Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possible keylogger [Solved]


  • This topic is locked This topic is locked

#1
Meboubou

Meboubou

    Member

  • Member
  • PipPip
  • 68 posts

Last night someone attempted to sign into my bank account. They had my pin, client number and security questions. (Fortunately, paranoid me has 2 step verifications on everything.)

Since I make a point to have unique ones for all my banking, there's really 3 possibilities this happened: 
1. Keylogger
2. Data breach
3. Someone close to me somehow figured out my pin number and took my card. 

Since the bank isn't admitting to a data breach and that I trust the few people around me.... The obvious choice is a keylogger? 

I did my own scan but couldn't find anything suspicious looking beyond the anonymous extensions on chrome... which I can't really figure out the origine or how to remove them... so I figured I'd ask here. 

Thanks for your time!! 

 

 

Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 02-06-2021
Exécuté par tqy_06 (administrateur) sur DESKTOP-K95T8M6 (LENOVO 20AWS0FD00) (03-06-2021 09:27:37)
Exécuté depuis C:\Users\tqy_06\Desktop
Profils chargés: tqy_06
Platform: Windows 10 Pro Version 20H2 19042.985 (X64) Langue: Anglais (États-Unis) -> Français (Canada)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
 
==================== Processus (Avec liste blanche) =================
 
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
 
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Users\tqy_06\AppData\Roaming\Adobe\Connect\connectdetector.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <16>
(Intel Corporation -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\tphkload.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN11CD~1.INF\driver\shtctky.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN11CD~1.INF\driver\tpnumlkd.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN11CD~1.INF\driver\tposd.exe
(Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Malwarebytes Inc -> Malwarebytes) D:\malwarebytes\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) D:\malwarebytes\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <19>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.621.4222.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.621.4222.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\fodhelper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.985_none_e72c6fe7263b0fe4\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Notepad++ -> Don HO [email protected]) C:\Program Files (x86)\Notepad++\notepad++.exe
(OldTimer Tools) [Fichier non signé] C:\Users\tqy_06\Desktop\OTL.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Parsec Cloud, Inc. -> Parsec) C:\Program Files\Parsec\parsecd.exe
(Parsec Cloud, Inc. -> Parsec) C:\Program Files\Parsec\pservice.exe
(Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics) C:\ProgramData\Samsung Apps\Portable SSD\SamsungPortableSSDMon.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VMware, Inc. -> ) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
 
==================== Registre (Avec liste blanche) ===================
 
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
 
HKLM\...\Run: [AgentAntidote32] => C:\Program Files (x86)\Druide\Antidote 9\Application\Bin32\AgentAntidote.exe [1658472 2018-10-23] (Druide Informatique Inc. -> Druide informatique inc.)
HKLM\...\Run: [AgentAntidote64] => C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\AgentAntidote.exe [1804904 2018-10-23] (Druide Informatique Inc. -> Druide informatique inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3952096 2020-03-11] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Reader Application Helper] => C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2014-10-24] (Sony Corporation -> Sony Corporation)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [115632 2019-03-25] (VMware, Inc. -> VMware, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-05-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\tqy_06\AppData\Local\slack\slack.exe [306856 2021-01-18] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32194448 2020-06-06] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\tqy_06\AppData\Local\Microsoft\Teams\Update.exe [2452664 2020-12-23] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\Run: [ConnectDetector] => C:\Users\tqy_06\AppData\Roaming\Adobe\Connect\connectdetector.exe [640568 2021-01-12] (Adobe Inc. -> Adobe Systems Incorporated) <==== ATTENTION
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\Run: [Parsec.App.0] => C:\Program Files\Parsec\parsecd.exe [430784 2021-05-21] (Parsec Cloud, Inc. -> Parsec)
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-05-27] (Google LLC -> Google LLC)
Startup: C:\Users\tqy_06\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2019-01-18]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
 
==================== Tâches planifiées (Avec liste blanche) ============
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
Task: {04CD5D89-D9B3-4CE7-9F8D-A05E3F9F52B8} - System32\Tasks\PostponeDeviceSetupToast_S-1-5-21-2057818490-810332119-3295456784-1001_0 => {5ded83ef-1e99-48cf-bf83-676d2a6db408} C:\Windows\System32\oobe\UserOOBE.dll [412160 2021-05-01] (Microsoft Windows -> Microsoft Corporation)
Task: {04E3989F-0DD3-4E30-999C-6F6F19B11D91} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {152FF429-CA48-47EC-859C-F23ED258650A} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [62136 2021-04-20] (Lenovo -> )
Task: {168FCE74-D0C6-4A4B-B488-6F748027A24E} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758224 2021-04-25] (Lenovo -> )
Task: {28CF1B34-558F-4F9F-9475-FFBF68BDA4F5} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXvGPUDisableTask => C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe
Task: {495360EB-A59B-4EF8-B546-613C39CCB69B} - System32\Tasks\Lenovo Power Management Driver PnP Task => C:\WINDOWS\System32\ibmpmsvc.exe [949632 2019-12-11] (Lenovo -> Lenovo.)
Task: {4DD81111-2769-4A57-A92E-974BEE51E5BC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {5021DF33-E111-42A9-B1C2-37AF46DDEC72} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXWarningTask => C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe
Task: {52C3539A-BCF6-4C60-B9A7-775B7CC80242} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [660688 2020-09-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {531D90CC-D6F8-439F-B353-C1A776FF1CCC} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [139448 2016-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {58BA13E6-E678-4A60-AAEA-6BCB0D9571D7} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {5924CC25-1B87-4168-8EF0-30C1FF7C3BCD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3953096 2021-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {7BA670F3-52E4-412E-B9CC-CC00816CAB2D} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {7D65D10F-02B9-43E8-82A5-85FC232C1F14} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-03] (Google Inc -> Google Inc.)
Task: {8431BBD4-8784-444A-BAC5-C748E4319CD8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B0EBA40-8F15-4C2F-B55C-CC421821CA9D} - System32\Tasks\G2MUpdateTask-S-1-5-21-2057818490-810332119-3295456784-1001 => C:\Users\tqy_06\AppData\Local\GoToMeeting\19709\g2mupdate.exe [31320 2021-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {A9F484CE-6B19-4834-BF4E-DAC5F469CE45} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3953096 2021-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {AB53441D-9422-408F-9E06-E26D8A8A153E} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {ADA8BC81-CAD3-4068-B003-5B0C2AD2BCE7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {B7A7BC18-35BE-46E2-AE06-7985A6DE0461} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {BD89BA76-B88C-4221-ACEE-688E456BDB12} - System32\Tasks\G2MUploadTask-S-1-5-21-2057818490-810332119-3295456784-1001 => C:\Users\tqy_06\AppData\Local\GoToMeeting\19709\g2mupload.exe [31320 2021-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {C284FFA6-87EB-48A8-AC50-1C4DBD3A1808} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758224 2021-04-25] (Lenovo -> )
Task: {C94D456A-36AC-49E9-B150-D499E54B0C99} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [112824 2021-04-20] (Lenovo -> Lenovo)
Task: {DF7E6E6E-D137-4468-9CEE-BD12468CBF18} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-03] (Google Inc -> Google Inc.)
Task: {E9AB176E-2039-4A88-9BDF-DAA48A6BFC7D} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\SamsungPortableSSDMon.exe [499232 2018-06-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics)
 
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
 
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2057818490-810332119-3295456784-1001.job => C:\Users\tqy_06\AppData\Local\GoToMeeting\19709\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2057818490-810332119-3295456784-1001.job => C:\Users\tqy_06\AppData\Local\GoToMeeting\19709\g2mupload.exe
 
==================== Internet (Avec liste blanche) ====================
 
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
 
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 24.201.245.77 24.200.0.1 24.53.0.2
Tcpip\..\Interfaces\{dc171d43-5552-4584-848b-9a95f62612ff}: [DhcpNameServer] 24.201.245.77 24.200.0.1 24.53.0.2
Tcpip\..\Interfaces\{e5a7c465-02ce-437c-9a69-909203e13885}: [DhcpNameServer] 24.201.245.77 24.200.0.1 24.53.0.2
 
Edge: 
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\tqy_06\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-03]
 
FireFox:
========
FF DefaultProfile: z03xfrci.default
FF ProfilePath: C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\z03xfrci.default [2020-08-27]
FF ProfilePath: C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release [2020-11-28]
FF Extension: (Disconnect) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\[email protected] [2020-08-27]
FF Extension: (Facebook Container) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\@contain-facebook.xpi [2020-08-27]
FF Extension: (Tampermonkey) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\[email protected] [2020-08-27]
FF Extension: (I don't care about cookies) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\[email protected] [2020-08-28]
FF Extension: (Simple Translate) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\[email protected] [2020-08-27]
FF Extension: (uBlock Origin) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\[email protected] [2020-08-27]
FF Extension: (Flagfox) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2020-09-01]
FF Extension: (Startpage.com - recherche privé) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2020-08-27]
FF Extension: (Dark Night Mode) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\{27c3c9d8-95cd-44e6-ae9c-ff537348b9f3}.xpi [2020-08-27]
FF Extension: (FBCleaner) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\{4ce95b29-49c2-44f3-b371-8635790b98fb}.xpi [2020-08-27]
FF Extension: (NoScript) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2020-08-27]
FF Extension: (Dusky Gray Facebook [Dark Theme]) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\{8d1ad29c-3852-4c57-9919-b9aa81866b04}.xpi [2020-08-27]
FF Extension: (Lake Tahoe Rubicon Trail) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\{941edfd0-7c7a-4847-91b4-7d58fae5b900}.xpi [2020-08-27]
FF Extension: (Quebec vert 2) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\{b30bb4c0-7d04-4bee-a408-03d8418df8ea}.xpi [2020-08-27]
FF Extension: (Nano Defender for Firefox) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\{fcf60470-b210-4c17-969e-9ae01491071e}.xpi [2020-08-27]
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-06-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2014-10-24] (Sony Corporation -> Sony Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2057818490-810332119-3295456784-1001: @ringcentral.com/RingCentralMeetingsPlugin -> C:\Users\tqy_06\AppData\Roaming\RingCentralMeetings\bin\nprcmsplugin.dll [2019-07-15] (RingCentral, Inc. -> RingCentral Video Communications, Inc. and RingCentral Inc.)
FF Plugin HKU\S-1-5-21-2057818490-810332119-3295456784-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\tqy_06\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2057818490-810332119-3295456784-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\tqy_06\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default [2021-06-03]
CHR Notifications: Default -> hxxps://app.slack.com; hxxps://programmation-0xk5972.slack.com; hxxps://wtmmontreal.slack.com; hxxps://www.youtube.com
CHR Extension: (Docs) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-05]
CHR Extension: (Google Drive) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (Volume Booster) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkfjjkednolkdhclcoicgbfpccgihknm [2021-03-16]
CHR Extension: (YouTube) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-05]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-21]
CHR Extension: (IBA Opt-out (by Google)) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb [2019-03-30]
CHR Extension: (Google Docs Offline) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-21]
CHR Extension: (Antidote) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbojggafdepnclikhiapkpinbfdhbdoi [2020-04-03]
CHR Extension: (Boomerang for Gmail) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2018-11-10]
CHR Extension: (Google Hangouts) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2020-08-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-02]
CHR Profile: C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-01-22]
CHR HKLM-x32\...\Chrome\Extension: [lbojggafdepnclikhiapkpinbfdhbdoi]
 
==================== Services (Avec liste blanche) ===================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-11-03] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2016-07-28] (Microsoft Corporation -> Microsoft Corporation)
S2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
R2 MBAMService; D:\malwarebytes\MBAMService.exe [7391408 2021-06-03] (Malwarebytes Inc -> Malwarebytes)
R2 Parsec; C:\Program Files\Parsec\pservice.exe [395968 2021-05-21] (Parsec Cloud, Inc. -> Parsec)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1143272 2019-04-22] (Plex, Inc -> Plex, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2014-04-25] (Sony Corporation) [Fichier non signé]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11786992 2018-11-14] (TeamViewer GmbH -> TeamViewer GmbH)
R2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\TPHKLOAD.exe [465200 2020-12-28] (Lenovo -> Lenovo Group Limited)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [77792 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [48608 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14347184 2019-03-25] (VMware, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Pilotes (Avec liste blanche) ===================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-06-03] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-06-03] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-06-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-06-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-06-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-06-03] (Malwarebytes Inc -> Malwarebytes)
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [315392 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 SMIDriverGen; C:\WINDOWS\system32\DRIVERS\smi.sys [31440 2018-04-25] (Synaptics Inc. -> Synaptics Incorporated)
S3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2020-10-12] (Snap Inc. -> Windows ® Win 7 DDK provider)
S3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [757824 2016-12-19] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
R3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2020-01-10] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S3 vl810filter; C:\WINDOWS\system32\DRIVERS\vl810filter.sys [17008 2011-11-17] (VIA Technologies Inc. -> VIA Labs, Inc.)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [52288 2019-03-25] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [66520 2019-03-25] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\system32\DRIVERS\vsock.sys [91712 2017-09-05] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-05-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [421112 2021-05-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-14] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Avec liste blanche) ===================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
 
==================== Un mois (créés) (Avec liste blanche) =========
 
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
 
2021-06-03 09:27 - 2021-06-03 09:28 - 000031370 _____ C:\Users\tqy_06\Desktop\FRST.txt
2021-06-03 09:27 - 2021-06-03 09:28 - 000000000 ____D C:\FRST
2021-06-03 09:27 - 2021-06-03 09:27 - 000000000 ____D C:\Users\tqy_06\Desktop\FRST-OlderVersion
2021-06-03 09:26 - 2021-06-03 09:27 - 002300416 _____ (Farbar) C:\Users\tqy_06\Desktop\FRST64.exe
2021-06-03 09:14 - 2021-06-03 09:14 - 000000000 ____D C:\Users\tqy_06\AppData\Local\CrashDumps
2021-06-03 09:12 - 2021-06-03 09:12 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-06-03 09:12 - 2021-06-03 09:12 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-06-03 09:12 - 2021-06-03 09:12 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-06-03 09:11 - 2021-06-03 09:11 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-06-03 09:11 - 2021-06-03 09:11 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-06-03 09:11 - 2021-06-03 09:11 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-06-03 09:11 - 2021-06-03 09:11 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-06-03 09:11 - 2021-06-03 09:11 - 000000655 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-06-03 09:11 - 2021-06-03 09:11 - 000000655 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-06-03 09:11 - 2021-06-03 09:11 - 000000655 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-06-03 09:11 - 2021-06-03 09:11 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-06-03 09:10 - 2021-06-03 09:10 - 002080712 _____ (Malwarebytes) C:\Users\tqy_06\Downloads\MBSetup.exe
2021-06-03 09:00 - 2021-06-03 09:00 - 000222106 _____ C:\Users\tqy_06\Desktop\Extras.Txt
2021-06-03 08:59 - 2021-06-03 08:59 - 000276116 _____ C:\Users\tqy_06\Desktop\OTL.Txt
2021-06-03 08:20 - 2021-06-03 08:20 - 000602112 _____ (OldTimer Tools) C:\Users\tqy_06\Desktop\OTL.exe
2021-06-02 14:59 - 2021-06-02 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lenovo
2021-06-02 08:26 - 2021-06-02 08:26 - 000004036 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-2057818490-810332119-3295456784-1001_0
2021-05-16 13:16 - 2021-05-16 13:16 - 000000000 ____D C:\Users\tqy_06\AppData\Local\kotlin
2021-05-15 15:13 - 2021-05-15 15:13 - 000000000 ____D C:\Users\tqy_06\AppData\Local\main.kts.compiled.cache
2021-05-15 15:11 - 2021-05-15 15:11 - 000000000 ____D C:\Users\tqy_06\IdeaProjects
2021-05-15 15:11 - 2021-05-15 15:11 - 000000000 ____D C:\Users\tqy_06\AppData\Local\JetBrains
2021-05-15 15:07 - 2021-05-15 15:07 - 000000485 _____ C:\Users\Public\Desktop\IntelliJ IDEA Community Edition 2021.1.1 x64.lnk
2021-05-15 15:07 - 2021-05-15 15:07 - 000000485 _____ C:\ProgramData\Desktop\IntelliJ IDEA Community Edition 2021.1.1 x64.lnk
2021-05-15 14:59 - 2021-05-15 14:59 - 000000000 ____D C:\Users\tqy_06\AndroidStudioProjects
2021-05-15 14:55 - 2021-05-15 14:55 - 000000000 ____D C:\Program Files\Common Files\Oracle
2021-05-15 11:55 - 2021-05-15 11:55 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
 
==================== Un mois (modifiés) ==================
 
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
 
2021-06-03 09:19 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-03 09:11 - 2019-12-07 05:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-03 08:41 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-03 08:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-03 08:34 - 2019-05-24 10:50 - 000000589 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-06-03 08:33 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-03 08:32 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-06-03 08:23 - 2021-05-01 02:48 - 000789922 _____ C:\WINDOWS\system32\perfh00C.dat
2021-06-03 08:23 - 2021-05-01 02:48 - 000147998 _____ C:\WINDOWS\system32\perfc00C.dat
2021-06-03 08:23 - 2021-05-01 02:45 - 000427528 _____ C:\WINDOWS\system32\prfh0804.dat
2021-06-03 08:23 - 2021-05-01 02:45 - 000133050 _____ C:\WINDOWS\system32\prfc0804.dat
2021-06-03 08:23 - 2021-04-30 23:47 - 002416690 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-03 08:17 - 2018-05-03 19:54 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-06-03 08:17 - 2018-05-03 19:54 - 000000000 __SHD C:\Users\tqy_06\IntelGraphicsProfiles
2021-06-03 08:16 - 2021-04-30 23:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-03 08:16 - 2021-04-30 23:33 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-03 08:16 - 2021-04-30 23:32 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2021-06-03 08:16 - 2019-12-07 05:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-06-03 08:16 - 2018-11-25 10:46 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-06-03 08:16 - 2018-10-08 16:39 - 000000000 ____D C:\ProgramData\VMware
2021-06-03 08:16 - 2018-05-03 19:54 - 000000000 ____D C:\ProgramData\Synaptics
2021-06-03 07:58 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-02 19:11 - 2020-02-28 12:56 - 000000000 ____D C:\WINDOWS\TempInst
2021-06-02 19:11 - 2018-05-03 19:59 - 000000000 ____D C:\ProgramData\Lenovo
2021-06-02 15:14 - 2018-05-22 16:42 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-06-02 15:03 - 2020-08-21 23:22 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-02 15:03 - 2020-08-21 23:22 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-06-02 15:03 - 2020-08-21 23:22 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-06-02 15:00 - 2021-04-30 23:54 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2057818490-810332119-3295456784-1001
2021-06-02 15:00 - 2021-04-30 23:37 - 000002420 _____ C:\Users\tqy_06\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-02 15:00 - 2018-05-03 19:54 - 000000000 ___RD C:\Users\tqy_06\OneDrive
2021-06-02 14:59 - 2021-04-30 23:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2021-06-02 14:59 - 2020-02-28 11:45 - 000000000 ____D C:\Program Files (x86)\Lenovo
2021-06-02 14:58 - 2018-11-16 15:56 - 000003591 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2021-06-02 08:23 - 2020-09-03 08:59 - 000000690 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2057818490-810332119-3295456784-1001.job
2021-06-02 08:23 - 2020-09-03 08:59 - 000000594 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2057818490-810332119-3295456784-1001.job
2021-05-27 17:32 - 2018-05-03 19:57 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-27 17:32 - 2018-05-03 19:57 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-27 17:32 - 2018-05-03 19:57 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-05-27 17:28 - 2021-04-30 23:54 - 000003866 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-2057818490-810332119-3295456784-1001
2021-05-27 17:28 - 2021-04-30 23:54 - 000003770 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-2057818490-810332119-3295456784-1001
2021-05-27 17:28 - 2021-04-30 23:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-27 17:28 - 2020-09-03 08:59 - 000000000 ____D C:\Users\tqy_06\AppData\Local\GoToMeeting
2021-05-24 18:27 - 2021-03-07 17:30 - 000000000 ____D C:\Users\tqy_06\AppData\Roaming\Parsec
2021-05-23 22:27 - 2018-05-05 19:01 - 000000000 ____D C:\Program Files (x86)\Steam
2021-05-21 22:57 - 2018-06-03 16:28 - 000000000 ____D C:\Users\tqy_06\AppData\Roaming\discord
2021-05-21 22:21 - 2018-06-03 16:27 - 000000000 ____D C:\Users\tqy_06\AppData\Local\Discord
2021-05-21 19:23 - 2018-12-16 20:31 - 000000000 ____D C:\Users\tqy_06\AppData\Local\ElevatedDiagnostics
2021-05-21 19:19 - 2021-03-07 17:30 - 000000000 ____D C:\Program Files\Parsec
2021-05-15 15:11 - 2021-04-30 23:37 - 000000000 ____D C:\Users\tqy_06
2021-05-15 15:11 - 2018-09-30 09:19 - 000000000 ____D C:\Users\tqy_06\AppData\Roaming\JetBrains
2021-05-15 15:09 - 2018-09-30 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains
2021-05-15 14:59 - 2018-08-18 18:44 - 000000000 ____D C:\Users\tqy_06\.android
2021-05-15 14:55 - 2018-10-10 19:19 - 000068880 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2021-05-15 14:55 - 2018-10-10 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-05-15 14:55 - 2018-10-10 19:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2021-05-15 14:55 - 2018-10-10 19:18 - 000000000 ____D C:\Program Files\Java
2021-05-15 14:55 - 2018-08-03 18:54 - 000000000 ____D C:\ProgramData\Oracle
2021-05-15 13:01 - 2019-02-11 21:45 - 000000000 ____D C:\Users\tqy_06\AppData\Roaming\Google
2021-05-15 13:01 - 2018-05-03 19:56 - 000000000 ____D C:\Users\tqy_06\AppData\Local\Google
2021-05-15 12:12 - 2021-04-30 23:33 - 000490408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-15 12:05 - 2021-05-01 02:38 - 000000000 ____D C:\Program Files\Hyper-V
2021-05-15 12:05 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-05-15 12:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-15 12:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-15 11:56 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-14 19:54 - 2018-05-03 20:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-13 22:17 - 2018-05-03 20:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-13 22:09 - 2018-06-26 16:18 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-05-13 22:03 - 2018-05-03 20:35 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-13 22:01 - 2021-04-29 09:41 - 000000000 ___DC C:\WINDOWS\Panther
 
==================== Fichiers à la racine de certains dossiers ========
 
2019-02-25 07:06 - 2019-02-25 07:06 - 000009901 _____ () C:\Users\tqy_06\AppData\Local\recently-used.xbel
 
==================== SigCheck ============================
 
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
 
==================== Fin de FRST.txt ========================
 
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 02-06-2021
Exécuté par tqy_06 (03-06-2021 09:29:43)
Exécuté depuis C:\Users\tqy_06\Desktop
Windows 10 Pro Version 20H2 19042.985 (X64) (2021-05-01 03:55:09)
Mode d'amorçage: Normal
==========================================================
 
 
==================== Comptes: =============================
 
Administrator (S-1-5-21-2057818490-810332119-3295456784-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2057818490-810332119-3295456784-503 - Limited - Disabled)
Guest (S-1-5-21-2057818490-810332119-3295456784-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2057818490-810332119-3295456784-1003 - Limited - Enabled)
replacedForPrivacy (S-1-5-21-2057818490-810332119-3295456784-1007 - Limited - Enabled) => C:\Users\replacedForPrivacy
tqy_06 (S-1-5-21-2057818490-810332119-3295456784-1001 - Administrator - Enabled) => C:\Users\tqy_06
WDAGUtilityAccount (S-1-5-21-2057818490-810332119-3295456784-504 - Limited - Disabled)
 
==================== Centre de sécurité ========================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
 
