Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 06-10-2023 Exécuté par chqntql (18-10-2023 14:53:31) Exécuté depuis C:\Users\chqntql\Desktop Microsoft Windows 10 Famille Version 22H2 19045.3570 (X64) (2020-11-01 12:55:22) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-1155520083-3846007108-4210782761-500 - Administrator - Disabled) chqntql (S-1-5-21-1155520083-3846007108-4210782761-1001 - Administrator - Enabled) => C:\Users\chqntql DefaultAccount (S-1-5-21-1155520083-3846007108-4210782761-503 - Limited - Disabled) Invité (S-1-5-21-1155520083-3846007108-4210782761-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1155520083-3846007108-4210782761-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{AEEF33DD-E3B9-4049-B709-0E546C2B1AAB}) (Version: 20.25.401.14526 - Alcor Micro Corp.) Apple Application Support (32 bits) (HKLM-x32\...\{9F7041CB-8398-4691-B8CB-0D52273BB3D9}) (Version: 7.4 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{6E7DF4EE-1976-4215-9D81-755AFC95687D}) (Version: 7.4 - Apple Inc.) Assistant Mise à jour de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22402 - Microsoft Corporation) ASUS Battery Health Charging (HKLM-x32\...\{3A7E73B6-3A04-49ED-811E-CC39F7EA2E34}) (Version: 1.0.0004 - ASUS) ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.) ASUS GIFTBOX (HKLM-x32\...\ASUS GIFTBOX) (Version: 7.5.24 - ASUSTek Computer Inc) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.8 - ASUSTeK COMPUTER INC.) ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.18 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.20.0001 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.2.0 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0053 - ASUS) AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.5.32 - ICEpower a/s) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Chromium (HKU\S-1-5-21-1155520083-3846007108-4210782761-1001\...\Chromium) (Version: 68.0.3398.0 - Chromium) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.) Contrôle d’intégrité du PC Windows (HKLM\...\{90C6971F-ABF1-4FBF-BD98-24F14C5F5AB4}) (Version: 3.6.2204.08001 - Microsoft Corporation) CyberLink PhotoDirector 5 (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.) Hidden CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.) CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.) Hidden CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Debut - Logiciel de capture vidéo (HKLM-x32\...\Debut) (Version: 5.10 - NCH Software) Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.2.7 - ASUSTek COMPUTER INC.) Dropbox (HKLM-x32\...\Dropbox) (Version: 185.4.6054 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.817.1 - Dropbox, Inc.) Hidden Express Animate (HKLM-x32\...\ExpressAnimate) (Version: 3.12 - NCH Software) Express Burn - Logiciel de gravure de disques (HKLM-x32\...\ExpressBurn) (Version: 7.07 - NCH Software) FastStone Capture 5.3 (French) (HKLM-x32\...\FastStone Capture) (Version: 5.3 (French) - FastStone Soft) ffDiaporama 2.1 (20140209) (HKLM-x32\...\{E489A7CD-01F1-47DF-9E7E-9CA44CCC1966}.bin_is1) (Version: 2.1 (20140209) - The ffDiaporama Team) ffDiaporama openclipart-extension 0.18 (20140205) (HKLM\...\{E489A7CD-01F1-47DF-9E7E-9CA44CCC1966}.oct_is1) (Version: 0.18 (20140205) - openclipart) ffDiaporama Texturemate-extension 1.0 (20140125) (HKLM\...\{E489A7CD-01F1-47DF-9E7E-9CA44CCC1966}.tmt_is1) (Version: 1.0 (20140125) - The ffDiaporama Team) GnuCash 3.0. (HKLM-x32\...\GnuCash_is1) (Version: - GnuCash Development Team) HomeBank 5.2.6 (HKLM-x32\...\{770D94F9-211A-4BC7-9921-FC946ABD82C8}_is1) (Version: 5.2.6 - Maxime DOYEN) Intel(R) Chipset Device Software (HKLM\...\{94E05108-3E4E-4F2E-AC5F-33A1B22B779C}) (Version: 10.1.1.44 - Intel Corporation) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10203.4295 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1017 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{229EC9B8-4AAD-4212-8582-5558CA1910FA}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{7A05461C-3985-43CC-88D4-65C56E7E2D05}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7325 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{2D80C096-13FF-402A-BF65-04C8E67944C5}) (Version: 15.5.2.1054 - Intel Corporation) Hidden Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.5.2.1054 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{0AF335C8-701E-41FA-8333-4702475CF32A}) (Version: 30.100.1724.2 - Intel Corporation) Hidden Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1724.2 - Intel Corporation) Intel(R) Trusted Connect Service Client (HKLM\...