cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 10-10-2021
Exécuté par yoann (10-10-2021 18:48:03)
Exécuté depuis C:\Users\yoann\Desktop
Microsoft Windows 10 Professionnel Version 21H1 19043.1237 (X64) (2020-07-19 16:12:51)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================


(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

Administrateur (S-1-5-21-1461851873-1119484311-3382848958-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1461851873-1119484311-3382848958-503 - Limited - Disabled)
Invité (S-1-5-21-1461851873-1119484311-3382848958-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1461851873-1119484311-3382848958-504 - Limited - Disabled)
yoann (S-1-5-21-1461851873-1119484311-3382848958-1001 - Administrator - Enabled) => C:\Users\yoann

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 21.007.20095 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.125 - Adobe)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Alice Retour au pays de la folie (HKLM-x32\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)
Apple Mobile Device Support (HKLM\...\{527DD209-8A66-482F-8779-C7B3BACCA8F1}) (Version: 15.0.0.16 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Assistance pour l’iPod (HKLM\...\{E454C788-F484-4479-9F0F-B2C0EFB77A67}) (Version: 12.11.3.7 - Apple Inc.)
ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.5.0 - ASUSTeK COMPUTER INC.)
ASUS GPU Check (HKLM\...\{5076021E-49F0-4089-BDE4-4C64454B419F}) (Version: 1.2.0 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.8 - ASUSTeK COMPUTER INC.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.85 - Piriform)
Crash Bandicoot 4 (HKLM-x32\...\Crash Bandicoot 4) (Version: - Blizzard Entertainment)
CrystalDiskInfo 8.12.9 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.12.9 - Crystal Dew World)
Discord (HKU\S-1-5-21-1461851873-1119484311-3382848958-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.)
DriversCloud.com (64 bits) (HKLM\...\{8345D0DF-6F2B-42B5-BEA4-9D7B0F532294}) (Version: 10.1.1.1 - Cybelsoft)
Epic Games Launcher (HKLM-x32\...\{328902CF-CDEF-4124-B1FE-2E4D026C5750}) (Version: 1.1.195.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 94.0.4606.71 - Google LLC)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
iTunes (HKLM\...\{567BF73A-A04B-4C48-AD74-C54C82E0BE24}) (Version: 12.12.1.1 - Apple Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LockHunter 3.2, 32/64 bit (HKLM\...\LockHunter_is1) (Version: - Crystal Rich Ltd)
Logiciel pour périphérique à chipset Intel® (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Malwarebytes version 4.4.8.137 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.8.137 - Malwarebytes)
Messenger 97.9.116 (HKU\S-1-5-21-1461851873-1119484311-3382848958-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 97.9.116 - Facebook, Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.38 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1461851873-1119484311-3382848958-1001\...\OneDriveSetup.exe) (Version: 21.180.0905.0007 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Molotov (HKU\S-1-5-21-1461851873-1119484311-3382848958-1001\...\Molotov) (Version: 4.4.4 - Molotov)
Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 93.0 (x64 fr)) (Version: 93.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2 - Mozilla)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Pilote graphique 472.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 472.12 - NVIDIA Corporation)
OpenOffice 4.1.11 (HKLM-x32\...\{89DCB28E-BB7B-41AA-8E58-F710C6C4F234}) (Version: 4.111.9808 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.97.47554 - Electronic Arts, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek)
Revo Uninstaller 2.3.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.0 - VS Revo Group, Ltd.)
Rocket Arena (HKLM-x32\...\{744D9EAA-4E64-4981-B365-1A3E653D39AD}) (Version: 1.2.1.0 - Electronic Arts, Inc.) <==== ATTENTION
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.36.344 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.9 - Rockstar Games)
Signal 5.19.0 (HKU\S-1-5-21-1461851873-1119484311-3382848958-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 5.19.0 - Open Whisper Systems)
Sleepy (HKLM-x32\...\Sleepy) (Version: - )
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Spotify (HKU\S-1-5-21-1461851873-1119484311-3382848958-1001\...\Spotify) (Version: 1.1.68.632.g2b11de83 - Spotify AB)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tm Audio Editor 2.8.9.186 (HKLM-x32\...\Tm Audio Editor_is1) (Version: - Ans Software)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft)
UCheck version 4.1.1.0 (HKLM\...\C4E7EE54-826F-41C4-BE3C-375CC70DC1D8_is1) (Version: 4.1.1.0 - Adlice Software)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Voicemod (HKLM\...\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1) (Version: 2.17.0.2 - Voicemod S.L.)
Voxal Modificateur de voix (HKLM-x32\...\Voxal) (Version: 6.11 - NCH Software)
WhatsApp (HKU\S-1-5-21-1461851873-1119484311-3382848958-1001\...\WhatsApp) (Version: 2.2134.10 - WhatsApp)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.10.0 - ASUSTeK COMPUTER INC.)

Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.66.4.0_x86__kgqvnymyfvs32 [2021-10-07] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2120.1.0_x86__kgqvnymyfvs32 [2021-10-01] (king.com)
Centre de configuration des graphiques Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-07-24] (INTEL CORP) [Startup Task]
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-05] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.10.183.0_x64__rz1tebttyb220 [2021-10-01] (Dolby Laboratories)
Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2021-03-15] (Fitbit)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-19] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-09] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.9220.0_x64__8wekyb3d8bbwe [2021-10-09] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-09-23] (NVIDIA Corp.)
Photo Editor | Polarr -> C:\Program Files\WindowsApps\613EBCEA.PolarrPhotoEditorAcademicEdition_5.10.220.0_x64__jb41c8remg0x2 [2021-09-03] (Polarr)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.169.0_x64__dt26b99r8h8gj [2019-06-05] (Realtek Semiconductor Corp)

==================== Personnalisé CLSID (Avec liste blanche): ==============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-1461851873-1119484311-3382848958-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => C:\Users\yoann\OneDrive [2019-03-09 12:21]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers1: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2017-07-20] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers2: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2017-07-20] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers4: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2017-07-20] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_df6745aaa4048565\nvshext.dll [2021-09-16] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Avec liste blanche) ====================

==================== Raccourcis & WMI ========================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

ShortcutWithArgument: C:\Users\yoann\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Modules chargés (Avec liste blanche) =============

2021-04-15 12:46 - 2020-11-18 12:06 - 001282048 _____ (The OpenSSL Project, http://www.openssl.org/) [Fichier non signé] D:\Origin\LIBEAY32.dll
2021-04-15 12:46 - 2020-11-18 12:06 - 000279040 _____ (The OpenSSL Project, http://www.openssl.org/) [Fichier non signé] D:\Origin\ssleay32.dll
2021-04-15 12:46 - 2020-11-18 12:06 - 001611264 _____ (The Qt Company Ltd) [Fichier non signé] D:\Origin\platforms\qwindows.dll
2021-04-15 12:46 - 2020-11-18 12:06 - 005487104 _____ (The Qt Company Ltd) [Fichier non signé] D:\Origin\Qt5Core.dll
2021-04-15 12:46 - 2020-11-18 12:06 - 005841920 _____ (The Qt Company Ltd) [Fichier non signé] D:\Origin\Qt5Gui.dll
2021-04-15 12:46 - 2020-11-18 12:06 - 001179136 _____ (The Qt Company Ltd) [Fichier non signé] D:\Origin\Qt5Network.dll
2021-04-15 12:46 - 2020-11-18 12:06 - 000146432 _____ (The Qt Company Ltd) [Fichier non signé] D:\Origin\Qt5WebSockets.dll
2021-04-15 12:46 - 2020-11-18 12:06 - 005089792 _____ (The Qt Company Ltd) [Fichier non signé] D:\Origin\Qt5Widgets.dll
2021-04-15 12:46 - 2020-11-18 12:06 - 000184832 _____ (The Qt Company Ltd) [Fichier non signé] D:\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Avec liste blanche) ========