==================== Programmes installés ======================
 
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
 
7D2D Launcher (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\0fa300cea2469b2c) (Version: 1.0.5.2 - SphereII Software)
7D2D Mod Launcher Installer (HKLM\...\{109EA3EC-0668-4FA6-8D34-A3AC067ADAE9}) (Version: 2.1.13 - SphereII Software)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Active Directory Authentication Library for SQL Server (HKLM\...\{32C0D7B2-1046-43AC-98AD-B748E1910916}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (HKLM-x32\...\{F40FA676-46B1-4609-85EF-D2F1F79E0C0E}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated)
Adobe Connect (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\Adobe Connect App) (Version: 2020.12.21.64 - Adobe Systems Inc.)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.10 - Adobe Systems Incorporated)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Android Studio (HKLM\...\Android Studio) (Version: 3.3 - Google LLC)
Antidote 9 - English module (HKLM-x32\...\{BFA17B4C-70D3-480F-8476-76197F614AB8}) (Version: 9.5.3877 - Druide informatique inc.)
Antidote 9 - Module français (HKLM-x32\...\{BFA17B4C-70D3-480F-8476-76197F614AB7}) (Version: 9.5.3877 - Druide informatique inc.)
Antidote 9 (HKLM-x32\...\{BFA17B4C-70D3-480F-8476-76197F614AB6}) (Version: 9.5.3937 - Druide informatique inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
Application Verifier x64 External Package (HKLM\...\{B27BC1FC-8474-9E32-73C2-6F7CD58AD1E3}) (Version: 10.1.17763.132 - Microsoft) Hidden
Azure AD Authentication Connected Service (HKLM-x32\...\{8A1AD070-269F-4A15-AAB5-76AB896EF195}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Behaviors SDK (Windows Phone) for Visual Studio 2013 (HKLM-x32\...\{C1609E6E-10B5-46F4-A48C-AC57045D0B88}) (Version: 12.0.51210.80 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (HKLM-x32\...\{B2429EA1-767E-4947-A458-F2204A2AA1BB}) (Version: 12.0.51210.80 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Windows Phone 8.0 (HKLM-x32\...\{403759F5-1D77-49F4-812D-AF43196E8C74}) (Version: 3.0.30924.0 - Microsoft Corporation) Hidden
Build Tools - amd64 (HKLM\...\{03DE1AEE-D3FA-4BF3-9150-28F54815E888}) (Version: 12.0.31010 - Microsoft Corporation) Hidden
Build Tools - x86 (HKLM-x32\...\{235CCCE6-3CB9-4E09-9D8E-0F212644C668}) (Version: 12.0.31010 - Microsoft Corporation) Hidden
Build Tools for Windows 10 - ENU (HKLM-x32\...\{E5C9A6AC-6AB9-455C-B8AF-FAC95908D0DF}) (Version: 14.0.25527 - Microsoft Corporation) Hidden
Build Tools for Windows 10 (HKLM-x32\...\{3DF885A3-8834-49EB-8390-15DCD84DC5FB}) (Version: 14.0.25527 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (HKLM\...\{6618DB5E-8788-46E1-94F4-9F1C0FC075BD}) (Version: 12.0.31010 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (HKLM-x32\...\{772590BC-E61B-4080-B9D5-A71497612F36}) (Version: 12.0.31010 - Microsoft Corporation) Hidden
CodeBlocks (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\CodeBlocks) (Version: 17.12 - The Code::Blocks Team)
CodedUITest81 (HKLM-x32\...\{3AF80693-9047-3BAA-9554-22AB6C428AB4}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
CodedUITestUAP (HKLM-x32\...\{0AB83CFE-A321-364C-8F78-A79084EC90D4}) (Version: 14.0.25527 - Microsoft Corporation) Hidden
Composer - Php Dependency Manager (HKLM-x32\...\{7315AF68-E777-496A-A6A2-4763A98ED35A}_is1) (Version:  - getcomposer.org)
Discord (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Dotfuscator and Analytics Community Edition 5.22.0 (HKLM-x32\...\{60018889-9E0F-43E8-9B89-29E8C828B40A}) (Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
eBook DRM Removal Bundle 4.19.406.399 (HKLM-x32\...\{8F09AD24-0196-436A-B99F-A39C537DC5FF}_is1) (Version: 4.19.406.399 - eBook Converter Team)
Entity Framework 6.1.3 Tools  for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
Epic Games Launcher (HKLM-x32\...\{FA10E700-F142-40B6-BB21-B93C55E0EA24}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Git version 2.20.1 (HKLM\...\Git_is1) (Version: 2.20.1 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\GitHubDesktop) (Version: 2.6.1 - GitHub, Inc.)
GlassFish Server Open Source Edition 4.1.1 (HKLM\...\nbi-glassfish-mod-4.1.1.0.1) (Version:  - )
GnuWin32: Make-3.81 (HKLM-x32\...\Make-3.81_is1) (Version: 3.81 - GnuWin32)
Go Programming Language amd64 go1.13.7 (HKLM\...\{D1B12E74-F66A-42D2-928D-DD38C43E3DF0}) (Version: 1.13.7 - hxxps://golang.org)
GoLand 2019.3.2 (HKLM-x32\...\GoLand 2019.3.2) (Version: 193.6015.58 - JetBrains s.r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.77 - Google LLC)
GoTo Opener (HKLM-x32\...\{D144D2C2-4F96-48B7-BB2A-E9185050B619}) (Version: 1.0.491 - LogMeIn, Inc.)
GoToMeeting 10.16.1.19709 (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\GoToMeeting) (Version: 10.16.1.19709 - LogMeIn, Inc.)
IDE Tools for Windows 10 - ENU (HKLM-x32\...\{5FAE69D5-D9A7-469A-A021-2EB40F4FE0AB}) (Version: 14.0.25527 - Microsoft Corporation) Hidden
IDE Tools for Windows 10 (HKLM-x32\...\{F255D538-8ECB-4ED1-9670-E195D403BCCF}) (Version: 14.0.25527 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 20.2 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5126 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000060-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{73250D12-B600-4ED6-AFC0-10D9D8EDA745}) (Version: 7.3.2 - Intel Corporation)
IntelliJ IDEA Community Edition 2021.1.1 (HKLM-x32\...\IntelliJ IDEA Community Edition 2021.1.1) (Version: 211.7142.45 - JetBrains s.r.o.)
Intellisense Lang Pack Mobile Extension SDK 10.0.14393.0 (HKLM-x32\...\{26D23C60-AC47-46E5-8EDF-D19F41CAB666}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Java SE Development Kit 8 Update 181 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180181}) (Version: 8.0.1810.13 - Oracle Corporation)
Java™ SE Development Kit 16.0.1 (64-bit) (HKLM\...\{75CDB88B-F917-5456-AB2D-5504DE7F43DE}) (Version: 16.0.1.0 - Oracle Corporation)
JetBrains PyCharm Edu 2018.2 (HKLM-x32\...\PyCharm Edu 2018.2) (Version: 182.3684.126 - JetBrains s.r.o.)
Kit de développement logiciel (SDK) Microsoft .NET Framework 4.6.1 (Français) (HKLM-x32\...\{9369E1F2-44C9-4864-843E-159725E660CB}) (Version: 4.6.01055 - Microsoft Corporation)
Kits Configuration Installer (HKLM-x32\...\{76825BA0-C536-C284-BAA1-9DB7A2D30D54}) (Version: 10.1.14393.33 - Microsoft) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 4.14.10877 - Rakuten Kobo Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.82.00.20 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0124 - Lenovo)
LocalESPC (HKLM-x32\...\{62910715-63E3-0AB0-0B29-99140DE1C15E}) (Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPCui for en-us (HKLM-x32\...\{326A5052-061C-F656-31E3-3B73842ABD46}) (Version: 8.59.29989 - Microsoft) Hidden
Logiciel Intel® PROSet/Wireless (HKLM-x32\...\{a2caa706-dce2-4c91-8d46-b52a3c260b20}) (Version: 21.10.1 - Intel Corporation)
Malwarebytes version 4.4.0.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.0.117 - Malwarebytes)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (Français) (HKLM-x32\...\{AD054CB0-F527-48AD-832B-E65D46237C88}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.37 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.14026.20246 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\OneDriveSetup.exe) (Version: 21.083.0425.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2057818490-810332119-3295456784-1007\...\OneDriveSetup.exe) (Version: 19.152.0801.0008 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB  (HKLM\...\{E359515A-92E6-4FA3-A2C9-E1BA02D8DE6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects  (HKLM-x32\...\{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects  (x64) (HKLM\...\{20EA85AA-2A1D-4F11-B09F-4BA2BF3C8989}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service  (HKLM-x32\...\{8BFDE775-C5B8-46DB-84EF-43FFC8A2E8AD}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom  (HKLM\...\{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60519.0) (HKLM-x32\...\{4E27B0EF-7BAB-432A-AF3D-3FC8F3F7353F}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29112 (HKLM-x32\...\{be826f5f-eda5-45a2-a3fe-c2cb5c1b9842}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.55.2 - Microsoft Corporation)
Microsoft Visual Studio Emulator for Android (HKLM-x32\...\{e0f4d7cd-597b-4cfd-907f-312a212ff4e8}) (Version: 1.1.622.2 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1096.130 - Microsoft Corporation)
Microsoft Visual Studio Professional 2015 with Updates (HKLM-x32\...\{68432bbb-c9a5-4a7b-bab3-ae5a49b28303}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Apache Cordova (HKLM-x32\...\{29b63284-2755-4dde-82a3-32ba7245febe}) (Version: 14.0.60527.5 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 80.0.1 (x64 fr) (HKLM\...\Mozilla Firefox 80.0.1 (x64 fr)) (Version: 80.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 80.0 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{128C1654-3B9E-4959-8BFB-CE6F09C0A01D}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
MSI Development Tools (HKLM-x32\...\{6C961B30-A670-8A05-3BFE-3947E84DD4E4}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
NetBeans IDE 8.2 (HKLM\...\nbi-nb-base-8.2.0.0.201609300101) (Version: 8.2 - NetBeans.org)
Node.js (HKLM\...\{70453304-793B-4FAB-A673-FB14AF816C9B}) (Version: 14.15.4 - Node.js Foundation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.1 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Parsec (HKLM-x32\...\Parsec) (Version: 150-47 - Parsec Cloud Inc.)
Planetbase (HKLM-x32\...\1351624781_is1) (Version: 1.2.2 - GOG.com)
Plex Media Server (HKLM-x32\...\{1783ee46-408e-4b0a-a38e-c59c984a2316}) (Version: 1.15.4.993 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{C9ECA84A-DFAB-4E01-AF1D-1BF50F841665}) (Version: 1.15.993 - Plex, Inc.) Hidden
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT  (HKLM-x32\...\{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation)
Project and Item Templates for Visual Studio Community 2015 - ENU (HKLM-x32\...\{85619B33-76D7-4FF8-A04D-6E568B0CF29A}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Project and Item Templates for Visual Studio Express 2015 for Windows 10 - ENU (HKLM-x32\...\{31F41F21-21C1-4A52-AFA7-B7D7F6B181AF}) (Version: 14.0.25527 - Microsoft Corporation) Hidden
Project and Item Templates for Visual Studio Professionald 2015 - ENU (HKLM-x32\...\{35BD3B44-C9E4-457D-8260-41566E8BEFE2}) (Version: 14.0.25527 - Microsoft Corporation) Hidden
Python 2.7.15 (64-bit) (HKLM\...\{16CD92A4-0152-4CB7-8FD6-9788D3363617}) (Version: 2.7.15150 - Python Software Foundation)
Python 3.7.0 (32-bit) (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\{ece37911-ffeb-4f29-95d6-abcf555d7364}) (Version: 3.7.150.0 - Python Software Foundation)
Python 3.7.0 Core Interpreter (32-bit) (HKLM-x32\...\{13BB06D9-FD38-47E5-946E-C2606C554030}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Development Libraries (32-bit) (HKLM-x32\...\{B424BE74-3C96-4974-8754-9D6442286112}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Documentation (32-bit) (HKLM-x32\...\{ABEE159E-FE5B-4E58-BDD7-1DED2F10AAEB}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Executables (32-bit) (HKLM-x32\...\{4642A126-F999-4407-801B-C1C89BDA58C5}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 pip Bootstrap (32-bit) (HKLM-x32\...\{69CFC76B-3434-4919-8885-BA7960725137}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Standard Library (32-bit) (HKLM-x32\...\{09160A5D-8B99-4A89-9E9D-8A6D8E9C7EC1}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Tcl/Tk Support (32-bit) (HKLM-x32\...\{8A09EA6B-C86C-4ECA-8742-C4C1BCA96845}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Test Suite (32-bit) (HKLM-x32\...\{717DB3B4-C457-447B-A8A6-6921A4D917EF}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Utility Scripts (32-bit) (HKLM-x32\...\{FC756D1E-1252-406E-8414-E11FAF97F3C7}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.9.1 (64-bit) (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\{b2be55ad-3177-42aa-a6c2-53004684e4ea}) (Version: 3.9.1150.0 - Python Software Foundation)
Python 3.9.1 Add to Path (64-bit) (HKLM\...\{5AD5ED9C-14D1-4CFA-B4B1-A02CE8916D9F}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Core Interpreter (64-bit) (HKLM\...\{1C00F581-D5BF-491E-B1BB-72AA3A2250E5}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Development Libraries (64-bit) (HKLM\...\{27AD952D-DD9D-4AAC-B486-8AA601BFA064}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Documentation (64-bit) (HKLM\...\{5CB3AEED-BB03-47E2-BFF1-0CA58C236895}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Executables (64-bit) (HKLM\...\{71A9F41D-A865-46D4-A650-B210150DEF2A}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 pip Bootstrap (64-bit) (HKLM\...\{EF2B9385-6453-4702-9584-21BA8288D157}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Standard Library (64-bit) (HKLM\...\{5DD5C023-790B-4F1B-9B1B-8D1BC48F3057}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Tcl/Tk Support (64-bit) (HKLM\...\{414B5372-24FD-4302-8090-B9CE5564A6DD}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Test Suite (64-bit) (HKLM\...\{A7EC4DEB-8ABD-471D-BB5B-E579EBC9B043}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Utility Scripts (64-bit) (HKLM\...\{47A9647A-A576-4751-9C37-D32EB70285A3}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{FFC95928-6A14-4FB3-8D73-7A62382F66AC}) (Version: 3.9.7280.0 - Python Software Foundation)
Reader for PC (HKLM-x32\...\{D279DFB7-97A3-439D-8BE9-95D8AFA68562}) (Version: 2.4.01.10241 - Sony Corporation)
RingCentral Meetings (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\RingCentralMeetings) (Version: 7.0 - Zoom Video Communications, Inc. and RingCentral Inc.)
Roslyn Language Services - x86 (HKLM-x32\...\{6970C7E1-F99D-388D-8903-DF8FCE677FED}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
RuneScape Launcher 2.2.6 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.6 - Jagex Ltd)
Samsung Portable SSD Software (HKLM-x32\...\SamsungPortableSSD_is1) (Version: 1.6.0.27 - Samsung Electronics)
SDK ARM Additions (HKLM-x32\...\{0B5D6FB7-05A5-271B-5B99-82384219A471}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{4A5F6E94-7967-A333-8231-CA9AF35E03BD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Skype Meetings App (HKLM-x32\...\{BC1D9E47-8927-4AA1-A891-7763BC2475B7}) (Version: 16.2.0.511 - Microsoft Corporation)
Slack (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\slack) (Version: 4.12.2 - Slack Technologies Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stopping Plex (HKLM-x32\...\{C30D2C91-1E76-487A-9C92-DA43289818B4}) (Version: 1.15.993 - Plex, Inc.) Hidden
StudioTax 2020 (HKLM\...\{A70B000F-D049-4F42-B79E-C58A07D8995C}) (Version: 16.0.3.0 - BHOK IT Consulting Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.142 - Synaptics Incorporated)
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (HKLM-x32\...\{7A95671A-759E-3B83-B763-4289D1D24D73}) (Version: 14.102.25619 - Microsoft) Hidden
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.0.13880 - TeamViewer)
Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
ThinkPad Basic Dock PTN Firmware version 1.43 (HKLM-x32\...\PTN3392Updater_is1) (Version: 1.43 - )
ThinkPad Pro/Ultra Dock VIA Firmware version 5041 (HKLM-x32\...\VL812_is1) (Version: 5041 - )
TypeScript Power Tool (HKLM-x32\...\{465ACA24-B8D6-4FEC-A42D-9EFCB92CD560}) (Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{BA5762C7-D35F-4725-A4BD-525854127018}) (Version: 1.8.36.0 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{1FBCBC17-4527-2340-0832-B1D49C41FF67}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{284FA9A0-CEDD-81D3-5A19-5858E95FD0C4}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{7D225043-6CC5-7B56-11DD-AFF90E4C1C0C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{F6483AD1-9703-F95E-B07B-6BB7A3DA7B71}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{8BFBEC30-33CC-13B4-849F-3B036F27466A}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{96FB0EE4-8F7E-595E-B5CF-BFCC6BF26014}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{ABD37F71-FC3F-F525-C7B3-BDD95F684C51}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{CB19DBA2-C210-5646-9522-695A1317CD34}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{302A9B8D-5111-6C51-BB99-FF394C4A4255}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{5F577A45-3C65-352B-061D-D6A57F05402C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{3B588BBE-EB02-D1B2-5CD5-7DB85AD8A3E7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{D2DC1EDF-EE04-9B5F-BDD7-06645D859EC3}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{87F42CC0-5403-3698-87D9-3C2A04E476E1}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{CE83D0BD-418A-F3D1-D6CE-687E96D1EBD0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
UwAmp (Uninstall) (HKLM-x32\...\UwAmp) (Version:  - )
vcpp_crt.redist.clickonce (HKLM-x32\...\{DE494F7A-5E42-4B52-8E06-EF9AAC4BD59D}) (Version: 14.16.27012 - Microsoft Corporation) Hidden
Viscera Cleanup Detail: alpha v0.25
 (HKLM\...\UDK-b03fd069-bfd4-4c64-a86a-7dd46acc2d83) (Version:  - RuneStorm
)
Viscera Cleanup Detail: Santas Rampage
 (HKLM\...\UDK-919c7ab1-1e49-4337-a1ad-f317bcbadcff) (Version:  - RuneStorm
)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
Visual Studio Build Tools 2017 (HKLM-x32\...\3cb32249) (Version: 15.9.28307.423 - Microsoft Corporation)
VS Update core components (HKLM-x32\...\{B2918D01-1D89-34D3-87EF-A28121BC6EB7}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden
vs_update3notification (HKLM-x32\...\{AB3DF932-C990-34D4-BF43-970F760DA3CD}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.6.0 - Azureus Software, Inc.)
WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WebStorm 2019.3.3 (HKLM-x32\...\WebStorm 2019.3.3) (Version: 193.6494.34 - JetBrains s.r.o.)
WinAppDeploy (HKLM-x32\...\{1182888E-EDC9-05C5-33BD-B61DA5B1F916}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{716AE8F2-1BE3-7657-DF6B-F23DEEC75AF9}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{1E76DFA7-96F3-4281-8E41-8A226C3E42EE}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.14393.33 (HKLM-x32\...\{f23f94c5-8bba-4202-85ad-c83d4402cdc1}) (Version: 10.1.14393.33 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.17763.132 (HKLM-x32\...\{5fe95b9d-9219-4d8b-a031-71323ae48a81}) (Version: 10.1.17763.132 - Microsoft Corporation)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{00B12DF9-5428-9406-DE2C-8E8A1A062B05}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{01F53182-F1C8-8A72-5C86-B6612BDD4815}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{2AC000E5-E5E6-75B7-7FC2-9ECA8C57CA98}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{E82A4A6C-C21C-35FE-B805-3E44318F6D63}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{6DF5B5E1-A8A0-B617-AADB-31C3709A3C41}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7E898893-9C42-A572-7F57-FDE55CE812F7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{1AAB8359-4433-FF39-D420-0AD429993AD7}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E8B1CB29-5C24-D882-3CEF-F8A7263BC63D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{F6F11150-93DE-0507-FCA0-F746E0207017}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{8329C3A0-8582-D1C2-67FF-800654BFDF45}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{CB7AC790-0E8B-D6C9-CE1E-655793E7D541}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{771C9DEF-7C0B-85DA-6426-7A20F06BEC94}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{87775501-5259-6A7C-51A6-71C832DB7ABA}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{B047C746-63E8-41C7-A5C0-7ABD390CF3E6}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{CFD0294B-945D-62E4-7959-9B22A160496F}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{0063AF94-397B-9C64-1C71-D404B27C5D96}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{F75FD5E5-1F33-AE2B-715A-F829F8A8F51D}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Yarn (HKLM-x32\...\{31A0DA57-5E85-4046-995D-8CD691AA4B84}) (Version: 1.22.5 - Yarn Contributors)
Zoom (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\ZoomUMX) (Version: 5.5.4 (13142.0301) - Zoom Video Communications, Inc.)
 
Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.8.1108.0_x64__rz1tebttyb220 [2021-06-03] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-30] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5170.0_x64__8wekyb3d8bbwe [2021-05-27] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.22101.0_x64__8wekyb3d8bbwe [2021-04-30] (Microsoft Studios)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0 [2021-06-03] (Spotify AB) [Startup Task]
 
==================== Personnalisé CLSID (Avec liste blanche): ==============
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
CustomCLSID: HKU\S-1-5-21-2057818490-810332119-3295456784-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\tqy_06\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2057818490-810332119-3295456784-1001_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\tqy_06\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2057818490-810332119-3295456784-1001_Classes\CLSID\{5563940C-ABF0-47B4-BB0E-B5D8680B570A}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\MoteurIntegration.exe (Druide Informatique Inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-2057818490-810332119-3295456784-1001_Classes\CLSID\{5563940D-49FD-4F1A-96AA-147B474290EE}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\MoteurIntegration.exe (Druide Informatique Inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-2057818490-810332119-3295456784-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\tqy_06\AppData\Local\GoToMeeting\18425\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-2057818490-810332119-3295456784-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8E}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\AgentAntidote.exe (Druide Informatique Inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-2057818490-810332119-3295456784-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8F}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\Antidote.exe (Druide Informatique Inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-2057818490-810332119-3295456784-1001_Classes\CLSID\{AD630E0F-BF29-4791-AD3B-A289E884E37C}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\Antidote.exe (Druide Informatique Inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-2057818490-810332119-3295456784-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\tqy_06\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2057818490-810332119-3295456784-1001_Classes\CLSID\{f474dcec-9da5-47c9-8584-f5653e25db5d}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\tqy_06\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\tqy_06\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\tqy_06\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2019-10-27] (Notepad++ -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tqy_06\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tqy_06\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2019-03-25] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2019-03-25] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\malwarebytes\mbshlext.dll [2021-06-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tqy_06\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tqy_06\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Pas de fichier
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\malwarebytes\mbshlext.dll [2021-06-03] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Codecs (Avec liste blanche) ====================
 
==================== Raccourcis & WMI ========================
 
==================== Modules chargés (Avec liste blanche) =============
 
2019-04-13 11:42 - 2019-02-21 12:00 - 000078336 _____ (Igor Pavlov) [Fichier non signé] C:\Program Files\7-Zip\7-zip.dll
2016-07-27 22:35 - 2016-07-27 22:35 - 000259584 _____ (Microsoft Corporation) [Fichier non signé] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
 
==================== Alternate Data Streams (Avec liste blanche) ========
 
==================== Mode sans échec (Avec liste blanche) ==================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Avec liste blanche) =================
 
==================== Internet Explorer (Avec liste blanche) ==========
 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-06-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-01-25] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-06-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-01-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-25] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-02] (Microsoft Corporation -> Microsoft Corporation)
 
==================== Hosts contenu: =========================
 
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
 
2017-09-29 09:46 - 2020-02-10 19:48 - 000001058 _____ C:\WINDOWS\system32\drivers\etc\hosts
192.168.0.106 host.docker.internal
192.168.0.106 gateway.docker.internal
127.0.0.1 kubernetes.docker.internal
 
2019-05-24 10:50 - 2021-06-03 08:34 - 000000589 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.19.192.1 DESKTOP-K95T8M6.mshome.net # 2026 6 2 2 12 34 48 121
7.15.126 DESKTOP-P4M4A2S.mshome.net # 2019 7 6 20 2 10 26 840
40
 
==================== Autres zones ===========================
 
(Actuellement, il n'y a pas de correction automatique pour cette section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Python39\Scripts\;C:\Python39\;C:\Python27\;C:\Python27\Scripts;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;%USERPROFILE%\.dnx\bin;C:\Program Files\Microsoft DNX\Dnvm\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\Git\cmd;C:\ProgramData\chocolatey\bin;C:\Program Files (x86)\Microsoft Emulator Manager\1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Go\bin;C:\Php;C:\ProgramData\ComposerSetup\bin;C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\;C:\Program Files (x86)\Druide\Antidote 9\Application\Bin32\;C:\Program Files (x86)\Yarn\bin\;C:\Program Files\nodejs\
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
HKU\S-1-5-21-2057818490-810332119-3295456784-1007\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 24.201.245.77 - 24.200.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu est activé.
 
