Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 01-04-2022 Exécuté par sylvi (04-04-2022 07:42:36) Exécuté depuis C:\Users\sylvi\Desktop Microsoft Windows 10 Famille Version 21H1 19043.1586 (X64) (2020-09-26 18:34:12) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-2243747006-2349010438-1343202584-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2243747006-2349010438-1343202584-503 - Limited - Disabled) Invité (S-1-5-21-2243747006-2349010438-1343202584-501 - Limited - Disabled) sylvi (S-1-5-21-2243747006-2349010438-1343202584-1001 - Administrator - Enabled) => C:\Users\sylvi WDAGUtilityAccount (S-1-5-21-2243747006-2349010438-1343202584-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Trend Micro Internet Security (Enabled - Up to date) {AFEE279F-FAE7-BAEE-3A88-4BF7277B8551} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Trend Micro Internet Security (Enabled - Up to date) {76C8F930-C23E-653D-16C6-49C7176F8B9D} AV: Trend Micro Internet Security (Enabled - Up to date) {15FC6637-7CC8-91CB-3CED-EE04794124FD} AS: Trend Micro Internet Security (Enabled - Up to date) {2B599D90-3A6C-9B0A-B38C-B1AEC9172680} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 7-Zip 19.00 (HKLM-x32\...\7-Zip) (Version: 19.00 - Igor Pavlov) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 22.001.20085 - Adobe Systems Incorporated) Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.10 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated) calibre (HKLM-x32\...\{1AB14879-AF77-44C2-82A3-5A90C8102C06}) (Version: 3.42.0 - Kovid Goyal) Contrôle d’intégrité du PC Windows (HKLM\...\{0150BDB3-AFFD-47A1-ADB8-DE06658EB3B2}) (Version: 3.2.2110.14001 - Microsoft Corporation) darktable (HKLM\...\darktable) (Version: 3.0.1 - the darktable project) Documalis Free Scanner (HKLM-x32\...\Documalis Free Scanner1.0) (Version: 1.0 - Scanpoint Software) Dys-Vocal (HKLM-x32\...\{96A97494-5E4F-465A-8630-5F23DD58E4DF}_is1) (Version: - ) e-Carte Bleue La Banque Postale (HKLM-x32\...\{73734A45-6D87-4624-9EE9-8CC9291FFC12}) (Version: 5.6.0.0 - e-Carte Bleue La Banque Postale) Epson Easy Photo Print 2 (HKLM-x32\...\{7E0261C4-8495-4365-BE48-647701D8B9BD}) (Version: 2.8.3.0 - Seiko Epson Corporation) Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation) Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION) Epson Printer Connection Checker (HKLM-x32\...\{C4D8E138-C67B-41D5-B493-F54BB72B43E0}) (Version: 3.3.0.0 - Seiko Epson Corporation) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) Epson Software Updater (HKLM-x32\...\{14898485-6509-496B-8C30-D5DB8C1C8639}) (Version: 4.6.3 - Seiko Epson Corporation) EPSON XP-215 217 Series Printer Uninstall (HKLM\...\EPSON XP-215 217 Series) (Version: - SEIKO EPSON Corporation) Free PDF Scanner (HKLM-x32\...\Free PDF Scanner) (Version: 5.7.2.9 - Documalis) FreeOCR v5.4 (HKLM-x32\...\freeocr_is1) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 99.0.4844.84 - Google LLC) Kobo (HKLM-x32\...\Kobo) (Version: 4.30.16653 - Rakuten Kobo Inc.) Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.11.20.0 - Lenovo Group Ltd.) Manuels EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation) MergeModule_x64 (HKLM\...\{8B591A6B-253E-4E62-B2A8-3668CDA0A907}) (Version: 11.0.00 - Sony Corporation) Hidden MergeModule_x86 (HKLM-x32\...\{51B45206-47B1-4B51-B46A-330B9156D6C1}) (Version: 11.0.00 - Sony Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.29 - Microsoft Corporation) Microsoft Office Professionnel Plus 2019 - fr-fr (HKLM\...\ProPlus2019Retail - fr-fr) (Version: 16.0.14931.20132 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2243747006-2349010438-1343202584-1001\...\OneDriveSetup.exe) (Version: 22.055.0313.0001 - Microsoft Corporation) Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation) Microsoft Server Speech Text to Speech Voice (fr-FR, Hortense) (HKLM-x32\...\{9B9D928F-97D5-4D95-9A71-EE9B1805BADE}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-2243747006-2349010438-1343202584-1001\...\Teams) (Version: 1.5.00.8070 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{5016990D-7F61-4A20-9451-A915D6616DD9}) (Version: 3.66.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation) Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 98.0.2 (x64 fr)) (Version: 98.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.5 - Mozilla) MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20010 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20094 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.14931.20072 - Microsoft Corporation) Hidden pCloud Drive (HKLM\...\{87813BF9-F763-4A6F-9FCD-2BEB67F415FC}) (Version: 3.11.9.0 - pCloud AG) Hidden pCloud Drive (HKLM-x32\...\{b4edd783-04c6-4e19-bb4f-6e9adb836cf4}) (Version: 3.11.9.0 - pCloud AG) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.322.10 - Tracker Software Products Ltd) PhotoFiltre 7 (HKU\S-1-5-21-2243747006-2349010438-1343202584-1001\...\PhotoFiltre 7) (Version: - ) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) PMB_ModeEditor (HKLM-x32\...\{F8063714-BD75-42DC-8FAA-D0E1EED92519}) (Version: 11.0.00 - Sony Corporation) Hidden PMB_ServiceUploader (HKLM-x32\...\{CF081855-ED80-445A-BF63-025584939230}) (Version: 11.0.00 - Sony Corporation) Hidden Trend Micro Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 17.7 - Trend Micro Inc.) VdhCoApp 1.3.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) Via 10.0.16.0 (HKU\S-1-5-21-2243747006-2349010438-1343202584-1001\...\{3E79AFCE-EB55-4819-A357-15851A2EC42F}}_is1) (Version: 10.0.16.0 - SVI eSolutions inc.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN) Zoom (HKU\S-1-5-21-2243747006-2349010438-1343202584-1001\...\ZoomUMX) (Version: 5.9.3 (3169) - Zoom Video Communications, Inc.) Packages: ========= AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m [2021-06-17] (Advanced Micro Devices Inc.) [Startup Task] AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.40016.0_x64__0a9344xs7nr4m [2020-10-07] (Advanced Micro Devices Inc.) Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.77.2.0_x64__kgqvnymyfvs32 [2022-04-01] (king.com) Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2231.1.0_x64__kgqvnymyfvs32 [2022-03-23] (king.com) Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-17] (Microsoft Corporation) Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20800.804.0_x64__rz1tebttyb220 [2020-12-10] (Dolby Laboratories) Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation) Extension vidéo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-30] (Microsoft Corporation) Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.39.0_x64__5grkq8ppsgwt4 [2022-03-31] (LENOVO INC) [Startup Task] LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-05-19] (LinkedIn) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-19] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-19] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-03-26] (Microsoft Studios) [MS Ad] Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.0.30391.0_x64__8wekyb3d8bbwe [2022-03-04] (Microsoft Corporation) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.22.240.0_x64__dt26b99r8h8gj [2021-01-19] (Realtek Semiconductor Corp) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-2243747006-2349010438-1343202584-1001_Classes\CLSID\{12CB7582-7AF0-3962-38C9-EFF0D37FC729}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2243747006-2349010438-1343202584-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\sylvi\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22062.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2243747006-2349010438-1343202584-1001_Classes\CLSID\{20AC803E-49D4-43E9-90D8-787AFD8E85B0}\InprocServer32 -> C:\Users\sylvi\AppData\Local\easyxplore\Update\1.3.99.0\psuser_64.dll => Pas de fichier SSODL: CallbackTechMountNotificator-cbfsconnect2017 - {E73F11C0-0D86-4245-A818-1B2B61A71CF4} - C:\WINDOWS\system32\cbfsconnectMntNtf2017.dll (Callback Technologies, Inc. -> Callback Technologies, Inc.) SSODL-x32: CallbackTechMountNotificator-cbfsconnect2017 - {E73F11C0-0D86-4245-A818-1B2B61A71CF4} - C:\WINDOWS\SysWOW64\cbfsconnectMntNtf2017.dll (Callback Technologies, Inc. -> Callback Technologies, Inc.) ShellServiceObjects: Virtual Storage Mount Notification -> {E73F11C0-0D86-4245-A818-1B2B61A71CF4} => C:\WINDOWS\system32\cbfsconnectMntNtf2017.dll [2020-06-25] (Callback Technologies, Inc. -> Callback Technologies, Inc.) ShellServiceObjects-x32: Virtual Storage Mount Notification -> {E73F11C0-0D86-4245-A818-1B2B61A71CF4} => C:\WINDOWS\SysWOW64\cbfsconnectMntNtf2017.dll [2020-06-25] (Callback Technologies, Inc. -> Callback Technologies, Inc.) ShellIconOverlayIdentifiers: [ FSOverlayIcon] -> {C0829D19-E5A0-44F5-B56E-D15030C53BB9} => C:\Program Files\Trend Micro\Titanium\plugin\TmOverlayIcon.dll [2021-09-29] (Trend Micro, Inc. -> Trend Micro Inc.) ShellIconOverlayIdentifiers: [ pCloudINPROGRESS] -> {D8BFAFBD-B670-4252-9C17-9CF1C64C2BAF} => C:\Program Files\pCloud Drive\OverlayIcon64.dll [2017-10-23] (TODO: ) [Fichier non signé] ShellIconOverlayIdentifiers: [ pCloudINSYNC] -> {8D0C0582-552A-4A6B-9455-DA63E1F329C0} => C:\Program Files\pCloud Drive\OverlayIcon64.dll [2017-10-23] (TODO: ) [Fichier non signé] ShellIconOverlayIdentifiers: [ pCloudNOSYNC] -> {3858ED1B-8F1C-42ED-A8A9-FDBF591E3C6B} => C:\Program Files\pCloud Drive\OverlayIcon64.dll [2017-10-23] (TODO: ) [Fichier non signé] ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers1: [ContextMenuExtension] -> {3103a792-c2d9-3c57-98dd-30071b26c05f} => C:\Program Files\pCloud Drive\ContextMenuHandler.DLL [2021-03-25] (pCloud AG) [Fichier non signé] ContextMenuHandlers1: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2021-09-29] (Trend Micro, Inc. -> Trend Micro Inc.) ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers4: [ContextMenuExtension] -> {3103a792-c2d9-3c57-98dd-30071b26c05f} => C:\Program Files\pCloud Drive\ContextMenuHandler.DLL [2021-03-25] (pCloud AG) [Fichier non signé] ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers6: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2021-09-29] (Trend Micro, Inc. -> Trend Micro Inc.) ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ShortcutWithArgument: C:\Users\sylvi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default ==================== Modules chargés (Avec liste blanche) ============= 2021-12-17 12:36 - 2021-12-17 12:36 - 002321920 _____ () [Fichier non signé] C:\Program Files\pCloud Drive\pSyncLib.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 000017920 _____ () [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\libEGL.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 003567616 _____ () [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\libGLESv2.dll 2021-06-17 13:15 - 2021-06-17 13:15 - 000258048 _____ () [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\WirelessVR-windesktop64.dll 2019-08-03 18:42 - 2019-02-21 18:00 - 000050688 _____ (Igor Pavlov) [Fichier non signé] C:\Program Files (x86)\7-Zip\7-zip.dll 2019-04-08 15:31 - 2019-04-08 15:31 - 000082944 _____ (Open Source Software community LGPL) [Fichier non signé] C:\Program Files\pCloud Drive\pthreadVC2.dll 2015-12-17 11:11 - 2015-12-17 11:11 - 000132096 _____ (Seiko Epson Corporation) [Fichier non signé] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll 2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll 2021-10-26 17:58 - 2021-10-26 17:58 - 000647168 _____ (Seiko Epson Corporation) [Fichier non signé] C:\Program Files (x86)\EPSON\MyEpson Portal\Condition Viewer_00000012\ConView.dll 2021-10-26 11:00 - 2021-10-26 11:00 - 000708608 _____ (Seiko Epson Corporation) [Fichier non signé] C:\Program Files (x86)\EPSON\MyEpson Portal\Configration_00000171\MepCfg.dll 2020-04-17 10:15 - 2020-04-17 10:15 - 000577536 _____ (Seiko Epson Corporation) [Fichier non signé] C:\Program Files (x86)\EPSON\MyEpson Portal\MepUploader_00000542\MepUploader.dll 2019-02-22 15:09 - 2019-02-22 15:09 - 000475136 _____ (Seiko Epson Corporation) [Fichier non signé] C:\Program Files (x86)\EPSON\MyEpson Portal\Online Manual_00000013\MepFAQ.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 000031744 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qgif.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 000039424 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qicns.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 000031744 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qico.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 000413696 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qjpeg.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 000025088 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qsvg.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 000025088 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qtga.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 000023552 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwbmp.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 000519168 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwebp.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 001431040 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\platforms\qwindows.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 001180672 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\sqldrivers\qsqlite.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 000135680 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\styles\qwindowsvistastyle.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 006010880 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Core.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 006345216 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Gui.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 001078272 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Network.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 000313856 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Positioning.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 004000256 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Qml.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 003802624 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Quick.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 000171008 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickControls2.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 001083904 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickTemplates2.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 000205312 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Sql.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 000329728 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Svg.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 000113152 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebChannel.dll 2020-12-15 19:55 - 2020-12-15 19:56 - 000376320 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngine.dll 2020-12-15 19:55 - 2020-12-15 19:57 - 092323328 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngineCore.dll 2020-12-15 19:55 - 2020-12-15 19:57 - 005560832 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Widgets.dll 2020-12-15 19:55 - 2020-12-15 19:57 - 000463360 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WinExtras.dll 2020-12-15 19:55 - 2020-12-15 19:57 - 000188416 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Xml.dll 2020-12-15 19:55 - 2020-12-15 19:57 - 002888704 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5XmlPatterns.dll 2020-12-15 19:55 - 2020-12-15 19:57 - 000053760 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll 2020-12-15 19:55 - 2020-12-15 19:57 - 000059392 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\qtgraphicaleffectsplugin.dll 2020-12-15 19:55 - 2020-12-15 19:57 - 000017408 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick.2\qtquick2plugin.dll 2020-12-15 19:55 - 2020-12-15 19:57 - 000287232 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls.2\qtquickcontrols2plugin.dll 2020-12-15 19:55 - 2020-12-15 19:57 - 000329216 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls\qtquickcontrolsplugin.dll 2020-12-15 19:55 - 2020-12-15 19:57 - 000136192 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Dialogs\dialogplugin.dll 2020-12-15 19:55 - 2020-12-15 19:57 - 000089088 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Layouts\qquicklayoutsplugin.dll 2020-12-15 19:55 - 2020-12-15 19:57 - 000312320 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Templates.2\qtquicktemplates2plugin.dll 2020-12-15 19:55 - 2020-12-15 19:57 - 000017920 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Window.2\windowplugin.dll 2020-12-15 19:55 - 2020-12-15 19:57 - 000085504 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\QtWebEngine\qtwebengineplugin.dll 2017-10-23 18:28 - 2017-10-23 18:28 - 000342016 _____ (TODO: ) [Fichier non signé] C:\Program Files\pCloud Drive\OverlayIcon64.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== HKU\S-1-5-21-2243747006-2349010438-1343202584-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10118__211120__yaie HKU\S-1-5-21-2243747006-2349010438-1343202584-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE HKU\S-1-5-21-2243747006-2349010438-1343202584-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/ BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-03-05] (Microsoft Corporation -> Microsoft Corporation) BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2021-09-29] (Trend Micro, Inc. -> Trend Micro Inc.) BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-03-05] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2021-09-29] (Trend Micro, Inc. -> Trend Micro Inc.) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2021-09-29] (Trend Micro, Inc. -> Trend Micro Inc.) Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2021-09-29] (Trend Micro, Inc. -> Trend Micro Inc.) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation) Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2021-09-29] (Trend Micro, Inc. -> Trend Micro Inc.) Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2021-09-29] (Trend Micro, Inc. -> Trend Micro Inc.) Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll [2021-09-29] (Trend Micro, Inc. -> Trend Micro Inc.) Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2021-09-29] (Trend Micro, Inc. -> Trend Micro Inc.) ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2018-09-15 09:31 - 2019-06-02 19:40 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-2243747006-2349010438-1343202584-1001\Control Panel\Desktop\\Wallpaper -> d:\pictures\écran bureau.png DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [UDP Query User{1DDF3378-370E-4CC6-A12E-AB7C226D9C0B}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{DE8CF305-3368-4CB1-9386-49BA5AF00667}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{6AD8DE8A-5849-4B4D-98A4-1BF7F3456542}C:\users\sylvi\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\sylvi\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{8071D180-E04B-4B50-BBE0-A3C8DF497D4D}C:\users\sylvi\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\sylvi\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F383B85A-0FE9-42B8-ABE5-2D52321B69F0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{6ACF727D-283D-4619-BCEA-6D416E1DB5C6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{314E5662-5C0B-436E-ABAA-6F484FD549D1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5255FC4C-67F4-4182-BB12-BCB3D1B7F853}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D535AE93-BC4F-49B1-8E71-1996A8C8A47E}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [{E8997801-D315-4BD9-BCA8-393F07A3FF15}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [{742E81BD-FECD-42D8-9433-99B4B684FDF7}] => (Allow) C:\Users\sylvi\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{B55B45C8-7D96-406E-9F63-DC8B815A8E40}] => (Allow) C:\Users\sylvi\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{2215A3AD-171A-4293-9CB3-2E3AD55F9188}] => (Allow) C:\Users\sylvi\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{FE45AB2D-9989-41A1-9C47-9757DFB41098}] => (Allow) C:\Program Files\pCloud Drive\pCloud.exe (pCloud AG -> pCloud AG) FirewallRules: [{2B8A3571-F01B-4B3F-AD1B-A19E70997929}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C376B0C0-700E-4C4E-A615-A66EB81D92EF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{EE6E8CE4-8281-4C87-9774-E696104E3440}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A6549C30-DA6E-46B1-BB16-CCC5C52E89CC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{EF645D6C-3750-4A88-8883-9B81387669B6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{79AA8CC1-30C7-494D-ADB7-4B5297E88D7B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{F4932060-CDAD-41A4-AEFA-75EFE9D4F1C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{72108F1F-B545-449A-A439-30C41DB5584A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Points de restauration ========================= 04-04-2022 07:19:38 ZHPcleaner ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (04/04/2022 07:29:41 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT) Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\LAPTOP-OV5AN24R$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep : GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Mon, 04 Apr 2022 05:29:41 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 06826ab3-9da1-41e5-b5b8-3b5e80bed2cf Méthode : GET(812ms) Étape : GetCACaps Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (04/04/2022 06:51:34 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT) Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\LAPTOP-OV5AN24R$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep : GetCACaps Méthode : GET(1282ms) Étape : GetCACaps L’adresse ou le nom de serveur n’a pas pu être résolu 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED) Error: (04/04/2022 06:35:02 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005, Accès refusé. . Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur. Opération : Données du rédacteur en cours de collecte Contexte : ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220} Nom du rédacteur: System Writer ID d’instance du rédacteur: {8df6069d-16f3-490d-bd42-22969e77eb08} Error: (04/03/2022 09:08:23 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: L’optimiseur de stockage n’a pas pu terminer réoptimisation sur FILMS (F:) car : Cette opération n’est pas prise en charge sur ce système de fichiers. (0x89000020) Error: (04/01/2022 05:11:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante PtSvcHost.exe, version : 3.12.0.1090, horodatage : 0x60b74d0e Nom du module défaillant : ntdll.dll, version : 10.0.19041.1566, horodatage : 0x1be73aa8 Code d’exception : 0xc0000374 Décalage d’erreur : 0x00000000000ff249 ID du processus défaillant : 0x1200 Heure de début de l’application défaillante : 0x01d8452b7546e579 Chemin d’accès de l’application défaillante : C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : 45eebad7-c47b-475b-8e54-59841894c4f5 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (03/31/2022 09:14:19 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT) Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\LAPTOP-OV5AN24R$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep : GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Thu, 31 Mar 2022 19:14:19 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: c4369d79-b68d-40f5-ab4f-9b3a3c3a54bf Méthode : GET(343ms) Étape : GetCACaps Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (03/31/2022 08:16:42 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT) Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\LAPTOP-OV5AN24R$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep : GetCACaps Méthode : GET(375ms) Étape : GetCACaps L’adresse ou le nom de serveur n’a pas pu être résolu 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED) Error: (03/31/2022 07:14:18 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT) Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\LAPTOP-OV5AN24R$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep : GetCACaps Méthode : GET(125ms) Étape : GetCACaps L’adresse ou le nom de serveur n’a pas pu être résolu 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED) Erreurs système: ============= Error: (04/04/2022 07:34:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service LenovoVantageService s’est terminé de façon inattendue pour la 1ème fois. Error: (04/04/2022 06:56:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service LenovoVantageService s’est terminé de façon inattendue pour la 1ème fois. Error: (04/04/2022 06:49:54 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-OV5AN24R) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (04/04/2022 06:36:04 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-OV5AN24R) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (04/04/2022 06:36:04 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-OV5AN24R) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (04/04/2022 06:36:00 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-OV5AN24R) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (04/04/2022 06:36:00 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-OV5AN24R) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (04/04/2022 06:36:00 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Platinum Host Service s’est terminé de façon inattendue pour la 2ème fois. Windows Defender: ================ Date: 2022-03-31 16:15:36 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {28D66664-E681-4CEB-96F7-37D250075BA9} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : LAPTOP-OV5AN24R\sylvi Date: 2022-03-31 14:55:06 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {ADB168F3-24D7-4440-BA6F-43F54047A476} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2022-03-30 15:17:19 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {978DEF5A-301E-4E12-B6DD-C6ECC0F27B30} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2022-03-29 21:22:34 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {B5AE1797-0ECA-4706-84FD-934BD3ED8F39} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2022-03-29 15:58:35 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {274B4BA9-C0CA-4987-944F-001F7720F05A} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système  CodeIntegrity: =============== Date: 2022-04-04 07:31:30 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trend Micro\Titanium\TmWscSvc\WSCHandler.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2022-04-04 07:31:30 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\TmAMSI\TmAMSIProvider64.dll that did not meet the Windows signing level requirements. ==================== Infos Mémoire =========================== BIOS: LENOVO ARCN37WW 05/14/2021 Carte mère: LENOVO LNVNB161216 Processeur: AMD Ryzen 5 3500U with Radeon Vega Mobile Gfx Pourcentage de mémoire utilisée: 64% Mémoire physique - RAM - totale: 6020.26 MB Mémoire physique - RAM - disponible: 2127.72 MB Mémoire virtuelle totale: 13700.26 MB Mémoire virtuelle disponible: 7928.66 MB ==================== Lecteurs ================================ Drive c: (Windows-SSD) (Fixed) (Total:118 GB) (Free:22.43 GB) NTFS Drive d: (Data) (Fixed) (Total:931.5 GB) (Free:816.3 GB) NTFS Drive e: () (Removable) (Total:59.45 GB) (Free:59.44 GB) exFAT Drive f: (FILMS) (Fixed) (Total:1396.92 GB) (Free:596.57 GB) FAT32 Drive g: (Lector_Lectrix) (CDROM) (Total:0.1 GB) (Free:0 GB) CDFS Drive p: (pCloud Drive) (Removable) (Total:5 GB) (Free:2.73 GB) exFAT \\?\Volume{c5e415ba-cd8c-4a3d-89c1-d77e3164d4cd}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS \\?\Volume{af155314-a1eb-44f7-9e35-5ea9d61dc723}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: C900879D) Partition: GPT. ========================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 3BDE8BBD) Partition: GPT. ========================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1397.3 GB) (Disk ID: 243014FA) Partition 1: (Active) - (Size=1397.3 GB) - (Type=0C) ========================================================== Disk: 3 (Protective MBR) (Size: 59.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== Fin de Addition.txt =======================