==================== Mode sans échec (Avec liste blanche) ==================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Avec liste blanche) =================

==================== Internet Explorer (Avec liste blanche) ==========


==================== Hosts contenu: =========================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2018-09-15 11:31 - 2021-07-14 22:16 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2020-03-30 16:51 - 2020-03-30 16:56 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Autres zones ===========================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-1461851873-1119484311-3382848958-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\yoann\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKU\S-1-5-21-1461851873-1119484311-3382848958-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== RèglesPare-feu (Avec liste blanche) ================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [TCP Query User{E579F3E0-92AF-4869-A30F-DC16AB22FCD2}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{78332841-7834-44E9-9E82-52AC54F7E47B}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{1A627ABB-04AA-43B8-84AC-01D0C30ECDEC}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{281A3847-DD63-4337-9AC6-A63D94CF8039}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{D6E4ADB7-C2F9-49E6-A245-30F3365F1604}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{9D428EBD-365E-411A-B557-EE41C693F94A}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B9935609-2236-4CC3-9C9D-A8DCFF170284}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{79482A3A-0FB6-429F-BE5B-D40EEDDFCDE5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5266F182-04E1-4537-A3A9-D003C339F466}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{322B86B8-395A-4E6E-8FBC-8E19CAFF1307}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{72371F16-B07D-4387-A144-AFBDD99A84B9}C:\users\yoann\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\yoann\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{1061ADB2-51D1-4A72-956E-35233EC36171}C:\users\yoann\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\yoann\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{916388A8-F94F-49A4-9D13-8B9F82FC3575}] => (Allow) D:\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3A971391-4936-4A10-86A0-329F8CA937F5}] => (Allow) D:\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{ED30AAE7-C3D0-4116-9866-8FB2FB14DEA3}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{AC3F38AB-5098-4047-8EA8-A36BF9BCDB10}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{4E56F021-2353-4223-9079-A6BD4617CD51}] => (Allow) D:\Program Files (x86)\Origin Games\RocketArena\Launch_RocketArena.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{B715F1E7-8141-4EAA-88E5-239069C8C991}] => (Allow) D:\Program Files (x86)\Origin Games\RocketArena\Launch_RocketArena.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{E6CB780E-52EF-4725-9680-1A54A8A48C37}D:\program files (x86)\origin games\rocketarena\mariner\binaries\win64\mariner-win64-shipping.exe] => (Allow) D:\program files (x86)\origin games\rocketarena\mariner\binaries\win64\mariner-win64-shipping.exe (Final Strike Games LLC) [Fichier non signé]
FirewallRules: [UDP Query User{7470CBA3-4023-4C90-9FDA-46344E0372E5}D:\program files (x86)\origin games\rocketarena\mariner\binaries\win64\mariner-win64-shipping.exe] => (Allow) D:\program files (x86)\origin games\rocketarena\mariner\binaries\win64\mariner-win64-shipping.exe (Final Strike Games LLC) [Fichier non signé]