Network Binding:
=============
Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled) 
Wi-Fi: VMware Bridge Protocol -> vmware_bridge (enabled) 
vEthernet (Default Switch): VMware Bridge Protocol -> vmware_bridge (enabled) 
VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled) 
VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled) 
 
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
 
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "AgentAntidote64"
HKLM\...\StartupApproved\Run: => "AgentAntidote32"
HKLM\...\StartupApproved\Run32: => "Reader Application Helper"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\StartupApproved\Run: => "Docker Desktop"
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\StartupApproved\Run: => "com.squirrel.slack.slack"
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\StartupApproved\Run: => "Snap Camera"
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
 
==================== RèglesPare-feu (Avec liste blanche) ================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
FirewallRules: [{8C6F301E-6F3B-4380-9C68-87C032863D3F}] => (Allow) D:\SteamLibrary\steamapps\common\Farm Together\FarmTogether.exe () [Fichier non signé]
FirewallRules: [{C9A7E9CF-F5EA-4BDB-B8DA-53BDFE84DA99}] => (Allow) D:\SteamLibrary\steamapps\common\Farm Together\FarmTogether.exe () [Fichier non signé]
FirewallRules: [{35098799-8F79-4348-9C40-7229CD8F3026}] => (Allow) C:\Program Files\Parsec\parsecd.exe (Parsec Cloud, Inc. -> Parsec)
FirewallRules: [{D7627012-B26C-43E7-B4FF-3EAD42C1A24E}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\UDKLift.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{BE0128F8-941C-417C-8915-8C41B1F5EBFF}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\UDKLift.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{72D2D866-C130-4332-BA09-3115A28D9A91}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{62CC7DEE-34BB-42DB-BED1-27216180C574}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{E67E3755-B43A-4152-97E9-9AE826680D8B}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{B6E2B84B-1EA7-4C55-9062-7CC7CC95D834}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{1203D1F2-2A1C-40E9-904E-22AE33303456}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{92C6340A-60FB-4148-8762-03A4CF644424}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{81BBC101-D43A-43D2-93CB-C287CE9A9F43}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DA315248-D3E8-4094-AD87-968309967AE2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{64ABD97F-C636-4855-BBC8-A4A9A7F42771}] => (Block) C:\users\tqy_06\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2E921BFA-E699-4497-9C85-CAA8C8225CB6}] => (Block) C:\users\tqy_06\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{5263F70B-F3FA-425B-9852-778D9A073D3B}C:\users\tqy_06\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\tqy_06\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2E0AFBFF-2F86-469E-ABAA-D89ACB38814B}C:\users\tqy_06\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\tqy_06\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F0537A22-40D9-4563-A26F-52B969E969E3}] => (Allow) D:\SteamLibrary\steamapps\common\Overcooked! 2\Overcooked2.exe () [Fichier non signé]
FirewallRules: [{FAED3341-3858-402D-B4DC-53F9B2FD3143}] => (Allow) D:\SteamLibrary\steamapps\common\Overcooked! 2\Overcooked2.exe () [Fichier non signé]
FirewallRules: [{E9EC3F54-FA47-460E-8448-DA9C660A0AF9}] => (Allow) D:\SteamLibrary\steamapps\common\Oozi Earth Adventure\Oozi.exe () [Fichier non signé]
FirewallRules: [{424FD9ED-5141-4AA3-8D13-8CA6C123BF69}] => (Allow) D:\SteamLibrary\steamapps\common\Oozi Earth Adventure\Oozi.exe () [Fichier non signé]
FirewallRules: [{4B817E67-5CEB-4486-B271-E9C9C7D38324}] => (Allow) D:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Fichier non signé]
FirewallRules: [{E7160C7E-C1B5-4ACF-90AD-43D8CDD0C15E}] => (Allow) D:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Fichier non signé]
FirewallRules: [UDP Query User{43750C8C-8DEB-409C-BEF1-B897F301B64E}D:\steamlibrary\steamapps\common\satisfactory\factorygame\binaries\win64\factorygame-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\satisfactory\factorygame\binaries\win64\factorygame-win64-shipping.exe => Pas de fichier
FirewallRules: [TCP Query User{F9A5B463-B10C-43B1-9B04-8084D8C881E0}D:\steamlibrary\steamapps\common\satisfactory\factorygame\binaries\win64\factorygame-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\satisfactory\factorygame\binaries\win64\factorygame-win64-shipping.exe => Pas de fichier
FirewallRules: [{AD2E243A-4711-44E0-84D9-F9D9D2E9DFCF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FE24EE78-EA8C-429F-80C3-7B42C99232A0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B44D5B0F-0965-4857-947C-13BE6B845F43}] => (Allow) D:\SteamLibrary\steamapps\common\Satisfactory\FactoryGame.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [{C3811BFF-B32E-46C3-8647-664DF417AE9E}] => (Allow) D:\SteamLibrary\steamapps\common\Satisfactory\FactoryGame.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [{33A3A228-EE57-48D2-9FE7-39859E35080C}] => (Allow) D:\SteamLibrary\steamapps\common\Human Fall Flat\Human.exe () [Fichier non signé]
FirewallRules: [{06AB48DE-79A6-4212-A2BB-BCEDC14533AE}] => (Allow) D:\SteamLibrary\steamapps\common\Human Fall Flat\Human.exe () [Fichier non signé]
FirewallRules: [{D3296311-EF4C-48A7-B568-E35C20758EB3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe (Valve -> )
FirewallRules: [{656121BF-276B-4201-960F-8B92F121B7B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe (Valve -> )
FirewallRules: [{941872F7-5067-4D11-8FC9-3B72ECB8FD3C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7B0A62C8-7539-4C4E-B93D-179C4A8285CE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DCF03F54-03CD-4A8E-9B87-DFAE0676BE9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout Shelter\FalloutShelter.exe () [Fichier non signé]
FirewallRules: [{75EC668F-7324-4B2A-A89C-E5D472444E44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout Shelter\FalloutShelter.exe () [Fichier non signé]
FirewallRules: [UDP Query User{AD20F945-C7F3-4766-9B32-8D218F5F9F24}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [TCP Query User{49069E57-4B96-4302-8F90-922AA0AAAB4C}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{D8D3740D-0F0B-43A4-A747-2A13DFC701E7}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{ECE75587-CC02-42F6-9321-DC6CBFF9A3DB}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [UDP Query User{BB743E9B-55F4-465F-9F88-F674C123D345}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{D75187A7-E28E-4E4B-B6E2-A2216E3DF709}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{73EBFB72-2264-4EC8-B2E3-594CD59ADFBA}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{9913CA2D-E917-4812-A63C-B7766CB16CB9}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{CB53ED59-BBDF-456B-AAEA-66AB8466AC74}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [Fichier non signé]
FirewallRules: [TCP Query User{1A808C09-16A0-4921-9A70-F9F264AECF7E}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [Fichier non signé]
FirewallRules: [{2A9581F5-A53D-4697-B852-31085951832F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Pas de fichier
FirewallRules: [{A1FCCEDB-1BFD-425D-A413-9FB7CDFE7919}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Pas de fichier
FirewallRules: [{7FF829A6-2161-4096-B0D9-4A5DCFBCDF8F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9CB9C465-C582-40D3-8167-32EB611D1378}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{33FEA9CF-2525-45F2-BB3C-3DBFEB8B9F1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [Fichier non signé]
FirewallRules: [{E8B847AB-D8B7-4AD5-B51C-4F8F65B06750}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [Fichier non signé]
FirewallRules: [TCP Query User{15736AB6-97FA-4E17-9778-618759B9E111}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [Fichier non signé]
FirewallRules: [UDP Query User{7324D366-EAD9-4DC3-96FF-79701FE5F8B0}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [Fichier non signé]
FirewallRules: [{04DD56C1-31C6-4192-A855-996412C4CEF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 2\RCT2.EXE () [Fichier non signé]
FirewallRules: [{278E262D-E85F-4900-9BA3-9B0624F72329}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 2\RCT2.EXE () [Fichier non signé]
FirewallRules: [TCP Query User{6DF41B05-909B-4162-B723-87672D8E6865}C:\program files\java\jdk1.8.0_181\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_181\bin\java.exe
FirewallRules: [UDP Query User{DC1D6164-7FCB-491F-A190-515E12906E05}C:\program files\java\jdk1.8.0_181\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_181\bin\java.exe
FirewallRules: [{2785559A-93F3-42A0-B577-C5C4E1F505BF}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{38340A82-0A98-48E2-AE2D-6C2A39B613DD}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (OpenJS Foundation -> Node.js)
FirewallRules: [UDP Query User{8A0DBEB7-6CC6-45E2-B322-705C483A7D3D}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (OpenJS Foundation -> Node.js)
FirewallRules: [{ADCD42CB-F383-4796-9963-C3769300857D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6F7FB1F3-5A9A-459A-877F-496E3BA2FFA6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [DNS Server Forward Rule - TCP - F7B91971-F69D-428C-8B33-9D8DF60834F9 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - F7B91971-F69D-428C-8B33-9D8DF60834F9 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 5485F5E5-E676-4F91-BCCD-3E30F002C5C0 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 5485F5E5-E676-4F91-BCCD-3E30F002C5C0 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 27152AD8-4995-48A4-9E27-B814D802BEE4 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 27152AD8-4995-48A4-9E27-B814D802BEE4 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 8583C374-5AD6-4423-AFF0-E8AE97B6D868 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 8583C374-5AD6-4423-AFF0-E8AE97B6D868 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2F544C85-C398-4606-BF3C-55D5FC097B56 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2F544C85-C398-4606-BF3C-55D5FC097B56 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 396FB3A0-5D7D-42FF-B96E-155987666610 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 396FB3A0-5D7D-42FF-B96E-155987666610 - 0] => (Allow) LPort=53
FirewallRules: [TCP Query User{5A14BC84-F286-4916-9CF7-F93D960F81A5}C:\7d2d\alpha17\darkness_falls\darkness_falls\7daystodie.exe] => (Allow) C:\7d2d\alpha17\darkness_falls\darkness_falls\7daystodie.exe => Pas de fichier
FirewallRules: [UDP Query User{C923B402-4E98-4097-A964-60F8CF274797}C:\7d2d\alpha17\darkness_falls\darkness_falls\7daystodie.exe] => (Allow) C:\7d2d\alpha17\darkness_falls\darkness_falls\7daystodie.exe => Pas de fichier
FirewallRules: [DNS Server Forward Rule - TCP - 1C04DBFC-8F25-4C9F-9144-13C59F408041 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 1C04DBFC-8F25-4C9F-9144-13C59F408041 - 0] => (Allow) LPort=53
FirewallRules: [{E840EC0E-A4CA-48DB-8B0C-8294E0D0646A}] => (Allow) C:\Users\tqy_06\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{F823F137-32C8-4A8A-94FC-5FEE47C1DC8D}] => (Allow) C:\Users\tqy_06\AppData\Roaming\Zoom\bin\airhost.exe => Pas de fichier
FirewallRules: [DNS Server Forward Rule - TCP - CFF86D40-C93F-4E1F-9536-50504937C23F - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - CFF86D40-C93F-4E1F-9536-50504937C23F - 0] => (Allow) LPort=53
FirewallRules: [{B74A0507-652A-4489-91EF-ED4738AAEF8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [Fichier non signé]
FirewallRules: [{33AA1BDE-6D78-4210-88FE-CF218712E989}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [Fichier non signé]
FirewallRules: [DNS Server Forward Rule - TCP - 2B24432D-188A-4D9F-BD16-17715706FB17 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2B24432D-188A-4D9F-BD16-17715706FB17 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 197E3751-77DF-4A3E-B268-3D4390295730 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 197E3751-77DF-4A3E-B268-3D4390295730 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 0374C7E2-C800-40CD-B352-B9FAB64AF7FF - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 0374C7E2-C800-40CD-B352-B9FAB64AF7FF - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - F8B4DDF8-7B50-4D9B-B5FA-274ADB34042B - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - F8B4DDF8-7B50-4D9B-B5FA-274ADB34042B - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 9CD2CB8E-3294-4E50-A1E9-BE001B732486 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 9CD2CB8E-3294-4E50-A1E9-BE001B732486 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - CF2B9DCD-48DC-459A-9766-C19729111975 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - CF2B9DCD-48DC-459A-9766-C19729111975 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - C3CAA7BF-FC01-400F-A978-C6277B072779 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - C3CAA7BF-FC01-400F-A978-C6277B072779 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 11201686-612F-47B7-966E-0C52B48332B9 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 11201686-612F-47B7-966E-0C52B48332B9 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - A03257C2-28D2-4CDF-960C-B52AC36D8638 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - A03257C2-28D2-4CDF-960C-B52AC36D8638 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 0C2D51E1-7992-4BEE-BBC2-BACC16647A95 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 0C2D51E1-7992-4BEE-BBC2-BACC16647A95 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 35DF1A77-97F8-453A-9278-14582E7D52AE - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 35DF1A77-97F8-453A-9278-14582E7D52AE - 0] => (Allow) LPort=53
FirewallRules: [{3718446B-B211-4B7E-8295-55EE609E6E4C}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{B6532ACB-96D0-4B7F-AA7C-8C913C0B3D97}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{EEEE0574-B574-4CFE-8E47-31C01B20F4AC}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{31AC5FB4-7A1C-41B0-A519-2FEF30109D6F}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [DNS Server Forward Rule - TCP - F575C552-34A0-4704-92EF-5A578A2D930D - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - F575C552-34A0-4704-92EF-5A578A2D930D - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 0C22B357-6B9B-4933-8BD5-BB7F24EBC21C - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 0C22B357-6B9B-4933-8BD5-BB7F24EBC21C - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2B81444C-B9D1-44FF-A6BF-7BB67D6430AC - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2B81444C-B9D1-44FF-A6BF-7BB67D6430AC - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 3A8BE722-8C63-48B3-9BDC-B527B78D7C64 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 3A8BE722-8C63-48B3-9BDC-B527B78D7C64 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - D7F26B8D-A0B4-43D1-B0E8-9A5B38BCC524 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - D7F26B8D-A0B4-43D1-B0E8-9A5B38BCC524 - 0] => (Allow) LPort=53
FirewallRules: [{DAA4515D-16A0-469D-A575-1684553FD2E3}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [DNS Server Forward Rule - TCP - C0607724-424D-4CB9-B5BD-1961CF868ABD - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - C0607724-424D-4CB9-B5BD-1961CF868ABD - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 6B11F754-102F-484F-A0AB-6DBA87B4723F - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 6B11F754-102F-484F-A0AB-6DBA87B4723F - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - FA137B4B-317D-415B-8B4A-188C597682A2 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - FA137B4B-317D-415B-8B4A-188C597682A2 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 144C0330-E72E-4551-8292-0141CE899145 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 144C0330-E72E-4551-8292-0141CE899145 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - B9EA9DE6-39D3-411C-967A-4F9594CAB843 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - B9EA9DE6-39D3-411C-967A-4F9594CAB843 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 59EDF4D5-7CA7-4A81-9289-A67EE8C74842 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 59EDF4D5-7CA7-4A81-9289-A67EE8C74842 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 05C6D8C0-D1C1-4D31-BCA3-A267A9C6BA80 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 05C6D8C0-D1C1-4D31-BCA3-A267A9C6BA80 - 0] => (Allow) LPort=53
FirewallRules: [{5A8EED48-DD1E-410E-B45C-5DD06FB0076F}] => (Allow) C:\Users\tqy_06\AppData\Roaming\RingCentralMeetings\bin\RingCentralMeetings.exe (RingCentral, Inc. -> RingCentral Video Communications, Inc. and RingCentral Inc.)
FirewallRules: [{20CEDE3E-E321-41FB-8C8E-6B45E95DFF99}] => (Allow) C:\Users\tqy_06\AppData\Roaming\RingCentralMeetings\bin\airhost.exe (RingCentral, Inc. -> RingCentral Video Communications, Inc. and RingCentral Inc.)
FirewallRules: [DNS Server Forward Rule - TCP - 6ADADB39-68F7-441F-8023-A61408511D79 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 6ADADB39-68F7-441F-8023-A61408511D79 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 009FF7C5-857C-4DB3-858A-EF57131802AE - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 009FF7C5-857C-4DB3-858A-EF57131802AE - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 1DBD53C4-B3D1-44D5-9D61-407EC4EE19A1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 1DBD53C4-B3D1-44D5-9D61-407EC4EE19A1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 7DAD1D6A-565F-4D19-A056-0E9963EDED94 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 7DAD1D6A-565F-4D19-A056-0E9963EDED94 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - C317F56B-EB0D-4A04-9030-7D5854A85779 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - C317F56B-EB0D-4A04-9030-7D5854A85779 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 95B4739B-B04C-4136-8854-CEB4F6204338 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 95B4739B-B04C-4136-8854-CEB4F6204338 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 99368D25-956B-4962-8EA0-306E0D33A4C4 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 99368D25-956B-4962-8EA0-306E0D33A4C4 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 8077064C-0F6D-4B28-8970-7BB6E73AE996 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 8077064C-0F6D-4B28-8970-7BB6E73AE996 - 0] => (Allow) LPort=53
FirewallRules: [{8F5DD301-6427-4ED4-B2BD-2611D8349A3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SimCity 4 Deluxe\Apps\SimCity 4.exe (Maxis) [Fichier non signé]
FirewallRules: [{A9556148-9FE2-4775-970D-DF99560D99F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SimCity 4 Deluxe\Apps\SimCity 4.exe (Maxis) [Fichier non signé]
FirewallRules: [DNS Server Forward Rule - TCP - E9DD098E-06C2-4F5E-94C6-15B86EFA4716 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - E9DD098E-06C2-4F5E-94C6-15B86EFA4716 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - DF7B13B9-FB56-4F15-B6B0-4889C4AD70FB - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - DF7B13B9-FB56-4F15-B6B0-4889C4AD70FB - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - D9CF3468-8B11-4D32-BA0C-E1BB79F80F67 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - D9CF3468-8B11-4D32-BA0C-E1BB79F80F67 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 15DDB204-0CC8-4968-8C89-6123187BCCB8 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 15DDB204-0CC8-4968-8C89-6123187BCCB8 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - FF74EB23-DA6F-4094-AE23-E6CA93D3DA99 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - FF74EB23-DA6F-4094-AE23-E6CA93D3DA99 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 3352CD46-B726-442C-9A8E-81EAC545FF5B - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 3352CD46-B726-442C-9A8E-81EAC545FF5B - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 6E01385E-62B3-441A-BFFE-794A6570381E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 6E01385E-62B3-441A-BFFE-794A6570381E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - C6A7AE68-2069-40A5-A6B3-55518E68713D - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - C6A7AE68-2069-40A5-A6B3-55518E68713D - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 153EC620-A058-4D0B-8DDE-FA89C7B4A0EB - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 153EC620-A058-4D0B-8DDE-FA89C7B4A0EB - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 673D3CB2-682A-406B-9D85-78F051177EA2 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 673D3CB2-682A-406B-9D85-78F051177EA2 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - D1DE3BFC-661A-4E21-BD11-E5C71E6DCDDB - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - D1DE3BFC-661A-4E21-BD11-E5C71E6DCDDB - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - DC23910A-8924-4427-BD48-F953EE4A8661 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - DC23910A-8924-4427-BD48-F953EE4A8661 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - C01D4162-2A4A-4218-A5E3-251135B6713F - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - C01D4162-2A4A-4218-A5E3-251135B6713F - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2A9D93FE-39C2-49DF-A59D-3215224EA9DE - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2A9D93FE-39C2-49DF-A59D-3215224EA9DE - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - B6D498D2-0AC5-4821-863D-B6771D7FC5D8 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - B6D498D2-0AC5-4821-863D-B6771D7FC5D8 - 0] => (Allow) LPort=53
FirewallRules: [TCP Query User{D3F10194-E95C-4228-A399-0AEB9B92BE78}C:\program files\docker\docker\resources\com.docker.backend.exe] => (Allow) C:\program files\docker\docker\resources\com.docker.backend.exe => Pas de fichier
FirewallRules: [UDP Query User{B824367A-28FE-445B-B00C-59B1365CCAE5}C:\program files\docker\docker\resources\com.docker.backend.exe] => (Allow) C:\program files\docker\docker\resources\com.docker.backend.exe => Pas de fichier
FirewallRules: [DNS Server Forward Rule - TCP - 830C454C-F560-4DB3-A0C8-A8B46AC1278B - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 830C454C-F560-4DB3-A0C8-A8B46AC1278B - 0] => (Allow) LPort=53
FirewallRules: [TCP Query User{80FBD476-5388-4EA1-835A-70E0837E93E3}C:\program files\jetbrains\webstorm 2019.3.3\bin\webstorm64.exe] => (Allow) C:\program files\jetbrains\webstorm 2019.3.3\bin\webstorm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [UDP Query User{7CABBA26-7A56-4344-888F-38B4E1C27D80}C:\program files\jetbrains\webstorm 2019.3.3\bin\webstorm64.exe] => (Allow) C:\program files\jetbrains\webstorm 2019.3.3\bin\webstorm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [DNS Server Forward Rule - TCP - 0B883BB2-95E3-4F40-8430-9D1016BF2B0F - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 0B883BB2-95E3-4F40-8430-9D1016BF2B0F - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 8FC9E51B-5651-4925-A580-D89D3CC0883A - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 8FC9E51B-5651-4925-A580-D89D3CC0883A - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - E46020F1-CFC7-4E8E-A23C-8AB95CB0C0E2 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - E46020F1-CFC7-4E8E-A23C-8AB95CB0C0E2 - 0] => (Allow) LPort=53
FirewallRules: [TCP Query User{606A4A4A-1547-43D9-B7C7-DEEC87D4E21D}C:\users\tqy_06\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\tqy_06\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B3023EEC-95C6-46BE-8F59-CE6FC9715970}C:\users\tqy_06\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\tqy_06\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [DNS Server Forward Rule - TCP - 24A559F7-5561-41BE-A6CA-E8B7037264BF - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 24A559F7-5561-41BE-A6CA-E8B7037264BF - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - F8CE3037-7448-444C-937F-34190298284F - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - F8CE3037-7448-444C-937F-34190298284F - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2BD7D5F7-D796-4C41-A897-FA8F5DCA15BD - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2BD7D5F7-D796-4C41-A897-FA8F5DCA15BD - 0] => (Allow) LPort=53
FirewallRules: [TCP Query User{FF634135-2449-4BB2-9D60-1F334169E7B7}C:\uwamp\bin\database\mysql-5.7.11\bin\mysqld.exe] => (Allow) C:\uwamp\bin\database\mysql-5.7.11\bin\mysqld.exe => Pas de fichier
FirewallRules: [UDP Query User{AB9E8491-7789-4103-B33E-B75288ACE988}C:\uwamp\bin\database\mysql-5.7.11\bin\mysqld.exe] => (Allow) C:\uwamp\bin\database\mysql-5.7.11\bin\mysqld.exe => Pas de fichier
FirewallRules: [TCP Query User{CADC24EF-5E34-4187-BA16-608CCC05B202}C:\uwamp\bin\apache\bin\httpd.exe] => (Allow) C:\uwamp\bin\apache\bin\httpd.exe => Pas de fichier
FirewallRules: [UDP Query User{7C4DDFB6-1626-4147-AE95-DF97908E213E}C:\uwamp\bin\apache\bin\httpd.exe] => (Allow) C:\uwamp\bin\apache\bin\httpd.exe => Pas de fichier
FirewallRules: [DNS Server Forward Rule - TCP - 49970937-D63D-4F44-A69D-212B1C84EDA5 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 49970937-D63D-4F44-A69D-212B1C84EDA5 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - E3E99DAB-59AA-4236-807D-56634FE142FA - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - E3E99DAB-59AA-4236-807D-56634FE142FA - 0] => (Allow) LPort=53
FirewallRules: [{A894B1A6-BBE9-4111-9F08-C5AEFAAF1C55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Drawful 2\Drawful 2.exe (Jackbox Games, Inc.) [Fichier non signé]
FirewallRules: [{641B446C-ACDB-41DC-8E4F-773BF8A883EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Drawful 2\Drawful 2.exe (Jackbox Games, Inc.) [Fichier non signé]
FirewallRules: [DNS Server Forward Rule - TCP - EEC1D826-3985-40ED-A900-CE3EC48B8098 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - EEC1D826-3985-40ED-A900-CE3EC48B8098 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 58C0B05C-2827-4945-8911-2CE3FA87BE8D - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 58C0B05C-2827-4945-8911-2CE3FA87BE8D - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2BA78671-66BF-4169-970C-44D21E6BDBC0 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2BA78671-66BF-4169-970C-44D21E6BDBC0 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 0489AAE6-FC25-430D-AB5C-255B53413C02 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 0489AAE6-FC25-430D-AB5C-255B53413C02 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 878D7FDE-C898-4F3A-9184-D342C7EBF957 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 878D7FDE-C898-4F3A-9184-D342C7EBF957 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 94F28E9B-905A-4859-87B7-9A7105706768 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 94F28E9B-905A-4859-87B7-9A7105706768 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2283CAD2-6A32-483F-801F-C4931930AC01 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2283CAD2-6A32-483F-801F-C4931930AC01 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 260FB1E8-7558-4ED5-8A59-B4E1D6C352EC - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 260FB1E8-7558-4ED5-8A59-B4E1D6C352EC - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 89B44FF5-0311-4015-BEF2-2A7659D8558C - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 89B44FF5-0311-4015-BEF2-2A7659D8558C - 0] => (Allow) LPort=53
FirewallRules: [{AD221240-52B9-4B39-9180-73ABDEEF45CA}] => (Allow) D:\SteamLibrary\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [Fichier non signé]
FirewallRules: [{BBFE54DB-022E-46D9-937B-362B7A396854}] => (Allow) D:\SteamLibrary\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [Fichier non signé]
FirewallRules: [DNS Server Forward Rule - TCP - 67E8133C-3F8E-4296-ADA7-8AC9531F5F4F - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 67E8133C-3F8E-4296-ADA7-8AC9531F5F4F - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 6A64A931-F220-4642-8225-62EFD7337F86 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 6A64A931-F220-4642-8225-62EFD7337F86 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 44F34B3C-8397-4A27-B479-BBDD609FAA70 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 44F34B3C-8397-4A27-B479-BBDD609FAA70 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - D1C52EFC-0E23-49D9-8E73-5CCCC1A591EC - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - D1C52EFC-0E23-49D9-8E73-5CCCC1A591EC - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - D4BA8759-E937-41D4-BF9F-32C254604B39 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - D4BA8759-E937-41D4-BF9F-32C254604B39 - 0] => (Allow) LPort=53
FirewallRules: [{6A9CD1D5-425A-4CC5-82E5-EC90A1480E8B}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{3B8588E8-C658-4422-9F85-674C6EAEEFA2}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{39A3F2FA-F6D0-493E-95A7-9675FEC435CB}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{E3308652-B111-46BB-9B65-B0CC8BF1B940}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [DNS Server Forward Rule - TCP - 73762F81-FE53-454B-87A0-82BF4C68F316 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 73762F81-FE53-454B-87A0-82BF4C68F316 - 0] => (Allow) LPort=53
FirewallRules: [{56603040-4A2B-4EA8-9C94-494DDD41A18C}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{82440FC9-DB04-49C8-9EDB-980A7BC932A6}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{E87F6A77-E927-404F-9A93-7987E3F29ADE}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{46AC7CF0-A2B8-47CF-A10E-E16D0DADFCF1}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [DNS Server Forward Rule - TCP - F6300D20-16E7-4BA0-857F-64B2E0F4286A - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - F6300D20-16E7-4BA0-857F-64B2E0F4286A - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - A82EAD76-28B1-43C9-83CC-23A23CCD50B8 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - A82EAD76-28B1-43C9-83CC-23A23CCD50B8 - 0] => (Allow) LPort=53
FirewallRules: [{9F2C077F-9B2F-47D7-9CF7-4EF929DC4843}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{C391888C-57F9-4B6D-8EAF-D0B155D24BDB}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{E4B205A9-5C9A-4D52-93E7-DEE6DBC8F092}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{EB959A63-6B7B-43DD-969C-0FF03F279C19}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{AAB44DE1-4EEA-4693-A420-C799B42EABE1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{67129F36-A886-45F6-B10A-515981DBF44D}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{11A88DB3-360A-40CA-B78D-B7C74AC5DAB9}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{3985C670-5562-42DC-A0AD-D336113D2C7B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C8D446ED-390F-43EC-888B-4C85178210E4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B45EE5A9-F079-47D2-9FB3-E440105F366E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C703F691-FFBA-4FF5-B517-BE74B7E6DB50}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{21FABA04-83CB-4078-BDB2-DFF98E6665EE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E29B504A-EE2D-477A-9FA3-D91FFA44B049}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{30CBEEA9-D3E4-4462-9A30-29F4603A10CB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BAAC9500-B2A4-4709-9FB3-D4C43C5F9611}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EF66515E-1780-40C7-8306-127761772802}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A2C5AE99-DADB-40DF-A008-537EB56E96EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{63D51C71-A4A7-4197-9AF0-7EBBA23D0A42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
 