\{F6AA7E43-41A4-4304-BA96-A495C5788231}) (Version: 1.45.447.1 - Intel Corporation) Hidden LibreOffice 5.4.6.2 (HKLM\...\{F662982B-D4F5-4CFA-B2AE-90E16B44FF2F}) (Version: 5.4.6.2 - The Document Foundation) MediaHuman YouTube to MP3 Converter 3.9.9.86 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.9.9.86 - MediaHuman) Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.16827.20166 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 118.0.2088.46 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 118.0.2088.46 - Microsoft Corporation) Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.211.1010.0001 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation) Microsoft VC++ redistributables repacked. (HKLM\...\{1047661A-0306-4DCB-8624-2032F6D3D1BD}) (Version: 12.0.0.0 - Intel Corporation) Hidden Microsoft VC++ redistributables repacked. (HKLM-x32\...\{19E3D3D7-6A3C-4B98-9433-38201260207F}) (Version: 12.0.0.0 - Intel Corporation) Hidden Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 118.0.2 (x64 fr)) (Version: 118.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla) MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation) NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation) NVIDIA Pilote graphique 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16827.20130 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16827.20130 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.16827.20130 - Microsoft Corporation) Hidden Opera Stable 103.0.4928.34 (HKLM-x32\...\Opera 103.0.4928.34) (Version: 103.0.4928.34 - Opera Software) osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden Photo Common (HKLM-x32\...\{CAA0F57A-BA8C-4AD8-AA03-F32B0E4F5623}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Photo Gallery (HKLM-x32\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Photo Gallery (HKLM-x32\...\{C992FFE0-AC32-4FA9-BC9A-F1637B9E655D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden PhotoPad Éditeur d’images (HKLM-x32\...\PhotoPad) (Version: 5.12 - NCH Software) PhotoStage - Créateur de diaporamas (HKLM-x32\...\PhotoStage) (Version: 9.75 - NCH Software) Pixillion - Convertisseur d'images (HKLM-x32\...\Pixillion) (Version: 10.27 - NCH Software) REALTEK Bluetooth Filter Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AD}) (Version: 1.4.887.170518 - REALTEK Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.19.627.2017 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9013.1 - Realtek Semiconductor Corp.) Realtek PCI-E Wireless LAN Driver (HKLM-x32\...\InstallShield_{70714FB7-4084-4202-A599-2D5935DECB67}) (Version: Drv_3.00.0014 - REALTEK Semiconductor Corp.) RenOLink version 2.09 (HKLM-x32\...\RenOLink_is1) (Version: 2.09 - ) Tenorshare 4uKey 2.0.1.1 (HKLM-x32\...\{Tenorshare 4uKey}_is1) (Version: 2.0.1.1 - Tenorshare, Inc.) TomTom MyDrive Connect 4.2.8.4052 (HKLM-x32\...\MyDriveConnect) (Version: 4.2.8.4052 - TomTom) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{F3874F6F-EA00-487D-BEAD-5FAA010E78F2}) (Version: 1.15.0.0 - Microsoft Corporation) Hidden VideoPad - Logiciel de montage vidéo (HKLM-x32\...\VideoPad) (Version: 10.50 - NCH Software) Windows Driver Package - ASUS (AsusPTPDrv) HIDClass (04/21/2017 11.0.0.16) (HKLM\...\7517F958DC823EE4C12050C16EFF05886960ABEF) (Version: 04/21/2017 11.0.0.16 - ASUS) Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\{66B5819D-DE70-42BE-B40F-978FBA12452E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Mail (HKLM-x32\...\{BAD27F0E-5165-49A5-BE66-AF5BF73F2FEE}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Messenger (HKLM-x32\...\{BAD984EE-790E-4513-A428-3BE2D426DCA7}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live MIME IFilter (HKLM\...\{25058321-C33E-496B-8915-6FD64D362CAF}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (HKLM-x32\...\{6522F5F9-411B-4513-A75B-CEA00395F032}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Writer (HKLM-x32\...