FirewallRules: [{79F68213-5846-448D-A250-4D21C165D8CF}] => (Allow) D:\Origin\Origin.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{887DB217-6D71-4A6C-9F92-E909A01B8546}] => (Allow) D:\Origin\Origin.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{3CDAF545-FFF6-4A21-8C2F-E2B78A5A8136}] => (Allow) D:\Origin\Origin.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{A5D33BA9-CAEE-4529-944F-4FA59C0FA0C7}] => (Allow) D:\Origin\Origin.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{6A1A884D-9DFC-47B8-A3A5-B303AC3C4B7D}] => (Allow) D:\Origin\OriginClientService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F1CE13E2-0F47-497D-9DF3-785C1B78063D}] => (Allow) D:\Origin\OriginClientService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{BDB88593-564A-4024-9CB9-5A6D4620EDE4}] => (Allow) D:\Origin\OriginClientService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{48E04285-17B4-4956-85F4-0BBFDE4C6733}] => (Allow) D:\Origin\OriginClientService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{9F7B0C15-9AA5-4055-9D4C-DF6328190736}D:\program files (x86)\origin games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe] => (Allow) D:\program files (x86)\origin games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe (Kalloc Studios -> ) [Fichier non signé]
FirewallRules: [UDP Query User{597F5C1E-68FF-4B40-9035-ED5CA190701A}D:\program files (x86)\origin games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe] => (Allow) D:\program files (x86)\origin games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe (Kalloc Studios -> ) [Fichier non signé]
FirewallRules: [TCP Query User{07E9DB8A-13FC-446C-BD25-FEEF436E2914}C:\users\yoann\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\yoann\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{8E94D1C5-4755-46BD-B1E5-9EB98CF53E56}C:\users\yoann\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\yoann\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{22B568B2-2F07-4C3A-A09A-6D0EB934F753}] => (Allow) D:\Steam\steamapps\common\BattleforBlood\bfb.exe (Unity Technologies SF -> ) [Fichier non signé]
FirewallRules: [{E5F37920-D1A8-4062-B40E-C1052B0CBDEA}] => (Allow) D:\Steam\steamapps\common\BattleforBlood\bfb.exe (Unity Technologies SF -> ) [Fichier non signé]
FirewallRules: [{255F0E13-D3D1-49B7-B4B3-B87F5C9E054F}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [{96789716-8FBE-423A-A79B-AFB23EE05A05}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [{2FD95F0E-F097-412A-B692-DB7868E7C6BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6A22D2EB-32CE-4F34-9FCD-44C42CBB7580}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1BB212C9-A6CA-43F2-B2C7-D78B2A247F06}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{410CD1C7-8C58-4396-93F7-4BDA919199DB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{008FE855-F47A-4C2C-8DD0-082CFECB1FD8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ABF9ECD0-9EE8-43B1-8E08-1FECB59580BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BC0F0C6E-6CB4-4858-A590-D6FA182AADC1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{93115340-B358-484D-88FA-F76B9FE55F10}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{4E1F7B9E-4520-4922-893C-8B5B7B22A0AD}D:\crash bandicoot 4\lava\binaries\win64\lava-win64-shipping.exe] => (Allow) D:\crash bandicoot 4\lava\binaries\win64\lava-win64-shipping.exe (Activision Publishing Inc -> Activision Publishing)
FirewallRules: [UDP Query User{362C7D91-DD5A-469F-B7A9-1C2A2CBDC5EA}D:\crash bandicoot 4\lava\binaries\win64\lava-win64-shipping.exe] => (Allow) D:\crash bandicoot 4\lava\binaries\win64\lava-win64-shipping.exe (Activision Publishing Inc -> Activision Publishing)
FirewallRules: [{D714C3E4-A886-4AE4-B665-25293BC6FC61}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EA5B4AF2-4C70-4FBB-A106-28764D47832F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Points de restauration =========================

23-09-2021 15:27:54 Revo Uninstaller's restore point - qBittorrent 4.3.8
03-10-2021 20:31:23 Programme d’installation pour les modules Windows
07-10-2021 23:26:03 Installé OpenOffice 4.1.11
07-10-2021 23:39:36 Revo Uninstaller's restore point - Viber
08-10-2021 16:24:31 Revo Uninstaller's restore point - WhatsApp

==================== Éléments en erreur du Gestionnaire de périphériques ============


==================== Erreurs du Journal des événements: ========================

Erreurs Application:
==================
Error: (10/10/2021 03:01:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours.
.

Error: (10/10/2021 03:01:59 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours.
]

Error: (10/09/2021 11:54:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 25 1.0.0.127.in-addr.arpa. PTR DESKTOP-H2DLONA-2.local.

Error: (10/09/2021 11:54:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 127.0.0.1:5353 23 1.0.0.127.in-addr.arpa. PTR DESKTOP-H2DLONA.local.

Error: (10/09/2021 11:54:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 25 C.2.5.2.2.7.3.F.A.7.A.9.2.B.4.F.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR DESKTOP-H2DLONA-2.local.

Error: (10/09/2021 11:54:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 2A01:CB22:0881:B400:F4B2:9A7A:F372:252C:5353 23 C.2.5.2.2.7.3.F.A.7.A.9.2.B.4.F.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR DESKTOP-H2DLONA.local.

Error: (10/09/2021 11:54:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 25 C.7.0.A.0.6.5.3.F.F.8.1.1.9.1.5.0.0.4.B.1.8.8.0.2.2.B.C.1.0.A.2.ip6.arpa. PTR DESKTOP-H2DLONA-2.local.

Error: (10/09/2021 11:54:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 2A01:CB22:0881:B400:F4B2:9A7A:F372:252C:5353 23 C.7.0.A.0.6.5.3.F.F.8.1.1.9.1.5.0.0.4.B.1.8.8.0.2.2.B.C.1.0.A.2.ip6.arpa. PTR DESKTOP-H2DLONA.local.


Erreurs système:
=============
Error: (10/10/2021 12:25:01 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\yoann\AppData\Local\Temp\ehdrv.sys

Error: (10/10/2021 12:25:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service eapihdrv n’a pas pu démarrer en raison de l’erreur :
Le chargement du pilote a été bloqué

Error: (10/10/2021 12:25:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service eapihdrv n’a pas pu démarrer en raison de l’erreur :
Le chargement du pilote a été bloqué

Error: (10/10/2021 12:25:01 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\yoann\AppData\Local\Temp\ehdrv.sys

Error: (10/10/2021 12:25:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service eapihdrv n’a pas pu démarrer en raison de l’erreur :
Le chargement du pilote a été bloqué

Error: (10/10/2021 12:25:01 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\yoann\AppData\Local\Temp\ehdrv.sys

Error: (10/10/2021 12:25:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service eapihdrv n’a pas pu démarrer en raison de l’erreur :
Le chargement du pilote a été bloqué

Error: (10/10/2021 12:25:01 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\yoann\AppData\Local\Temp\ehdrv.sys


Windows Defender:
================
Date: 2021-10-10 10:05:24
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {2B38C276-789D-4434-8DBF-8FBDF2564BB1}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2021-10-07 21:08:49
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {C9AB6769-7D15-4DD5-A4B3-C4323E9DB361}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2021-10-06 23:10:23
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {0466B7D6-31DA-49D6-AABA-4A30CAE888FD}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2021-10-05 14:38:23
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {1B580C3A-626B-4A92-88C7-B1A2E2D55F00}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2021-10-01 23:13:14
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {50225DFF-7EB0-4658-8852-3F56D5D38553}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

CodeIntegrity:
===============
Date: 2021-08-04 14:17:38
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-05-30 17:58:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Infos Mémoire ===========================

BIOS: American Megatrends Inc. FX504GM.313 08/23/2021
Carte mère: ASUSTeK COMPUTER INC. FX504GM
Processeur: Intel(R) Core(TM) i5-8300H CPU @ 2.30GHz
Pourcentage de mémoire utilisée: 43%
Mémoire physique - RAM - totale: 8048.53 MB
Mémoire physique - RAM - disponible: 4529.9 MB
Mémoire virtuelle totale: 16752.53 MB
Mémoire virtuelle disponible: 11711.78 MB

==================== Lecteurs ================================

Drive c: () (Fixed) (Total:237.87 GB) (Free:34.49 GB) NTFS
Drive d: (Disque local ) (Fixed) (Total:931.5 GB) (Free:743.24 GB) NTFS

\\?\Volume{42a76fd3-44a6-426f-88cd-5b044883d92c}\ () (Fixed) (Total:0.49 GB) (Free:0.04 GB) NTFS
\\?\Volume{70332a0d-88fd-42dd-a833-4f409c80206e}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Table des partitions ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Fin de Addition.txt =======================

Publicité


Signaler le contenu de ce document

Publicité