==================== Points de restauration =========================
 
24-05-2021 19:03:53 Scheduled Checkpoint
 
==================== Éléments en erreur du Gestionnaire de périphériques ============
 
 
==================== Erreurs du Journal des événements: ========================
 
Erreurs Application:
==================
Error: (06/03/2021 09:14:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante : mbamtray.exe, version : 4.0.0.997, horodatage : 0x609eac42
Nom du module défaillant : Qt5Core.dll, version : 5.14.1.0, horodatage : 0x603971ce
Code d’exception : 0xc0000005
Décalage du défaut : 0x0000000000219dc5
ID processus défaillant : 0x1450
Heure de démarrage de l’application défaillante : 0x01d7587a08a29881
Chemin de l’application défaillante : D:\malwarebytes\mbamtray.exe
Chemin du module défaillant : D:\malwarebytes\Qt5Core.dll
Code de rapport : 4cd3f642-8248-480d-a469-233cd24570e3
Nom complet de l’ensemble défaillant : 
ID de l’application relative à l’ensemble défaillant :
 
Error: (06/03/2021 08:02:04 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, A system shutdown is in progress.
]
 
Error: (06/02/2021 08:43:41 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: L’optimiseur de stockage n’a pas pu terminer retrim de Software&Storage (D:), car : The operation requested is not supported by the hardware backing the volume. (0x8900002A)
 
Error: (06/02/2021 08:27:33 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1000) (User: NT AUTHORITY)
Description: L'accès aux données des performances a été refusé à l'utilisateur « SYSTEM » (valeur de GetUserName () pour le thread en cours d'exécution), car il a été tenté à partir du module « C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe » (valeur de GetModuleFileName () pour le binaire qui a émis la requête).
 
Error: (05/27/2021 05:36:07 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (05/27/2021 05:36:07 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, A system shutdown is in progress.
]
 
Error: (05/24/2021 06:51:06 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: L’optimiseur de stockage n’a pas pu terminer retrim de Software&Storage (D:), car : The operation requested is not supported by the hardware backing the volume. (0x8900002A)
 
Error: (05/21/2021 04:52:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
 
 
Erreurs système:
=============
Error: (06/03/2021 08:18:00 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-K95T8M6)
Description: Le serveur Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
 
Error: (06/03/2021 08:17:17 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-K95T8M6)
Description: Le serveur Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
 
Error: (06/03/2021 08:16:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service IntelHaxm n'a pas pu démarrer en raison de l'erreur : 
Un périphérique attaché au système ne fonctionne pas correctement.
 
Error: (06/03/2021 08:16:33 AM) (Source: IntelHaxm) (EventID: 3) (User: )
Description: HAXM Failed to init VMX
 
Error: (06/03/2021 08:16:33 AM) (Source: IntelHaxm) (EventID: 6) (User: )
Description: HAXM can't work on system without VT support
 
Error: (06/03/2021 08:15:10 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service DNS Client dépend du service Network Store Interface Service qui n'a pas pu démarrer en raison de l'erreur : 
Le service ne peut pas être démarré parce qu’il est désactivé ou qu’aucun périphérique activé ne lui est associé.
 
Error: (06/03/2021 08:15:10 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service WinHTTP Web Proxy Auto-Discovery Service dépend du service DHCP Client qui n'a pas pu démarrer en raison de l'erreur : 
Le service ne peut pas être démarré parce qu’il est désactivé ou qu’aucun périphérique activé ne lui est associé.
 
Error: (06/03/2021 08:15:10 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service WinHTTP Web Proxy Auto-Discovery Service dépend du service DHCP Client qui n'a pas pu démarrer en raison de l'erreur : 
Le service ne peut pas être démarré parce qu’il est désactivé ou qu’aucun périphérique activé ne lui est associé.
 
 
Windows Defender:
================
Date: 2021-06-03 09:00:50
Description: 
L’analyse Microsoft Defender Antivirus a été arrêtée avant la fin.
ID de l’analyse : {83D4D9E1-EE79-4344-8241-45E077C2A246}
Type de l’analyse : Antimalware
Paramètres de l’analyse : Quick Scan
Utilisateur : NT AUTHORITY\SYSTEM
 
Date: 2021-06-02 20:44:25
Description: 
L’analyse Microsoft Defender Antivirus a été arrêtée avant la fin.
ID de l’analyse : {D429D735-9E5C-4562-A33C-9E6CB9976753}
Type de l’analyse : Antimalware
Paramètres de l’analyse : Quick Scan
Utilisateur : NT AUTHORITY\SYSTEM
 
Date: 2021-05-24 18:51:57
Description: 
L’analyse Microsoft Defender Antivirus a été arrêtée avant la fin.
ID de l’analyse : {98333B9E-E95B-4DB9-A061-5EF64784A5B7}
Type de l’analyse : Antimalware
Paramètres de l’analyse : Quick Scan
Utilisateur : NT AUTHORITY\SYSTEM
 
Date: 2021-05-22 16:47:35
Description: 
L’analyse Microsoft Defender Antivirus a été arrêtée avant la fin.
ID de l’analyse : {DC978F62-9769-4593-AECD-C13A8500EBEE}
Type de l’analyse : Antimalware
Paramètres de l’analyse : Quick Scan
Utilisateur : NT AUTHORITY\SYSTEM
 
Date: 2021-05-15 20:24:37
Description: 
L’analyse Microsoft Defender Antivirus a été arrêtée avant la fin.
ID de l’analyse : {F59D1C28-702F-457B-8047-3F361C438131}
Type de l’analyse : Antimalware
Paramètres de l’analyse : Quick Scan
Utilisateur : NT AUTHORITY\SYSTEM
 
Date: 2021-05-05 19:31:03
Description: 
Microsoft Defender Antivirus a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité : 1.339.26.0
Version précédente de la veille de sécurité : 1.337.623.0
Source de mise à jour : User
Type de veille de sécurité : AntiSpyware
Type de mise à jour : Delta
Utilisateur : NT AUTHORITY\SYSTEM
Version actuelle du moteur : 1.1.18100.6
Version précédente du moteur : 1.1.18100.5
Code d’erreur : 0x80070666
Description de l’erreur : Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 
 
Date: 2021-05-05 19:31:03
Description: 
Microsoft Defender Antivirus a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité : 1.339.26.0
Version précédente de la veille de sécurité : 1.337.623.0
Source de mise à jour : User
Type de veille de sécurité : AntiVirus
Type de mise à jour : Delta
Utilisateur : NT AUTHORITY\SYSTEM
Version actuelle du moteur : 1.1.18100.6
Version précédente du moteur : 1.1.18100.5
Code d’erreur : 0x80070666
Description de l’erreur : Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 
 
Date: 2021-05-05 19:31:03
Description: 
Microsoft Defender Antivirus a rencontré une erreur lors de la mise à jour du moteur.
Nouvelle version du moteur : 1.1.18100.6
Version précédente du moteur : 1.1.18100.5
Utilisateur : NT AUTHORITY\SYSTEM
Code d’erreur : 0x80070666
Description de l’erreur : Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 
 
CodeIntegrity:
===============
Date: 2021-06-03 09:21:05
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\malwarebytes\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Infos Mémoire =========================== 
 
BIOS: LENOVO GLETA0WW (2.54 ) 08/27/2019
Carte mère: LENOVO 20AWS0FD00
Processeur: Intel® Core™ i5-4300M CPU @ 2.60GHz
Pourcentage de mémoire utilisée: 39%
Mémoire physique - RAM - totale: 16070.14 MB
Mémoire physique - RAM - disponible: 9777.46 MB
Mémoire virtuelle totale: 18502.14 MB
Mémoire virtuelle disponible: 12504.48 MB
 
==================== Lecteurs ================================
 
Drive c: () (Fixed) (Total:232.36 GB) (Free:22.95 GB) NTFS
Drive d: (Software&Storage) (Fixed) (Total:465.76 GB) (Free:258.29 GB) NTFS
 
\\?\Volume{c897d0e1-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{c897d0e1-0000-0000-0000-30393a000000}\ () (Fixed) (Total:0.87 GB) (Free:0.36 GB) NTFS
 
==================== MBR & Table des partitions ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 233.8 GB) (Disk ID: C897D0E1)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=887 MB) - (Type=27)
 
==========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 89ABC8A4)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
 
==================== Fin de Addition.txt =======================

 


  • 0

Advertisements


#2
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,240 posts

Hi, Meboubou.

I will be assisting you regarding your computer's issues. Here, we will check your computer for malware.

Please, adhere to the guidelines below, and then carefully follow, with the same order, all the instructions after:

1. Always ask before acting. Do not continue if you are not sure, or if something unexpected happens!

2. Do not run any tools unless instructed to do so. Also, do not uninstall or install any software during the procedure, unless I ask you to do so.

3. If your computer seems to start working normally, don't abandon the topic. Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.

4. You have to reply to my posts within 3 days. If you need some additional time, just let me know. Otherwise, I will leave the topic due to lack of feedback. If you are able, I would request you to check this thread at least once per day so that we can resolve your issues effectively and efficiently.

5. Logs from malware diagnostic or removal programs can take some time to get analyzed. Also, have in mind that all the experts here are volunteers and may not be available to assist when you post. Please, be patient, while I analyze your logs.

 

 

================================

 

I will review your logs and come to you when I am ready. 

 

 


  • 0

#3
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,240 posts

Hi, Meboubou.
 
I don't see malware signs in the logs. However, we are going to perform some additional scans for that. Also, there are some other things to be done too.
 
For a start...
 
1. Uninstall programs
 
1.1. Java

There are very few reasons these days to continue having Java installed on your computer. Especially when you have an outdated version of the product, it is a security risk.

However, if you do elect to keep Java, it needs to be updated to the latest version which you can find here: Java SE Runtime Environment 8 - Downloads. Note: UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional. 
 
1.2. Do you need these?

You have so many programs installed, and I wonder if you need/use all these. Personally, I only keep the programs I do need/use and remove anything else. It's your computer, so your choice, but in this step I would like you to go over your installed program list and uninstall all the unnecessary for you programs.
 
For example, do you need these?

GlassFish Server Open Source Edition 4.1.1 
NetBeans IDE 8.2 
TeamViewer 14 
Viscera Cleanup Detail:
 
To uninstall Java and anything else:

  • Press the Windows Key + R.
  • Type appwiz.cpl in the Run box and click OK.
  • The Add/Remove Programs list will open. Locate the following programs in the list:
Java 8 Update 201 (64-bit) 
Java 8 Update 201
Java SE Development Kit 8 Update 181 
Java™ SE Development Kit 16.0.1 (64-bit)
ANY OTHER PROGRAM YOU DECIDE TO UNINSTALL*
  • Select the above programs, one by one, and click Uninstall.
  • Restart the computer.

 

2. Question about an account
 
Are you aware of the presence of this account?
 
replacedForPrivacy 
 
 
3. FRST fix

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system


Start::
CreateRestorePoint:
CloseProcesses:
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\tqy_06\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\tqy_06\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\tqy_06\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tqy_06\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tqy_06\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tqy_06\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tqy_06\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Pas de fichier
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\StartupApproved\Run: => "Docker Desktop"
FirewallRules: [TCP Query User{5A14BC84-F286-4916-9CF7-F93D960F81A5}C:\7d2d\alpha17\darkness_falls\darkness_falls\7daystodie.exe] => (Allow) C:\7d2d\alpha17\darkness_falls\darkness_falls\7daystodie.exe => Pas de fichier
FirewallRules: [UDP Query User{C923B402-4E98-4097-A964-60F8CF274797}C:\7d2d\alpha17\darkness_falls\darkness_falls\7daystodie.exe] => (Allow) C:\7d2d\alpha17\darkness_falls\darkness_falls\7daystodie.exe => Pas de fichier
FirewallRules: [{F823F137-32C8-4A8A-94FC-5FEE47C1DC8D}] => (Allow) C:\Users\tqy_06\AppData\Roaming\Zoom\bin\airhost.exe => Pas de fichier
FirewallRules: [TCP Query User{D3F10194-E95C-4228-A399-0AEB9B92BE78}C:\program files\docker\docker\resources\com.docker.backend.exe] => (Allow) C:\program files\docker\docker\resources\com.docker.backend.exe => Pas de fichier
FirewallRules: [UDP Query User{B824367A-28FE-445B-B00C-59B1365CCAE5}C:\program files\docker\docker\resources\com.docker.backend.exe] => (Allow) C:\program files\docker\docker\resources\com.docker.backend.exe => Pas de fichier
FirewallRules: [TCP Query User{FF634135-2449-4BB2-9D60-1F334169E7B7}C:\uwamp\bin\database\mysql-5.7.11\bin\mysqld.exe] => (Allow) C:\uwamp\bin\database\mysql-5.7.11\bin\mysqld.exe => Pas de fichier
FirewallRules: [UDP Query User{AB9E8491-7789-4103-B33E-B75288ACE988}C:\uwamp\bin\database\mysql-5.7.11\bin\mysqld.exe] => (Allow) C:\uwamp\bin\database\mysql-5.7.11\bin\mysqld.exe => Pas de fichier
FirewallRules: [TCP Query User{CADC24EF-5E34-4187-BA16-608CCC05B202}C:\uwamp\bin\apache\bin\httpd.exe] => (Allow) C:\uwamp\bin\apache\bin\httpd.exe => Pas de fichier
FirewallRules: [UDP Query User{7C4DDFB6-1626-4147-AE95-DF97908E213E}C:\uwamp\bin\apache\bin\httpd.exe] => (Allow) C:\uwamp\bin\apache\bin\httpd.exe => Pas de fichier
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\Run: [ConnectDetector] => C:\Users\tqy_06\AppData\Roaming\Adobe\Connect\connectdetector.exe [640568 2021-01-12] (Adobe Inc. -> Adobe Systems Incorporated) <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {28CF1B34-558F-4F9F-9475-FFBF68BDA4F5} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXvGPUDisableTask => C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe
Task: {5021DF33-E111-42A9-B1C2-37AF46DDEC72} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXWarningTask => C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe
C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
C:\Users\tqy_06\Desktop\Extras.Txt
C:\Users\tqy_06\Desktop\OTL.Txt
C:\Users\tqy_06\Desktop\OTL.exe
hosts: 
EmptyTemp: 
End::
  • Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.
    • Please right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
    • Press the Fix button once and wait.
    • FRST will process fixlist.txt
    • When finished, it will produce a log fixlog.txt on your Desktop.
    • Please post the log in your next reply.

 

In your next reply please post:

  • What did you uninstall?
  • Your reply about the account
  • The fixlog.txt

  • 0

#4
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,240 posts

Hello.

 

Are you still with me?


  • 0

#5
Meboubou

Meboubou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 68 posts
Hello,
Yes, my house sustained water damage. Can you give me an extra 24h to respond? I should be able to get to it soon.

Thanks for your understanding.
  • 0

#6
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,240 posts

Thanks for letting me know.


  • 0

#7
Meboubou

Meboubou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 68 posts

Hey DR M, thanks for your patience. What a week. Ha. 

Alright so: 
I uninstalled netbeans and glassFish. 
I updated Java- I'm a web dev and thought I don't typically use this computer, I signed up for additional college classes and will be doing some Android soon.
Team Viewer is my go-to for when my parents have issues with their computers, so I kept that.

I'm aware of the replacedForPrivacy account- did a search and replace before posting since it's a childs name. I made sure your script didn't include it and would have reverse this otherwise. 

Here is the log: 
________________________________________________

 

Résultats de correction de Farbar Recovery Scan Tool (x64) Version: 05-06-2021 01
Exécuté par tqy_06 (05-06-2021 21:35:08) Run:1
Exécuté depuis C:\Users\tqy_06\Desktop
Profils chargés: tqy_06 & replacedForPrivacy 
Mode d'amorçage: Normal
==============================================
 
fixlist contenu:
*****************
CreateRestorePoint:
CloseProcesses:
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\tqy_06\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\tqy_06\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\tqy_06\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tqy_06\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tqy_06\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tqy_06\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tqy_06\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Pas de fichier
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\StartupApproved\Run: => "Docker Desktop"
FirewallRules: [TCP Query User{5A14BC84-F286-4916-9CF7-F93D960F81A5}C:\7d2d\alpha17\darkness_falls\darkness_falls\7daystodie.exe] => (Allow) C:\7d2d\alpha17\darkness_falls\darkness_falls\7daystodie.exe => Pas de fichier
FirewallRules: [UDP Query User{C923B402-4E98-4097-A964-60F8CF274797}C:\7d2d\alpha17\darkness_falls\darkness_falls\7daystodie.exe] => (Allow) C:\7d2d\alpha17\darkness_falls\darkness_falls\7daystodie.exe => Pas de fichier
FirewallRules: [{F823F137-32C8-4A8A-94FC-5FEE47C1DC8D}] => (Allow) C:\Users\tqy_06\AppData\Roaming\Zoom\bin\airhost.exe => Pas de fichier
FirewallRules: [TCP Query User{D3F10194-E95C-4228-A399-0AEB9B92BE78}C:\program files\docker\docker\resources\com.docker.backend.exe] => (Allow) C:\program files\docker\docker\resources\com.docker.backend.exe => Pas de fichier
FirewallRules: [UDP Query User{B824367A-28FE-445B-B00C-59B1365CCAE5}C:\program files\docker\docker\resources\com.docker.backend.exe] => (Allow) C:\program files\docker\docker\resources\com.docker.backend.exe => Pas de fichier
FirewallRules: [TCP Query User{FF634135-2449-4BB2-9D60-1F334169E7B7}C:\uwamp\bin\database\mysql-5.7.11\bin\mysqld.exe] => (Allow) C:\uwamp\bin\database\mysql-5.7.11\bin\mysqld.exe => Pas de fichier
FirewallRules: [UDP Query User{AB9E8491-7789-4103-B33E-B75288ACE988}C:\uwamp\bin\database\mysql-5.7.11\bin\mysqld.exe] => (Allow) C:\uwamp\bin\database\mysql-5.7.11\bin\mysqld.exe => Pas de fichier
FirewallRules: [TCP Query User{CADC24EF-5E34-4187-BA16-608CCC05B202}C:\uwamp\bin\apache\bin\httpd.exe] => (Allow) C:\uwamp\bin\apache\bin\httpd.exe => Pas de fichier
FirewallRules: [UDP Query User{7C4DDFB6-1626-4147-AE95-DF97908E213E}C:\uwamp\bin\apache\bin\httpd.exe] => (Allow) C:\uwamp\bin\apache\bin\httpd.exe => Pas de fichier
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\Run: [ConnectDetector] => C:\Users\tqy_06\AppData\Roaming\Adobe\Connect\connectdetector.exe [640568 2021-01-12] (Adobe Inc. -> Adobe Systems Incorporated) <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {28CF1B34-558F-4F9F-9475-FFBF68BDA4F5} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXvGPUDisableTask => C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe
Task: {5021DF33-E111-42A9-B1C2-37AF46DDEC72} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXWarningTask => C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe
C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
C:\Users\tqy_06\Desktop\Extras.Txt
C:\Users\tqy_06\Desktop\OTL.Txt
C:\Users\tqy_06\Desktop\OTL.exe
hosts: 
EmptyTemp: 
 
