => (Allow) C:\Program Files\Google\NearbyShare\nearby_share.exe (Google LLC -> Google)
FirewallRules: [{7BCD0321-8157-4100-AF49-9AC461CC739C}] => (Allow) C:\Program Files\Google\NearbyShare\nearby_share.exe (Google LLC -> Google)
==================== Points de restauration =========================
05-02-2025 21:29:50 ZHPcleaner
==================== Ãléments en erreur du Gestionnaire de périphériques ============
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (02/06/2025 07:02:45 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: AUTORITE NT)
Description: Windows ne peut pas charger la DLL de compteur extensible « C:\WINDOWS\system32\sysmain.dll » (code d'erreur Win32 126).
Error: (02/05/2025 08:26:55 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de lâappel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours..
Error: (02/05/2025 08:26:55 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours.]
Error: (02/05/2025 08:13:31 PM) (Source: Firefox Default Browser Agent) (EventID: 1332) (User: )
Description: Event-ID 1332
Error: (02/03/2025 08:36:26 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: FREDO)
Description: Impossible de fermer lâapplication ou le service « Microsoft Office SDX Helper ».
Error: (02/03/2025 05:23:02 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {E29070F2-5A4D-4BEC-9BA0-EBFBB4261D62}
Error: (01/30/2025 06:00:57 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: AUTORITE NT)
Description: Windows ne peut pas charger la DLL de compteur extensible « C:\WINDOWS\system32\sysmain.dll » (code d'erreur Win32 126).
Error: (01/29/2025 05:35:21 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: AUTORITE NT)
Description: Windows ne peut pas charger la DLL de compteur extensible « C:\WINDOWS\system32\sysmain.dll » (code d'erreur Win32 126).
Erreurs système:
=============
Error: (02/06/2025 05:34:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Service Google Update (gupdate) nâa pas pu démarrer en raison de lâerreur :
Le service nâa pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (02/06/2025 05:34:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de lâattente de la connexion du service Service Google Update (gupdate).
Error: (02/06/2025 05:34:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Avira Security Updater nâa pas pu démarrer en raison de lâerreur :
Le service nâa pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (02/06/2025 05:34:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de lâattente de la connexion du service Avira Security Updater.
Error: (02/06/2025 05:33:10 PM) (Source: Schannel) (EventID: 4103) (User: AUTORITE NT)
Description: Une erreur irrécupérable sâest produite lors de la création dâune information dâidentification de client TLS. Lâétat dâerreur interne est 10013.
processus client SSPI est UpgradeTool (PIDÂ : 16320).
Error: (02/06/2025 05:33:10 PM) (Source: Schannel) (EventID: 4103) (User: AUTORITE NT)
Description: Une erreur irrécupérable sâest produite lors de la création dâune information dâidentification de client TLS. Lâétat dâerreur interne est 10013.
processus client SSPI est UpgradeTool (PIDÂ : 16320).
Error: (02/06/2025 05:33:10 PM) (Source: Schannel) (EventID: 4103) (User: AUTORITE NT)
Description: Une erreur irrécupérable sâest produite lors de la création dâune information dâidentification de client TLS. Lâétat dâerreur interne est 10013.
processus client SSPI est UpgradeTool (PIDÂ : 16320).
Error: (02/06/2025 05:33:10 PM) (Source: Schannel) (EventID: 4103) (User: AUTORITE NT)
Description: Une erreur irrécupérable sâest produite lors de la création dâune information dâidentification de client TLS. Lâétat dâerreur interne est 10013.
processus client SSPI est UpgradeTool (PIDÂ : 16320).
Windows Defender:
================
Date: 2025-02-04 18:50:50
Description:
Lâanalyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de lâanalyse : {502B9016-AFCC-413A-B2C8-979599153A35}
Type de lâanalyse : Logiciel anti-programme malveillant
Paramètres de lâanalyse : Analyse rapide
Utilisateur : AUTORITE NT\Système�
Date: 2025-02-03 18:16:33
Description:
Lâanalyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de lâanalyse : {67C7A9FF-C6B0-46F1-A862-23A6FD2CE454}
Type de lâanalyse : Logiciel anti-programme malveillant
Paramètres de lâanalyse : Analyse rapide
Utilisateur : AUTORITE NT\Système�
Date: 2025-02-02 18:18:58
Description:
Lâanalyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de lâanalyse : {DCA97292-B651-48EF-A2B1-1D4609430687}
Type de lâanalyse : Logiciel anti-programme malveillant
Paramètres de lâanalyse : Analyse rapide
Utilisateur : AUTORITE NT\Système�
Date: 2025-01-28 18:55:39
Description:
Lâanalyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de lâanalyse : {ED6F11C2-65DD-4E8B-A010-D6781E6D73FF}
Type de lâanalyse : Logiciel anti-programme malveillant
Paramètres de lâanalyse : Analyse rapide
Utilisateur : AUTORITE NT\Système�
Date: 2025-01-28 18:43:13
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus dâinformations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/AgentTesla!ml&threatid=2147760503&enterprise=0
Nom : Trojan:Win32/AgentTesla!ml
ID : 2147760503
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_C:\Users\rpgis\Downloads\DeusEx_FrenchPatch18b7.exe
Origine de la détection : Ordinateur local
Type de détection : Chemin rapide
Source de détection : Protection en temps réel
Utilisateur : AUTORITE NT\Système
Nom du processus : C:\Program Files\Norton Security\Engine\22.24.8.36\NortonSecurity.exe
Version de la veille de sécurité : AV: 1.421.1579.0, AS: 1.421.1579.0, NIS: 1.421.1579.0
Version du moteur : AM: 1.1.24090.11, NIS: 1.1.24090.11�

CodeIntegrity:
===============
Date: 2025-02-07 19:20:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Avira\Endpoint Protection SDK\wsc_agent.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.24.8.36\symamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.�
Date: 2025-02-07 19:20:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.24.8.36\symamsi.dll that did not meet the Windows signing level requirements.�
Date: 2025-02-07 19:20:00
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Avira\Endpoint Protection SDK\amsi\x64\avamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.�
==================== Infos Mémoire ===========================
BIOS: American Megatrends Inc. R01-A2 07/02/2021
Carte mère: Acer Nitro N50-620
Processeur: 11th Gen Intel(R) Core(TM) i5-11400F @ 2.60GHz
Pourcentage de mémoire utilisée: 39%
Mémoire physique - RAM - totale: 16237.4 MB
Mémoire physique - RAM - disponible: 9760.94 MB
Mémoire virtuelle totale: 17261.4 MB
Mémoire virtuelle disponible: 9445.72 MB
==================== Lecteurs ================================
Drive c: (Acer) (Fixed) (Total:475.66 GB) (Free:295.18 GB) (Model: WDC PC SN530 SDBPNPZ-512G-1114) NTFS
Drive d: (Frédéric) (Fixed) (Total:3725.9 GB) (Free:3534.78 GB) (Model: Seagate Expansion SCSI Disk Device) NTFS
\\?\Volume{ffd07457-5925-41a2-a1fd-7569f1faa07b}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.4 GB) NTFS
\\?\Volume{2d5cb251-81cd-4ab6-b12a-b3404ca09fbf}\ (ESP) (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32
==================== MBR & Table des partitions ====================
==========================================================
Disk: 1 (Size: 3726 GB) (Disk ID: 4BCEC874)
Partition: GPT.
==================== Fin de Addition.txt =======================
Exécuté par rpgis (07-02-2025 19:49:04)
Exécuté depuis C:\Users\rpgis\OneDrive\Bureau
Microsoft Windows 11 Famille Version 24H2 26100.2894 (X64) (2024-10-24 18:32:52)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
Administrateur (S-1-5-21-684664964-2853107246-2488223059-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-684664964-2853107246-2488223059-503 - Limited - Disabled)
Invité (S-1-5-21-684664964-2853107246-2488223059-501 - Limited - Disabled)
rpgis (S-1-5-21-684664964-2853107246-2488223059-1001 - Administrator - Enabled) => C:\Users\rpgis
WDAGUtilityAccount (S-1-5-21-684664964-2853107246-2488223059-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Security (Enabled - Up to date) {F55BE278-BCE3-5EE9-7A2E-5F716BE02F32}
AV: Norton Security Ultra (Disabled - Out of date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
FW: Norton Security Ultra (Disabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
FW: Avira Security (Enabled) {53C47F3A-6D33-C18B-B172-2A5508198379}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
7-Zip 24.09 (x64) (HKLM\...\7-Zip) (Version: 24.09 - Igor Pavlov)
Acer Configuration Manager (HKLM-x32\...\{8CB1A03C-9849-4744-AD56-341A18F9E3E2}) (Version: 2.5.22250 - Acer)
Acer Jumpstart (HKLM-x32\...\{0C5ED25A-B8D1-4E71-BFCB-6B370A4EA19C}) (Version: 3.5.22220.20 - Acer)
Action! (HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\Mirillis Action!) (Version: 4.44.0 - Mirillis)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1036-1033-7760-BC15014EA700}) (Version: 24.005.20399 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601108}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
App Explorer (HKU\S-1-5-19\...\Host App Service) (Version: 0.273.4.240 - SweetLabs) <==== ATTENTION
App Explorer (HKU\S-1-5-20\...\Host App Service) (Version: 0.273.4.240 - SweetLabs) <==== ATTENTION
Avira Fallback Updater (HKLM-x32\...\Avira Fallback Updater) (Version: - ) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.44.1.19908 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.106.1577 - Avira Operations GmbH) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 7.4.0.511 - Avira Operations GmbH) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version: 7.1.5.2460 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
Care Center Service (HKLM\...\{AFB52E98-7597-4484-9202-58F0FD3512ED}) (Version: 4.00.3042 - Acer Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 6.32 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.1.0.2037 - Disc Soft Ltd)
Debut - Logiciel de capture vidéo (HKLM-x32\...\Debut) (Version: 8.91 - NCH Software)
D-Fend Reloaded 1.4.4 (Désinstaller) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.4.4 - Alexander Herzog)
Diablo II (HKLM-x32\...\Diablo II) (Version: - )
Dragon (HKLM-x32\...\{3C8FA4F4-8471-4C60-9002-9B9F78B7B483}) (Version: 4 - Realtek)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3026 - Acer Incorporated)
Dynamic Application Loader Host Interface Service (HKLM\...\{A28339C8-E641-4CCE-A316-56F405D1C245}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Endpoint Protection SDK (HKLM\...\{68E1CCB4-4965-4713-BDEB-77F6D6C9BF9D}_is1) (Version: 1.0.2501.4776 - Avira Operations GmbH) Hidden
ExpressVPN (HKLM-x32\...\{5B1D5290-DC0D-43D1-8220-8BB29BDDA0BE}) (Version: 2.5.22300.30 - Acer)
HP Dropbox Plugin (HKLM-x32\...\{45E639F6-2949-4047-82DD-1FAF69DD6B62}) (Version: 40.13.54.81239 - HP)
HP Google Drive Plugin (HKLM-x32\...\{A70D2B56-7CF3-4392-B7B8-49A3DD9B9F34}) (Version: 40.13.54.81239 - HP)
Intel(R) Chipset Device Software (HKLM\...\{06D713D6-9845-436D-B857-5BF2596B4554}) (Version: 10.1.18634.8254 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{99926fb7-5da9-4101-b79f-eec3674ca64b}) (Version: 10.1.18634.8254 - Intel(R) Corporation)
Intel(R) LMS (HKLM\...\{A0983640-26D2-4CD8-A512-747BF3CF3F82}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2101.15.0.2080 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{21468D61-6A78-4358-B346-F4D37C6D55CC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{788371EA-0B02-40AD-85D0-21BE107E3628}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{2F171580-9C56-4A25-A5D5-CBBAA025BFA6}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Logiciel de base du périphérique HP OfficeJet Pro 6960 (HKLM\...\{F827F934-1CB5-43CF-82EC-0A5465F557F7}) (Version: 40.16.1234.2248 - HP Inc.)
Malwarebytes version 4.6.17.334 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.17.334 - Malwarebytes)
Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.18429.20132 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 132.0.2957.140 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 132.0.2957.140 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.005.0112.0003 - Microsoft Corporation)
Microsoft OneNote - fr-fr (HKLM\...\OneNoteFreeRetail - fr-fr) (Version: 16.0.18429.20132 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.19202 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433 (HKLM-x32\...\{804e7d66-ccc2-4c12-84ba-476da31d103d}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34433 (HKLM-x32\...\{e7802eac-3305-4da0-9378-e55d1ed05518}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34433 (HKLM\...\{E1902FC6-C423-4719-AB8A-AC7B2694B367}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34433 (HKLM\...\{382F1166-A409-4C5B-9B1E-85ED538B8291}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34433 (HKLM-x32\...\{84E3E712-6343-484B-8B6C-9F145F019A70}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34433 (HKLM-x32\...\{C2BB95AA-90F3-4891-81C1-A7E565BB836C}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Movavi Gecata 6 (HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\Movavi Gecata 6) (Version: 6.1.2 - Movavi)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 135.0 (x64 en-US)) (Version: 135.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 135.0 - Mozilla)
NitroSense Service (HKLM\...\{9089CCF1-ABBE-4271-A0F0-5119BF339A83}) (Version: 3.00.3008 - Acer Incorporated)
Norton Security Ultra (HKLM-x32\...\NGC) (Version: 22.24.8.36 - NortonLifeLock Inc)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA Pilote graphique 551.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.83 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18429.20044 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18429.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.18429.20044 - Microsoft Corporation) Hidden
OpenOffice 4.1.15 (HKLM-x32\...\{DC8B4E0E-87B2-46D7-9FBA-B55470DC3B9A}) (Version: 4.115.9813 - Apache Software Foundation)
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: 1.6.0 - PCSX2 Team)
Planet9 Stub (HKLM\...\18eae271-44ac-5152-b237-7dac60ccd85a) (Version: 1.0.142 - Acer Inc.)
PlugY, The Survival Kit (HKLM-x32\...\PlugY, The Survival Kit) (Version: v14.03 - )
Prism Convertisseur Vidéo (HKLM-x32\...\Prism) (Version: 11.02 - NCH Software)
Quick Access Service (HKLM\...\{AB25551C-74EF-4BAB-9989-891517FCF9FF}) (Version: 3.00.3038 - Acer Incorporated)
Quick Share (HKLM\...\{E8E4AB67-FD4E-4B36-A317-81EE323832E3}) (Version: 1.0.2113.1 - Google LLC)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9225.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.50.511.2021 - Realtek)
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.59.0 - Samsung Electronics Co., Ltd.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.23081.1 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.23081.1 - Samsung Electronics Co., Ltd.)
SpywareBlaster 6.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 6.0.0 - BrightFort LLC)
Starcraft (HKLM-x32\...\Starcraft) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
User Experience Improvement Program Service (HKLM\...\{323EA05D-046D-449D-9D7C-89243C957CCE}) (Version: 5.00.3012 - Acer Incorporated)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.21 - VideoLAN)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version: - )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.7) (Version: 1.3.7 - Xvid Team)
Packages:
=========
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4 [2023-06-08] (Acer Incorporated)
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2025-02-02] ()
Adobe Express -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeCreativeCloudExpress_2.1.1.0_neutral__ynb6jyjzte8ga [2024-10-20] (Adobe Inc.)
Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3042.0_x64__48frkmn4z8aw4 [2022-11-06] (Acer Incorporated)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_2024.3.211.0_neutral__6rarf9sa4v8jt [2024-10-20] (Disney)
drawnames.fr -> C:\Program Files\WindowsApps\www.drawnames.fr-79F3DA02_1.0.0.0_neutral__51t7cj20mkstt [2024-11-23] (www.drawnames.fr)
Dropbox - offre promotionnelle -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.30.0_x64__xbfy0k16fey96 [2025-02-06] (Dropbox Inc.)
DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2025.1.1.0_x64__t5j2fzbtdg37r [2025-01-29] (DTS, Inc.)
DTS:X Ultra -> C:\Program Files\WindowsApps\DTSInc.DTSXUltra_1.13.5.0_x64__t5j2fzbtdg37r [2024-10-22] (DTS, Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_157.1.1186.0_x64__v10z8vjag6ke6 [2025-01-12] (HP Inc.)
Intel® Optane⢠Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1041.0_x64__8j3eq9eme6ctt [2024-10-22] (INTEL CORP)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2250.0.0.0_x64__8xx8rvfyw5nnt [2025-01-15] (Meta)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2412.12002.0_x64__8wekyb3d8bbwe [2025-01-09] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-14] (Microsoft Corp.)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.235.0_x64__8wekyb3d8bbwe [2025-02-02] (Microsoft Corporation)
Nearby Share -> C:\Program Files\Google\NearbyShare [2025-02-06] (Google LLC)
NitroSense_DT_V30 -> C:\Program Files\WindowsApps\AcerIncorporated.NitroSenseDTV30_3.0.3008.0_x64__48frkmn4z8aw4 [2022-11-02] (Acer Incorporated)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2024-12-30] (NVIDIA Corp.)
OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_19.23.19.0_x64__8wekyb3d8bbwe [2024-10-08] (Microsoft Corporation)
PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.6428.0_x64__ypz87dpxkv292 [2022-11-02] (CYBERLINK COM CORP)
PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2022-11-02] (CYBERLINK COM CORP)
Quick Share -> C:\Program Files\Google\NearbyShare [2025-02-06] (Google LLC)
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3038.0_x64__48frkmn4z8aw4 [2022-11-03] (Acer Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.27.254.0_x64__dt26b99r8h8gj [2022-11-02] (Realtek Semiconductor Corp)
shellmenua -> C:\Program Files (x86)\NCH Software\Components\Shared\shellmenu [2024-04-07] ()
shellmenub -> C:\Program Files (x86)\NCH Software\Components\Shared\shellmenu [2024-04-07] ()
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0 [2025-01-30] (Spotify AB) [Startup Task]
User Experience Improvement Program V5 -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgramV_5.0.3012.0_x64__48frkmn4z8aw4 [2022-11-02] (Acer Incorporated)
WinRAR -> C:\Program Files\WinRAR [2025-02-05] (win.rar GmbH)
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-684664964-2853107246-2488223059-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [Fichier non signé]
CustomCLSID: HKU\S-1-5-21-684664964-2853107246-2488223059-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-684664964-2853107246-2488223059-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\rpgis\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.19202\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-684664964-2853107246-2488223059-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-684664964-2853107246-2488223059-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [Fichier non signé]
CustomCLSID: HKU\S-1-5-21-684664964-2853107246-2488223059-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [Fichier non signé]
CustomCLSID: HKU\S-1-5-21-684664964-2853107246-2488223059-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) [Fichier non signé]
CustomCLSID: HKU\S-1-5-21-684664964-2853107246-2488223059-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) [Fichier non signé]
CustomCLSID: HKU\S-1-5-21-684664964-2853107246-2488223059-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [Fichier non signé]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_97174385c3b19a28\OptaneShellExt.dll [2021-04-02] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.24.8.36\buShell.dll [2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.24.8.36\buShell.dll [2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.24.8.36\buShell.dll [2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.24.8.36\buShell.dll [2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.24.8.36\buShell.dll [2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.24.8.36\buShell.dll [2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.24.8.36\buShell.dll [2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.24.8.36\NavShExt.dll [2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2024-10-01] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2025-01-13] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2022-11-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.24.8.36\NavShExt.dll [2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2025-01-13] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2022-11-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-02-05] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_97174385c3b19a28\OptaneShellExt.dll [2021-04-02] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2024-10-01] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncShell64.dll [2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvae.inf_amd64_6cfe691434859c61\nvshext.dll [2024-03-25] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2024-10-01] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.24.8.36\buShell.dll [2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-02-05] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.24.8.36\NavShExt.dll [2024-09-13] (NortonLifeLock Inc. -> Gen Digital Inc.)
==================== Codecs (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x64.dll [662408 2023-09-06] (Mirillis Sp. z o.o. -> )
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\system32\xvidvfw.dll [251392 2019-12-28] () [Fichier non signé]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.x264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [Fichier non signé]
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [651144 2023-09-06] (Mirillis Sp. z o.o. -> )
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2019-12-28] () [Fichier non signé]
HKLM\...\Drivers32: [VIDC.ZMBV] => C:\Windows\SysWOW64\zmbv.dll [94208 2010-04-09] () [Fichier non signé]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [Fichier non signé]
==================== Raccourcis & WMI ========================
==================== Modules chargés (Avec liste blanche) =============
2022-11-04 16:21 - 2024-11-29 19:00 - 000101376 _____ (Igor Pavlov) [Fichier non signé] C:\Program Files\7-Zip\7-zip.dll
==================== Alternate Data Streams (Avec liste blanche) ========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [136]
==================== Mode sans échec (Avec liste blanche) ==================
==================== Association (Avec liste blanche) =================
==================== Internet Explorer (Avec liste blanche) =============
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-02-03] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-684664964-2853107246-2488223059-1001\...\1001movie.com -> 1001movie.com
Il y a 6091 plus de sites.
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2021-06-05 13:08 - 2021-06-05 13:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-684664964-2853107246-2488223059-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\rpgis\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\3533203211260745533\133829892954176394.jpg
DNS Servers: 172.16.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.
Network Binding:
=============
Connexion réseau Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet: Realtek Gaming GbE Family Controller -> rt640x64.sys
Wi-Fi: Intel(R) Wi-Fi 6 AX201 160MHz -> Netwtw10.sys
nt_rtf64: Realtek LightWeight Filter (NDIS6.40)
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{AF86B5EA-F107-4417-8212-3F0D270BE00E}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24215.1105.3082.1600_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{69806306-7373-4EF7-8748-B8EB42BFB653}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24215.1105.3082.1600_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{84B65D3A-C7B2-472C-B46D-D7256DDE55D3}C:\emulateurs\vbalink180b\visualboyadvance.exe] => (Allow) C:\emulateurs\vbalink180b\visualboyadvance.exe (None) [Fichier non signé]
FirewallRules: [TCP Query User{686D3407-3EB1-4D49-837B-8C1990B502EE}C:\emulateurs\vbalink180b\visualboyadvance.exe] => (Allow) C:\emulateurs\vbalink180b\visualboyadvance.exe (None) [Fichier non signé]
FirewallRules: [{AF7C1793-774D-418A-97EB-E6FE42743B70}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{CDC0C0C4-027D-432E-8DC9-23F7ABA4EEA1}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{0D32AAE3-D669-4C3A-AA37-41C81307910C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Baldur's Gate II Enhanced Edition\Baldur.exe (Overhaul Gamesâ¢) [Fichier non signé]
FirewallRules: [{8E8D83FB-DFCA-46A7-B9C5-F35098337CF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Baldur's Gate II Enhanced Edition\Baldur.exe (Overhaul Gamesâ¢) [Fichier non signé]
FirewallRules: [{33BDCB3A-6743-40D2-BC0D-A25ED67B8115}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deus Ex\System\DeusEx.exe (Marijn Kentie) [Fichier non signé]
FirewallRules: [{8ED5E9EB-2FA6-47EB-B7BB-67FC8426E06B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deus Ex\System\DeusEx.exe (Marijn Kentie) [Fichier non signé]
FirewallRules: [{ED16F2E3-6A8B-4478-9AAF-369176AE1571}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\cshlp.exe (GSC Game World -> )
FirewallRules: [{E6440DA2-B439-4C28-B41D-20D15AAE5038}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\cshlp.exe (GSC Game World -> )
FirewallRules: [{E6B2FCA9-4F16-4215-B7CC-038328C60013}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\ScenarioEditor.exe (GSC Game World -> )
FirewallRules: [{327B0F1B-3107-4875-B83C-CAD544C89582}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\ScenarioEditor.exe (GSC Game World -> )
FirewallRules: [{D3BDF084-2A0E-4110-9050-960BF76F49D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\HView.exe (GSC Game World -> )
FirewallRules: [{A53FAEC4-969A-487F-9548-ACAEDFBBBAFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\HView.exe (GSC Game World -> )
FirewallRules: [{20A0D8F9-BC1A-4477-865A-F3E477C082E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\csbtw.exe (GSC Game World -> GSC Game World)
FirewallRules: [{60C50A74-1133-4F5C-80C5-1850EEC20CAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\csbtw.exe (GSC Game World -> GSC Game World)
FirewallRules: [{E34DA406-D2CA-438B-BBEC-4FEDE3870AE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Siege 1\DungeonSiege.exe (Gas Powered Games) [Fichier non signé]
FirewallRules: [{8B734483-82BC-47E4-A2E6-B1C3796322DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Siege 1\DungeonSiege.exe (Gas Powered Games) [Fichier non signé]
FirewallRules: [{9276B553-7560-4E82-8DE9-73A02503F038}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beyond Good and Evil\SettingsApplication.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{213FD224-BFFE-4027-8863-39A8C2048B0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beyond Good and Evil\SettingsApplication.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{39487DF9-5E44-4D9D-88DA-422705622D98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beyond Good and Evil\BGE.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{C92D6222-EAE0-45A6-B1D7-3B2F4179D1CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beyond Good and Evil\BGE.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{0D0EAD82-7637-4895-83EA-C556BA61D434}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{160DEA10-9E62-4522-B3D1-E7208782E6E6}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{F2D08E27-ECAE-4CC2-9CC7-221F46D481F2}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [{1FC3A3D4-967F-4222-943C-FB715BD182D5}] => (Allow) LPort=5357
FirewallRules: [{FDAFD889-A992-42E3-B490-9E39535003FA}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\DeviceSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{578EACAE-FBFC-4851-A5E9-C590A164BC78}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\bin\FaxPrinterUtility.exe (HP Inc. -> HP Inc.)
FirewallRules: [{E4B2AD47-1803-4896-9043-7BB856791D1E}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\bin\SendAFax.exe (HP Inc. -> HP Inc.)
FirewallRules: [{84185EB7-5FF8-4FA3-A746-03B8A022F001}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\bin\DigitalWizards.exe (HP Inc. -> HP Inc.)
FirewallRules: [{44715D03-DACD-4B8B-A19B-953710198C63}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\bin\FaxApplications.exe (HP Inc. -> HP Inc.)
FirewallRules: [{7E5AD7A8-EAE6-4403-A58D-6D72E52FBAFE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7D8E5F8E-DD8F-4F2F-8F2B-2CAEB36AB1DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6EFE0162-D2A6-4BA0-8424-EA59DF4DF46D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7706B263-A767-43DC-B782-9C25683FA496}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FA4F331F-0FD3-498D-B877-0E55BD1A7E39}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D5541E13-142F-44F2-A899-0BAEA60AE4D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6869360C-88F9-494F-AC8F-6BD9D2BDE907}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => Pas de fichier
FirewallRules: [{0FD53439-2148-4C7F-95EB-D8E65C6AD08A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => Pas de fichier
FirewallRules: [{408B989F-2FD2-45EF-B991-F0F940696C62}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B370F000-4153-4684-9823-985AB0B551E3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{910DDFA2-B2CB-4803-B62B-4F58BFA9FC90}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E71E87AC-62C2-45E2-973B-CE4B34EFF8B9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{375661F2-AA38-4468-B54B-0001731B29E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY FFX&FFX-2 HD Remaster\FFX&X-2_LAUNCHER.exe (SQUARE ENIX CO., LTD.) [Fichier non signé]
FirewallRules: [{D7BA4012-D2DC-4029-9D46-77F2759953D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY FFX&FFX-2 HD Remaster\FFX&X-2_LAUNCHER.exe (SQUARE ENIX CO., LTD.) [Fichier non signé]
FirewallRules: [{A7BDE892-D1C8-4DB0-99B6-665A331DE5D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Max Payne FR\MaxPayne.exe (Remedy Entertainment) [Fichier non signé]
FirewallRules: [{2042A53A-69AD-4CB3-9FBE-E7F01F4FF25B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Max Payne FR\MaxPayne.exe (Remedy Entertainment) [Fichier non signé]
FirewallRules: [{467A138B-9E34-4F67-80A4-74A949DD377C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE.exe (DEVOLVER DIGITAL, INC -> )
FirewallRules: [{0DDE058A-B2A9-40C8-A5BA-575E731CF3C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE.exe (DEVOLVER DIGITAL, INC -> )
FirewallRules: [{DD7A9516-630E-48A3-8744-6D22AD283429}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE_Unrestricted.exe (DEVOLVER DIGITAL, INC -> )
FirewallRules: [{D0F7D137-9FD9-4461-937F-05511A5FD935}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE_Unrestricted.exe (DEVOLVER DIGITAL, INC -> )
FirewallRules: [{50C706DD-864C-4CC3-A4FF-DC430B724F49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unreal Tournament\System\UnrealTournament.exe () [Fichier non signé]
FirewallRules: [{9F479C8B-9496-4FFC-ADE5-549B57098EF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unreal Tournament\System\UnrealTournament.exe () [Fichier non signé]
FirewallRules: [{0E9EAEAF-0100-4B95-9E90-85E461A48EA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve Corp. -> Valve)
FirewallRules: [{4872765E-E6B2-4029-9799-ECEFA4E04207}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve Corp. -> Valve)
FirewallRules: [{4899C5C0-0EBB-4A7B-A774-BD9094DAEB7D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.127\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FCB0E26E-B87C-4ABA-9848-610FC461D7F7}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25007.607.3371.8436_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2F52DAE9-0F76-40BB-A2FE-1C279080E0B8}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25007.607.3371.8436_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F502E0E5-EDF8-47D1-91A6-8A404D484990}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FDD406B8-C684-4636-8777-BE78525C4B0A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{00895CE8-3F52-4A19-8C97-26DF1C2750B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F48BB2EE-A4C2-4AE4-ADCC-CB788139C353}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4E1A0A29-37DF-42A2-A1DC-C13536259D85}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8B6404B3-B8F1-4038-89CD-B76A4BED52EE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C8B72D6C-7F25-4BBA-B55E-A8FB203E660B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{879C9BB5-13D1-4D5D-94DD-194A11530E64}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A4F8CB08-1D04-4D0A-A0ED-33F4750998AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{880258AB-B5A1-4BB7-9737-B1363F0B5EB5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{96A94645-0B39-4D92-807D-7A8E59E78901}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3DDF8964-A03F-44BA-8392-C9E40662D5AA}] => (Allow) C:\Program Files\Google\NearbyShare\nearby_share.exe (Google LLC -> Google)
FirewallRules: [{7BCD0321-8157-4100-AF49-9AC461CC739C}] => (Allow) C:\Program Files\Google\NearbyShare\nearby_share.exe (Google LLC -> Google)
==================== Points de restauration =========================
05-02-2025 21:29:50 ZHPcleaner
==================== Ãléments en erreur du Gestionnaire de périphériques ============
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (02/06/2025 07:02:45 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: AUTORITE NT)
Description: Windows ne peut pas charger la DLL de compteur extensible « C:\WINDOWS\system32\sysmain.dll » (code d'erreur Win32 126).
Error: (02/05/2025 08:26:55 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de lâappel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours..
Error: (02/05/2025 08:26:55 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours.]
Error: (02/05/2025 08:13:31 PM) (Source: Firefox Default Browser Agent) (EventID: 1332) (User: )
Description: Event-ID 1332
Error: (02/03/2025 08:36:26 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: FREDO)
Description: Impossible de fermer lâapplication ou le service « Microsoft Office SDX Helper ».
Error: (02/03/2025 05:23:02 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {E29070F2-5A4D-4BEC-9BA0-EBFBB4261D62}
Error: (01/30/2025 06:00:57 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: AUTORITE NT)
Description: Windows ne peut pas charger la DLL de compteur extensible « C:\WINDOWS\system32\sysmain.dll » (code d'erreur Win32 126).
Error: (01/29/2025 05:35:21 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: AUTORITE NT)
Description: Windows ne peut pas charger la DLL de compteur extensible « C:\WINDOWS\system32\sysmain.dll » (code d'erreur Win32 126).
Erreurs système:
=============
Error: (02/06/2025 05:34:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Service Google Update (gupdate) nâa pas pu démarrer en raison de lâerreur :
Le service nâa pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (02/06/2025 05:34:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de lâattente de la connexion du service Service Google Update (gupdate).
Error: (02/06/2025 05:34:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Avira Security Updater nâa pas pu démarrer en raison de lâerreur :
Le service nâa pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (02/06/2025 05:34:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de lâattente de la connexion du service Avira Security Updater.
Error: (02/06/2025 05:33:10 PM) (Source: Schannel) (EventID: 4103) (User: AUTORITE NT)
Description: Une erreur irrécupérable sâest produite lors de la création dâune information dâidentification de client TLS. Lâétat dâerreur interne est 10013.
processus client SSPI est UpgradeTool (PIDÂ : 16320).
Error: (02/06/2025 05:33:10 PM) (Source: Schannel) (EventID: 4103) (User: AUTORITE NT)
Description: Une erreur irrécupérable sâest produite lors de la création dâune information dâidentification de client TLS. Lâétat dâerreur interne est 10013.
processus client SSPI est UpgradeTool (PIDÂ : 16320).
Error: (02/06/2025 05:33:10 PM) (Source: Schannel) (EventID: 4103) (User: AUTORITE NT)
Description: Une erreur irrécupérable sâest produite lors de la création dâune information dâidentification de client TLS. Lâétat dâerreur interne est 10013.
processus client SSPI est UpgradeTool (PIDÂ : 16320).
Error: (02/06/2025 05:33:10 PM) (Source: Schannel) (EventID: 4103) (User: AUTORITE NT)
Description: Une erreur irrécupérable sâest produite lors de la création dâune information dâidentification de client TLS. Lâétat dâerreur interne est 10013.
processus client SSPI est UpgradeTool (PIDÂ : 16320).
Windows Defender:
================
Date: 2025-02-04 18:50:50
Description:
Lâanalyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de lâanalyse : {502B9016-AFCC-413A-B2C8-979599153A35}
Type de lâanalyse : Logiciel anti-programme malveillant
Paramètres de lâanalyse : Analyse rapide
Utilisateur : AUTORITE NT\Système�
Date: 2025-02-03 18:16:33
Description:
Lâanalyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de lâanalyse : {67C7A9FF-C6B0-46F1-A862-23A6FD2CE454}
Type de lâanalyse : Logiciel anti-programme malveillant
Paramètres de lâanalyse : Analyse rapide
Utilisateur : AUTORITE NT\Système�
Date: 2025-02-02 18:18:58
Description:
Lâanalyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de lâanalyse : {DCA97292-B651-48EF-A2B1-1D4609430687}
Type de lâanalyse : Logiciel anti-programme malveillant
Paramètres de lâanalyse : Analyse rapide
Utilisateur : AUTORITE NT\Système�
Date: 2025-01-28 18:55:39
Description:
Lâanalyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de lâanalyse : {ED6F11C2-65DD-4E8B-A010-D6781E6D73FF}
Type de lâanalyse : Logiciel anti-programme malveillant
Paramètres de lâanalyse : Analyse rapide
Utilisateur : AUTORITE NT\Système�
Date: 2025-01-28 18:43:13
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus dâinformations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/AgentTesla!ml&threatid=2147760503&enterprise=0
Nom : Trojan:Win32/AgentTesla!ml
ID : 2147760503
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_C:\Users\rpgis\Downloads\DeusEx_FrenchPatch18b7.exe
Origine de la détection : Ordinateur local
Type de détection : Chemin rapide
Source de détection : Protection en temps réel
Utilisateur : AUTORITE NT\Système
Nom du processus : C:\Program Files\Norton Security\Engine\22.24.8.36\NortonSecurity.exe
Version de la veille de sécurité : AV: 1.421.1579.0, AS: 1.421.1579.0, NIS: 1.421.1579.0
Version du moteur : AM: 1.1.24090.11, NIS: 1.1.24090.11�

CodeIntegrity:
===============
Date: 2025-02-07 19:20:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Avira\Endpoint Protection SDK\wsc_agent.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.24.8.36\symamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.�
Date: 2025-02-07 19:20:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.24.8.36\symamsi.dll that did not meet the Windows signing level requirements.�
Date: 2025-02-07 19:20:00
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Avira\Endpoint Protection SDK\amsi\x64\avamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.�
==================== Infos Mémoire ===========================
BIOS: American Megatrends Inc. R01-A2 07/02/2021
Carte mère: Acer Nitro N50-620
Processeur: 11th Gen Intel(R) Core(TM) i5-11400F @ 2.60GHz
Pourcentage de mémoire utilisée: 39%
Mémoire physique - RAM - totale: 16237.4 MB
Mémoire physique - RAM - disponible: 9760.94 MB
Mémoire virtuelle totale: 17261.4 MB
Mémoire virtuelle disponible: 9445.72 MB
==================== Lecteurs ================================
Drive c: (Acer) (Fixed) (Total:475.66 GB) (Free:295.18 GB) (Model: WDC PC SN530 SDBPNPZ-512G-1114) NTFS
Drive d: (Frédéric) (Fixed) (Total:3725.9 GB) (Free:3534.78 GB) (Model: Seagate Expansion SCSI Disk Device) NTFS
\\?\Volume{ffd07457-5925-41a2-a1fd-7569f1faa07b}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.4 GB) NTFS
\\?\Volume{2d5cb251-81cd-4ab6-b12a-b3404ca09fbf}\ (ESP) (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32
==================== MBR & Table des partitions ====================
==========================================================
Disk: 1 (Size: 3726 GB) (Disk ID: 4BCEC874)
Partition: GPT.
==================== Fin de Addition.txt =======================