Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 20-10-2021 Exécuté par marite (21-10-2021 17:52:30) Exécuté depuis G:\ Microsoft Windows 10 Famille Version 20H2 19042.1288 (X64) (2021-04-18 08:50:43) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-2595580047-1136342414-3253307354-500 - Administrator - Disabled) Agility (S-1-5-21-2595580047-1136342414-3253307354-1003 - Limited - Enabled) => C:\Users\Agility DefaultAccount (S-1-5-21-2595580047-1136342414-3253307354-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2595580047-1136342414-3253307354-1005 - Limited - Enabled) Invité (S-1-5-21-2595580047-1136342414-3253307354-501 - Limited - Disabled) marite (S-1-5-21-2595580047-1136342414-3253307354-1001 - Administrator - Enabled) => C:\Users\maite MT (S-1-5-21-2595580047-1136342414-3253307354-1002 - Administrator - Enabled) => C:\Users\MT WDAGUtilityAccount (S-1-5-21-2595580047-1136342414-3253307354-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Norton 360 (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D} AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75} AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Norton 360 (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0} AV: Norton 360 (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E} FW: Norton 360 (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1} FW: Norton 360 (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB} FW: Norton 360 (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 64 Bit HP CIO Components Installer (HKLM\...\{345F3F90-0505-4EDF-B7A9-5E3AC1AC6CE4}) (Version: 15.2.1 - Hewlett-Packard) Hidden 7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe) Adobe Photoshop Elements 2019 (HKLM-x32\...\PSE_17_0) (Version: 17.0 - Adobe Systems Incorporated) Assistant Mise à niveau de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17376 - Microsoft Corporation) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.9 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.14.0006 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS) AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.101 - ICEpower a/s) Banque Populaire (HKLM-x32\...\{C418F413-6D57-4AC6-862B-66B1CDDBCF92}) (Version: 5.6.0.1 - e-Carte Bleue Banque Populaire) Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.94.50 - Conexant) Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.3 - ASUSTek Computer Inc.) Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.503.1 - Dropbox, Inc.) Hidden EBP Mon Association 2017 21.0 (HKLM-x32\...\{BF3A80EC-ECED-4E32-84D0-3AD03D2F0027}) (Version: 21.0.0 - EBP) Hidden EBP Mon Association 2017 21.0 (HKLM-x32\...\EBP Mon Association 2017 21.0) (Version: 21.0.0 - EBP) Evernote v. 5.9.1 (HKLM-x32\...\{5EA1DED0-5285-11E5-8AA1-0050569584E9}) (Version: 5.9.1.8742 - Evernote Corp.) GameFirst IV (HKLM-x32\...\{795A0031-3DD5-43F1-BCBA-AEBA756D0FBB}) (Version: 1.5.23 - ASUS) Hidden GameFirst IV (HKLM-x32\...\GameFirst IV 1.5.23) (Version: 1.5.23 - ASUS) Google Earth Pro (HKLM\...\{9BFB06CD-3925-49E2-BAB7-EA695821CE4C}) (Version: 7.3.4.8248 - Google) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 94.0.4606.81 - Google LLC) HP Color LaserJet Pro MFP M476 (HKLM-x32\...\{4b849805-3b07-4b35-874a-705c0d103672}) (Version: 15.0.16077.631 - Hewlett-Packard) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPCLJProMFPM476 (HKLM-x32\...\{C44C593D-3009-4D03-910E-243050C5E193}) (Version: 0.05.0000 - Hewlett-Packard) HPLJUTCore (HKLM-x32\...\{06C9D648-CFC6-48CC-A11B-C4A21BEDDAF1}) (Version: 018.000.0001 - HP) Hidden HPLJUTM476 (HKLM-x32\...\{92AB9371-D327-4D56-9BDD-B38A671A631D}) (Version: 010.000.0001 - HP) Hidden hppM476LaserJetService (HKLM-x32\...\{CD86BE42-2844-4A15-A487-0F60CAB31664}) (Version: 001.034.00634 - Hewlett-Packard) Hidden hpStatusAlerts (HKLM-x32\...\{32DE03E8-D0B3-4D13-A885-D3EDFC959EEC}) (Version: 180.040.00267 - HP Development Company, L.P.) Hidden hpStatusAlertsM476 (HKLM-x32\...\{C864CA6F-3A1D-45B5-A115-C8D47CAE3845}) (Version: 100.046.00121 - Hewlett-Packard) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{a2d9fda8-65eb-4c06-81ef-31e0a4daa335}) (Version: 10.1.1.11 - Intel(R) Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1169 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{588DA478-D4FF-48E3-8290-49F8C4B21283}) (Version: 18.1.1527.1551 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) KeePass Password Safe 2.42.1 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.42.1 - Dominik Reichl) Logiciel Intel® PROSet/Wireless (HKLM-x32\...\{5853172b-5520-4089-9ef4-e26c594382b3}) (Version: 19.30.0 - Intel Corporation) Malwarebytes version 4.4.6.132 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.6.132 - Malwarebytes) Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.14430.20306 - Microsoft Corporation) Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.50 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 94.0.992.50 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2595580047-1136342414-3253307354-1001\...\OneDriveSetup.exe) (Version: 21.196.0921.0007 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2595580047-1136342414-3253307354-1002\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2595580047-1136342414-3253307354-1003\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Support and Recovery Assistant (HKU\S-1-5-21-2595580047-1136342414-3253307354-1001\...\339020b868450372) (Version: 17.0.4732.6 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation) Module Signal Spam pour Office Outlook (HKLM-x32\...\{D38FBB09-A8DB-4DD5-97C0-C48C46D47B29}) (Version: 1.1.9 - Signal Spam) Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 93.0 (x64 fr)) (Version: 93.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.1 - Mozilla) mydlink services plugin (HKLM-x32\...\{1A9B665A-5F27-4F71-BF90-22FDFE7A1635}) (Version: 1.0.2.7 - D-Link Corporation) Norton 360 (HKLM-x32\...\NGC) (Version: 22.21.9.25 - NortonLifeLock Inc) Norton Utilities (HKLM\...\{36896A40-D958-486B-8A43-31A41E129FE2}) (Version: 21.4.3.281 - NortonLifeLock Inc) Nuance Power PDF Standard (HKLM\...\{A71E5DA3-8DBF-4033-90A1-26536CEE4805}) (Version: 2.10.6413 - Nuance Communications, Inc.) NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NVIDIA Pilote graphique 388.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.73 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20306 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20306 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.14430.20234 - Microsoft Corporation) Hidden Progesco Agility 2018 version 2018 (HKLM-x32\...\{38CBEAFE-28F0-4C36-B1E0-3A245B501B72}_is1) (Version: 2018 - CNEAC) ProGIC_ModuleObeissance (HKU\S-1-5-21-2595580047-1136342414-3253307354-1001\...\4696c33f7dc537c0) (Version: 6.0.0.8 - ProGIC_ModuleObeissance) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10143.21278 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek) ROG Gaming Center (HKLM-x32\...\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}) (Version: 1.0.7 - ASUS) Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.28 - Samsung Electronics Co., Ltd.) Hidden Secunia PSI (3.0.0.11005) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.11005 - Secunia) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43835 - TeamViewer) Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.67 - Samsung Electronics CO., LTD.) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation) Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden Utilitaire de mise à jour des logiciels EBP 1.1.3 (HKLM-x32\...\Utilitaire de mise à jour des logiciels EBP 1.1.3) (Version: 1.1.3 - EBP) VdhCoApp 1.1.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN) Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden WD Backup (HKLM-x32\...\{786f930d-c00a-441a-9e9b-b74103f8acbb}) (Version: 1.9.7117.6823 - Western Digital Technologies, Inc.) WD Backup (HKLM-x32\...\{BD6A391C-1CBE-4193-BCE6-89F550252C3B}) (Version: 1.9.7117.6823 - Western Digital Technologies, Inc) Hidden WD Desktop App 2.1.0.299 (HKLM-x32\...\{f79d30ca-d71c-4aaa-b9b0-b26833cdac51}) (Version: 2.1.0.299 - Western Digital Corporation) Hidden WD Desktop App 2.1.0.299 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.299 - Western Digital Corporation) Hidden WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 3.7.214 - Western Digital Technologies, Inc.) WD Drive Utilities (HKLM-x32\...\{C24328D2-3D94-4281-B174-3AD6F92012F7}) (Version: 2.0.0.63 - Western Digital Technologies, Inc.) Hidden WD Drive Utilities (HKLM-x32\...\{d4b2783c-7832-4902-bca3-bbfccdda2fad}) (Version: 2.0.0.63 - Western Digital Technologies, Inc.) WD SES Driver Setup (HKLM-x32\...\{924A274D-38B6-4930-8859-F3F51CFA8DDD}) (Version: 1.1.0.25 - Western Digital) Hidden WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.1.1.8 - WildTangent) Windows Driver Package - ASUS (AsusSGDrv) Mouse (10/21/2015 8.0.0.19) (HKLM\...\DE393C6A9AB085F9E19765D003555C3D360497DB) (Version: 10/21/2015 8.0.0.19 - ASUS) WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) Wire (HKU\S-1-5-21-2595580047-1136342414-3253307354-1001\...\wire) (Version: 3.17.3598 - Wire) Wise Duplicate Finder 1.3.5 (HKLM-x32\...\Wise Duplicate Finder_is1) (Version: 1.3.5 - WiseCleaner.com, Inc.) XSplit Gamecaster (HKLM-x32\...\{0E12BEC0-F2EE-43FA-AEA0-24B5E9F80167}) (Version: 2.5.1507.3011 - SplitmediaLabs) Packages: ========= Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.204.300.0_x86__kgqvnymyfvs32 [2021-10-14] (king.com) Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-08] (Microsoft Corporation) Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.927.1.0_neutral__8xx8rvfyw5nnt [2021-09-30] (Facebook Inc) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_131.1.242.0_x64__v10z8vjag6ke6 [2021-09-30] (HP Inc.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.9220.0_x64__8wekyb3d8bbwe [2021-10-11] (Microsoft Studios) [MS Ad] Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-01-17] (MAGIX) MyASUS-Service Center -> C:\Program Files\WindowsApps\B9ECED6F.MyASUS_3.3.11.0_x86__qmba6cd70vzyy [2018-04-28] (ASUSTeK COMPUTER INC.) [Startup Task] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-16] (Netflix, Inc.) Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2017-07-12] (Samsung Electronics Co. Ltd.) TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2017-06-09] (TripAdvisor LLC) Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-10] (Twitter Inc.) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-2595580047-1136342414-3253307354-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BAD45F}\localserver32 -> C:\Program Files\Adobe\Elements 2019 Organizer\Elements Auto Creations 2019.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) CustomCLSID: HKU\S-1-5-21-2595580047-1136342414-3253307354-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6} CustomCLSID: HKU\S-1-5-21-2595580047-1136342414-3253307354-1001_Classes\CLSID\{020157DD-A95C-3A4E-9CD7-94B6A0501A11}\InprocServer32 -> C:\Users\maite\AppData\Local\Signal Spam\Module Signal Spam pour Office Outlook\SignalSpam.DLL (VERIFROM SAS -> Signal Spam) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-2595580047-1136342414-3253307354-1001_Classes\CLSID\{5B9C7C85-9F09-392E-9223-EFF4459A87DF}\InprocServer32 -> C:\Users\maite\AppData\Local\Signal Spam\Module Signal Spam pour Office Outlook\SignalSpam.DLL (VERIFROM SAS -> Signal Spam) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-2595580047-1136342414-3253307354-1001_Classes\CLSID\{B3DEF8B6-0188-31BE-B784-313B4218D9F6}\InprocServer32 -> C:\Users\maite\AppData\Local\Signal Spam\Module Signal Spam pour Office Outlook\SignalSpam.DLL (VERIFROM SAS -> Signal Spam) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-2595580047-1136342414-3253307354-1001_Classes\CLSID\{B4D25E30-0D53-3627-885D-A24E7ABD137E}\InprocServer32 -> C:\Users\maite\AppData\Local\Signal Spam\Module Signal Spam pour Office Outlook\SignalSpam.DLL (VERIFROM SAS -> Signal Spam) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-2595580047-1136342414-3253307354-1001_Classes\CLSID\{B7C0EDAA-096F-3E55-A865-DBAC05CFAC72}\InprocServer32 -> C:\Users\maite\AppData\Local\Signal Spam\Module Signal Spam pour Office Outlook\SignalSpam.DLL (VERIFROM SAS -> Signal Spam) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-2595580047-1136342414-3253307354-1001_Classes\CLSID\{BA43377E-7A19-3F44-9A0D-C8B9FD6BFC53}\InprocServer32 -> C:\Users\maite\AppData\Local\Signal Spam\Module Signal Spam pour Office Outlook\SignalSpam.DLL (VERIFROM SAS -> Signal Spam) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-2595580047-1136342414-3253307354-1001_Classes\CLSID\{BE77FEF6-83F3-3324-9C4D-A2370F6DDF68}\InprocServer32 -> C:\Users\maite\AppData\Local\Signal Spam\Module Signal Spam pour Office Outlook\SignalSpam.DLL (VERIFROM SAS -> Signal Spam) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-2595580047-1136342414-3253307354-1001_Classes\CLSID\{DEC3C63F-3E59-42C5-8ACC-F3E8E703496B}\InprocServer32 -> C:\Users\maite\AppData\Local\Signal Spam\Module Signal Spam pour Office Outlook\adxloader64.dll (VERIFROM SAS -> Signal Spam) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-2595580047-1136342414-3253307354-1001_Classes\CLSID\{E7B507D4-30DB-3A08-BAB0-ADA1088F53AA}\InprocServer32 -> C:\Users\maite\AppData\Local\Signal Spam\Module Signal Spam pour Office Outlook\SignalSpam.DLL (VERIFROM SAS -> Signal Spam) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-2595580047-1136342414-3253307354-1001_Classes\CLSID\{F430AC54-0883-3B1F-9BFE-F281135C2B25}\InprocServer32 -> C:\Users\maite\AppData\Local\Signal Spam\Module Signal Spam pour Office Outlook\SignalSpam.DLL (VERIFROM SAS -> Signal Spam) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-2595580047-1136342414-3253307354-1001_Classes\CLSID\{F786CF66-B23F-36E3-852D-4B34D50C50CF}\InprocServer32 -> C:\Users\maite\AppData\Local\Signal Spam\Module Signal Spam pour Office Outlook\SignalSpam.DLL (VERIFROM SAS -> Signal Spam) [Fichier non signé] SSODL: WDFSMountNotificator-wdfsconnect2017 - {1B4AFDDB-5C64-496B-ACD2-D7E30149731A} - C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [Fichier non signé] SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {1B4AFDDB-5C64-496B-ACD2-D7E30149731A} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [Fichier non signé] ShellServiceObjects: Virtual Storage Mount Notification -> {1B4AFDDB-5C64-496B-ACD2-D7E30149731A} => C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [Fichier non signé] ShellServiceObjects-x32: Virtual Storage Mount Notification -> {1B4AFDDB-5C64-496B-ACD2-D7E30149731A} => C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [Fichier non signé] ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:\Program Files\WD Desktop App\kda.DLL [2020-02-21] (Western Digital Technologies, Inc. -> Western Digital Corporation) ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:\Program Files\WD Desktop App\kda.DLL [2020-02-21] (Western Digital Technologies, Inc. -> Western Digital Corporation) ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:\Program Files\WD Desktop App\kda.DLL [2020-02-21] (Western Digital Technologies, Inc. -> Western Digital Corporation) ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:\Program Files\WD Desktop App\kda.DLL [2020-02-21] (Western Digital Technologies, Inc. -> Western Digital Corporation) ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:\Program Files\WD Desktop App\kda.DLL [2020-02-21] (Western Digital Technologies, Inc. -> Western Digital Corporation) ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:\Program Files\WD Desktop App\kda.DLL [2020-02-21] (Western Digital Technologies, Inc. -> Western Digital Corporation) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ContextMenuHandlers1: [FileShredder] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\Program Files\Norton Utilities Premium\x64\FileShredder.dll [2021-09-16] (NortonLifeLock Inc. -> Symantec Corporation) ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.9.25\NavShExt.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ContextMenuHandlers1: [NPDF.ShellExtension] -> {03DDC0E5-AF08-40a2-85B9-FEDF1F4A780C} => C:\Program Files (x86)\Nuance\Power PDF 21\ShellExt.dll [2017-05-16] (Nuance Communications, Inc. -> Nuance Communications, Inc.) ContextMenuHandlers1: [Nuance.SMFCDirectShellExt] -> {B080A0B4-C3ED-4E09-B92C-66D5829AA764} => C:\Program Files (x86)\Nuance\Power PDF 21\bin\SDirectShellExt.dll [2017-04-28] (ZEON CORPORATION -> Zeon International Investment Corp.) ContextMenuHandlers1: [WDDesktopContextMenu] -> {d95497fd-7066-3d1c-8ea7-96649264b38f} => C:\Program Files\WD Desktop App\kda.DLL [2020-02-21] (Western Digital Technologies, Inc. -> Western Digital Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.9.25\NavShExt.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers4: [FileShredder] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\Program Files\Norton Utilities Premium\x64\FileShredder.dll [2021-09-16] (NortonLifeLock Inc. -> Symantec Corporation) ContextMenuHandlers4: [WDDesktopContextMenu] -> {d95497fd-7066-3d1c-8ea7-96649264b38f} => C:\Program Files\WD Desktop App\kda.DLL [2020-02-21] (Western Digital Technologies, Inc. -> Western Digital Corporation) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxDTCM.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-19] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.9.25\NavShExt.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== ==================== Modules chargés (Avec liste blanche) ============= 2021-10-14 10:59 - 2021-10-14 10:59 - 000372736 _____ () [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\44ce21c1c56741e3ce97cf172ca30e92\Interop.CxHDAudioAPILib.ni.dll 2021-10-14 10:59 - 2021-10-14 10:59 - 000018944 _____ () [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\8deafe43513ae52e19d327810a333f5c\Interop.CxUtilSvcLib.ni.dll 2016-11-04 15:27 - 2018-03-13 10:21 - 001173504 _____ (Conexant Systems, Inc.) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll 2009-09-16 18:44 - 2009-09-16 18:44 - 000153088 _____ (Hewlett Packard) [Fichier non signé] C:\WINDOWS\System32\hptcpmib.dll 2009-09-16 18:45 - 2009-09-16 18:45 - 000331264 _____ (Hewlett Packard) [Fichier non signé] C:\WINDOWS\System32\HpTcpMon.dll 2009-09-16 11:44 - 2009-09-16 11:44 - 000132096 _____ (Hewlett Packard) [Fichier non signé] C:\WINDOWS\System32\hpzjrd01.dll 2019-05-08 08:35 - 2018-04-30 14:00 - 000075776 _____ (Igor Pavlov) [Fichier non signé] C:\Program Files\7-Zip\7-zip.dll 2009-09-16 18:45 - 2009-09-16 18:45 - 000317440 _____ (Microsoft Corporation) [Fichier non signé] C:\WINDOWS\System32\HPTcpMUI.dll 2020-04-18 10:48 - 2020-04-18 10:48 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll 2020-04-18 10:48 - 2020-04-18 10:48 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll 2016-04-04 12:03 - 2016-04-04 12:03 - 000123904 _____ (Samsung Electronics Co., Ltd.) [Fichier non signé] C:\Program Files (x86)\Samsung\Easy Printer Manager\SmartScreenPrint\CDAKEYMonitor64.dll 2019-11-15 14:49 - 2019-11-15 14:49 - 000745176 _____ (VERIFROM SAS -> Signal Spam) [Fichier non signé] C:\Users\maite\AppData\Local\Signal Spam\Module Signal Spam pour Office Outlook\adxloader64.dll 2017-05-05 15:25 - 2017-05-05 15:25 - 005251360 _____ (Zeon Corporation -> Zeon Corporation) [Fichier non signé] C:\Program Files (x86)\Nuance\Power PDF 21\bin\PDFCore8_x64.dll ==================== Alternate Data Streams (Avec liste blanche) ======== (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\ProgramData\TEMP:AB1A1E3D [742] ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps//go.microsoft.com/fwlink/p/?LinkId=255141 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896 HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896 HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896 HKU\S-1-5-21-2595580047-1136342414-3253307354-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896 HKU\S-1-5-21-2595580047-1136342414-3253307354-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//asus15.msn.com/?pc=ASTE HKU\S-1-5-21-2595580047-1136342414-3253307354-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//asus15.msn.com/?pc=ASTE HKU\S-1-5-21-2595580047-1136342414-3253307354-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896 HKU\S-1-5-21-2595580047-1136342414-3253307354-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141 HKU\S-1-5-21-2595580047-1136342414-3253307354-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896 HKU\S-1-5-21-2595580047-1136342414-3253307354-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141 SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE SearchScopes: HKU\S-1-5-21-2595580047-1136342414-3253307354-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2595580047-1136342414-3253307354-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2595580047-1136342414-3253307354-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps//nortonsafe.search.ask.com/web?q={searchTerms}&l=dis&prt=NGC&chn=1000&geo=FR&ver=22.18.0.213&locale=FR_fr&guid=C5AAF679-4108-4303-AE98-FE1A699865CD&doi=2016-09-01&o=APN11913&cmpgn=sep19&gct=kwd&qsrc=2869 BHO: Pas de nom -> {1B4AFDDB-5C64-496B-ACD2-D7E30149731A}' -> Pas de fichier BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.) BHO: Nuance PDF Conversion Toolbar Helper -> {940361F8-7F16-4498-AB43-2EFFE0235AFA} -> C:\Program Files (x86)\Nuance\Power PDF 21\Bin\SPDFIEFavClient_x64.dll [2017-02-10] (Nuance Communications, Inc. -> Zeon Corporation) BHO: PlusIEEventHelper Class -> {9D137966-2E29-45C5-9B12-29D5427F8F66} -> C:\Program Files (x86)\Nuance\Power PDF 21\Bin\PlusIEContextMenu_x64.dll [2017-02-10] (Nuance Communications, Inc. -> Zeon Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-11] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.) BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO-x32: Nuance PDF Conversion Toolbar Helper -> {940361F8-7F16-4498-AB43-2EFFE0235AFA} -> C:\Program Files (x86)\Nuance\Power PDF 21\Bin\SPDFIEFavClient.dll [2017-02-10] (Nuance Communications, Inc. -> Zeon Corporation) BHO-x32: PlusIEEventHelper Class -> {9D137966-2E29-45C5-9B12-29D5427F8F66} -> C:\Program Files (x86)\Nuance\Power PDF 21\Bin\PlusIEContextMenu.dll [2017-02-10] (Nuance Communications, Inc. -> Zeon Corporation) Toolbar: HKLM - Nuance PDF Toolbar - {BED78D9C-A025-4FE9-B3BA-27E6D376A3D5} - C:\Program Files (x86)\Nuance\Power PDF 21\Bin\SPDFIEFavClient_x64.dll [2017-02-10] (Nuance Communications, Inc. -> Zeon Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.) Toolbar: HKLM-x32 - Nuance PDF Toolbar - {BED78D9C-A025-4FE9-B3BA-27E6D376A3D5} - C:\Program Files (x86)\Nuance\Power PDF 21\Bin\SPDFIEFavClient.dll [2017-02-10] (Nuance Communications, Inc. -> Zeon Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.) DPF: HKLM-x32 {76A99961-126B-48C5-AADB-E239EECF71D5} hxxps//192.168.1.17/H264PlugLiteDL.cab Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-11] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-11] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-11] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-11] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-11] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-11] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-11] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-11] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2015-10-30 09:24 - 2019-09-26 11:12 - 000000027 ____N C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 2017-09-19 08:57 - 2019-07-30 14:06 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-2595580047-1136342414-3253307354-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\maite\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\asus.jpg HKU\S-1-5-21-2595580047-1136342414-3253307354-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg HKU\S-1-5-21-2595580047-1136342414-3253307354-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: Le média n'est pas connecté à internet. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) MSCONFIG\Services: SamsungUPDUtilSvc => 2 HKLM\...\StartupApproved\Run32: => "WDAppManager" HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper" HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad" HKLM\...\StartupApproved\Run32: => "WDDiscovery" HKU\S-1-5-21-2595580047-1136342414-3253307354-1001\...\StartupApproved\Run: => "OneDrive" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [UDP Query User{91CF885E-987F-4030-977B-E994ADA86CC4}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Block) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe (Samsung Electronics CO., LTD. -> ) FirewallRules: [TCP Query User{EA027342-2775-47DB-A541-B8EBCF1AA78D}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Block) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe (Samsung Electronics CO., LTD. -> ) FirewallRules: [{497F8A79-49E6-4C3F-B36D-602513544628}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{E05BE1A0-C111-4AB2-A3B3-D8C1E803D84D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{D585AA8B-FF5C-4F18-85CA-136538016FD3}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe (Samsung Electronics CO., LTD. -> ) FirewallRules: [TCP Query User{B8EAB7A1-CFBA-42E0-9FC7-01DCC9374C42}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe (Samsung Electronics CO., LTD. -> ) FirewallRules: [{0D07EC20-548F-4A62-94E9-7D5116425785}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{9F91A5DA-A2FD-4B6F-BC66-07DC4F011780}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{1B38C5D8-B560-4932-B723-BD5D9AA24205}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{20900766-2D6C-4BAA-AA12-48CBC82E2359}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{38E67251-5E86-473F-88CA-651B7D02E53A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{CCAAB123-D44D-4FE0-964A-DD1A627A4581}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2C6B12F8-2415-4405-9446-1AA7F17191BB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A213FAD8-45BC-49D9-8EB6-2684CC5CD608}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C84FE106-8E74-49EE-9708-0CA7438B735F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{B1878BD8-6C37-403D-A546-4B818F3BA0C9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D7908E13-FA9C-43C8-BB20-539C1A4B0A6C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\94.0.992.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Points de restauration ========================= 05-10-2021 16:45:28 Point de contrôle planifié 13-10-2021 08:03:32 Programme d’installation pour les modules Windows 20-10-2021 12:42:37 Point de contrôle planifié ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (10/21/2021 04:10:33 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: ) Description: Event-ID 12007 Error: (10/21/2021 04:10:33 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: ) Description: Event-ID 0 Error: (10/21/2021 12:40:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante asOELnch.exe, version : 22.21.9.11, horodatage : 0x614ed64e Nom du module défaillant : olmapi32.dll, version : 16.0.14430.20292, horodatage : 0x615fb452 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000000467c2 ID du processus défaillant : 0x2f2c Heure de début de l’application défaillante : 0x01d7c6680d172df4 Chemin d’accès de l’application défaillante : C:\Program Files\Norton Security\Engine\22.21.9.25\asOELnch.exe Chemin d’accès du module défaillant: C:\Program Files\Microsoft Office\root\Office16\olmapi32.dll ID de rapport : 88e7cda5-5a7e-4de3-a8b2-49e178703b66 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (10/20/2021 01:11:37 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005, Accès refusé. . Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur. Opération : Données du rédacteur en cours de collecte Contexte : ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220} Nom du rédacteur: System Writer ID d’instance du rédacteur: {ff4a1593-e807-4530-a4eb-443cf304fa56} Error: (10/20/2021 10:29:31 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DESKTOP-ORFT8T3) Description: Impossible de fermer l’application ou le service « Microsoft Windows Search Protocol Host ». Error: (10/18/2021 07:02:20 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme StartMenuExperienceHost.exe version 0.0.0.0 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 3cf4 Heure de début : 01d7c3f13bea9bc6 Heure d'arrêt : 4294967295 Chemin d'accès à l'application : C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe ID de rapport : a8896523-8366-404b-8263-42c34c3e8c0c Nom complet du package défectueux : Microsoft.Windows.StartMenuExperienceHost_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy ID de l'application relative à un package défectueux : App Type de blocage : Quiesce Error: (10/16/2021 06:52:44 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme stritz.exe version 0.0.0.0 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 228 Heure de début : 01d7c2ae26b1449c Heure d'arrêt : 4294967295 Chemin d'accès à l'application : C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.204.300.0_x86__kgqvnymyfvs32\stritz.exe ID de rapport : d3257feb-ee05-4a81-b237-2da2599a5d3a Nom complet du package défectueux : king.com.CandyCrushSodaSaga_1.204.300.0_x86__kgqvnymyfvs32 ID de l'application relative à un package défectueux : App Type de blocage : Cross-process Error: (10/15/2021 02:35:11 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante spoolsv.exe, version : 10.0.19041.1288, horodatage : 0x025024ad Nom du module défaillant : hpzjcd01.dll, version : 6.1.7.0, horodatage : 0x47a39310 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000001ea38 ID du processus défaillant : 0x528c Heure de début de l’application défaillante : 0x01d7c1b4bd0f6583 Chemin d’accès de l’application défaillante : C:\WINDOWS\System32\spoolsv.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\hpzjcd01.dll ID de rapport : 81c4e5b9-3da9-4c33-81c3-74b7f99825c5 Nom complet du package défaillant : ID de l’application relative au package défaillant : Erreurs système: ============= Error: (10/21/2021 02:29:01 PM) (Source: Netwtw06) (EventID: 5010) (User: ) Description: Intel(R) Dual Band Wireless-AC 8260 : la carte réseau a retourné une valeur non valide au pilote. 5010 - Driver DBG_ASSERT - instead of BSOD Error: (10/21/2021 02:28:20 PM) (Source: Netwtw06) (EventID: 5010) (User: ) Description: Intel(R) Dual Band Wireless-AC 8260 : la carte réseau a retourné une valeur non valide au pilote. 5010 - Driver DBG_ASSERT - instead of BSOD Error: (10/21/2021 02:28:15 PM) (Source: Netwtw06) (EventID: 5005) (User: ) Description: Intel(R) Dual Band Wireless-AC 8260 : a rencontré une erreur interne et a échoué. 5005 - Driver internal error Error: (10/21/2021 02:28:15 PM) (Source: Netwtw06) (EventID: 5002) (User: ) Description: Intel(R) Dual Band Wireless-AC 8260 : a déterminé que la carte réseau ne fonctionne pas correctement. 5002 - uCode SW error (SysAssert, NMI) Error: (10/21/2021 02:28:15 PM) (Source: Netwtw06) (EventID: 5002) (User: ) Description: Intel(R) Dual Band Wireless-AC 8260 : a déterminé que la carte réseau ne fonctionne pas correctement. 5002 - uCode SW error (SysAssert, NMI) Error: (10/21/2021 02:28:15 PM) (Source: Netwtw06) (EventID: 5002) (User: ) Description: Intel(R) Dual Band Wireless-AC 8260 : a déterminé que la carte réseau ne fonctionne pas correctement. 5002 - uCode SW error (SysAssert, NMI) Error: (10/21/2021 02:28:15 PM) (Source: Netwtw06) (EventID: 5002) (User: ) Description: Intel(R) Dual Band Wireless-AC 8260 : a déterminé que la carte réseau ne fonctionne pas correctement. 5002 - uCode SW error (SysAssert, NMI) Error: (10/21/2021 02:28:15 PM) (Source: Netwtw06) (EventID: 5002) (User: ) Description: Intel(R) Dual Band Wireless-AC 8260 : a déterminé que la carte réseau ne fonctionne pas correctement. 5002 - uCode SW error (SysAssert, NMI) CodeIntegrity: =============== Date: 2021-10-21 13:25:31 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine32\22.21.9.25\symamsi.dll that did not meet the Microsoft signing level requirements. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. GL752VW.303 04/29/2019 Carte mère: ASUSTeK COMPUTER INC. GL752VW Processeur: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz Pourcentage de mémoire utilisée: 65% Mémoire physique - RAM - totale: 8090.52 MB Mémoire physique - RAM - disponible: 2757.3 MB Mémoire virtuelle totale: 10394.52 MB Mémoire virtuelle disponible: 3338.52 MB ==================== Lecteurs ================================ Drive c: (OS) (Fixed) (Total:237.62 GB) (Free:136.87 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)] Drive d: (DATA) (Fixed) (Total:833.86 GB) (Free:794.06 GB) NTFS Drive f: (Prive) (Fixed) (Total:97.66 GB) (Free:68.27 GB) NTFS Drive g: () (Fixed) (Total:3.81 GB) (Free:2.39 GB) FAT32 \\?\Volume{6d785cf6-b125-4bf3-b6c1-4e2388f3edd9}\ () (Fixed) (Total:0.58 GB) (Free:0.08 GB) NTFS \\?\Volume{4a129638-f2bf-4f8f-a2f2-b3e25bdad217}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: AAA5D963) Partition: GPT. ========================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: C1E6D887) Partition: GPT. ========================================================== Disk: 2 (Size: 3.8 GB) (Disk ID: BF5C3C5D) Partition 1: (Not Active) - (Size=3.8 GB) - (Type=0B) ==================== Fin de Addition.txt =======================