*****************
 
Le Point de restauration a été créé avec succès.
Processus fermé avec succès.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => sous-clé avec nom invalide -> supprimé(es) avec succès
HKLM\Software\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => supprimé(es) avec succès
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => sous-clé avec nom invalide -> supprimé(es) avec succès
HKLM\Software\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => supprimé(es) avec succès
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => sous-clé avec nom invalide -> supprimé(es) avec succès
HKLM\Software\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => supprimé(es) avec succès
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu) => supprimé(es) avec succès
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => supprimé(es) avec succès
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\MEGA (Context menu) => supprimé(es) avec succès
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MEGA (Context menu) => supprimé(es) avec succès
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MEGA (Context menu) => supprimé(es) avec succès
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => supprimé(es) avec succès
"HKU\S-1-5-21-2057818490-810332119-3295456784-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Docker Desktop" => supprimé(es) avec succès
"HKU\S-1-5-21-2057818490-810332119-3295456784-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Docker Desktop" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5A14BC84-F286-4916-9CF7-F93D960F81A5}C:\7d2d\alpha17\darkness_falls\darkness_falls\7daystodie.exe" => supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C923B402-4E98-4097-A964-60F8CF274797}C:\7d2d\alpha17\darkness_falls\darkness_falls\7daystodie.exe" => supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F823F137-32C8-4A8A-94FC-5FEE47C1DC8D}" => supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D3F10194-E95C-4228-A399-0AEB9B92BE78}C:\program files\docker\docker\resources\com.docker.backend.exe" => supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B824367A-28FE-445B-B00C-59B1365CCAE5}C:\program files\docker\docker\resources\com.docker.backend.exe" => supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FF634135-2449-4BB2-9D60-1F334169E7B7}C:\uwamp\bin\database\mysql-5.7.11\bin\mysqld.exe" => supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AB9E8491-7789-4103-B33E-B75288ACE988}C:\uwamp\bin\database\mysql-5.7.11\bin\mysqld.exe" => supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CADC24EF-5E34-4187-BA16-608CCC05B202}C:\uwamp\bin\apache\bin\httpd.exe" => supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7C4DDFB6-1626-4147-AE95-DF97908E213E}C:\uwamp\bin\apache\bin\httpd.exe" => supprimé(es) avec succès
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => supprimé(es) avec succès
"HKU\S-1-5-21-2057818490-810332119-3295456784-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ConnectDetector" => supprimé(es) avec succès
C:\WINDOWS\system32\GroupPolicy\Machine => déplacé(es) avec succès
C:\WINDOWS\system32\GroupPolicy\GPT.ini => déplacé(es) avec succès
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => déplacé(es) avec succès
C:\ProgramData\NTUSER.pol => déplacé(es) avec succès
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{28CF1B34-558F-4F9F-9475-FFBF68BDA4F5}" => supprimé(es) avec succès
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28CF1B34-558F-4F9F-9475-FFBF68BDA4F5}" => supprimé(es) avec succès
C:\WINDOWS\System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXvGPUDisableTask => déplacé(es) avec succès
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\termsrv\RemoteFX\RemoteFXvGPUDisableTask" => supprimé(es) avec succès
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5021DF33-E111-42A9-B1C2-37AF46DDEC72}" => supprimé(es) avec succès
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5021DF33-E111-42A9-B1C2-37AF46DDEC72}" => supprimé(es) avec succès
C:\WINDOWS\System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXWarningTask => déplacé(es) avec succès
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\termsrv\RemoteFX\RemoteFXWarningTask" => supprimé(es) avec succès
"C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe" => non trouvé(e)
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => supprimé(es) avec succès
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => supprimé(es) avec succès
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => supprimé(es) avec succès
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => supprimé(es) avec succès
C:\Users\tqy_06\Desktop\Extras.Txt => déplacé(es) avec succès
C:\Users\tqy_06\Desktop\OTL.Txt => déplacé(es) avec succès
C:\Users\tqy_06\Desktop\OTL.exe => déplacé(es) avec succès
C:\Windows\System32\Drivers\etc\hosts => déplacé(es) avec succès
Hosts restauré(es) avec succès.
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 11296768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 62459250 B
Java, Flash, Steam htmlcache => 150206596 B
Windows/system/drivers => 16330662 B
Edge => 2419982 B
Chrome => 1107415547 B
Firefox => 300378539 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 26628 B
NetworkService => 106646 B
tqy_06 => 91140986 B
replacedForPrivacy  => 91173165 B
 
RecycleBin => 13806882180 B
EmptyTemp: => 14.6 GB données temporaires supprimées.
 
================================
 
 
Le système a dû redémarrer.
 
==== Fin de Fixlog 21:40:48 ====

  • 0

#8
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,240 posts

Thanks, Meboubou.

 

Let's do some additional scans.

1. Run AdwCleaner (Scan mode)

Download AdwCleaner and save it to your desktop.

  • Double click AdwCleaner.exe to run it.
  • Click Scan Now.
    • When the scan has finished, a Scan Results window will open.
    • Click Cancel (at this point do not attempt to Quarantine anything that is found)
  • Now click the Log Files tab.
    • Double click on the latest scan log (Scan logs have a [S0*] suffix, where * is replaced by a number. The latest scan will have the largest number)
    • A Notepad file will open containing the results of the scan.
    • Please post the contents of the file in your next reply.

 

2. Run Malwarebytes (Scan mode)

  • Open Malwarebytes.
  • Click the little gear on the top right (Settings) and when it opens, click the Security tab and make sure about the following:
    Under the title Scan Options, all the options are checked.
    Under the title Windows Security Center (Premium only) the option is NOT checked.
    Under the title Potentially unwanted items all options are set to Always.
  • Click on the little gear to return to the main menu and select Scan. The program will start scanning your computer. This may take about 10 minutes, but in some cases it may be take longer.
  • When finished, you will see the Threat Scan Summary window open.

If threats are not found, click View Report and proceed to the two last steps below.

If threats are found, make sure that all threats are not selected, close the program and proceed to the next steps below.

  • Open Malwarebytes again, click on the Scanner, and then on the Reports tab.
  • Find the report with the most recent date and double click on it.
  • Click on Export and then Copy to Clipboard.
  • Paste its content here, in your next reply.

 

In your next reply, please post:

  • The AdwCleaner[S0*].txt
  • The Malwarebytes report

  • 0

#9
Meboubou

Meboubou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 68 posts
# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build:    03-22-2021
# Database: 2021-05-17.1 (Cloud)
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    06-06-2021
# Duration: 00:00:18
# OS:       Windows 10 Pro
# Scanned:  31986
# Detected: 13
 
 
***** [ Services ] *****
 
No malicious services found.
 
***** [ Folders ] *****
 
No malicious folders found.
 
***** [ Files ] *****
 
No malicious files found.
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
***** [ WMI ] *****
 
No malicious WMI found.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts found.
 
***** [ Tasks ] *****
 
No malicious tasks found.
 
***** [ Registry ] *****
 
No malicious registry entries found.
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries found.
 
***** [ Chromium URLs ] *****
 
No malicious Chromium URLs found.
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries found.
 
***** [ Firefox URLs ] *****
 
No malicious Firefox URLs found.
 
***** [ Hosts File Entries ] *****
 
No malicious hosts file entries found.
 
***** [ Preinstalled Software ] *****
 
Preinstalled.LenovoEasyCamera   Registry   HKLM\Software\Sunplus SPUVCb 
Preinstalled.LenovoHotkeyManager   Folder   C:\Program Files\LENOVO\HOTKEY 
Preinstalled.LenovoHotkeyManager   Folder   C:\Users\replacedForPrivacy\AppData\Local\LENOVO\HOTKEY 
Preinstalled.LenovoHotkeyManager   Folder   C:\Users\tqy_06\AppData\Local\LENOVO\HOTKEY 
Preinstalled.LenovoHotkeyManager   Registry   HKLM\Software\Classes\CLSID\{A48CA1A4-C36B-44f2-8090-19E08DF4365E} 
Preinstalled.LenovoPowerManager   Folder   C:\Windows\SysWOW64\LENOVO\POWERMGR 
Preinstalled.LenovoPowerManager   Folder   C:\Windows\System32\LENOVO\POWERMGR 
Preinstalled.LenovoUpdate   Folder   C:\Program Files (x86)\LENOVO\SYSTEM UPDATE 
Preinstalled.LenovoUpdate   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{03C6CC92-68F2-4961-9A73-CAECA350BD08} 
Preinstalled.LenovoUpdate   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\TVSU_is1 
Preinstalled.ReaderforPC   File   C:\Users\Public\Desktop\Reader for PC.lnk 
Preinstalled.ReaderforPC   Folder   C:\Program Files (x86)\SONY\READERDESKTOP 
Preinstalled.ReaderforPC   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{D279DFB7-97A3-439D-8BE9-95D8AFA68562} 
 
 
 
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########


Malwarebytes
www.malwarebytes.com
 
-Détails du journal-
Date de l'analyse: 06/06/2021
Durée d'analyse: 13:40
Fichier journal: 478590e6-c6ee-11eb-9b69-68f72859006c.json
 
-Informations du logiciel-
Version: 4.4.0.117
Version de composants: 1.0.1308
Version de pack de mise à jour: 1.0.41383
Licence: Essai
 
-Informations système-
Système d'exploitation: Windows 10 (Build 19042.985)
Processeur: x64
Système de fichiers: NTFS
Utilisateur: DESKTOP-K95T8M6\tqy_06
 
-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Analyse lancée par: Manuel
Résultat: Terminé
Objets analysés: 441736
Menaces détectées: 0
Menaces mises en quarantaine: 0
Temps écoulé: 6 min, 20 s
 
-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Détection
PUM: Détection
 
-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)
 
Module: 0
(Aucun élément malveillant détecté)
 
Clé du registre: 0
(Aucun élément malveillant détecté)
 
Valeur du registre: 0
(Aucun élément malveillant détecté)
 
Données du registre: 0
(Aucun élément malveillant détecté)
 
Flux de données: 0
(Aucun élément malveillant détecté)
 
Dossier: 0
(Aucun élément malveillant détecté)
 
Fichier: 0
(Aucun élément malveillant détecté)
 
Secteur physique: 0
(Aucun élément malveillant détecté)
 
WMI: 0
(Aucun élément malveillant détecté)
 
 
(end)

  • 0

#10
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,240 posts

Hi, Meboubou.
 
The logs are clean. What the AdwCleaner found, has to do with preinstalled software, which you may or may not use. It's up to you if you want to uninstall it. Personally, I keep only what I need/use. But it's your computer, so your decision.
 
If you want to remove the preinstall software,

  • Double click AdwCleaner.exe on your Desktop, to run it as you did before.
  • Click Scan Now.
  • When the scan has finished a Scan Results window will open.
  • Please check all the boxes and then click Quarantine.
  • Click Next.
    • If any pre-installed software was found on your machine, a prompt window will open. Click OK to close it.
    • Check any pre-installed software items you want to remove.
    • Click Quarantine.
  • A prompt to save your work will appear.
    • Click Continue when you're ready to proceed.
  • A prompt to restart your computer will appear.
    • Click Restart Now.
  • Once your computer has restarted:
    • If it doesn't open automatically, please start AdwCleaner.
    • Click the Log Files tab.
    • Double click on the latest Clean log (Clean logs have a [C0*] suffix, where * is replaced by a number, the latest scan will have the largest number)
    • A Notepad file will open containing the results of the removal.
    • Please post the contents of the file in your next reply.

 

After that, I would like to see fresh FRST logs.

  • Double-click on the FRST icon to run it, as you did before. When the tool opens click Yes to disclaimer.
  • Press Scan button and wait for a while.
  • The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
  • Please attach these two logs in your next reply.

 

In your next reply please post:

  1. The AdwCleaner[C0*].txt (in case you decided to remove the preinstalled software)
  2. The fresh FRST logs, Addition and FRST.

  • 0

#11
Meboubou

Meboubou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 68 posts

I kept the preinstalled software, still dealing with water in basement and bathroom + evening classes + work... Ill check them out eventually to see what I use / don't use. 

Here are the new logs. Still kind of hoping you'll find something because the alternative is someone close to me doing this or a hacker gaining access to this kind of info through my bank... both options are hard to digest. A keylogger would have been better. 
 

Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2021 01
Exécuté par tqy_06 (administrateur) sur DESKTOP-K95T8M6 (LENOVO 20AWS0FD00) (06-06-2021 15:25:48)
Exécuté depuis C:\Users\tqy_06\Desktop
Profils chargés: tqy_06
Platform: Windows 10 Pro Version 20H2 19042.985 (X64) Langue: Anglais (États-Unis) -> Français (Canada)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
 
==================== Processus (Avec liste blanche) =================
 
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
 
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Intel Corporation -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\tphkload.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN11CD~1.INF\driver\shtctky.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN11CD~1.INF\driver\tpnumlkd.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN11CD~1.INF\driver\tposd.exe
(Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Malwarebytes Inc -> Malwarebytes) D:\malwarebytes\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) D:\malwarebytes\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\fodhelper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SpatialAudioLicenseSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.985_none_e72c6fe7263b0fe4\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Parsec Cloud, Inc. -> Parsec) C:\Program Files\Parsec\parsecd.exe
(Parsec Cloud, Inc. -> Parsec) C:\Program Files\Parsec\pservice.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics) C:\ProgramData\Samsung Apps\Portable SSD\SamsungPortableSSDMon.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VMware, Inc. -> ) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
 
==================== Registre (Avec liste blanche) ===================
 
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
 
HKLM\...\Run: [AgentAntidote32] => C:\Program Files (x86)\Druide\Antidote 9\Application\Bin32\AgentAntidote.exe [1658472 2018-10-23] (Druide Informatique Inc. -> Druide informatique inc.)
HKLM\...\Run: [AgentAntidote64] => C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\AgentAntidote.exe [1804904 2018-10-23] (Druide Informatique Inc. -> Druide informatique inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3952096 2020-03-11] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [Reader Application Helper] => C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2014-10-24] (Sony Corporation -> Sony Corporation)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [115632 2019-03-25] (VMware, Inc. -> VMware, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-05-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\tqy_06\AppData\Local\slack\slack.exe [306856 2021-01-18] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32194448 2020-06-06] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\tqy_06\AppData\Local\Microsoft\Teams\Update.exe [2452664 2020-12-23] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\Run: [Parsec.App.0] => C:\Program Files\Parsec\parsecd.exe [430784 2021-05-21] (Parsec Cloud, Inc. -> Parsec)
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-05-27] (Google LLC -> Google LLC)
Startup: C:\Users\tqy_06\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2019-01-18]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
 
==================== Tâches planifiées (Avec liste blanche) ============
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
Task: {04E3989F-0DD3-4E30-999C-6F6F19B11D91} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {0C4ECE08-02E5-43B6-958C-B0BD9DE3F38B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {152FF429-CA48-47EC-859C-F23ED258650A} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [62136 2021-04-20] (Lenovo -> )
Task: {168FCE74-D0C6-4A4B-B488-6F748027A24E} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758224 2021-04-25] (Lenovo -> )
Task: {23E43CAB-B3C4-4AA8-B9F4-47128BF37C57} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {495360EB-A59B-4EF8-B546-613C39CCB69B} - System32\Tasks\Lenovo Power Management Driver PnP Task => C:\WINDOWS\System32\ibmpmsvc.exe [949632 2019-12-11] (Lenovo -> Lenovo.)
Task: {4DD81111-2769-4A57-A92E-974BEE51E5BC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {52C3539A-BCF6-4C60-B9A7-775B7CC80242} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [660688 2020-09-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {531D90CC-D6F8-439F-B353-C1A776FF1CCC} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [139448 2016-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {58BA13E6-E678-4A60-AAEA-6BCB0D9571D7} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {5924CC25-1B87-4168-8EF0-30C1FF7C3BCD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3953096 2021-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {7BA670F3-52E4-412E-B9CC-CC00816CAB2D} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {7D65D10F-02B9-43E8-82A5-85FC232C1F14} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-03] (Google Inc -> Google Inc.)
Task: {8431BBD4-8784-444A-BAC5-C748E4319CD8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B0EBA40-8F15-4C2F-B55C-CC421821CA9D} - System32\Tasks\G2MUpdateTask-S-1-5-21-2057818490-810332119-3295456784-1001 => C:\Users\tqy_06\AppData\Local\GoToMeeting\19709\g2mupdate.exe [31320 2021-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {9D95C55E-F02C-4D01-9CDE-FCC44197253F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A9F484CE-6B19-4834-BF4E-DAC5F469CE45} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3953096 2021-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {AB53441D-9422-408F-9E06-E26D8A8A153E} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {ADA8BC81-CAD3-4068-B003-5B0C2AD2BCE7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {B7A7BC18-35BE-46E2-AE06-7985A6DE0461} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9BE341E-9D88-4067-8A9E-D2F16905017C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BD89BA76-B88C-4221-ACEE-688E456BDB12} - System32\Tasks\G2MUploadTask-S-1-5-21-2057818490-810332119-3295456784-1001 => C:\Users\tqy_06\AppData\Local\GoToMeeting\19709\g2mupload.exe [31320 2021-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {C284FFA6-87EB-48A8-AC50-1C4DBD3A1808} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758224 2021-04-25] (Lenovo -> )
Task: {C94D456A-36AC-49E9-B150-D499E54B0C99} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [112824 2021-04-20] (Lenovo -> Lenovo)
Task: {DF7E6E6E-D137-4468-9CEE-BD12468CBF18} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-03] (Google Inc -> Google Inc.)
Task: {E9AB176E-2039-4A88-9BDF-DAA48A6BFC7D} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\SamsungPortableSSDMon.exe [499232 2018-06-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics)
 
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
 
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2057818490-810332119-3295456784-1001.job => C:\Users\tqy_06\AppData\Local\GoToMeeting\19709\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2057818490-810332119-3295456784-1001.job => C:\Users\tqy_06\AppData\Local\GoToMeeting\19709\g2mupload.exe
 
==================== Internet (Avec liste blanche) ====================
 
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
 
Tcpip\Parameters: [DhcpNameServer] 24.201.245.77 24.200.0.1 24.53.0.2
Tcpip\..\Interfaces\{dc171d43-5552-4584-848b-9a95f62612ff}: [DhcpNameServer] 24.201.245.77 24.200.0.1 24.53.0.2
Tcpip\..\Interfaces\{e5a7c465-02ce-437c-9a69-909203e13885}: [DhcpNameServer] 24.201.245.77 24.200.0.1 24.53.0.2
 
Edge: 
=======
Edge Profile: C:\Users\tqy_06\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-03]
 
FireFox:
========
FF DefaultProfile: z03xfrci.default
FF ProfilePath: C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\z03xfrci.default [2021-06-05]
FF ProfilePath: C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release [2021-06-05]
FF Extension: (Disconnect) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\[email protected] [2020-08-27]
FF Extension: (Facebook Container) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\@contain-facebook.xpi [2020-08-27]
FF Extension: (Tampermonkey) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\[email protected] [2020-08-27]
FF Extension: (I don't care about cookies) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\[email protected] [2020-08-28]
FF Extension: (Simple Translate) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\[email protected] [2020-08-27]
FF Extension: (uBlock Origin) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\[email protected] [2020-08-27]
FF Extension: (Flagfox) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2020-09-01]
FF Extension: (Startpage.com - recherche privé) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2020-08-27]
FF Extension: (Dark Night Mode) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\{27c3c9d8-95cd-44e6-ae9c-ff537348b9f3}.xpi [2020-08-27]
FF Extension: (FBCleaner) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\{4ce95b29-49c2-44f3-b371-8635790b98fb}.xpi [2020-08-27]
FF Extension: (NoScript) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2020-08-27]
FF Extension: (Dusky Gray Facebook [Dark Theme]) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\{8d1ad29c-3852-4c57-9919-b9aa81866b04}.xpi [2020-08-27]
FF Extension: (Lake Tahoe Rubicon Trail) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\{941edfd0-7c7a-4847-91b4-7d58fae5b900}.xpi [2020-08-27]
FF Extension: (Quebec vert 2) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\{b30bb4c0-7d04-4bee-a408-03d8418df8ea}.xpi [2020-08-27]
FF Extension: (Nano Defender for Firefox) - C:\Users\tqy_06\AppData\Roaming\Mozilla\Firefox\Profiles\tw1y1mzr.default-release\Extensions\{fcf60470-b210-4c17-969e-9ae01491071e}.xpi [2020-08-27]
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-06-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2014-10-24] (Sony Corporation -> Sony Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2057818490-810332119-3295456784-1001: @ringcentral.com/RingCentralMeetingsPlugin -> C:\Users\tqy_06\AppData\Roaming\RingCentralMeetings\bin\nprcmsplugin.dll [2019-07-15] (RingCentral, Inc. -> RingCentral Video Communications, Inc. and RingCentral Inc.)
FF Plugin HKU\S-1-5-21-2057818490-810332119-3295456784-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\tqy_06\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2057818490-810332119-3295456784-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\tqy_06\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default [2021-06-06]
CHR Notifications: Default -> hxxps://app.slack.com; hxxps://programmation-0xk5972.slack.com; hxxps://wtmmontreal.slack.com; hxxps://www.youtube.com
CHR Extension: (Docs) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-05]
CHR Extension: (Google Drive) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (Volume Booster) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkfjjkednolkdhclcoicgbfpccgihknm [2021-03-16]
CHR Extension: (YouTube) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-05]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-21]
CHR Extension: (IBA Opt-out (by Google)) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb [2019-03-30]
CHR Extension: (Google Docs Offline) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-21]
CHR Extension: (Antidote) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbojggafdepnclikhiapkpinbfdhbdoi [2020-04-03]
CHR Extension: (Boomerang for Gmail) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2018-11-10]
CHR Extension: (Google Hangouts) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2020-08-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-02]
CHR Profile: C:\Users\tqy_06\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-06-05]
CHR HKLM-x32\...\Chrome\Extension: [lbojggafdepnclikhiapkpinbfdhbdoi]
 
==================== Services (Avec liste blanche) ===================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-11-03] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2016-07-28] (Microsoft Corporation -> Microsoft Corporation)
S2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
R2 MBAMService; D:\malwarebytes\MBAMService.exe [7391408 2021-06-03] (Malwarebytes Inc -> Malwarebytes)
R2 Parsec; C:\Program Files\Parsec\pservice.exe [395968 2021-05-21] (Parsec Cloud, Inc. -> Parsec)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2014-04-25] (Sony Corporation) [Fichier non signé]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11786992 2018-11-14] (TeamViewer GmbH -> TeamViewer GmbH)
R2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\TPHKLOAD.exe [465200 2020-12-28] (Lenovo -> Lenovo Group Limited)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [77792 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [48608 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14347184 2019-03-25] (VMware, Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Pilotes (Avec liste blanche) ===================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-06-03] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-06-03] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-06-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-06-05] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-06-05] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-06-05] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl478f17c7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9DA12F99-F2D2-43A8-A666-8192C564DBFC}\MpKslDrv.sys [107744 2021-06-06] (Microsoft Windows -> Microsoft Corporation)
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [315392 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 SMIDriverGen; C:\WINDOWS\system32\DRIVERS\smi.sys [31440 2018-04-25] (Synaptics Inc. -> Synaptics Incorporated)
S3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2020-10-12] (Snap Inc. -> Windows ® Win 7 DDK provider)
S3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [757824 2016-12-19] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
R3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2020-01-10] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S3 vl810filter; C:\WINDOWS\system32\DRIVERS\vl810filter.sys [17008 2011-11-17] (VIA Technologies Inc. -> VIA Labs, Inc.)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [52288 2019-03-25] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [66520 2019-03-25] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\system32\DRIVERS\vsock.sys [91712 2017-09-05] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-14] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Avec liste blanche) ===================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
 