\{A2DC527D-FA79-46E9-973F-920897CA55E9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Writer Resources (HKLM-x32\...\{0F974770-76EB-4C38-986E-E7BDD9C0DFC4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Movie Maker 2017 (HKLM-x32\...\{3CC29C1A-B5FE-457B-1234-32A2557A92C7}}_is1) (Version: - winmoviemaker) Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - ) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.2 - ASUSTeK COMPUTER INC.) ZenAnywhere (HKLM\...\{A3DAF030-0717-44EB-8027-30173B8813CA}) (Version: 4.5.23 - Orbweb Inc.) Hidden ZenAnywhere (HKLM-x32\...\ZenAnywhere 4.5.23) (Version: 4.5.23 - Orbweb Inc.) Packages: ========= ASUS ZenLink -> C:\Program Files\WindowsApps\B9ECED6F.ZenSync_1.0.7.0_x86__qmba6cd70vzyy [2017-12-15] (ASUSTeK COMPUTER INC.) [MS Ad] Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-09] (Autodesk Inc.) Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.39.18.0_x64__kgqvnymyfvs32 [2023-10-15] (king.com) Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.254.200.0_x64__kgqvnymyfvs32 [2023-10-18] (king.com) Centre de configuration des graphiques Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5185.0_x64__8j3eq9eme6ctt [2023-09-14] (INTEL CORP) [Startup Task] Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-28] (Microsoft Corporation) Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_8.5.10.0_x86__h6adky7gbf63m [2023-10-15] (Gameloft SE) Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.18.1011.0_x64__rz1tebttyb220 [2023-10-03] (Dolby Laboratories) eManual -> C:\Program Files\WindowsApps\B9ECED6F.eManual_2.0.3.0_x86__qmba6cd70vzyy [2018-04-28] (ASUSTeK COMPUTER INC.) Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-17] (Microsoft Corporation) iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa [2023-09-15] (Apple Inc.) [Startup Task] March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_7.9.0.0_x86__h6adky7gbf63m [2023-09-28] (Gameloft SE) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad] Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2310.10001.0_x64__8wekyb3d8bbwe [2023-10-15] (Microsoft Corporation) [Startup Task] Microsoft Midi gm.dls -> C:\Program Files\WindowsApps\Microsoft.Midi.GmDls_1.0.1.0_neutral__8wekyb3d8bbwe [2018-12-16] (Microsoft Platform Extensions) Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.20.3203.0_x64__8wekyb3d8bbwe [2023-10-06] (Microsoft Studios) MyASUS-Service Center -> C:\Program Files\WindowsApps\B9ECED6F.MyASUS_3.3.11.0_x86__qmba6cd70vzyy [2018-04-28] (ASUSTeK COMPUTER INC.) [Startup Task] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-24] (Netflix, Inc.) One Calendar -> C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2023.819.1.0_x64__8kea50m9krsh2 [2023-08-29] (Code Spark) Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2018-04-17] (Plex) Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.10050.0_x64__8wekyb3d8bbwe [2023-10-10] (Microsoft Studios) [MS Ad] Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2023.928.1334.242_neutral__8wekyb3d8bbwe [2023-09-28] (Microsoft Corporation) WPS Office for ASUS -> C:\Program Files\WindowsApps\ZhuhaiKingsoftOfficeSoftw.WPSOffice_11.2.11225.0_x86__924xes6e8q1tw [2023-08-29] (Kingsoft Office Software Corporation Limited) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-1155520083-3846007108-4210782761-1001_Classes\CLSID\{635EFA6F-08D6-4EC9-BD14-8A0FDE975159}\localserver32 -> C:\Users\chqntql\AppData\Local\Chromium\Application\68.0.3398.0\notification_helper.exe (The Chromium Authors) [Fichier non signé] <==== ATTENTION CustomCLSID: HKU\S-1-5-21-1155520083-3846007108-4210782761-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\chqntql\Dropbox [2018-04-18 15:54] ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.211.1010.0001\FileSyncShell64.dll [2023-10-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.211.1010.0001\FileSyncShell64.dll [2023-10-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.211.1010.0001\FileSyncShell64.dll [2023-10-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.211.1010.0001\FileSyncShell64.dll [2023-10-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.211.1010.0001\FileSyncShell64.dll [2023-10-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.211.1010.0001\FileSyncShell64.dll [2023-10-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.211.1010.0001\FileSyncShell64.dll [2023-10-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.211.1010.0001\FileSyncShell64.dll [2023-10-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.211.1010.0001\FileSyncShell64.dll [2023-10-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.211.1010.0001\FileSyncShell64.dll [2023-10-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.211.1010.0001\FileSyncShell64.dll [2023-10-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.211.1010.0001\FileSyncShell64.dll [2023-10-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.211.1010.0001\FileSyncShell64.dll [2023-10-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.211.1010.0001\FileSyncShell64.dll [2023-10-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.211.1010.0001\FileSyncShell64.dll [2023-10-17] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.211.1010.0001\FileSyncShell64.dll [2023-10-17] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.211.1010.0001\FileSyncShell64.dll [2023-10-17] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.67.0.dll [2023-10-17] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-07-05] (NVIDIA Corporation -> NVIDIA Corporation) ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== ==================== Modules chargés (Avec liste blanche) ============= 2017-07-03 11:51 - 2017-07-03 11:51 - 001937408 _____ () [Fichier non signé] C:\Program Files (x86)\ASUS\Giftbox\ffmpeg.dll 2017-07-03 11:51 - 2017-07-03 11:51 - 000079360 _____ () [Fichier non signé] C:\Program Files (x86)\ASUS\Giftbox\libegl.dll 2017-07-03 11:51 - 2017-07-03 11:51 - 002177536 _____ () [Fichier non signé] C:\Program Files (x86)\ASUS\Giftbox\libglesv2.dll 2017-07-03 11:51 - 2017-07-03 11:51 - 003561984 _____ () [Fichier non signé] C:\Program Files (x86)\ASUS\Giftbox\node.dll 2017-04-14 17:45 - 2017-04-14 17:45 - 000125440 _____ () [Fichier non signé] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2017-05-24 14:40 - 2017-05-24 14:40 - 000033280 _____ () [Fichier non signé] C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2017-04-14 17:45 - 2017-04-14 17:45 - 000029184 _____ () [Fichier non signé] C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll 2018-10-15 12:01 - 2018-10-15 12:01 - 000013312 _____ () [Fichier non signé] C:\Program Files (x86)\MyDrive Connect\libEGL.DLL 2018-10-15 12:01 - 2018-10-15 12:01 - 001950720 _____ () [Fichier non signé] C:\Program Files (x86)\MyDrive Connect\libGLESv2.dll 2014-09-11 17:14 - 2014-09-11 17:14 - 000218112 _____ () [Fichier non signé] C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qmng.dll 2017-05-24 14:40 - 2017-05-24 14:40 - 001676288 _____ (ASUS TeK Computer Inc.) [Fichier non signé] C:\Program Files (x86)\ASUS\Splendid\ApplyLUT.dll 2017-05-24 14:40 - 2017-05-24 14:40 - 000178176 _____ (ASUS TeK Computer Inc.) [Fichier non signé] C:\Program Files (x86)\ASUS\Splendid\GenLUT.dll 2017-05-24 14:40 - 2017-05-24 14:40 - 000165888 _____ (ASUSTeK Computer Inc.) [Fichier non signé] C:\Program Files (x86)\ASUS\Splendid\ColorU.dll 2017-07-03 11:51 - 2017-07-03 11:51 - 073507840 _____ (The NWJS Community) [Fichier non signé] C:\Program Files (x86)\ASUS\Giftbox\nw.dll 2017-07-03 11:51 - 2017-07-03 11:51 - 000124928 _____ (The NWJS Community) [Fichier non signé] C:\Program Files (x86)\ASUS\Giftbox\nw_elf.dll 2018-03-27 22:33 - 2018-03-27 22:33 - 001370624 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\MyDrive Connect\LIBEAY32.dll 2018-03-27 22:33 - 2018-03-27 22:33 - 000337920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\MyDrive Connect\ssleay32.dll 2018-10-15 12:11 - 2018-10-15 12:11 - 000038912 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\MyDrive Connect\Plugins\bearer\qgenericbearer.dll 2018-10-15 12:10 - 2018-10-15 12:10 - 000026112 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qgif.dll 2018-10-16 12:39 - 2018-10-16 12:39 - 000033280 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qicns.dll 2018-10-15 12:10 - 2018-10-15 12:10 - 000027648 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qico.dll 2018-10-15 12:12 - 2018-10-15 12:12 - 000243712 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qjpeg.dll 2018-10-16 12:31 - 2018-10-16 12:31 - 000021504 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qsvg.dll 2018-10-16 12:38 - 2018-10-16 12:38 - 000020992 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qtga.dll 2018-10-16 12:39 - 2018-10-16 12:39 - 000327680 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qtiff.dll 2018-10-16 12:38 - 2018-10-16 12:38 - 000019968 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qwbmp.dll 2018-10-16 12:39 - 2018-10-16 12:39 - 000400896 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qwebp.dll 2018-10-15 12:12 - 2018-10-15 12:12 - 001096704 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\MyDrive Connect\Plugins\platforms\qwindows.dll 2020-05-03 10:43 - 2020-05-03 10:43 - 004785152 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\MyDrive Connect\Qt5Core.dll 2018-10-15 12:05 - 2018-10-15 12:05 - 004970496 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\MyDrive Connect\Qt5Gui.dll 2018-10-15 12:05 - 2018-10-15 12:05 - 000961024 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\MyDrive Connect\Qt5Network.dll 2018-10-16 12:31 - 2018-10-16 12:31 - 000264704 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\MyDrive Connect\Qt5Svg.dll 2018-10-15 12:09 - 2018-10-15 12:09 - 004468224 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\MyDrive Connect\Qt5Widgets.dll 2018-10-15 12:02 - 2018-10-15 12:02 - 000150016 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\MyDrive Connect\Qt5Xml.dll 2020-05-03 10:36 - 2020-05-03 10:36 - 000141312 _____ (TomTom) [Fichier non signé] C:\Program Files (x86)\MyDrive Connect\DeviceNavEthernetCore.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1155520083-3846007108-4210782761-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE SearchScopes: HKU\S-1-5-21-1155520083-3846007108-4210782761-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1155520083-3846007108-4210782761-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-10-06] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-06] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-06] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-06] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-06] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts 2020-10-01 15:02 - 2020-11-28 18:54 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-1155520083-3846007108-4210782761-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\chqntql\Desktop\Dossiers\DSC0051.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1) HKU\S-1-5-21-1155520083-3846007108-4210782761-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{DC8990E9-E881-40B6-A2DE-FFF8C72342A4}] => (Allow) LPort=1900 FirewallRules: [{183D6DFD-D341-4EEA-8AD7-B70282C22952}] => (Allow) LPort=2869 FirewallRules: [{70DBC0E2-995A-4E83-BD13-9436106E7B9E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{46597A5B-BE24-49F7-9B9C-A8584A564E36}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{AB0AF8B8-6D46-43A1-B00A-95E153FC60B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{AEE0A9B8-9EBF-423F-BA92-536BEF132D17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{B605C93D-769E-4ABB-9868-499A51E990BF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{AAD2AFA0-1D76-43DE-88A0-436A542A5606}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{34FA99AD-9A8A-4375-B145-7C38E6599699}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE => Pas de fichier FirewallRules: [{DC68A0CE-B19E-4884-9E28-84AA3CC57B9F}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International B.V. -> TomTom) FirewallRules: [{C4E692E1-F5FC-4CB8-B2C9-E3BF9C5DA274}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{CBD84A96-DDA9-4A45-8EB4-1C85B9DC26B0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{AD6536D1-87DB-4C0B-AB29-78A932B2894D}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => Pas de fichier FirewallRules: [{8FC5C776-ABFB-47CA-9CA5-A1F711CDF45B}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => Pas de fichier FirewallRules: [{A5BA6A21-5936-49DD-97B2-BFA765105CA2}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{46157C30-A20D-43F9-B1E9-3A55F123973E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{A8C3F778-C135-4AC1-A925-AD71446674BB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{BFF79161-87DF-4F62-B0DE-496A4BA1F617}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{9938FE41-210B-4C27-9C8C-BCADB574B592}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{E850FCC2-FE7F-489B-8B7C-C7CA1E15B43A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{222AA8A6-D86B-4230-ACFD-DF9BB6A7CBFD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{A4172076-EFAA-4C83-8567-318D3FBB8573}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{685DC603-3E47-4FD7-BB35-7EAB81BAECB7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{8E92D327-8A33-47A9-BF90-BDFEBC38860D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{194AFDBF-E4F0-4EC8-8BC3-5BAC6A45EB6E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{49CA16B9-ADA6-4195-A67E-9D3EF80C3ADE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{7161E8C3-A138-45F7-8550-AD18D47C3621}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{B80E36BF-C7A8-4970-9195-F38A877F7D28}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{8868F236-41B0-4947-B680-1255F895AAF0}] => (Allow) C:\Program Files\Opera\102.0.4880.78\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{669E8875-A6B9-47CC-AEFD-C990FA257C76}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{95F4D6D3-A5C3-454F-B5B4-7603917CBE7F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{02F3F0B9-4335-4E09-82A8-F575D8D1A237}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{F0F5867B-8E3F-4D15-9AFC-AFB816696160}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{FF36CAEF-16CD-4FEE-ACE2-3B738D6C7E86}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\118.0.2088.46\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{BEDDB18A-904B-4D22-82CB-2DC91F273C99}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{41503E7B-B6E8-4F1C-8B48-DE59B12689DE}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{BDE04F8D-2AA3-48F2-ABB7-FA926B4CB6BF}] => (Allow) C:\Program Files\Opera\103.0.4928.34\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{11A6F4C6-24A8-48BC-AD06-E043ABE7F30C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{CA8401AA-BEF0-4A20-AB64-3ED5B4668807}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{CCBAF09C-11A1-437B-9DB9-BB7DB86E3D3E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{29BD8A9F-44D7-4BDE-A30F-0E819B48021C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) ==================== Points de restauration ========================= ATTENTION: La Restauration système est désactivée (Total:125.64 GB) (Free:15.89 GB) (13%) ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (10/17/2023 08:44:40 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 63828 Error: (10/17/2023 08:44:40 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 63828 Error: (10/17/2023 08:44:40 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (10/17/2023 08:44:24 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 47750 Error: (10/17/2023 08:44:24 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 47750 Error: (10/17/2023 08:44:24 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (10/17/2023 08:44:08 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 31984 Error: (10/17/2023 08:44:08 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 31984 Erreurs système: ============= Error: (10/18/2023 02:08:33 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT) Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80073d02 : 9WZDNCRFJ364-MICROSOFT.SKYPEAPP. Error: (10/17/2023 08:43:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NBDT4DF) Description: Le serveur {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (10/17/2023 08:43:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NBDT4DF) Description: Le serveur {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (10/17/2023 08:43:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NBDT4DF) Description: Le serveur {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (10/17/2023 07:54:02 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Le service Optimisation de livraison est en attente de démarrage. Error: (10/17/2023 07:48:09 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service NcbService s’est arrêté avec l’erreur : Un périphérique attaché au système ne fonctionne pas correctement. Error: (10/17/2023 07:47:50 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: L’arrêt système précédant à 15:48:19 le ‎17/‎10/‎2023 n’était pas prévu. Error: (10/17/2023 10:23:49 AM) (Source: disk) (EventID: 11) (User: ) Description: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\DR8. Windows Defender: ================ Date: 2023-10-17 19:50:01 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Cryptor&threatid=2147768041&enterprise=0 Nom : Trojan:MSIL/Cryptor ID : 2147768041 Gravité : Grave Catégorie : Cheval de Troie Chemin : containerfile:_C:\$Recycle.Bin\S-1-5-21-1155520083-3846007108-4210782761-1001\$R1HV33E.09\renolink.zip; containerfile:_C:\$Recycle.Bin\S-1-5-21-1155520083-3846007108-4210782761-1001\$R1HV33E.09\renolink209\Logiciel RenoLink 2.09\RenoLink 2.09.exe; containerfile:_C:\Users\chqntql\Documents\renolink 2.09\renolink.zip; containerfile:_C:\Users\chqntql\Documents\renolink 2.09\renolink209\Logiciel RenoLink 2.09\RenoLink 2.09.exe; containerfile:_C:\Users\chqntql\OneDrive\Documents\renolink 2.09\renolink.zip; containerfile:_C:\Users\chqntql\OneDrive\Documents\renolink 2.09\renolink209\Logiciel RenoLink 2.09\RenoLink 2.09.exe; containerfile:_E:\40 ans Christelle\Le jour j\renolink 2.09\renolink.zip; containerfile:_E:\40 ans Christelle\Le jour j\renolink 2.09\renolink209\Logiciel RenoLink 2.09\RenoLink 2.09.exe; file:_C:\$Recycle.Bin\S-1-5-21-1155520083-3846007108-4210782761-1001\$R1HV33E.09\renolink.zip->renolink209/Logiciel RenoLink 2.09/RenoLink 2.09.exe->(inno#000002); file:_C:\$Recycle.Bin\S-1-5-21-1155520083-384 Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Utilisateur Utilisateur : Nom du processus : Unknown Version de la veille de sécurité : AV: 1.399.799.0, AS: 1.399.799.0, NIS: 1.399.799.0 Version du moteur : AM: 1.1.23090.2007, NIS: 1.1.23090.2007 Date: 2023-10-17 11:35:57 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {3A2D5574-9602-49B0-A6CB-E4300F76C0AC} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2023-10-17 11:34:05 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Cryptor&threatid=2147768041&enterprise=0 Nom : Trojan:MSIL/Cryptor ID : 2147768041 Gravité : Grave Catégorie : Cheval de Troie Chemin : containerfile:_C:\$Recycle.Bin\S-1-5-21-1155520083-3846007108-4210782761-1001\$R1HV33E.09\renolink.zip; containerfile:_C:\$Recycle.Bin\S-1-5-21-1155520083-3846007108-4210782761-1001\$R1HV33E.09\renolink209\Logiciel RenoLink 2.09\RenoLink 2.09.exe; containerfile:_C:\Users\chqntql\Documents\renolink 2.09\renolink.zip; containerfile:_C:\Users\chqntql\Documents\renolink 2.09\renolink209\Logiciel RenoLink 2.09\RenoLink 2.09.exe; containerfile:_C:\Users\chqntql\OneDrive\Documents\renolink 2.09\renolink.zip; containerfile:_C:\Users\chqntql\OneDrive\Documents\renolink 2.09\renolink209\Logiciel RenoLink 2.09\RenoLink 2.09.exe; containerfile:_E:\40 ans Christelle\Le jour j\renolink 2.09\renolink.zip; containerfile:_E:\40 ans Christelle\Le jour j\renolink 2.09\renolink209\Logiciel RenoLink 2.09\RenoLink 2.09.exe; file:_C:\$Recycle.Bin\S-1-5-21-1155520083-3846007108-4210782761-1001\$R1HV33E.09\renolink.zip->renolink209/Logiciel RenoLink 2.09/RenoLink 2.09.exe->(inno#000002); file:_C:\$Recycle.Bin\S-1-5-21-1155520083-384 Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Utilisateur Utilisateur : DESKTOP-NBDT4DF\chqntql Nom du processus : Unknown Version de la veille de sécurité : AV: 1.399.751.0, AS: 1.399.751.0, NIS: 1.399.751.0 Version du moteur : AM: 1.1.23090.2007, NIS: 1.1.23090.2007 Date: 2023-10-16 16:42:51 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {5F9915A2-AA62-4A0D-8BB8-7351440F1A07} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse complète Utilisateur : DESKTOP-NBDT4DF\chqntql Date: 2023-10-16 16:42:51 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Cryptor&threatid=2147768041&enterprise=0 Nom : Trojan:MSIL/Cryptor ID : 2147768041 Gravité : Grave Catégorie : Cheval de Troie Chemin : containerfile:_C:\$Recycle.Bin\S-1-5-21-1155520083-3846007108-4210782761-1001\$R1HV33E.09\renolink.zip; containerfile:_C:\$Recycle.Bin\S-1-5-21-1155520083-3846007108-4210782761-1001\$R1HV33E.09\renolink209\Logiciel RenoLink 2.09\RenoLink 2.09.exe; file:_C:\$Recycle.Bin\S-1-5-21-1155520083-3846007108-4210782761-1001\$R1HV33E.09\renolink.zip->renolink209/Logiciel RenoLink 2.09/RenoLink 2.09.exe->(inno#000002); file:_C:\$Recycle.Bin\S-1-5-21-1155520083-3846007108-4210782761-1001\$R1HV33E.09\renolink209\Logiciel RenoLink 2.09\RenoLink 2.09.exe->(inno#000002) Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Utilisateur Utilisateur : DESKTOP-NBDT4DF\chqntql Nom du processus : Unknown Version de la veille de sécurité : AV: 1.399.751.0, AS: 1.399.751.0, NIS: 1.399.751.0 Version du moteur : AM: 1.1.23090.2007, NIS: 1.1.23090.2007 Event[0]: Date: 2023-10-16 16:50:21 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la restauration d’un élément en quarantaine. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Phonzy.A!ml&threatid=2147772962&enterprise=0 Nom : Trojan:Win32/Phonzy.A!ml ID : 2147772962 Gravité : Grave Catégorie : Cheval de Troie Utilisateur : DESKTOP-NBDT4DF\chqntql Code d’erreur : 0x80508014 Description de l’erreur : Impossible de restaurer l’élément en quarantaine. Version de la veille de sécurité : AV: 1.399.751.0, AS: 1.399.751.0 Version du moteur : 1.1.23090.2007 Date: 2023-10-16 16:50:05 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la restauration d’un élément en quarantaine. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Phonzy.A!ml&threatid=2147772962&enterprise=0 Nom : Trojan:Win32/Phonzy.A!ml ID : 2147772962 Gravité : Grave Catégorie : Cheval de Troie Utilisateur : DESKTOP-NBDT4DF\chqntql Code d’erreur : 0x80508014 Description de l’erreur : Impossible de restaurer l’élément en quarantaine. Version de la veille de sécurité : AV: 1.399.751.0, AS: 1.399.751.0 Version du moteur : 1.1.23090.2007 Date: 2023-10-16 16:49:38 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la restauration d’un élément en quarantaine. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Phonzy.A!ml&threatid=2147772962&enterprise=0 Nom : Trojan:Win32/Phonzy.A!ml ID : 2147772962 Gravité : Grave Catégorie : Cheval de Troie Utilisateur : DESKTOP-NBDT4DF\chqntql Code d’erreur : 0x80508014 Description de l’erreur : Impossible de restaurer l’élément en quarantaine. Version de la veille de sécurité : AV: 1.399.751.0, AS: 1.399.751.0 Version du moteur : 1.1.23090.2007 Date: 2023-10-16 16:49:32 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la restauration d’un élément en quarantaine. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Phonzy.A!ml&threatid=2147772962&enterprise=0 Nom : Trojan:Win32/Phonzy.A!ml ID : 2147772962 Gravité : Grave Catégorie : Cheval de Troie Utilisateur : DESKTOP-NBDT4DF\chqntql Code d’erreur : 0x80508014 Description de l’erreur : Impossible de restaurer l’élément en quarantaine. Version de la veille de sécurité : AV: 1.399.751.0, AS: 1.399.751.0 Version du moteur : 1.1.23090.2007 Date: 2023-10-16 16:49:29 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la restauration d’un élément en quarantaine. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Phonzy.A!ml&threatid=2147772962&enterprise=0 Nom : Trojan:Win32/Phonzy.A!ml ID : 2147772962 Gravité : Grave Catégorie : Cheval de Troie Utilisateur : DESKTOP-NBDT4DF\chqntql Code d’erreur : 0x80508014 Description de l’erreur : Impossible de restaurer l’élément en quarantaine. Version de la veille de sécurité : AV: 1.399.751.0, AS: 1.399.751.0 Version du moteur : 1.1.23090.2007 CodeIntegrity: =============== Date: 2023-10-18 14:27:47 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-10-16 11:02:37 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Microsoft signing level requirements. Date: 2023-09-23 11:41:18 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. X705UVP.308 04/18/2019 Carte mère: ASUSTeK COMPUTER INC. X705UVP Processeur: Intel(R) Pentium(R) CPU 4405U @ 2.10GHz Pourcentage de mémoire utilisée: 55% Mémoire physique - RAM - totale: 8078.76 MB Mémoire physique - RAM - disponible: 3556.21 MB Mémoire virtuelle totale: 9358.76 MB Mémoire virtuelle disponible: 4481.56 MB ==================== Lecteurs ================================ Drive c: (OS .W10) (Fixed) (Total:125.64 GB) (Free:15.89 GB) (Model: ST1000LM035-1RK172) NTFS \\?\Volume{86081976-c308-47cd-852a-16e8b0e2ced9}\ (RECOVERY) (Fixed) (Total:0.78 GB) (Free:0.2 GB) NTFS \\?\Volume{28c91a24-3167-44ef-ad31-3acddb8aea8e}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 71DF9FD9) Partition: GPT. ==================== Fin de Addition.txt =======================