Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 27-05-2023 Exécuté par berna (29-05-2023 10:39:40) Exécuté depuis C:\Users\berna\Desktop\Anti Virus Microsoft Windows 10 Professionnel Version 22H2 19045.2965 (X64) (2023-05-19 11:30:02) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-1930730552-990962642-1584637474-500 - Administrator - Disabled) berna (S-1-5-21-1930730552-990962642-1584637474-1001 - Administrator - Enabled) => C:\Users\berna DefaultAccount (S-1-5-21-1930730552-990962642-1584637474-503 - Limited - Disabled) Invité (S-1-5-21-1930730552-990962642-1584637474-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1930730552-990962642-1584637474-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) @BIOS (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.22.0718.1 - GIGABYTE) Hidden @BIOS (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.22.0718.1 - GIGABYTE) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1036-1033-7760-BC15014EA700}) (Version: 23.001.20174 - Adobe) Adobe Photoshop 6.0 (HKLM-x32\...\Adobe Photoshop 6.0) (Version: 6.0 - Adobe Systems, Inc.) Adobe SVG Viewer (HKLM-x32\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.) AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.05.16.529 - Advanced Micro Devices, Inc.) AMD Embedded SMBus Driver (HKLM-x32\...\{7777BD2B-3159-481F-B7BE-CDCA7437506E}) (Version: 1.0.0.27 - Advanced Micro Devices, Inc.) Hidden AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.24.0.0 - Advanced Micro Devices, Inc.) Hidden AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden AMD WDT Driver (HKLM-x32\...\{829757CD-C7EC-470B-A384-5C81698CDB1D}) (Version: 1.0.0.34 - Advanced Micro Devices, Inc.) Hidden AMD_Chipset_Drivers (HKLM-x32\...\{fa489a41-09bb-480e-95ff-0856f05112eb}) (Version: 5.05.16.529 - Advanced Micro Devices, Inc.) Hidden APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.22.1031.1 - Gigabyte) Hidden APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.22.1031.1 - Gigabyte) Avidemux VC++ 64bits (HKU\S-1-5-21-1930730552-990962642-1584637474-1001\...\{83032249-9eb1-4fea-9994-e21cf7be4942}) (Version: 2.8.1 - Mean) CCleaner (HKLM\...\CCleaner) (Version: 6.12 - Piriform) Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version: - ) Contrôle d’intégrité du PC Windows (HKLM\...\{90C6971F-ABF1-4FBF-BD98-24F14C5F5AB4}) (Version: 3.6.2204.08001 - Microsoft Corporation) DriversCloud.com (HKLM\...\{7C5A59CD-BF23-4E8B-9DAE-28A0ED02AE61}) (Version: 11.2.8.0 - Cybelsoft) EasyTune (HKLM-x32\...\{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.23.0109 - GIGABYTE) Hidden EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.23.0109 - GIGABYTE) EasyTuneEngineService (HKLM-x32\...\{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.23.0109 - GIGABYTE) Hidden EasyTuneEngineService (HKLM-x32\...\InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.23.0109 - GIGABYTE) ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden ENE_DRAM_RGB_AIO (HKLM\...\{40514BA6-1FC2-4BBD-84A2-504634A97196}) (Version: 1.0.4.16 - Ene Tech.) Hidden ENE_DRAM_RGB_AIO (HKLM-x32\...\{ca38f41e-a37c-41b2-82e3-28b215743448}) (Version: 1.0.4.16 - Ene Tech.) Hidden ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM-x32\...\{6b617af3-c8f4-45a8-bf47-b32ffb4da1cc}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden ENE_External_Device_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.10.4 - ENE Tech) Hidden ENE_External_Device_HAL (HKLM-x32\...\{38581c7d-8a6c-4129-9046-8f5df621478b}) (Version: 1.0.10.4 - ENE Tech) Hidden ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden ENE_MousePad_HAL (HKLM-x32\...\{bf256b46-8ff7-48be-ab7f-5661e9a0651f}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.4.0 - ENE TECHNOLOGY INC.) Hidden ENE_X_AIC_HAL (HKLM-x32\...\{ec10ac91-2e61-460a-b493-33f794a07682}) (Version: 1.0.4.0 - ENE TECHNOLOGY INC.) Hidden Étude pour l'amélioration du produit HP Deskjet 2050 J510 series (HKLM\...\{7A1FC3FA-4F60-427E-AFC3-E555AA2DD00B}) (Version: 28.1.1328.0 - Hewlett-Packard Co.) GService (HKLM-x32\...\{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Version: 1.19.0624.1 - GIGABYTE) HP Deskjet 2050 J510 series Aide (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard) HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) Logiciel de base du périphérique HP Deskjet 2050 J510 series (HKLM\...\{05FA7585-4966-4BD0-A129-DF1B7F7E4BCF}) (Version: 28.1.1328.0 - Hewlett-Packard Co.) Logitech SetPoint 6.90 (HKLM\...\sp6) (Version: 6.90.66 - Logitech) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.57 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.57 - Microsoft Corporation) Microsoft Office Professionnel Plus 2019 - fr-fr (HKLM\...\ProPlus2019Retail - fr-fr) (Version: 16.0.16327.20248 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1930730552-990962642-1584637474-1001\...\OneDriveSetup.exe) (Version: 23.096.0507.0001 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 113.0.2 (x64 fr)) (Version: 113.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 113.0.2 - Mozilla) Mozilla Thunderbird (x64 fr) (HKLM\...\Mozilla Thunderbird 102.11.2 (x64 fr)) (Version: 102.11.2 - Mozilla) myCANAL (HKLM-x32\...\myCANAL) (Version: - UCAYA) myCANAL (HKU\S-1-5-21-1930730552-990962642-1584637474-1001\...\1991844780.player.canalplus.fr) (Version: - player.canalplus.fr) NVIDIA FrameView SDK 1.2.7704.31296923 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7704.31296923 - NVIDIA Corporation) NVIDIA GeForce Experience 3.24.0.135 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.135 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation) NVIDIA Pilote graphique 474.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 474.30 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16327.20248 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden Opera Stable 98.0.4759.39 (HKU\S-1-5-21-1930730552-990962642-1584637474-1001\...\Opera 98.0.4759.39) (Version: 98.0.4759.39 - Opera Software) Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.1 - Patriot Memory) Hidden Patriot Viper M2 SSD RGB (HKLM-x32\...\{07236f40-ec25-4646-8cb6-b6aaf1597324}) (Version: 1.1.0.1 - Patriot Memory) Hidden Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9373.1 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.65.421.2023 - Realtek) recALL version 19.05 (HKLM-x32\...\recALL_is1) (Version: 19.05 - ) Revo Uninstaller 2.4.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.4 - VS Revo Group, Ltd.) RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.22.1221.1 - Gigabyte) SIV (HKLM-x32\...\{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.23.0109 - GIGABYTE) Hidden SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.23.0109 - GIGABYTE) Smart Backup (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 3.21.0326.1 - GIGABYTE) Speedtest by Ookla (HKLM\...\{180ECA78-8772-4993-9642-87A935627E5C}) (Version: 1.11.165.001 - Ookla) TeraCopy (HKLM\...\{F55A72A1-C710-4D2B-9096-0774DD4CC796}) (Version: 3.9.7 - Code Sector) VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN) WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden WD P40 Game Drive (HKLM-x32\...\{72b1a866-fc31-4381-bff3-fa6cd8823777}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden Packages: ========= Cradle of Empires -> C:\Program Files\WindowsApps\AWEMGAMESLTD.CradleofEmpires_7.71.1120.0_x86__bk6jmky90x9y4 [2023-05-22] (AWEM GAMES LTD) Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.52.5.0_x64__6rarf9sa4v8jt [2023-05-19] (Disney) G5 Launcher -> C:\Program Files\WindowsApps\828B5831.G5LauncherG5EN_1.0.0.6_x86__jwbaw3rcdbck2 [2023-05-20] (G5 Entertainment AB) [Startup Task] Jewels of Egypt -> C:\Program Files\WindowsApps\828B5831.JewelsofEgyptMatchGameG5EN2022_1.38.3802.0_x64__jwbaw3rcdbck2 [2023-05-20] (G5 Entertainment AB) Jewels of Rome : Un jeu d’assemblage de gemmes -> C:\Program Files\WindowsApps\828B5831.JewelsofRomeMatch3G5EN2022_1.47.4702.0_x64__jwbaw3rcdbck2 [2023-05-23] (G5 Entertainment AB) Jewels of the Wild West : Combinez des gemmes et rénovez -> C:\Program Files\WindowsApps\828B5831.JewelsoftheWildWestG5EN2022_1.37.3701.0_x64__jwbaw3rcdbck2 [2023-05-20] (G5 Entertainment AB) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.36.273.0_x64__dt26b99r8h8gj [2023-05-20] (Realtek Semiconductor Corp) Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-05-19] (Microsoft Studios) [MS Ad] Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0 [2023-05-26] (Spotify AB) [Startup Task] ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ContextMenuHandlers1: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-21] (Code Sector -> Code Sector) ContextMenuHandlers2: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-21] (Code Sector -> Code Sector) ContextMenuHandlers4: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-21] (Code Sector -> Code Sector) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2023-02-24] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-21] (Code Sector -> Code Sector) ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== ==================== Modules chargés (Avec liste blanche) ============= 2022-10-25 18:25 - 2022-10-25 18:25 - 001868800 _____ () [Fichier non signé] C:\Program Files (x86)\Gigabyte\AppCenter\BDR_info.dll 2022-04-01 15:48 - 2022-04-01 15:48 - 000045056 _____ () [Fichier non signé] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvIntelI2C.dll 2022-08-24 11:45 - 2022-08-24 11:45 - 000242176 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [Fichier non signé] C:\Program Files (x86)\Gigabyte\AppCenter\yccV3.dll 2022-08-24 11:45 - 2022-08-24 11:45 - 000242176 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\RGBFusion\yccv3.dll 2023-05-19 13:48 - 2013-03-08 11:28 - 000187392 _____ (Gigabyte Technology CO., LTD.) [Fichier non signé] C:\Program Files\Gigabyte\Smart Backup\RescuePlan.dll 2023-05-19 13:48 - 2018-10-19 10:44 - 000751616 _____ (Gigabyte Technology CO., LTD.) [Fichier non signé] C:\Program Files\Gigabyte\Smart Backup\srpCore.dll 2022-04-02 14:02 - 2022-04-02 14:02 - 000524800 _____ (GIGABYTE Technology Co.,Ltd.) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\RGBFusion\GVDisplay.dll 2020-11-05 14:16 - 2020-11-05 14:16 - 000268800 _____ (GIGABYTE Technology Co.,Ltd.) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvIllumLib.dll 2022-05-25 11:20 - 2022-05-25 11:20 - 001992704 _____ (GIGABYTE) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\RGBFusion\AACPCIeSSD_Lib.dll 2021-02-22 20:38 - 2021-02-22 20:38 - 000990720 _____ (JMicron Technology Co.) [Fichier non signé] C:\Program Files\ENE\Aac_ENE_X-JMI_HAL\JMFWUpdateDll.dll 2023-05-19 18:01 - 2012-12-05 23:08 - 002684928 _____ (Luis Cobian, CobianSoft) [Fichier non signé] C:\Program Files (x86)\Cobian Backup 11\cbEngine.dll 2015-10-14 01:15 - 2015-10-14 01:15 - 002042368 _____ (TODO: ) [Fichier non signé] C:\Program Files (x86)\Gigabyte\AppCenter\osvi.dll 2017-10-05 15:26 - 2017-10-05 15:26 - 002247168 _____ (TODO: ) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\RGBFusion\CRtive.dll 2018-12-08 08:22 - 2018-12-08 08:22 - 002059264 _____ (TODO: ) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\RGBFusion\GHidApi.dll 2022-10-03 10:00 - 2022-10-03 10:00 - 000516096 _____ (TODO: ) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvLedLib.dll 2022-10-13 16:38 - 2022-10-13 16:38 - 002046464 _____ (TODO: ) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\RGBFusion\SMBCtrl.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-05-21] (Microsoft Corporation -> Microsoft Corporation) BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2023-05-21] (Microsoft Corporation -> Microsoft Corporation) Toolbar: HKLM - Smart Backup - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-21] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-21] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-21] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-21] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\VMware\VMware Workstation\bin\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR HKU\S-1-5-21-1930730552-990962642-1584637474-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Le Pare-feu est activé. Network Binding: ============= Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled) VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled) VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled) ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKLM\...\StartupApproved\Run: => "RPMKickstart" HKLM\...\StartupApproved\Run32: => "PreRun" HKLM\...\StartupApproved\Run32: => "SelLed" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "vmware-tray.exe" HKU\S-1-5-21-1930730552-990962642-1584637474-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_73DBE6F1D7C76CA9DC7B8009ED529D7A" HKU\S-1-5-21-1930730552-990962642-1584637474-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1930730552-990962642-1584637474-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-1930730552-990962642-1584637474-1001\...\StartupApproved\Run: => "Opera Stable" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{B1A5018F-24FC-4DB3-94E0-A42259BEBC7E}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{184AED37-11FB-4F46-91B9-B78D2FBFAEFB}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{86F80153-97AA-4A3C-A42A-00EA12D92B9A}] => (Allow) LPort=9009 FirewallRules: [{C06D3A06-FC01-413A-AE51-FA0AC1C52656}] => (Allow) LPort=9009 FirewallRules: [{9166A88F-45E0-43D4-8662-013C34588599}] => (Allow) LPort=9009 FirewallRules: [{E1F19E5F-7206-4DEE-8869-8654871E4372}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{98AD83EF-944A-4D16-BD8B-CDFA4F360450}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{F55B58D8-C208-4890-8AC9-0B17279197A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{A40F4B4B-C769-4CF0-A5BB-7C0727225008}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{5D445929-22E4-4797-9F3B-CFC76723CC21}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{835892FC-B634-4672-A11F-20A93DE7A7CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{F729505D-CA63-4253-AB64-42ECCDCED590}] => (Allow) LPort=9009 FirewallRules: [{94873EE2-AB45-4022-B0A8-8635A4A3EB78}] => (Allow) LPort=9009 FirewallRules: [{4B9633FC-81DE-44E9-A52E-7F5480395695}] => (Allow) LPort=9009 FirewallRules: [{9B07B1BB-EFE2-4984-A993-AF967EC70E86}] => (Allow) LPort=9009 FirewallRules: [{CEB426DB-1FDD-4FD8-ADE2-A139ACAE774E}] => (Allow) LPort=9009 FirewallRules: [TCP Query User{14AD0EA3-2D8E-4FDD-9F12-DAC640387622}C:\users\berna\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\berna\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [UDP Query User{EA901CCB-B628-4B2A-9803-D45D089CD0AF}C:\users\berna\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\berna\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{5358CB3F-FDB9-47F5-9965-E69BB1112AD9}] => (Allow) C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft) FirewallRules: [{A81604BD-79F0-4504-8B73-FA547D9C0A90}] => (Allow) C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft) FirewallRules: [{4DDB0B61-DE8D-4E38-9B3A-362A286D28A7}] => (Allow) LPort=9009 FirewallRules: [{D9F7A7BD-C1F6-4B95-9A52-770871384CE5}] => (Allow) LPort=9009 FirewallRules: [{CCCC82A8-5425-4771-A691-F0918CFFD894}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe (HP Inc. -> Hewlett-Packard Co.) FirewallRules: [{6A53A787-AD18-42C0-BDCE-00B54B4E782C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{CE5A48F1-3746-4D37-8784-6F8418D26A6F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8A484C76-6CA6-4DE2-A136-015601A9BF13}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{0F2C3782-D7FE-41AF-B796-6BC493040F33}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F04DE720-1B90-4669-A4C0-0F335D7D3705}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{26B62938-7E8D-4185-B60B-32CDA3198E77}] => (Allow) LPort=9009 FirewallRules: [{088102CB-2A5E-4DBB-AC4E-3C8CE89653BB}] => (Allow) LPort=9009 FirewallRules: [{CE65E20F-2A80-4367-A349-4C645E41FD8B}] => (Allow) LPort=9009 FirewallRules: [{04DE3486-0586-41FC-8D83-4C6C7017BE08}] => (Allow) LPort=9009 FirewallRules: [{0E8E3DB9-15A9-408C-B165-2D9268AF11DC}] => (Allow) LPort=9009 FirewallRules: [{C7FA01D5-A58B-4EDB-92F2-C1D57128EAAE}] => (Allow) LPort=9009 FirewallRules: [{B20BA6ED-8B81-4088-808C-CEE1769238CB}] => (Allow) LPort=9009 FirewallRules: [{AB0AEC71-05DF-422C-A94E-35A37EC6689D}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.) FirewallRules: [{08CCAC53-19C5-4095-B24D-7D30D1E8C7CF}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.) FirewallRules: [{020D91F9-60C6-4FBF-A8F3-05CC115AD163}] => (Allow) LPort=9009 FirewallRules: [{416F1D45-37B3-4049-8F48-F7503132846D}] => (Allow) LPort=9009 FirewallRules: [{BA772716-E0CC-4489-98EF-A92F74F4DB8C}] => (Allow) LPort=9009 FirewallRules: [{0580667D-2EE9-4F61-B473-F85FAC5DB54B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{DBB6466D-DA07-475F-A674-63FF13A85575}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{9E668411-2F03-48F7-BD03-4DAA0A678468}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{2AAB57B3-4C86-4B70-A6A1-96250D8ED37E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{AB1B0408-6C4C-4D07-B216-FE153706E575}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{52727EEE-9F99-4A4C-B555-8CBA0A79273D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{3FFA7FAF-9FC6-4858-A60A-CFD7364265D8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{6AA3C7B4-3DFB-4C43-910E-2D124DB78428}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{ADE85D4E-5B5B-470A-B8F8-2EE871CAA9A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{68758ED5-0877-4810-8FAC-E3264E3DD61A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{B934E264-F086-470F-867C-8596E8D97ACD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{32DC70A7-BAEB-4722-858A-F7C55CD71E6E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{0FDFACF4-DC06-4E5E-B2E3-05624767B2DC}] => (Allow) LPort=9009 FirewallRules: [{81AB0DC9-33BA-476B-9CC9-C094A0BD1663}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8A8647DC-1316-4830-B067-CF960424849F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{706F76AB-147D-45A0-A0B0-68C43BD459A0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{0FBF88A8-3C27-4BDF-B324-763EE3E7A93D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{37903098-B61E-4FEB-A7BD-71662BC8113B}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.57\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Points de restauration ========================= 22-05-2023 18:09:12 Point de contrôle planifié 25-05-2023 11:45:36 Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 25-05-2023 11:47:07 Installed VMware Workstation 25-05-2023 17:05:27 Installed AMD_Chipset_Drivers. ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (05/28/2023 02:12:58 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT) Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-O83UMNQ$ via https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep : GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Sun, 28 May 2023 12:12:59 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: abd76352-f677-4939-b0db-444ca0904db9 Méthode : GET(437ms) Étape : GetCACaps Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Erreurs système: ============= Error: (05/28/2023 12:13:00 PM) (Source: NetBT) (EventID: 4307) (User: ) Description: L’initialisation a échoué car le transport a refusé d’ouvrir les adresses initiales. Error: (05/28/2023 12:12:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service cbVSCService11 n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (05/28/2023 12:12:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (45000 millisecondes) a été atteint lors de l’attente de la connexion du service cbVSCService11. Error: (05/28/2023 10:29:52 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-O83UMNQ) Description: Impossible de démarrer un serveur DCOM : {0358B920-0AC7-461F-98F4-58E32CD89148}. L’erreur « 2147942767 » s’est produite lors du démarrage de la commande : C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} Error: (05/28/2023 09:59:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service eapihdrv n’a pas pu démarrer en raison de l’erreur : Le chargement du pilote a été bloqué Error: (05/28/2023 09:59:41 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\berna\AppData\Local\Temp\ehdrv.sys Error: (05/28/2023 09:59:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service eapihdrv n’a pas pu démarrer en raison de l’erreur : Le chargement du pilote a été bloqué Error: (05/28/2023 09:59:40 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\berna\AppData\Local\Temp\ehdrv.sys Windows Defender: ================ Date: 2023-05-28 18:48:03 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {37A52610-00EF-4943-8D2B-A2F9891F821F} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse complète Utilisateur : DESKTOP-O83UMNQ\berna Date: 2023-05-28 10:38:13 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!ml&threatid=2147735505&enterprise=0 Nom : Trojan:Win32/Wacatac.B!ml ID : 2147735505 Gravité : Grave Catégorie : Cheval de Troie Chemin : file:_C:\Users\berna\Desktop\Divers\LibreWindev 55b LST 48 (v5.53Yj 01-55069).txt Origine de la détection : Ordinateur local Type de détection : Chemin rapide Source de détection : Système Utilisateur : AUTORITE NT\Système Nom du processus : Unknown Version de la veille de sécurité : AV: 1.389.2566.0, AS: 1.389.2566.0, NIS: 1.389.2566.0 Version du moteur : AM: 1.1.20300.3, NIS: 1.1.20300.3 Date: 2023-05-28 09:26:10 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {5C5E2197-1B90-47B4-80F0-6D678F51A4C3} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2023-05-25 14:08:34 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/InstallCore&threatid=311991&enterprise=0 Nom : PUADlManager:Win32/InstallCore ID : 311991 Gravité : Faible Catégorie : Logiciel potentiellement non désiré Chemin : file:_C:\Users\berna\Downloads\ProductKeyFinder64.exe; webfile:_C:\Users\berna\Downloads\ProductKeyFinder64.exe|http://static.updatestar.net/dl/updatestar/productkeyfinder/ProductKeyFinder64.exe|pid:9900,ProcessStart:133294900929402117 Origine de la détection : Internet Type de détection : Concret Source de détection : Téléchargements et pièces jointes Utilisateur : DESKTOP-O83UMNQ\berna Nom du processus : C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe Version de la veille de sécurité : AV: 1.389.2374.0, AS: 1.389.2374.0, NIS: 1.389.2374.0 Version du moteur : AM: 1.1.20300.3, NIS: 1.1.20300.3 Date: 2023-05-25 14:08:13 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/InstallCore&threatid=311991&enterprise=0 Nom : PUADlManager:Win32/InstallCore ID : 311991 Gravité : Faible Catégorie : Logiciel potentiellement non désiré Chemin : file:_C:\Users\berna\Downloads\ProductKeyFinder64.exe; webfile:_C:\Users\berna\Downloads\ProductKeyFinder64.exe|http://static.updatestar.net/dl/updatestar/productkeyfinder/ProductKeyFinder64.exe|pid:9900,ProcessStart:133294900929402117 Origine de la détection : Internet Type de détection : Concret Source de détection : Téléchargements et pièces jointes Utilisateur : DESKTOP-O83UMNQ\berna Nom du processus : Unknown Version de la veille de sécurité : AV: 1.389.2374.0, AS: 1.389.2374.0, NIS: 1.389.2374.0 Version du moteur : AM: 1.1.20300.3, NIS: 1.1.20300.3 Event[0]: Date: 2023-05-22 17:32:08 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité et va tenter de rétablir une version précédente. Veille de sécurité tentée : Actuelle Code d’erreur : 0x80070003 Description de l’erreur : Le chemin d’accès spécifié est introuvable. Version de la veille de sécurité : 0.0.0.0;0.0.0.0 Version du moteur : 0.0.0.0 CodeIntegrity: =============== Date: 2023-05-27 09:18:34 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-05-19 17:50:34 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Norton Security\Engine\22.22.6.10\symamsi.dll that did not meet the Windows signing level requirements. ==================== Infos Mémoire =========================== BIOS: American Megatrends International, LLC. FB 11/14/2022 Carte mère: Gigabyte Technology Co., Ltd. B550M DS3H Processeur: AMD Ryzen 5 5500 Pourcentage de mémoire utilisée: 33% Mémoire physique - RAM - totale: 16252.63 MB Mémoire physique - RAM - disponible: 10879.59 MB Mémoire virtuelle totale: 18684.63 MB Mémoire virtuelle disponible: 11595.3 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:465.04 GB) (Free:192.23 GB) (Model: PNY CS1030 500GB SSD) NTFS Drive d: () (Fixed) (Total:414.71 GB) (Free:206.59 GB) (Model: WDC WDS500G2B0A-00SM50) NTFS \\?\Volume{e74db14c-4394-4f2b-af39-b65604b38633}\ () (Fixed) (Total:50.94 GB) (Free:49.89 GB) NTFS \\?\Volume{2d16e87e-885b-4f9d-a2bd-d46c54dcb740}\ () (Fixed) (Total:0.61 GB) (Free:0.17 GB) NTFS \\?\Volume{43f6a1f8-fbc7-4a43-91df-91c0bb5d93c1}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 \\?\Volume{8064e1cb-46af-4e48-bca6-758c16eeaee6}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ==================== Fin de Addition.txt =======================