==================== Un mois (créés) (Avec liste blanche) =========
 
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
 
2021-06-06 13:31 - 2021-06-06 13:32 - 000000000 ____D C:\AdwCleaner
2021-06-06 13:31 - 2021-06-06 13:31 - 008534696 _____ (Malwarebytes) C:\Users\tqy_06\Desktop\AdwCleaner.exe
2021-06-05 22:02 - 2021-06-05 22:02 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-06-05 22:02 - 2021-06-05 22:02 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-06-05 22:02 - 2021-06-05 22:02 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-06-05 21:57 - 2021-06-05 21:57 - 000012797 _____ C:\Users\tqy_06\Desktop\FixlogFirst.txt
2021-06-05 21:35 - 2021-06-05 22:00 - 000011553 _____ C:\Users\tqy_06\Desktop\Fixlog.txt
2021-06-05 21:18 - 2021-06-05 21:17 - 000191776 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2021-06-03 09:29 - 2021-06-03 09:34 - 000100541 _____ C:\Users\tqy_06\Desktop\Addition.txt
2021-06-03 09:27 - 2021-06-06 15:26 - 000030364 _____ C:\Users\tqy_06\Desktop\FRST.txt
2021-06-03 09:27 - 2021-06-06 15:26 - 000000000 ____D C:\FRST
2021-06-03 09:27 - 2021-06-06 15:25 - 000000000 ____D C:\Users\tqy_06\Desktop\FRST-OlderVersion
2021-06-03 09:26 - 2021-06-06 15:25 - 002300416 _____ (Farbar) C:\Users\tqy_06\Desktop\FRST64.exe
2021-06-03 09:14 - 2021-06-03 09:14 - 000000000 ____D C:\Users\tqy_06\AppData\Local\CrashDumps
2021-06-03 09:11 - 2021-06-03 09:11 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-06-03 09:11 - 2021-06-03 09:11 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-06-03 09:11 - 2021-06-03 09:11 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-06-03 09:11 - 2021-06-03 09:11 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-06-03 09:11 - 2021-06-03 09:11 - 000000655 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-06-03 09:11 - 2021-06-03 09:11 - 000000655 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-06-03 09:11 - 2021-06-03 09:11 - 000000655 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-06-03 09:11 - 2021-06-03 09:11 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-06-03 09:10 - 2021-06-03 09:10 - 002080712 _____ (Malwarebytes) C:\Users\tqy_06\Downloads\MBSetup.exe
2021-06-02 14:59 - 2021-06-02 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lenovo
2021-05-16 13:16 - 2021-05-16 13:16 - 000000000 ____D C:\Users\tqy_06\AppData\Local\kotlin
2021-05-15 15:13 - 2021-05-15 15:13 - 000000000 ____D C:\Users\tqy_06\AppData\Local\main.kts.compiled.cache
2021-05-15 15:11 - 2021-05-15 15:11 - 000000000 ____D C:\Users\tqy_06\IdeaProjects
2021-05-15 15:11 - 2021-05-15 15:11 - 000000000 ____D C:\Users\tqy_06\AppData\Local\JetBrains
2021-05-15 15:07 - 2021-05-15 15:07 - 000000485 _____ C:\Users\Public\Desktop\IntelliJ IDEA Community Edition 2021.1.1 x64.lnk
2021-05-15 15:07 - 2021-05-15 15:07 - 000000485 _____ C:\ProgramData\Desktop\IntelliJ IDEA Community Edition 2021.1.1 x64.lnk
2021-05-15 14:59 - 2021-05-15 14:59 - 000000000 ____D C:\Users\tqy_06\AndroidStudioProjects
2021-05-15 14:55 - 2021-05-15 14:55 - 000000000 ____D C:\Program Files\Common Files\Oracle
2021-05-15 11:55 - 2021-05-15 11:55 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
 
==================== Un mois (modifiés) ==================
 
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
 
2021-06-06 15:21 - 2021-04-30 23:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-06 15:21 - 2019-05-24 10:50 - 000000589 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-06-06 14:56 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-06 13:51 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-06 13:51 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-05 22:09 - 2021-05-01 02:48 - 000789922 _____ C:\WINDOWS\system32\perfh00C.dat
2021-06-05 22:09 - 2021-05-01 02:48 - 000147998 _____ C:\WINDOWS\system32\perfc00C.dat
2021-06-05 22:09 - 2021-05-01 02:45 - 000427528 _____ C:\WINDOWS\system32\prfh0804.dat
2021-06-05 22:09 - 2021-05-01 02:45 - 000133050 _____ C:\WINDOWS\system32\prfc0804.dat
2021-06-05 22:09 - 2021-04-30 23:47 - 002416690 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-05 22:09 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-05 22:02 - 2021-04-30 23:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-05 22:02 - 2018-11-25 10:46 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-06-05 22:02 - 2018-10-08 16:39 - 000000000 ____D C:\ProgramData\VMware
2021-06-05 22:02 - 2018-05-03 19:54 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-06-05 22:02 - 2018-05-03 19:54 - 000000000 ____D C:\ProgramData\Synaptics
2021-06-05 22:01 - 2021-04-30 23:33 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-05 22:01 - 2021-04-30 23:32 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2021-06-05 22:01 - 2019-12-07 05:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-06-05 21:52 - 2018-05-03 19:54 - 000000000 __SHD C:\Users\tqy_06\IntelGraphicsProfiles
2021-06-05 21:37 - 2019-02-04 22:09 - 000000000 ____D C:\Users\tqy_06\AppData\LocalLow\Temp
2021-06-05 21:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-06-05 21:35 - 2017-09-29 09:46 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-06-05 21:33 - 2018-05-03 20:09 - 000000000 ____D C:\ProgramData\Package Cache
2021-06-05 21:28 - 2018-10-10 19:22 - 000000000 ____D C:\Users\tqy_06\.nbi
2021-06-05 21:27 - 2018-10-10 20:13 - 000000000 ____D C:\Users\tqy_06\AppData\Roaming\NetBeans
2021-06-05 21:18 - 2018-12-03 19:20 - 000000000 ____D C:\Program Files (x86)\Java
2021-06-05 21:18 - 2018-10-10 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-06-05 21:18 - 2018-10-10 19:18 - 000000000 ____D C:\Program Files\Java
2021-06-05 21:17 - 2018-10-10 19:19 - 000191776 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2021-06-05 21:16 - 2018-12-03 19:21 - 000164640 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2021-06-05 18:59 - 2018-05-05 19:01 - 000000000 ____D C:\Program Files (x86)\Steam
2021-06-05 13:05 - 2020-08-21 23:22 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-05 13:05 - 2020-08-21 23:22 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-06-05 13:05 - 2020-08-21 23:22 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-06-05 13:04 - 2020-02-28 12:56 - 000000000 ____D C:\WINDOWS\TempInst
2021-06-03 09:11 - 2019-12-07 05:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-03 08:32 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-06-03 07:58 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-02 19:11 - 2018-05-03 19:59 - 000000000 ____D C:\ProgramData\Lenovo
2021-06-02 15:14 - 2018-05-22 16:42 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-06-02 15:00 - 2021-04-30 23:54 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2057818490-810332119-3295456784-1001
2021-06-02 15:00 - 2021-04-30 23:37 - 000002420 _____ C:\Users\tqy_06\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-02 15:00 - 2018-05-03 19:54 - 000000000 ___RD C:\Users\tqy_06\OneDrive
2021-06-02 14:59 - 2021-04-30 23:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2021-06-02 14:59 - 2020-02-28 11:45 - 000000000 ____D C:\Program Files (x86)\Lenovo
2021-06-02 14:58 - 2018-11-16 15:56 - 000003591 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2021-06-02 08:23 - 2020-09-03 08:59 - 000000690 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2057818490-810332119-3295456784-1001.job
2021-06-02 08:23 - 2020-09-03 08:59 - 000000594 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2057818490-810332119-3295456784-1001.job
2021-05-27 17:32 - 2018-05-03 19:57 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-27 17:32 - 2018-05-03 19:57 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-27 17:32 - 2018-05-03 19:57 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-05-27 17:28 - 2021-04-30 23:54 - 000003866 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-2057818490-810332119-3295456784-1001
2021-05-27 17:28 - 2021-04-30 23:54 - 000003770 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-2057818490-810332119-3295456784-1001
2021-05-27 17:28 - 2020-09-03 08:59 - 000000000 ____D C:\Users\tqy_06\AppData\Local\GoToMeeting
2021-05-24 18:27 - 2021-03-07 17:30 - 000000000 ____D C:\Users\tqy_06\AppData\Roaming\Parsec
2021-05-21 22:57 - 2018-06-03 16:28 - 000000000 ____D C:\Users\tqy_06\AppData\Roaming\discord
2021-05-21 22:21 - 2018-06-03 16:27 - 000000000 ____D C:\Users\tqy_06\AppData\Local\Discord
2021-05-21 19:23 - 2018-12-16 20:31 - 000000000 ____D C:\Users\tqy_06\AppData\Local\ElevatedDiagnostics
2021-05-21 19:19 - 2021-03-07 17:30 - 000000000 ____D C:\Program Files\Parsec
2021-05-15 15:11 - 2021-04-30 23:37 - 000000000 ____D C:\Users\tqy_06
2021-05-15 15:11 - 2018-09-30 09:19 - 000000000 ____D C:\Users\tqy_06\AppData\Roaming\JetBrains
2021-05-15 15:09 - 2018-09-30 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains
2021-05-15 14:59 - 2018-08-18 18:44 - 000000000 ____D C:\Users\tqy_06\.android
2021-05-15 14:55 - 2018-08-03 18:54 - 000000000 ____D C:\ProgramData\Oracle
2021-05-15 13:01 - 2019-02-11 21:45 - 000000000 ____D C:\Users\tqy_06\AppData\Roaming\Google
2021-05-15 13:01 - 2018-05-03 19:56 - 000000000 ____D C:\Users\tqy_06\AppData\Local\Google
2021-05-15 12:12 - 2021-04-30 23:33 - 000490408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-15 12:05 - 2021-05-01 02:38 - 000000000 ____D C:\Program Files\Hyper-V
2021-05-15 12:05 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-05-15 12:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-15 12:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-15 11:56 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-14 19:54 - 2018-05-03 20:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-13 22:17 - 2018-05-03 20:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-13 22:09 - 2018-06-26 16:18 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-05-13 22:03 - 2018-05-03 20:35 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-13 22:01 - 2021-04-29 09:41 - 000000000 ___DC C:\WINDOWS\Panther
 
==================== Fichiers à la racine de certains dossiers ========
 
2019-02-25 07:06 - 2019-02-25 07:06 - 000009901 _____ () C:\Users\tqy_06\AppData\Local\recently-used.xbel
 
==================== SigCheck ============================
 
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
 
==================== Fin de FRST.txt ========================



Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 06-06-2021 01
Exécuté par tqy_06 (06-06-2021 15:27:34)
Exécuté depuis C:\Users\tqy_06\Desktop
Windows 10 Pro Version 20H2 19042.985 (X64) (2021-05-01 03:55:09)
Mode d'amorçage: Normal
==========================================================
 
 
==================== Comptes: =============================
 
Administrator (S-1-5-21-2057818490-810332119-3295456784-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2057818490-810332119-3295456784-503 - Limited - Disabled)
Guest (S-1-5-21-2057818490-810332119-3295456784-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2057818490-810332119-3295456784-1003 - Limited - Enabled)
replacedForPrivacy (S-1-5-21-2057818490-810332119-3295456784-1007 - Limited - Enabled) => C:\Users\replacedForPrivacy
tqy_06 (S-1-5-21-2057818490-810332119-3295456784-1001 - Administrator - Enabled) => C:\Users\tqy_06
WDAGUtilityAccount (S-1-5-21-2057818490-810332119-3295456784-504 - Limited - Disabled)
 
==================== Centre de sécurité ========================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Programmes installés ======================
 
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
 
7D2D Launcher (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\0fa300cea2469b2c) (Version: 1.0.5.2 - SphereII Software)
7D2D Mod Launcher Installer (HKLM\...\{109EA3EC-0668-4FA6-8D34-A3AC067ADAE9}) (Version: 2.1.13 - SphereII Software)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Active Directory Authentication Library for SQL Server (HKLM\...\{32C0D7B2-1046-43AC-98AD-B748E1910916}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (HKLM-x32\...\{F40FA676-46B1-4609-85EF-D2F1F79E0C0E}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated)
Adobe Connect (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\Adobe Connect App) (Version: 2020.12.21.64 - Adobe Systems Inc.)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.10 - Adobe Systems Incorporated)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Android Studio (HKLM\...\Android Studio) (Version: 3.3 - Google LLC)
Antidote 9 - English module (HKLM-x32\...\{BFA17B4C-70D3-480F-8476-76197F614AB8}) (Version: 9.5.3877 - Druide informatique inc.)
Antidote 9 - Module français (HKLM-x32\...\{BFA17B4C-70D3-480F-8476-76197F614AB7}) (Version: 9.5.3877 - Druide informatique inc.)
Antidote 9 (HKLM-x32\...\{BFA17B4C-70D3-480F-8476-76197F614AB6}) (Version: 9.5.3937 - Druide informatique inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
Application Verifier x64 External Package (HKLM\...\{B27BC1FC-8474-9E32-73C2-6F7CD58AD1E3}) (Version: 10.1.17763.132 - Microsoft) Hidden
Azure AD Authentication Connected Service (HKLM-x32\...\{8A1AD070-269F-4A15-AAB5-76AB896EF195}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Behaviors SDK (Windows Phone) for Visual Studio 2013 (HKLM-x32\...\{C1609E6E-10B5-46F4-A48C-AC57045D0B88}) (Version: 12.0.51210.80 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (HKLM-x32\...\{B2429EA1-767E-4947-A458-F2204A2AA1BB}) (Version: 12.0.51210.80 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Windows Phone 8.0 (HKLM-x32\...\{403759F5-1D77-49F4-812D-AF43196E8C74}) (Version: 3.0.30924.0 - Microsoft Corporation) Hidden
Build Tools - amd64 (HKLM\...\{03DE1AEE-D3FA-4BF3-9150-28F54815E888}) (Version: 12.0.31010 - Microsoft Corporation) Hidden
Build Tools - x86 (HKLM-x32\...\{235CCCE6-3CB9-4E09-9D8E-0F212644C668}) (Version: 12.0.31010 - Microsoft Corporation) Hidden
Build Tools for Windows 10 - ENU (HKLM-x32\...\{E5C9A6AC-6AB9-455C-B8AF-FAC95908D0DF}) (Version: 14.0.25527 - Microsoft Corporation) Hidden
Build Tools for Windows 10 (HKLM-x32\...\{3DF885A3-8834-49EB-8390-15DCD84DC5FB}) (Version: 14.0.25527 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (HKLM\...\{6618DB5E-8788-46E1-94F4-9F1C0FC075BD}) (Version: 12.0.31010 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (HKLM-x32\...\{772590BC-E61B-4080-B9D5-A71497612F36}) (Version: 12.0.31010 - Microsoft Corporation) Hidden
CodeBlocks (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\CodeBlocks) (Version: 17.12 - The Code::Blocks Team)
CodedUITest81 (HKLM-x32\...\{3AF80693-9047-3BAA-9554-22AB6C428AB4}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
CodedUITestUAP (HKLM-x32\...\{0AB83CFE-A321-364C-8F78-A79084EC90D4}) (Version: 14.0.25527 - Microsoft Corporation) Hidden
Composer - Php Dependency Manager (HKLM-x32\...\{7315AF68-E777-496A-A6A2-4763A98ED35A}_is1) (Version:  - getcomposer.org)
Discord (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Dotfuscator and Analytics Community Edition 5.22.0 (HKLM-x32\...\{60018889-9E0F-43E8-9B89-29E8C828B40A}) (Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
eBook DRM Removal Bundle 4.19.406.399 (HKLM-x32\...\{8F09AD24-0196-436A-B99F-A39C537DC5FF}_is1) (Version: 4.19.406.399 - eBook Converter Team)
Entity Framework 6.1.3 Tools  for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
Epic Games Launcher (HKLM-x32\...\{FA10E700-F142-40B6-BB21-B93C55E0EA24}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Git version 2.20.1 (HKLM\...\Git_is1) (Version: 2.20.1 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\GitHubDesktop) (Version: 2.6.1 - GitHub, Inc.)
GnuWin32: Make-3.81 (HKLM-x32\...\Make-3.81_is1) (Version: 3.81 - GnuWin32)
Go Programming Language amd64 go1.13.7 (HKLM\...\{D1B12E74-F66A-42D2-928D-DD38C43E3DF0}) (Version: 1.13.7 - hxxps://golang.org)
GoLand 2019.3.2 (HKLM-x32\...\GoLand 2019.3.2) (Version: 193.6015.58 - JetBrains s.r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.77 - Google LLC)
GoTo Opener (HKLM-x32\...\{D144D2C2-4F96-48B7-BB2A-E9185050B619}) (Version: 1.0.491 - LogMeIn, Inc.)
GoToMeeting 10.16.1.19709 (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\GoToMeeting) (Version: 10.16.1.19709 - LogMeIn, Inc.)
IDE Tools for Windows 10 - ENU (HKLM-x32\...\{5FAE69D5-D9A7-469A-A021-2EB40F4FE0AB}) (Version: 14.0.25527 - Microsoft Corporation) Hidden
IDE Tools for Windows 10 (HKLM-x32\...\{F255D538-8ECB-4ED1-9670-E195D403BCCF}) (Version: 14.0.25527 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 20.2 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5126 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000060-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{73250D12-B600-4ED6-AFC0-10D9D8EDA745}) (Version: 7.3.2 - Intel Corporation)
IntelliJ IDEA Community Edition 2021.1.1 (HKLM-x32\...\IntelliJ IDEA Community Edition 2021.1.1) (Version: 211.7142.45 - JetBrains s.r.o.)
Intellisense Lang Pack Mobile Extension SDK 10.0.14393.0 (HKLM-x32\...\{26D23C60-AC47-46E5-8EDF-D19F41CAB666}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Java SE Development Kit 8 Update 181 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180181}) (Version: 8.0.1810.13 - Oracle Corporation)
Java™ SE Development Kit 16.0.1 (64-bit) (HKLM\...\{75CDB88B-F917-5456-AB2D-5504DE7F43DE}) (Version: 16.0.1.0 - Oracle Corporation)
JetBrains PyCharm Edu 2018.2 (HKLM-x32\...\PyCharm Edu 2018.2) (Version: 182.3684.126 - JetBrains s.r.o.)
Kit de développement logiciel (SDK) Microsoft .NET Framework 4.6.1 (Français) (HKLM-x32\...\{9369E1F2-44C9-4864-843E-159725E660CB}) (Version: 4.6.01055 - Microsoft Corporation)
Kits Configuration Installer (HKLM-x32\...\{76825BA0-C536-C284-BAA1-9DB7A2D30D54}) (Version: 10.1.14393.33 - Microsoft) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 4.14.10877 - Rakuten Kobo Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.82.00.20 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0124 - Lenovo)
LocalESPC (HKLM-x32\...\{62910715-63E3-0AB0-0B29-99140DE1C15E}) (Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPCui for en-us (HKLM-x32\...\{326A5052-061C-F656-31E3-3B73842ABD46}) (Version: 8.59.29989 - Microsoft) Hidden
Logiciel Intel® PROSet/Wireless (HKLM-x32\...\{a2caa706-dce2-4c91-8d46-b52a3c260b20}) (Version: 21.10.1 - Intel Corporation)
Malwarebytes version 4.4.0.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.0.117 - Malwarebytes)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (Français) (HKLM-x32\...\{AD054CB0-F527-48AD-832B-E65D46237C88}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.41 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.14026.20246 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\OneDriveSetup.exe) (Version: 21.083.0425.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2057818490-810332119-3295456784-1007\...\OneDriveSetup.exe) (Version: 19.152.0801.0008 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB  (HKLM\...\{E359515A-92E6-4FA3-A2C9-E1BA02D8DE6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects  (HKLM-x32\...\{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects  (x64) (HKLM\...\{20EA85AA-2A1D-4F11-B09F-4BA2BF3C8989}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service  (HKLM-x32\...\{8BFDE775-C5B8-46DB-84EF-43FFC8A2E8AD}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom  (HKLM\...\{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60519.0) (HKLM-x32\...\{4E27B0EF-7BAB-432A-AF3D-3FC8F3F7353F}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29112 (HKLM-x32\...\{be826f5f-eda5-45a2-a3fe-c2cb5c1b9842}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.55.2 - Microsoft Corporation)
Microsoft Visual Studio Emulator for Android (HKLM-x32\...\{e0f4d7cd-597b-4cfd-907f-312a212ff4e8}) (Version: 1.1.622.2 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1096.130 - Microsoft Corporation)
Microsoft Visual Studio Professional 2015 with Updates (HKLM-x32\...\{68432bbb-c9a5-4a7b-bab3-ae5a49b28303}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Apache Cordova (HKLM-x32\...\{29b63284-2755-4dde-82a3-32ba7245febe}) (Version: 14.0.60527.5 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 80.0.1 (x64 fr) (HKLM\...\Mozilla Firefox 80.0.1 (x64 fr)) (Version: 80.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 80.0 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{128C1654-3B9E-4959-8BFB-CE6F09C0A01D}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
MSI Development Tools (HKLM-x32\...\{6C961B30-A670-8A05-3BFE-3947E84DD4E4}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Node.js (HKLM\...\{70453304-793B-4FAB-A673-FB14AF816C9B}) (Version: 14.15.4 - Node.js Foundation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.1 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Parsec (HKLM-x32\...\Parsec) (Version: 150-47 - Parsec Cloud Inc.)
Planetbase (HKLM-x32\...\1351624781_is1) (Version: 1.2.2 - GOG.com)
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT  (HKLM-x32\...\{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation)
Project and Item Templates for Visual Studio Community 2015 - ENU (HKLM-x32\...\{85619B33-76D7-4FF8-A04D-6E568B0CF29A}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Project and Item Templates for Visual Studio Express 2015 for Windows 10 - ENU (HKLM-x32\...\{31F41F21-21C1-4A52-AFA7-B7D7F6B181AF}) (Version: 14.0.25527 - Microsoft Corporation) Hidden
Project and Item Templates for Visual Studio Professionald 2015 - ENU (HKLM-x32\...\{35BD3B44-C9E4-457D-8260-41566E8BEFE2}) (Version: 14.0.25527 - Microsoft Corporation) Hidden
Python 2.7.15 (64-bit) (HKLM\...\{16CD92A4-0152-4CB7-8FD6-9788D3363617}) (Version: 2.7.15150 - Python Software Foundation)
Python 3.7.0 (32-bit) (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\{ece37911-ffeb-4f29-95d6-abcf555d7364}) (Version: 3.7.150.0 - Python Software Foundation)
Python 3.7.0 Core Interpreter (32-bit) (HKLM-x32\...\{13BB06D9-FD38-47E5-946E-C2606C554030}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Development Libraries (32-bit) (HKLM-x32\...\{B424BE74-3C96-4974-8754-9D6442286112}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Documentation (32-bit) (HKLM-x32\...\{ABEE159E-FE5B-4E58-BDD7-1DED2F10AAEB}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Executables (32-bit) (HKLM-x32\...\{4642A126-F999-4407-801B-C1C89BDA58C5}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 pip Bootstrap (32-bit) (HKLM-x32\...\{69CFC76B-3434-4919-8885-BA7960725137}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Standard Library (32-bit) (HKLM-x32\...\{09160A5D-8B99-4A89-9E9D-8A6D8E9C7EC1}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Tcl/Tk Support (32-bit) (HKLM-x32\...\{8A09EA6B-C86C-4ECA-8742-C4C1BCA96845}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Test Suite (32-bit) (HKLM-x32\...\{717DB3B4-C457-447B-A8A6-6921A4D917EF}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Utility Scripts (32-bit) (HKLM-x32\...\{FC756D1E-1252-406E-8414-E11FAF97F3C7}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.9.1 (64-bit) (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\{b2be55ad-3177-42aa-a6c2-53004684e4ea}) (Version: 3.9.1150.0 - Python Software Foundation)
Python 3.9.1 Add to Path (64-bit) (HKLM\...\{5AD5ED9C-14D1-4CFA-B4B1-A02CE8916D9F}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Core Interpreter (64-bit) (HKLM\...\{1C00F581-D5BF-491E-B1BB-72AA3A2250E5}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Development Libraries (64-bit) (HKLM\...\{27AD952D-DD9D-4AAC-B486-8AA601BFA064}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Documentation (64-bit) (HKLM\...\{5CB3AEED-BB03-47E2-BFF1-0CA58C236895}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Executables (64-bit) (HKLM\...\{71A9F41D-A865-46D4-A650-B210150DEF2A}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 pip Bootstrap (64-bit) (HKLM\...\{EF2B9385-6453-4702-9584-21BA8288D157}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Standard Library (64-bit) (HKLM\...\{5DD5C023-790B-4F1B-9B1B-8D1BC48F3057}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Tcl/Tk Support (64-bit) (HKLM\...\{414B5372-24FD-4302-8090-B9CE5564A6DD}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Test Suite (64-bit) (HKLM\...\{A7EC4DEB-8ABD-471D-BB5B-E579EBC9B043}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Utility Scripts (64-bit) (HKLM\...\{47A9647A-A576-4751-9C37-D32EB70285A3}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{FFC95928-6A14-4FB3-8D73-7A62382F66AC}) (Version: 3.9.7280.0 - Python Software Foundation)
Reader for PC (HKLM-x32\...\{D279DFB7-97A3-439D-8BE9-95D8AFA68562}) (Version: 2.4.01.10241 - Sony Corporation)
RingCentral Meetings (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\RingCentralMeetings) (Version: 7.0 - Zoom Video Communications, Inc. and RingCentral Inc.)
Roslyn Language Services - x86 (HKLM-x32\...\{6970C7E1-F99D-388D-8903-DF8FCE677FED}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
RuneScape Launcher 2.2.6 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.6 - Jagex Ltd)
Samsung Portable SSD Software (HKLM-x32\...\SamsungPortableSSD_is1) (Version: 1.6.0.27 - Samsung Electronics)
SDK ARM Additions (HKLM-x32\...\{0B5D6FB7-05A5-271B-5B99-82384219A471}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{4A5F6E94-7967-A333-8231-CA9AF35E03BD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Skype Meetings App (HKLM-x32\...\{BC1D9E47-8927-4AA1-A891-7763BC2475B7}) (Version: 16.2.0.511 - Microsoft Corporation)
Slack (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\slack) (Version: 4.12.2 - Slack Technologies Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StudioTax 2020 (HKLM\...\{A70B000F-D049-4F42-B79E-C58A07D8995C}) (Version: 16.0.3.0 - BHOK IT Consulting Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.142 - Synaptics Incorporated)
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (HKLM-x32\...\{7A95671A-759E-3B83-B763-4289D1D24D73}) (Version: 14.102.25619 - Microsoft) Hidden
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.0.13880 - TeamViewer)
Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
ThinkPad Basic Dock PTN Firmware version 1.43 (HKLM-x32\...\PTN3392Updater_is1) (Version: 1.43 - )
ThinkPad Pro/Ultra Dock VIA Firmware version 5041 (HKLM-x32\...\VL812_is1) (Version: 5041 - )
TypeScript Power Tool (HKLM-x32\...\{465ACA24-B8D6-4FEC-A42D-9EFCB92CD560}) (Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{BA5762C7-D35F-4725-A4BD-525854127018}) (Version: 1.8.36.0 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{1FBCBC17-4527-2340-0832-B1D49C41FF67}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{284FA9A0-CEDD-81D3-5A19-5858E95FD0C4}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{7D225043-6CC5-7B56-11DD-AFF90E4C1C0C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{F6483AD1-9703-F95E-B07B-6BB7A3DA7B71}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{8BFBEC30-33CC-13B4-849F-3B036F27466A}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{96FB0EE4-8F7E-595E-B5CF-BFCC6BF26014}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{ABD37F71-FC3F-F525-C7B3-BDD95F684C51}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{CB19DBA2-C210-5646-9522-695A1317CD34}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{302A9B8D-5111-6C51-BB99-FF394C4A4255}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{5F577A45-3C65-352B-061D-D6A57F05402C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{3B588BBE-EB02-D1B2-5CD5-7DB85AD8A3E7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{D2DC1EDF-EE04-9B5F-BDD7-06645D859EC3}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{87F42CC0-5403-3698-87D9-3C2A04E476E1}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{CE83D0BD-418A-F3D1-D6CE-687E96D1EBD0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
UwAmp (Uninstall) (HKLM-x32\...\UwAmp) (Version:  - )
vcpp_crt.redist.clickonce (HKLM-x32\...\{DE494F7A-5E42-4B52-8E06-EF9AAC4BD59D}) (Version: 14.16.27012 - Microsoft Corporation) Hidden
Viscera Cleanup Detail: alpha v0.25
 (HKLM\...\UDK-b03fd069-bfd4-4c64-a86a-7dd46acc2d83) (Version:  - RuneStorm
)
Viscera Cleanup Detail: Santas Rampage
 (HKLM\...\UDK-919c7ab1-1e49-4337-a1ad-f317bcbadcff) (Version:  - RuneStorm
)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
Visual Studio Build Tools 2017 (HKLM-x32\...\3cb32249) (Version: 15.9.28307.423 - Microsoft Corporation)
VS Update core components (HKLM-x32\...\{B2918D01-1D89-34D3-87EF-A28121BC6EB7}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden
vs_update3notification (HKLM-x32\...\{AB3DF932-C990-34D4-BF43-970F760DA3CD}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.6.0 - Azureus Software, Inc.)
WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WebStorm 2019.3.3 (HKLM-x32\...\WebStorm 2019.3.3) (Version: 193.6494.34 - JetBrains s.r.o.)
WinAppDeploy (HKLM-x32\...\{1182888E-EDC9-05C5-33BD-B61DA5B1F916}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{716AE8F2-1BE3-7657-DF6B-F23DEEC75AF9}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{1E76DFA7-96F3-4281-8E41-8A226C3E42EE}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.14393.33 (HKLM-x32\...\{f23f94c5-8bba-4202-85ad-c83d4402cdc1}) (Version: 10.1.14393.33 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.17763.132 (HKLM-x32\...\{5fe95b9d-9219-4d8b-a031-71323ae48a81}) (Version: 10.1.17763.132 - Microsoft Corporation)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{00B12DF9-5428-9406-DE2C-8E8A1A062B05}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{01F53182-F1C8-8A72-5C86-B6612BDD4815}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{2AC000E5-E5E6-75B7-7FC2-9ECA8C57CA98}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{E82A4A6C-C21C-35FE-B805-3E44318F6D63}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{6DF5B5E1-A8A0-B617-AADB-31C3709A3C41}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7E898893-9C42-A572-7F57-FDE55CE812F7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{1AAB8359-4433-FF39-D420-0AD429993AD7}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E8B1CB29-5C24-D882-3CEF-F8A7263BC63D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{F6F11150-93DE-0507-FCA0-F746E0207017}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{8329C3A0-8582-D1C2-67FF-800654BFDF45}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{CB7AC790-0E8B-D6C9-CE1E-655793E7D541}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{771C9DEF-7C0B-85DA-6426-7A20F06BEC94}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{87775501-5259-6A7C-51A6-71C832DB7ABA}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{B047C746-63E8-41C7-A5C0-7ABD390CF3E6}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{CFD0294B-945D-62E4-7959-9B22A160496F}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{0063AF94-397B-9C64-1C71-D404B27C5D96}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{F75FD5E5-1F33-AE2B-715A-F829F8A8F51D}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Yarn (HKLM-x32\...\{31A0DA57-5E85-4046-995D-8CD691AA4B84}) (Version: 1.22.5 - Yarn Contributors)
Zoom (HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\ZoomUMX) (Version: 5.5.4 (13142.0301) - Zoom Video Communications, Inc.)
 
Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.8.1108.0_x64__rz1tebttyb220 [2021-06-03] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-30] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5170.0_x64__8wekyb3d8bbwe [2021-05-27] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.22101.0_x64__8wekyb3d8bbwe [2021-04-30] (Microsoft Studios)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0 [2021-06-03] (Spotify AB) [Startup Task]
 
==================== Personnalisé CLSID (Avec liste blanche): ==============
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
CustomCLSID: HKU\S-1-5-21-2057818490-810332119-3295456784-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\tqy_06\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2057818490-810332119-3295456784-1001_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\tqy_06\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2057818490-810332119-3295456784-1001_Classes\CLSID\{5563940C-ABF0-47B4-BB0E-B5D8680B570A}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\MoteurIntegration.exe (Druide Informatique Inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-2057818490-810332119-3295456784-1001_Classes\CLSID\{5563940D-49FD-4F1A-96AA-147B474290EE}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\MoteurIntegration.exe (Druide Informatique Inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-2057818490-810332119-3295456784-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\tqy_06\AppData\Local\GoToMeeting\18425\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-2057818490-810332119-3295456784-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8E}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\AgentAntidote.exe (Druide Informatique Inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-2057818490-810332119-3295456784-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8F}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\Antidote.exe (Druide Informatique Inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-2057818490-810332119-3295456784-1001_Classes\CLSID\{AD630E0F-BF29-4791-AD3B-A289E884E37C}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\Antidote.exe (Druide Informatique Inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-2057818490-810332119-3295456784-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\tqy_06\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2057818490-810332119-3295456784-1001_Classes\CLSID\{f474dcec-9da5-47c9-8584-f5653e25db5d}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Windows -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2019-10-27] (Notepad++ -> )
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2019-03-25] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2019-03-25] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\malwarebytes\mbshlext.dll [2021-06-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\malwarebytes\mbshlext.dll [2021-06-03] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Codecs (Avec liste blanche) ====================
 
==================== Raccourcis & WMI ========================
 
==================== Modules chargés (Avec liste blanche) =============
 
2021-06-03 08:34 - 2021-06-03 08:34 - 000169984 _____ () [Fichier non signé] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.8.1108.0_x64__rz1tebttyb220\DAXRPCClient.dll
2021-06-03 08:34 - 2021-06-03 08:34 - 038459392 _____ () [Fichier non signé] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.8.1108.0_x64__rz1tebttyb220\DolbyAccess.dll
2020-06-17 13:42 - 2020-06-17 13:42 - 001165824 _____ () [Fichier non signé] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.8.1108.0_x64__rz1tebttyb220\e_sqlite3.dll
2016-07-27 22:35 - 2016-07-27 22:35 - 000259584 _____ (Microsoft Corporation) [Fichier non signé] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
 
==================== Alternate Data Streams (Avec liste blanche) ========
 
==================== Mode sans échec (Avec liste blanche) ==================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Avec liste blanche) =================
 
==================== Internet Explorer (Avec liste blanche) ==========
 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-06-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-06-05] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-06-05] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-06-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-06-05] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-06-05] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-02] (Microsoft Corporation -> Microsoft Corporation)
 
==================== Hosts contenu: =========================
 
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
 
2017-09-29 09:46 - 2021-06-05 22:00 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost
 
2019-05-24 10:50 - 2021-06-06 15:21 - 000000589 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.112.1 DESKTOP-K95T8M6.mshome.net # 2026 6 5 5 19 21 50 264
7.15.126 DESKTOP-P4M4A2S.mshome.net # 2019 7 6 20 2 10 26 840
40
 
==================== Autres zones ===========================
 
(Actuellement, il n'y a pas de correction automatique pour cette section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Python39\Scripts\;C:\Python39\;C:\Python27\;C:\Python27\Scripts;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;%USERPROFILE%\.dnx\bin;C:\Program Files\Microsoft DNX\Dnvm\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\Git\cmd;C:\ProgramData\chocolatey\bin;C:\Program Files (x86)\Microsoft Emulator Manager\1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Go\bin;C:\Php;C:\ProgramData\ComposerSetup\bin;C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\;C:\Program Files (x86)\Druide\Antidote 9\Application\Bin32\;C:\Program Files (x86)\Yarn\bin\;C:\Program Files\nodejs\
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
HKU\S-1-5-21-2057818490-810332119-3295456784-1007\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 24.201.245.77 - 24.200.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu est activé.
 
Network Binding:
=============
Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled) 
Wi-Fi: VMware Bridge Protocol -> vmware_bridge (enabled) 
vEthernet (Default Switch): VMware Bridge Protocol -> vmware_bridge (enabled) 
VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled) 
VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled) 
 
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
 
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "AgentAntidote64"
HKLM\...\StartupApproved\Run: => "AgentAntidote32"
HKLM\...\StartupApproved\Run32: => "Reader Application Helper"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\StartupApproved\Run: => "com.squirrel.slack.slack"
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\StartupApproved\Run: => "Snap Camera"
HKU\S-1-5-21-2057818490-810332119-3295456784-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
 
==================== RèglesPare-feu (Avec liste blanche) ================
 
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
 
FirewallRules: [{8C6F301E-6F3B-4380-9C68-87C032863D3F}] => (Allow) D:\SteamLibrary\steamapps\common\Farm Together\FarmTogether.exe () [Fichier non signé]
FirewallRules: [{C9A7E9CF-F5EA-4BDB-B8DA-53BDFE84DA99}] => (Allow) D:\SteamLibrary\steamapps\common\Farm Together\FarmTogether.exe () [Fichier non signé]
FirewallRules: [{35098799-8F79-4348-9C40-7229CD8F3026}] => (Allow) C:\Program Files\Parsec\parsecd.exe (Parsec Cloud, Inc. -> Parsec)
FirewallRules: [{D7627012-B26C-43E7-B4FF-3EAD42C1A24E}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\UDKLift.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{BE0128F8-941C-417C-8915-8C41B1F5EBFF}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\UDKLift.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{72D2D866-C130-4332-BA09-3115A28D9A91}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{62CC7DEE-34BB-42DB-BED1-27216180C574}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{E67E3755-B43A-4152-97E9-9AE826680D8B}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{B6E2B84B-1EA7-4C55-9062-7CC7CC95D834}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{1203D1F2-2A1C-40E9-904E-22AE33303456}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{92C6340A-60FB-4148-8762-03A4CF644424}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{81BBC101-D43A-43D2-93CB-C287CE9A9F43}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DA315248-D3E8-4094-AD87-968309967AE2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{64ABD97F-C636-4855-BBC8-A4A9A7F42771}] => (Block) C:\users\tqy_06\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2E921BFA-E699-4497-9C85-CAA8C8225CB6}] => (Block) C:\users\tqy_06\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{5263F70B-F3FA-425B-9852-778D9A073D3B}C:\users\tqy_06\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\tqy_06\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2E0AFBFF-2F86-469E-ABAA-D89ACB38814B}C:\users\tqy_06\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\tqy_06\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F0537A22-40D9-4563-A26F-52B969E969E3}] => (Allow) D:\SteamLibrary\steamapps\common\Overcooked! 2\Overcooked2.exe () [Fichier non signé]
FirewallRules: [{FAED3341-3858-402D-B4DC-53F9B2FD3143}] => (Allow) D:\SteamLibrary\steamapps\common\Overcooked! 2\Overcooked2.exe () [Fichier non signé]
FirewallRules: [{E9EC3F54-FA47-460E-8448-DA9C660A0AF9}] => (Allow) D:\SteamLibrary\steamapps\common\Oozi Earth Adventure\Oozi.exe () [Fichier non signé]
FirewallRules: [{424FD9ED-5141-4AA3-8D13-8CA6C123BF69}] => (Allow) D:\SteamLibrary\steamapps\common\Oozi Earth Adventure\Oozi.exe () [Fichier non signé]
FirewallRules: [{4B817E67-5CEB-4486-B271-E9C9C7D38324}] => (Allow) D:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Fichier non signé]
FirewallRules: [{E7160C7E-C1B5-4ACF-90AD-43D8CDD0C15E}] => (Allow) D:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Fichier non signé]
FirewallRules: [UDP Query User{43750C8C-8DEB-409C-BEF1-B897F301B64E}D:\steamlibrary\steamapps\common\satisfactory\factorygame\binaries\win64\factorygame-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\satisfactory\factorygame\binaries\win64\factorygame-win64-shipping.exe => Pas de fichier
FirewallRules: [TCP Query User{F9A5B463-B10C-43B1-9B04-8084D8C881E0}D:\steamlibrary\steamapps\common\satisfactory\factorygame\binaries\win64\factorygame-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\satisfactory\factorygame\binaries\win64\factorygame-win64-shipping.exe => Pas de fichier
FirewallRules: [{AD2E243A-4711-44E0-84D9-F9D9D2E9DFCF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FE24EE78-EA8C-429F-80C3-7B42C99232A0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B44D5B0F-0965-4857-947C-13BE6B845F43}] => (Allow) D:\SteamLibrary\steamapps\common\Satisfactory\FactoryGame.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [{C3811BFF-B32E-46C3-8647-664DF417AE9E}] => (Allow) D:\SteamLibrary\steamapps\common\Satisfactory\FactoryGame.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [{33A3A228-EE57-48D2-9FE7-39859E35080C}] => (Allow) D:\SteamLibrary\steamapps\common\Human Fall Flat\Human.exe () [Fichier non signé]
FirewallRules: [{06AB48DE-79A6-4212-A2BB-BCEDC14533AE}] => (Allow) D:\SteamLibrary\steamapps\common\Human Fall Flat\Human.exe () [Fichier non signé]
FirewallRules: [{D3296311-EF4C-48A7-B568-E35C20758EB3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe (Valve -> )
FirewallRules: [{656121BF-276B-4201-960F-8B92F121B7B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe (Valve -> )
FirewallRules: [{941872F7-5067-4D11-8FC9-3B72ECB8FD3C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7B0A62C8-7539-4C4E-B93D-179C4A8285CE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DCF03F54-03CD-4A8E-9B87-DFAE0676BE9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout Shelter\FalloutShelter.exe () [Fichier non signé]
FirewallRules: [{75EC668F-7324-4B2A-A89C-E5D472444E44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout Shelter\FalloutShelter.exe () [Fichier non signé]
FirewallRules: [UDP Query User{AD20F945-C7F3-4766-9B32-8D218F5F9F24}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [TCP Query User{49069E57-4B96-4302-8F90-922AA0AAAB4C}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{D8D3740D-0F0B-43A4-A747-2A13DFC701E7}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{ECE75587-CC02-42F6-9321-DC6CBFF9A3DB}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [UDP Query User{BB743E9B-55F4-465F-9F88-F674C123D345}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{D75187A7-E28E-4E4B-B6E2-A2216E3DF709}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{73EBFB72-2264-4EC8-B2E3-594CD59ADFBA}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{9913CA2D-E917-4812-A63C-B7766CB16CB9}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{CB53ED59-BBDF-456B-AAEA-66AB8466AC74}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [Fichier non signé]
FirewallRules: [TCP Query User{1A808C09-16A0-4921-9A70-F9F264AECF7E}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [Fichier non signé]
FirewallRules: [{2A9581F5-A53D-4697-B852-31085951832F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Pas de fichier
FirewallRules: [{A1FCCEDB-1BFD-425D-A413-9FB7CDFE7919}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Pas de fichier
FirewallRules: [{7FF829A6-2161-4096-B0D9-4A5DCFBCDF8F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9CB9C465-C582-40D3-8167-32EB611D1378}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{33FEA9CF-2525-45F2-BB3C-3DBFEB8B9F1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [Fichier non signé]
FirewallRules: [{E8B847AB-D8B7-4AD5-B51C-4F8F65B06750}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [Fichier non signé]
FirewallRules: [TCP Query User{15736AB6-97FA-4E17-9778-618759B9E111}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [Fichier non signé]
FirewallRules: [UDP Query User{7324D366-EAD9-4DC3-96FF-79701FE5F8B0}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [Fichier non signé]
FirewallRules: [{04DD56C1-31C6-4192-A855-996412C4CEF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 2\RCT2.EXE () [Fichier non signé]
FirewallRules: [{278E262D-E85F-4900-9BA3-9B0624F72329}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 2\RCT2.EXE () [Fichier non signé]
FirewallRules: [TCP Query User{6DF41B05-909B-4162-B723-87672D8E6865}C:\program files\java\jdk1.8.0_181\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_181\bin\java.exe
FirewallRules: [UDP Query User{DC1D6164-7FCB-491F-A190-515E12906E05}C:\program files\java\jdk1.8.0_181\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_181\bin\java.exe
FirewallRules: [{2785559A-93F3-42A0-B577-C5C4E1F505BF}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{38340A82-0A98-48E2-AE2D-6C2A39B613DD}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (OpenJS Foundation -> Node.js)
FirewallRules: [UDP Query User{8A0DBEB7-6CC6-45E2-B322-705C483A7D3D}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (OpenJS Foundation -> Node.js)
FirewallRules: [{ADCD42CB-F383-4796-9963-C3769300857D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6F7FB1F3-5A9A-459A-877F-496E3BA2FFA6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [DNS Server Forward Rule - TCP - F7B91971-F69D-428C-8B33-9D8DF60834F9 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - F7B91971-F69D-428C-8B33-9D8DF60834F9 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 5485F5E5-E676-4F91-BCCD-3E30F002C5C0 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 5485F5E5-E676-4F91-BCCD-3E30F002C5C0 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 27152AD8-4995-48A4-9E27-B814D802BEE4 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 27152AD8-4995-48A4-9E27-B814D802BEE4 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 8583C374-5AD6-4423-AFF0-E8AE97B6D868 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 8583C374-5AD6-4423-AFF0-E8AE97B6D868 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2F544C85-C398-4606-BF3C-55D5FC097B56 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2F544C85-C398-4606-BF3C-55D5FC097B56 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 396FB3A0-5D7D-42FF-B96E-155987666610 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 396FB3A0-5D7D-42FF-B96E-155987666610 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 1C04DBFC-8F25-4C9F-9144-13C59F408041 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 1C04DBFC-8F25-4C9F-9144-13C59F408041 - 0] => (Allow) LPort=53
FirewallRules: [{E840EC0E-A4CA-48DB-8B0C-8294E0D0646A}] => (Allow) C:\Users\tqy_06\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [DNS Server Forward Rule - TCP - CFF86D40-C93F-4E1F-9536-50504937C23F - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - CFF86D40-C93F-4E1F-9536-50504937C23F - 0] => (Allow) LPort=53
FirewallRules: [{B74A0507-652A-4489-91EF-ED4738AAEF8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [Fichier non signé]
FirewallRules: [{33AA1BDE-6D78-4210-88FE-CF218712E989}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [Fichier non signé]
FirewallRules: [DNS Server Forward Rule - TCP - 2B24432D-188A-4D9F-BD16-17715706FB17 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2B24432D-188A-4D9F-BD16-17715706FB17 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 197E3751-77DF-4A3E-B268-3D4390295730 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 197E3751-77DF-4A3E-B268-3D4390295730 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 0374C7E2-C800-40CD-B352-B9FAB64AF7FF - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 0374C7E2-C800-40CD-B352-B9FAB64AF7FF - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - F8B4DDF8-7B50-4D9B-B5FA-274ADB34042B - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - F8B4DDF8-7B50-4D9B-B5FA-274ADB34042B - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 9CD2CB8E-3294-4E50-A1E9-BE001B732486 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 9CD2CB8E-3294-4E50-A1E9-BE001B732486 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - CF2B9DCD-48DC-459A-9766-C19729111975 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - CF2B9DCD-48DC-459A-9766-C19729111975 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - C3CAA7BF-FC01-400F-A978-C6277B072779 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - C3CAA7BF-FC01-400F-A978-C6277B072779 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 11201686-612F-47B7-966E-0C52B48332B9 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 11201686-612F-47B7-966E-0C52B48332B9 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - A03257C2-28D2-4CDF-960C-B52AC36D8638 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - A03257C2-28D2-4CDF-960C-B52AC36D8638 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 0C2D51E1-7992-4BEE-BBC2-BACC16647A95 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 0C2D51E1-7992-4BEE-BBC2-BACC16647A95 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 35DF1A77-97F8-453A-9278-14582E7D52AE - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 35DF1A77-97F8-453A-9278-14582E7D52AE - 0] => (Allow) LPort=53
FirewallRules: [{3718446B-B211-4B7E-8295-55EE609E6E4C}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{B6532ACB-96D0-4B7F-AA7C-8C913C0B3D97}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{EEEE0574-B574-4CFE-8E47-31C01B20F4AC}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{31AC5FB4-7A1C-41B0-A519-2FEF30109D6F}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [DNS Server Forward Rule - TCP - F575C552-34A0-4704-92EF-5A578A2D930D - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - F575C552-34A0-4704-92EF-5A578A2D930D - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 0C22B357-6B9B-4933-8BD5-BB7F24EBC21C - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 0C22B357-6B9B-4933-8BD5-BB7F24EBC21C - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2B81444C-B9D1-44FF-A6BF-7BB67D6430AC - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2B81444C-B9D1-44FF-A6BF-7BB67D6430AC - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 3A8BE722-8C63-48B3-9BDC-B527B78D7C64 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 3A8BE722-8C63-48B3-9BDC-B527B78D7C64 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - D7F26B8D-A0B4-43D1-B0E8-9A5B38BCC524 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - D7F26B8D-A0B4-43D1-B0E8-9A5B38BCC524 - 0] => (Allow) LPort=53
FirewallRules: [{DAA4515D-16A0-469D-A575-1684553FD2E3}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [DNS Server Forward Rule - TCP - C0607724-424D-4CB9-B5BD-1961CF868ABD - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - C0607724-424D-4CB9-B5BD-1961CF868ABD - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 6B11F754-102F-484F-A0AB-6DBA87B4723F - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 6B11F754-102F-484F-A0AB-6DBA87B4723F - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - FA137B4B-317D-415B-8B4A-188C597682A2 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - FA137B4B-317D-415B-8B4A-188C597682A2 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 144C0330-E72E-4551-8292-0141CE899145 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 144C0330-E72E-4551-8292-0141CE899145 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - B9EA9DE6-39D3-411C-967A-4F9594CAB843 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - B9EA9DE6-39D3-411C-967A-4F9594CAB843 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 59EDF4D5-7CA7-4A81-9289-A67EE8C74842 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 59EDF4D5-7CA7-4A81-9289-A67EE8C74842 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 05C6D8C0-D1C1-4D31-BCA3-A267A9C6BA80 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 05C6D8C0-D1C1-4D31-BCA3-A267A9C6BA80 - 0] => (Allow) LPort=53
FirewallRules: [{5A8EED48-DD1E-410E-B45C-5DD06FB0076F}] => (Allow) C:\Users\tqy_06\AppData\Roaming\RingCentralMeetings\bin\RingCentralMeetings.exe (RingCentral, Inc. -> RingCentral Video Communications, Inc. and RingCentral Inc.)
FirewallRules: [{20CEDE3E-E321-41FB-8C8E-6B45E95DFF99}] => (Allow) C:\Users\tqy_06\AppData\Roaming\RingCentralMeetings\bin\airhost.exe (RingCentral, Inc. -> RingCentral Video Communications, Inc. and RingCentral Inc.)
FirewallRules: [DNS Server Forward Rule - TCP - 6ADADB39-68F7-441F-8023-A61408511D79 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 6ADADB39-68F7-441F-8023-A61408511D79 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 009FF7C5-857C-4DB3-858A-EF57131802AE - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 009FF7C5-857C-4DB3-858A-EF57131802AE - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 1DBD53C4-B3D1-44D5-9D61-407EC4EE19A1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 1DBD53C4-B3D1-44D5-9D61-407EC4EE19A1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 7DAD1D6A-565F-4D19-A056-0E9963EDED94 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 7DAD1D6A-565F-4D19-A056-0E9963EDED94 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - C317F56B-EB0D-4A04-9030-7D5854A85779 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - C317F56B-EB0D-4A04-9030-7D5854A85779 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 95B4739B-B04C-4136-8854-CEB4F6204338 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 95B4739B-B04C-4136-8854-CEB4F6204338 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 99368D25-956B-4962-8EA0-306E0D33A4C4 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 99368D25-956B-4962-8EA0-306E0D33A4C4 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 8077064C-0F6D-4B28-8970-7BB6E73AE996 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 8077064C-0F6D-4B28-8970-7BB6E73AE996 - 0] => (Allow) LPort=53
FirewallRules: [{8F5DD301-6427-4ED4-B2BD-2611D8349A3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SimCity 4 Deluxe\Apps\SimCity 4.exe (Maxis) [Fichier non signé]
FirewallRules: [{A9556148-9FE2-4775-970D-DF99560D99F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SimCity 4 Deluxe\Apps\SimCity 4.exe (Maxis) [Fichier non signé]
FirewallRules: [DNS Server Forward Rule - TCP - E9DD098E-06C2-4F5E-94C6-15B86EFA4716 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - E9DD098E-06C2-4F5E-94C6-15B86EFA4716 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - DF7B13B9-FB56-4F15-B6B0-4889C4AD70FB - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - DF7B13B9-FB56-4F15-B6B0-4889C4AD70FB - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - D9CF3468-8B11-4D32-BA0C-E1BB79F80F67 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - D9CF3468-8B11-4D32-BA0C-E1BB79F80F67 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 15DDB204-0CC8-4968-8C89-6123187BCCB8 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 15DDB204-0CC8-4968-8C89-6123187BCCB8 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - FF74EB23-DA6F-4094-AE23-E6CA93D3DA99 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - FF74EB23-DA6F-4094-AE23-E6CA93D3DA99 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 3352CD46-B726-442C-9A8E-81EAC545FF5B - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 3352CD46-B726-442C-9A8E-81EAC545FF5B - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 6E01385E-62B3-441A-BFFE-794A6570381E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 6E01385E-62B3-441A-BFFE-794A6570381E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - C6A7AE68-2069-40A5-A6B3-55518E68713D - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - C6A7AE68-2069-40A5-A6B3-55518E68713D - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 153EC620-A058-4D0B-8DDE-FA89C7B4A0EB - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 153EC620-A058-4D0B-8DDE-FA89C7B4A0EB - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 673D3CB2-682A-406B-9D85-78F051177EA2 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 673D3CB2-682A-406B-9D85-78F051177EA2 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - D1DE3BFC-661A-4E21-BD11-E5C71E6DCDDB - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - D1DE3BFC-661A-4E21-BD11-E5C71E6DCDDB - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - DC23910A-8924-4427-BD48-F953EE4A8661 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - DC23910A-8924-4427-BD48-F953EE4A8661 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - C01D4162-2A4A-4218-A5E3-251135B6713F - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - C01D4162-2A4A-4218-A5E3-251135B6713F - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2A9D93FE-39C2-49DF-A59D-3215224EA9DE - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2A9D93FE-39C2-49DF-A59D-3215224EA9DE - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - B6D498D2-0AC5-4821-863D-B6771D7FC5D8 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - B6D498D2-0AC5-4821-863D-B6771D7FC5D8 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 830C454C-F560-4DB3-A0C8-A8B46AC1278B - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 830C454C-F560-4DB3-A0C8-A8B46AC1278B - 0] => (Allow) LPort=53
FirewallRules: [TCP Query User{80FBD476-5388-4EA1-835A-70E0837E93E3}C:\program files\jetbrains\webstorm 2019.3.3\bin\webstorm64.exe] => (Allow) C:\program files\jetbrains\webstorm 2019.3.3\bin\webstorm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [UDP Query User{7CABBA26-7A56-4344-888F-38B4E1C27D80}C:\program files\jetbrains\webstorm 2019.3.3\bin\webstorm64.exe] => (Allow) C:\program files\jetbrains\webstorm 2019.3.3\bin\webstorm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [DNS Server Forward Rule - TCP - 0B883BB2-95E3-4F40-8430-9D1016BF2B0F - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 0B883BB2-95E3-4F40-8430-9D1016BF2B0F - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 8FC9E51B-5651-4925-A580-D89D3CC0883A - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 8FC9E51B-5651-4925-A580-D89D3CC0883A - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - E46020F1-CFC7-4E8E-A23C-8AB95CB0C0E2 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - E46020F1-CFC7-4E8E-A23C-8AB95CB0C0E2 - 0] => (Allow) LPort=53
FirewallRules: [TCP Query User{606A4A4A-1547-43D9-B7C7-DEEC87D4E21D}C:\users\tqy_06\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\tqy_06\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B3023EEC-95C6-46BE-8F59-CE6FC9715970}C:\users\tqy_06\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\tqy_06\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [DNS Server Forward Rule - TCP - 24A559F7-5561-41BE-A6CA-E8B7037264BF - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 24A559F7-5561-41BE-A6CA-E8B7037264BF - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - F8CE3037-7448-444C-937F-34190298284F - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - F8CE3037-7448-444C-937F-34190298284F - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2BD7D5F7-D796-4C41-A897-FA8F5DCA15BD - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2BD7D5F7-D796-4C41-A897-FA8F5DCA15BD - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 49970937-D63D-4F44-A69D-212B1C84EDA5 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 49970937-D63D-4F44-A69D-212B1C84EDA5 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - E3E99DAB-59AA-4236-807D-56634FE142FA - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - E3E99DAB-59AA-4236-807D-56634FE142FA - 0] => (Allow) LPort=53
FirewallRules: [{A894B1A6-BBE9-4111-9F08-C5AEFAAF1C55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Drawful 2\Drawful 2.exe (Jackbox Games, Inc.) [Fichier non signé]
FirewallRules: [{641B446C-ACDB-41DC-8E4F-773BF8A883EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Drawful 2\Drawful 2.exe (Jackbox Games, Inc.) [Fichier non signé]
FirewallRules: [DNS Server Forward Rule - TCP - EEC1D826-3985-40ED-A900-CE3EC48B8098 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - EEC1D826-3985-40ED-A900-CE3EC48B8098 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 58C0B05C-2827-4945-8911-2CE3FA87BE8D - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 58C0B05C-2827-4945-8911-2CE3FA87BE8D - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2BA78671-66BF-4169-970C-44D21E6BDBC0 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2BA78671-66BF-4169-970C-44D21E6BDBC0 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 0489AAE6-FC25-430D-AB5C-255B53413C02 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 0489AAE6-FC25-430D-AB5C-255B53413C02 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 878D7FDE-C898-4F3A-9184-D342C7EBF957 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 878D7FDE-C898-4F3A-9184-D342C7EBF957 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 94F28E9B-905A-4859-87B7-9A7105706768 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 94F28E9B-905A-4859-87B7-9A7105706768 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 2283CAD2-6A32-483F-801F-C4931930AC01 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 2283CAD2-6A32-483F-801F-C4931930AC01 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 260FB1E8-7558-4ED5-8A59-B4E1D6C352EC - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 260FB1E8-7558-4ED5-8A59-B4E1D6C352EC - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 89B44FF5-0311-4015-BEF2-2A7659D8558C - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 89B44FF5-0311-4015-BEF2-2A7659D8558C - 0] => (Allow) LPort=53
FirewallRules: [{AD221240-52B9-4B39-9180-73ABDEEF45CA}] => (Allow) D:\SteamLibrary\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [Fichier non signé]
FirewallRules: [{BBFE54DB-022E-46D9-937B-362B7A396854}] => (Allow) D:\SteamLibrary\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [Fichier non signé]
FirewallRules: [DNS Server Forward Rule - TCP - 67E8133C-3F8E-4296-ADA7-8AC9531F5F4F - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 67E8133C-3F8E-4296-ADA7-8AC9531F5F4F - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 6A64A931-F220-4642-8225-62EFD7337F86 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 6A64A931-F220-4642-8225-62EFD7337F86 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 44F34B3C-8397-4A27-B479-BBDD609FAA70 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 44F34B3C-8397-4A27-B479-BBDD609FAA70 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - D1C52EFC-0E23-49D9-8E73-5CCCC1A591EC - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - D1C52EFC-0E23-49D9-8E73-5CCCC1A591EC - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - D4BA8759-E937-41D4-BF9F-32C254604B39 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - D4BA8759-E937-41D4-BF9F-32C254604B39 - 0] => (Allow) LPort=53
FirewallRules: [{6A9CD1D5-425A-4CC5-82E5-EC90A1480E8B}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{3B8588E8-C658-4422-9F85-674C6EAEEFA2}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{39A3F2FA-F6D0-493E-95A7-9675FEC435CB}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{E3308652-B111-46BB-9B65-B0CC8BF1B940}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [DNS Server Forward Rule - TCP - 73762F81-FE53-454B-87A0-82BF4C68F316 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 73762F81-FE53-454B-87A0-82BF4C68F316 - 0] => (Allow) LPort=53
FirewallRules: [{56603040-4A2B-4EA8-9C94-494DDD41A18C}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{82440FC9-DB04-49C8-9EDB-980A7BC932A6}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{E87F6A77-E927-404F-9A93-7987E3F29ADE}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{46AC7CF0-A2B8-47CF-A10E-E16D0DADFCF1}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [DNS Server Forward Rule - TCP - F6300D20-16E7-4BA0-857F-64B2E0F4286A - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - F6300D20-16E7-4BA0-857F-64B2E0F4286A - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - A82EAD76-28B1-43C9-83CC-23A23CCD50B8 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - A82EAD76-28B1-43C9-83CC-23A23CCD50B8 - 0] => (Allow) LPort=53
FirewallRules: [{9F2C077F-9B2F-47D7-9CF7-4EF929DC4843}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{C391888C-57F9-4B6D-8EAF-D0B155D24BDB}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{E4B205A9-5C9A-4D52-93E7-DEE6DBC8F092}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{EB959A63-6B7B-43DD-969C-0FF03F279C19}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{AAB44DE1-4EEA-4693-A420-C799B42EABE1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{67129F36-A886-45F6-B10A-515981DBF44D}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{11A88DB3-360A-40CA-B78D-B7C74AC5DAB9}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{3985C670-5562-42DC-A0AD-D336113D2C7B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C8D446ED-390F-43EC-888B-4C85178210E4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B45EE5A9-F079-47D2-9FB3-E440105F366E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C703F691-FFBA-4FF5-B517-BE74B7E6DB50}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{21FABA04-83CB-4078-BDB2-DFF98E6665EE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E29B504A-EE2D-477A-9FA3-D91FFA44B049}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{30CBEEA9-D3E4-4462-9A30-29F4603A10CB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BAAC9500-B2A4-4709-9FB3-D4C43C5F9611}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EF66515E-1780-40C7-8306-127761772802}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A2C5AE99-DADB-40DF-A008-537EB56E96EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{63D51C71-A4A7-4197-9AF0-7EBBA23D0A42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
 
==================== Points de restauration =========================
 
24-05-2021 19:03:53 Scheduled Checkpoint
06-06-2021 14:53:23 Scheduled Checkpoint
 
==================== Éléments en erreur du Gestionnaire de périphériques ============
 
 
==================== Erreurs du Journal des événements: ========================
 
Erreurs Application:
==================
Error: (06/06/2021 02:09:47 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: L’optimiseur de stockage n’a pas pu terminer retrim de Software&Storage (D:), car : The operation requested is not supported by the hardware backing the volume. (0x8900002A)
 
Error: (06/06/2021 02:04:39 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: L’optimiseur de stockage n’a pas pu terminer retrim de Software&Storage (D:), car : The operation requested is not supported by the hardware backing the volume. (0x8900002A)
 
Error: (06/06/2021 01:59:06 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: L’optimiseur de stockage n’a pas pu terminer retrim de Software&Storage (D:), car : The operation requested is not supported by the hardware backing the volume. (0x8900002A)
 
Error: (06/06/2021 01:50:05 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: L’optimiseur de stockage n’a pas pu terminer retrim de Software&Storage (D:), car : The operation requested is not supported by the hardware backing the volume. (0x8900002A)
 
Error: (06/05/2021 10:51:06 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: L’optimiseur de stockage n’a pas pu terminer retrim de Software&Storage (D:), car : The operation requested is not supported by the hardware backing the volume. (0x8900002A)
 
Error: (06/05/2021 10:36:06 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: L’optimiseur de stockage n’a pas pu terminer retrim de Software&Storage (D:), car : The operation requested is not supported by the hardware backing the volume. (0x8900002A)
 
Error: (06/05/2021 09:59:24 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x8007001f, A device attached to the system is not functioning.
.
 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Error: (06/05/2021 09:58:55 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005, Access is denied.
.
Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {f21bd4df-2cff-4f4d-8532-315635073668}
 
 
Erreurs système:
=============
Error: (06/06/2021 01:50:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Échec de l'installation : l'installation de la mise à jour suivante a échoué avec l'erreur 0x8024200b : Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.341.196.0).
 
Error: (06/06/2021 01:31:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-K95T8M6)
Description: Le serveur Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
 
Error: (06/05/2021 10:04:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-K95T8M6)
Description: Le serveur Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
 
Error: (06/05/2021 10:03:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-K95T8M6)
Description: Le serveur Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
 
Error: (06/05/2021 10:02:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service IntelHaxm n'a pas pu démarrer en raison de l'erreur : 
Un périphérique attaché au système ne fonctionne pas correctement.
 
Error: (06/05/2021 10:02:03 PM) (Source: IntelHaxm) (EventID: 3) (User: )
Description: HAXM Failed to init VMX
 
Error: (06/05/2021 10:02:03 PM) (Source: IntelHaxm) (EventID: 6) (User: )
Description: HAXM can't work on system without VT support
 
Error: (06/05/2021 10:01:27 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Le module d'extensibilité WLAN s'est arrêté de façon inattendue.
 
Chemin d'accès du module : C:\WINDOWS\System32\IWMSSvc.dll
 
 
Windows Defender:
================
Date: 2021-06-06 14:05:42
Description: 
L’analyse Microsoft Defender Antivirus a été arrêtée avant la fin.
ID de l’analyse : {0FD3837E-7FF5-43D2-8A46-E26361EA8AD8}
Type de l’analyse : Antimalware
Paramètres de l’analyse : Quick Scan
Utilisateur : NT AUTHORITY\SYSTEM
 
Date: 2021-06-06 13:59:56
Description: 
L’analyse Microsoft Defender Antivirus a été arrêtée avant la fin.
ID de l’analyse : {8146C2F4-39A8-4159-B46B-AB854DF6E882}
Type de l’analyse : Antimalware
Paramètres de l’analyse : Quick Scan
Utilisateur : NT AUTHORITY\SYSTEM
 
Date: 2021-06-06 13:51:01
Description: 
L’analyse Microsoft Defender Antivirus a été arrêtée avant la fin.
ID de l’analyse : {5C0A41EE-941E-4FEE-BAE3-25727E5236B2}
Type de l’analyse : Antimalware
Paramètres de l’analyse : Quick Scan
Utilisateur : NT AUTHORITY\SYSTEM
 
Date: 2021-06-03 09:00:50
Description: 
L’analyse Microsoft Defender Antivirus a été arrêtée avant la fin.
ID de l’analyse : {83D4D9E1-EE79-4344-8241-45E077C2A246}
Type de l’analyse : Antimalware
Paramètres de l’analyse : Quick Scan
Utilisateur : NT AUTHORITY\SYSTEM
 
Date: 2021-06-02 20:44:25
Description: 
L’analyse Microsoft Defender Antivirus a été arrêtée avant la fin.
ID de l’analyse : {D429D735-9E5C-4562-A33C-9E6CB9976753}
Type de l’analyse : Antimalware
Paramètres de l’analyse : Quick Scan
Utilisateur : NT AUTHORITY\SYSTEM
 
Date: 2021-06-06 13:50:24
Description: 
Microsoft Defender Antivirus a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité : 
Version précédente de la veille de sécurité : 1.339.1944.0
Source de mise à jour : Microsoft Update Server
Type de veille de sécurité : AntiVirus
Type de mise à jour : Full
Utilisateur : NT AUTHORITY\SYSTEM
Version actuelle du moteur : 
Version précédente du moteur : 1.1.18100.6
Code d’erreur : 0x80070643
Description de l’erreur : Fatal error during installation. 
 
Date: 2021-06-06 13:50:22
Description: 
Microsoft Defender Antivirus a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité : 1.341.196.0
Version précédente de la veille de sécurité : 1.339.1944.0
Source de mise à jour : User
Type de veille de sécurité : AntiSpyware
Type de mise à jour : Delta
Utilisateur : NT AUTHORITY\SYSTEM
Version actuelle du moteur : 1.1.18200.4
Version précédente du moteur : 1.1.18100.6
Code d’erreur : 0x80070666
Description de l’erreur : Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 
 
Date: 2021-06-06 13:50:22
Description: 
Microsoft Defender Antivirus a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité : 1.341.196.0
Version précédente de la veille de sécurité : 1.339.1944.0
Source de mise à jour : User
Type de veille de sécurité : AntiVirus
Type de mise à jour : Delta
Utilisateur : NT AUTHORITY\SYSTEM
Version actuelle du moteur : 1.1.18200.4
Version précédente du moteur : 1.1.18100.6
Code d’erreur : 0x80070666
Description de l’erreur : Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 
 
Date: 2021-06-06 13:50:22
Description: 
Microsoft Defender Antivirus a rencontré une erreur lors de la mise à jour du moteur.
Nouvelle version du moteur : 1.1.18200.4
Version précédente du moteur : 1.1.18100.6
Utilisateur : NT AUTHORITY\SYSTEM
Code d’erreur : 0x80070666
Description de l’erreur : Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 
 
Date: 2021-05-05 19:31:03
Description: 
Microsoft Defender Antivirus a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité : 1.339.26.0
Version précédente de la veille de sécurité : 1.337.623.0
Source de mise à jour : User
Type de veille de sécurité : AntiSpyware
Type de mise à jour : Delta
Utilisateur : NT AUTHORITY\SYSTEM
Version actuelle du moteur : 1.1.18100.6
Version précédente du moteur : 1.1.18100.5
Code d’erreur : 0x80070666
Description de l’erreur : Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 
 
CodeIntegrity:
===============
Date: 2021-06-06 13:45:13
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\malwarebytes\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Infos Mémoire =========================== 
 
BIOS: LENOVO GLETA0WW (2.54 ) 08/27/2019
Carte mère: LENOVO 20AWS0FD00
Processeur: Intel® Core™ i5-4300M CPU @ 2.60GHz
Pourcentage de mémoire utilisée: 38%
Mémoire physique - RAM - totale: 16070.14 MB
Mémoire physique - RAM - disponible: 9957.84 MB
Mémoire virtuelle totale: 18502.14 MB
Mémoire virtuelle disponible: 12790.58 MB
 
==================== Lecteurs ================================
 
Drive c: () (Fixed) (Total:232.36 GB) (Free:20.73 GB) NTFS
Drive d: (Software&Storage) (Fixed) (Total:465.76 GB) (Free:258.3 GB) NTFS
 
\\?\Volume{c897d0e1-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{c897d0e1-0000-0000-0000-30393a000000}\ () (Fixed) (Total:0.87 GB) (Free:0.36 GB) NTFS
 
==================== MBR & Table des partitions ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 233.8 GB) (Disk ID: C897D0E1)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=887 MB) - (Type=27)
 
==========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 89ABC8A4)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
 
==================== Fin de Addition.txt =======================

  • 0

#12
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,240 posts

Hi, Meboubou.
 
The logs are clean. There is no sign of an active infection.
 
However, if you are sure that you have been hacked, what you have to do is to change passwords, contact the Authorities and think of reinstalling your operating system.
 

 

Things I can see that need attention, in case you decide to continue:
 
 

1. Old version of Java
 
This is an old version and you already have the latest one. Please uninstall it.
 
Java SE Development Kit 8 Update 181 
 
 
2. Limited disk space
 
You have around 20GB free space in C, where the operating system is installed. This can have a negative impact to your computer's functionality. You will not be able to update your operating system if you haven't got enough space. Of course, you have plenty of space in drive D, but your operating system is on drive C. A good idea would be saving your files in D from now on, especially those taking much space. For now please, do the following:

Disc cleanup

  • Press the Windows icon on your keyboard, together with the letter R.
  • Type in the blank area cleanmgr and then press OK.
  • Select Drive C and press OK.
  • Select everything you don't need in the list that will appear. Actually, you can select everything there, but be careful if you need some files in the Downloads folder.
  • Press the button Clean up system files and wait a bit.
  • Again, select everything you don't need, including old Windows installations, if any.
  • Select the tab More options.
  • Under the title System Restore and Shadow Copies, press Clean up.
  • Press Delete and OK if you are asked to.
  • Wait some time (depending of the items that are deleted).
  • Make a restart when the process is finished.

 

3. Update your operating system

 

 You are now running with 20H2 version of Windows. The latest one is 21H1. If you wish, you can update now, or wait until the update is offered to you.

In case you don't want to wait:

  • Go to this Microsoft page and under the title Create Windows 10 installation media press on Download tool now.
  • Save the tool on your Desktop and double click to run it.
  • On the License terms page, if you accept the license terms, select Accept.
  • On the What do you want to do page, select Upgrade this PC now, and then select Next.
  • Follow the instructions and select Keep personal files and apps, when you are asked to.
  • It might take a couple of hours, depending on your wifi speed connection, to install Windows 10. Your PC will restart a few times. Make sure you don’t turn off your PC.
  • After downloading and installing, the tool will walk you through how to set up Windows 10 on your PC.

 

In your next reply please post:

  1. What have you decided to do?
  2. If you performed the 3 steps above, please give me fresh FRST logs (Addition and FRST), just to ensure that the update went fine.
  3. Any question?

  • 0

#13
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,240 posts

Hi, Meboubou.

 

I would appreciate if you let me know if you are going to continue with this or not.

 

Thank you.


  • 0

#14
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,240 posts
As this issue appears to be resolved, I'm closing this topic.
 
Meboubou, if you need it reopened, please send me a personal message (Hoover with the mouse on my profile name and choose Send message).

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP