Addition.txt

Document joint : KJzlr0BwrKN_Addition.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 20-10-2021
Exécuté par Tamya (25-10-2021 11:45:07)
Exécuté depuis D:\Téléchargement
Microsoft Windows 10 Famille Version 20H2 19042.1288 (X64) (2021-04-15 01:49:17)
Mode d'amorçage: Normal
==========================================================

==================== Comptes: =============================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

Administrateur (S-1-5-21-125834232-3939521870-3946637534-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-125834232-3939521870-3946637534-503 - Limited - Disabled)
Invité (S-1-5-21-125834232-3939521870-3946637534-501 - Limited - Disabled)
Tamya (S-1-5-21-125834232-3939521870-3946637534-1001 - Administrator - Enabled) => C:\Users\Tamya
WDAGUtilityAccount (S-1-5-21-125834232-3939521870-3946637534-504 - Limited - Disabled)

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
FW: Pare-feu McAfee (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
CCleaner (HKLM\...\CCleaner) (Version: 5.86 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 94.0.12470.84 - Auteurs de CCleaner Browser)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
Désinstallation de l'imprimante EPSON XP-243 245 247 Series (HKLM\...\EPSON XP-243 245 247 Series) (Version: - Seiko Epson Corporation)
Discord (HKU\S-1-5-21-125834232-3939521870-3946637534-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{5C415481-ECCD-4875-AF77-A97B79825F2C}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epson Printer Connection Checker (HKLM-x32\...\{189DE071-E0BC-4BA5-8E34-83D5ED12600B}) (Version: 3.2.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.3.19.701 - Digital Wave Ltd)
GameInput Redistributable (HKLM-x32\...\{7E52156F-18FE-B953-BEA9-6BE6A77AFDFF}) (Version: 10.1.19041.3906 - Microsoft Corporation)
Gas Station Simulator (HKLM-x32\...\Gas Station Simulator_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 94.0.4606.81 - Google LLC)
Green Hell (HKLM-x32\...\Green Hell_is1) (Version: - )
Intel(R) Dynamic Tuning (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.6.10401.9906 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000020-0220-1036-84C8-B8D95FA3C8C3}) (Version: 22.20.0.3 - Intel Corporation)
Kenshi (HKLM-x32\...\1193046833_is1) (Version: 1.0.51 - GOG.com)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Calliope USB Keyboard (HKLM\...\{520AA862-0064-4B41-B777-1FAFC1AD1293}) (Version: 1.11 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.9.23.0 - Lenovo Group Ltd.)
Logiciel Intel® PROSet/Wireless (HKLM-x32\...\{6aa2484c-1a35-428e-a857-8ee0a874d2d1}) (Version: 20.110.0 - Intel Corporation)
Logiciel pour périphérique à chipset Intel® (HKLM-x32\...\{32a1f79d-5643-4cfe-92a4-f7a82adf1b78}) (Version: 10.1.17854.8100 - Intel(R) Corporation)
Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.14430.20306 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.30 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 95.0.1020.30 - Microsoft Corporation)
Microsoft Office Standard 2019 - fr-fr (HKLM\...\Standard2019Volume - fr-fr) (Version: 16.0.14430.20306 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-125834232-3939521870-3946637534-1001\...\OneDriveSetup.exe) (Version: 21.196.0921.0007 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{f9b04b37-35d5-4a19-a51b-fcf4a8734851}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang)
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA Pilote graphique 471.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.55 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20306 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20306 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.14430.20234 - Microsoft Corporation) Hidden
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Orcs Must Die 3 (HKLM-x32\...\{9118A01E-079D-4882-9C1D-1EAB6535543F}_is1) (Version: 1.2021.9.16 - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 10.5.106.49298 - Electronic Arts, Inc.)
Paradox Launcher v2 (HKLM\...\{A92DB5D9-A24D-4678-9F91-B4FA6D895718}) (Version: 2.0.4.0 - Paradox Interactive)
Plarium Play (HKLM-x32\...\{CC47A5A7-B831-4D6B-AF2C-3B9091EF4C43}) (Version: 6.8.0 - Plarium) Hidden
Plarium Play (HKLM-x32\...\{cca0a3d0-e314-4195-8308-320b822561d3}) (Version: 6.8.0 - Plarium)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.32.1206.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8622 - Realtek Semiconductor Corp.)
Rogue Lords (HKLM-x32\...\Rogue Lords_is1) (Version: - )
RSI Launcher 1.4.6 (HKLM\...\81bfc699-f883-50c7-b674-2483b6baae23) (Version: 1.4.6 - Cloud Imperium Games)
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Scratch 3 3.21.0 (HKU\S-1-5-21-125834232-3939521870-3946637534-1001\...\bad79d23-e888-5a7b-9e99-60ee89b6c8bf) (Version: 3.21.0 - Scratch Foundation)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.8.16162 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 119.0.10382 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WebAdvisor par McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.641 - McAfee, LLC)

Packages:
=========
Dolby Atmos for Gaming -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosforGaming_3.20201.255.0_x64__rz1tebttyb220 [2020-08-08] (Dolby Laboratories)
Extension vidéo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-25] (Microsoft Corporation)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1020.0_x64__8j3eq9eme6ctt [2021-09-04] (INTEL CORP)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2108.22.0_x64__k1h2ywk1493x8 [2021-08-31] (LENOVO INC.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.9220.0_x64__8wekyb3d8bbwe [2021-10-10] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-26] (NVIDIA Corp.)
Power2Go for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.Power2GoforLenovo_8.0.12518.0_x86__m916jedk64snt [2021-06-17] (CYBERLINKCOM CORPORATION) [Startup Task]
PowerDVD for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.PowerDVDforLenovo_14.2.2520.0_x86__m916jedk64snt [2020-12-16] (CYBERLINKCOM CORPORATION)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.211.0_x64__dt26b99r8h8gj [2020-12-17] (Realtek Semiconductor Corp)

==================== Personnalisé CLSID (Avec liste blanche): ==============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-125834232-3939521870-3946637534-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvle.inf_amd64_b294a0b4678b9c15\nvshext.dll [2021-08-03] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]

==================== Codecs (Avec liste blanche) ====================

==================== Raccourcis & WMI ========================

==================== Modules chargés (Avec liste blanche) =============

2021-10-25 09:56 - 2017-03-02 00:19 - 000310272 _____ (easyhook.codeplex.com) [Fichier non signé] C:\Program Files\Common Files\Dolby\DAX3\RADARHOST\EasyHook64.dll
2021-07-21 08:46 - 2020-05-30 15:58 - 001280000 _____ (Robert Simpson, et al.) [Fichier non signé] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2021-06-06 10:32 - 2020-11-03 05:08 - 000954864 _____ (SQLite Development Team) [Fichier non signé] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2021-01-21 11:08 - 2021-01-21 11:08 - 001282048 _____ (The OpenSSL Project, hxxp//www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-01-21 11:08 - 2021-01-21 11:08 - 000279040 _____ (The OpenSSL Project, hxxp//www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\Origin\ssleay32.dll
2021-01-21 11:08 - 2021-01-21 11:08 - 001611264 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-10-20 19:10 - 2021-01-21 11:08 - 005487104 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Core.dll
2021-10-20 19:10 - 2021-01-21 11:08 - 005841920 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Gui.dll
2021-10-20 19:10 - 2021-01-21 11:08 - 001179136 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Network.dll
2021-10-20 19:10 - 2021-01-21 11:08 - 000146432 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-10-20 19:10 - 2021-01-21 11:08 - 005089792 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-10-20 19:10 - 2021-01-21 11:08 - 000184832 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Avec liste blanche) ========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [7802]

==================== Mode sans échec (Avec liste blanche) ==================

==================== Association (Avec liste blanche) =================

==================== Internet Explorer (Avec liste blanche) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-125834232-3939521870-3946637534-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-125834232-3939521870-3946637534-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//www.msn.com/?pc=LCTE
HKU\S-1-5-21-125834232-3939521870-3946637534-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//www.msn.com/?pc=LCTE
HKU\S-1-5-21-125834232-3939521870-3946637534-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp//mystart.lenovo.com/
SearchScopes: HKLM -> DefaultScope {FA954D93-3B85-420F-8B33-900200263D51} URL = hxxp//www.bing.com/search?q={SearchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {FA954D93-3B85-420F-8B33-900200263D51} URL = hxxp//www.bing.com/search?q={SearchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
SearchScopes: HKLM-x32 -> DefaultScope {FA954D93-3B85-420F-8B33-900200263D51} URL = hxxp//www.bing.com/search?q={SearchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {FA954D93-3B85-420F-8B33-900200263D51} URL = hxxp//www.bing.com/search?q={SearchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-10-20] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-10-20] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts contenu: =========================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2019-03-19 06:49 - 2021-09-18 22:40 - 000002480 _____ C:\WINDOWS\system32\drivers\etc\hosts
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
109.94.209.70 www.fitgirlpack.site # Fake FitGirl site
109.94.209.70 fitgirl-repack.org # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.org # Fake FitGirl site

==================== Autres zones ===========================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-125834232-3939521870-3946637534-1001\Control Panel\Desktop\\Wallpaper -> D:\Téléchargement\Red-Riot-Unbreakable-Featured.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

==================== RèglesPare-feu (Avec liste blanche) ================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [TCP Query User{6516E565-2671-4276-854B-6B6255EA0638}D:\steamlibrary\steamapps\common\dying light\dyinglightgame.exe] => (Allow) D:\steamlibrary\steamapps\common\dying light\dyinglightgame.exe (Techland S.A. -> Techland)
FirewallRules: [UDP Query User{DF8DF4F8-ACEE-4AC0-B583-626E4821A651}D:\steamlibrary\steamapps\common\dying light\dyinglightgame.exe] => (Allow) D:\steamlibrary\steamapps\common\dying light\dyinglightgame.exe (Techland S.A. -> Techland)
FirewallRules: [TCP Query User{33FF4DE5-A880-4360-9FB5-D5813DF3EC35}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{14FA4500-17DF-43E5-831D-C0FA5CB84FCB}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{BFC987CF-909D-46B0-A5F4-F9629739A9D5}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{91F1C8E4-C5B2-472D-8330-24D3C4954A1E}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{77B3C490-91F5-4D4E-B4C8-F3B681BC0770}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{99918E53-919D-4B0D-868F-3E8C28D83D4F}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8D0DB035-6017-4E6C-BD7F-52EFADD9763E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2F79FE2F-63A8-4DBF-A7D2-EE3AF433883E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C9D2C9BC-54B4-4EE8-BA57-7A9110833409}] => (Allow) D:\SteamLibrary\steamapps\common\ProjectZomboid\ProjectZomboid64.exe () [Fichier non signé]
FirewallRules: [{2BE1A005-8B3B-43D4-B1BD-FC3FC33AC46C}] => (Allow) D:\SteamLibrary\steamapps\common\ProjectZomboid\ProjectZomboid64.exe () [Fichier non signé]
FirewallRules: [{D5E830F1-3726-49AD-AE6A-30DF281F252B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2BF1B99C-A40B-4BB2-B98D-79C12ED9B4E7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{907CCCB2-C7D5-491C-AD99-1758555FA44F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3F3BBB8A-C4B4-4D73-B69F-46E54B8A7EB3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CCC8E64B-4E85-455B-85CC-6CF296532F5C}] => (Allow) D:\SteamLibrary\steamapps\common\Medieval Dynasty\Medieval_Dynasty.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [{85F51688-DF75-432B-B371-53F143C13B55}] => (Allow) D:\SteamLibrary\steamapps\common\Medieval Dynasty\Medieval_Dynasty.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [{56476941-A7C8-493E-8FA7-5DC5F4C835EC}] => (Allow) D:\SteamLibrary\steamapps\common\Mist Survival\MistSurvival.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [{141E938A-CDA0-4EB7-A09D-BE685C4BFD1D}] => (Allow) D:\SteamLibrary\steamapps\common\Mist Survival\MistSurvival.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [TCP Query User{E248F750-27AC-422B-BD77-18C365BAE05C}D:\steamlibrary\steamapps\common\mist survival\mistsurvival\binaries\win64\mistsurvival-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\mist survival\mistsurvival\binaries\win64\mistsurvival-win64-shipping.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [UDP Query User{29AACD04-7388-46B1-B9BF-6D4F5E06A832}D:\steamlibrary\steamapps\common\mist survival\mistsurvival\binaries\win64\mistsurvival-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\mist survival\mistsurvival\binaries\win64\mistsurvival-win64-shipping.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [{348AD482-9B61-4ACE-9E95-A4C49D2C4A91}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A23CFFE9-3970-4DE2-80FC-DBD4EB10C0BD}D:\epic store\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) D:\epic store\worldwarz\en_us\client\bin\pc\wwzretailegs.exe (Saber Interactive) [Fichier non signé]
FirewallRules: [UDP Query User{2E3DF743-F748-4DED-B1AD-2FA6438B5675}D:\epic store\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) D:\epic store\worldwarz\en_us\client\bin\pc\wwzretailegs.exe (Saber Interactive) [Fichier non signé]
FirewallRules: [{979F53BB-0CEB-4267-8898-A234C3DB5AA5}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{C739AED2-A9CD-468D-A7A3-62A29B4078E5}D:\steamlibrary\steamapps\common\don't starve together\bin64\dontstarve_dedicated_server_nullrenderer_x64.exe] => (Allow) D:\steamlibrary\steamapps\common\don't starve together\bin64\dontstarve_dedicated_server_nullrenderer_x64.exe () [Fichier non signé]
FirewallRules: [UDP Query User{F9A9101F-2AC0-4157-B8AF-6A02CB4357D6}D:\steamlibrary\steamapps\common\don't starve together\bin64\dontstarve_dedicated_server_nullrenderer_x64.exe] => (Allow) D:\steamlibrary\steamapps\common\don't starve together\bin64\dontstarve_dedicated_server_nullrenderer_x64.exe () [Fichier non signé]
FirewallRules: [{4B5187FF-9957-46A0-B136-9B8F0FD31C01}] => (Allow) D:\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [{02D383A4-6E01-412C-9DFE-29DA12162EFD}] => (Allow) D:\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [{4E491DD5-E7E5-4C9E-8545-630F789B105D}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{C63954A2-0B92-4E40-909B-D6419AED1570}] => (Allow) D:\SteamLibrary\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [Fichier non signé]
FirewallRules: [{1E51277B-60B3-47AC-A42B-583DDB8CE3EC}] => (Allow) D:\SteamLibrary\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [Fichier non signé]
FirewallRules: [{8F688BB7-A497-4DF4-882D-D798D9F08318}] => (Allow) D:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [Fichier non signé]
FirewallRules: [{DE8AA437-F4AF-40F1-957A-ABAA5A69EA62}] => (Allow) D:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [Fichier non signé]
FirewallRules: [{8CAACD7A-2422-4FED-BF5F-4FD3B90834D1}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\95.0.1020.30\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{96937F79-F116-49C4-BB86-630C7E870A31}D:\epic store\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\epic store\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{B3BE808C-8D4F-472C-9797-BF6007BA2BBE}D:\epic store\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\epic store\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)

==================== Points de restauration =========================

ATTENTION: La Restauration système est désactivée (Total:118 GB) (Free:35.01 GB) (30%)

==================== Éléments en erreur du Gestionnaire de périphériques ============

==================== Erreurs du Journal des événements: ========================

Erreurs Application:
==================

Erreurs système:
=============
Error: (10/25/2021 10:02:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service LenovoVantageService s’est terminé de façon inattendue pour la 1ème fois.

Error: (10/24/2021 03:07:47 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 14:58:37 le ‎24/‎10/‎2021 n’était pas prévu.

Error: (10/24/2021 03:05:27 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-VN7LVFB)
Description: Impossible de démarrer un serveur DCOM : microsoft.windowscommunicationsapps_16005.14326.20520.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca en tant que Non disponible/Non disponible. L’erreur
« 2147942408 »
s’est produite lors du démarrage de la commande :
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20520.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server

Error: (10/24/2021 04:15:08 AM) (Source: Schannel) (EventID: 4103) (User: AUTORITE NT)
Description: Une erreur irrécupérable s'est produite lors de la création des informations d'identification client pour TLS. État d'erreur interne : 10013.

Error: (10/24/2021 03:06:27 AM) (Source: Schannel) (EventID: 4103) (User: AUTORITE NT)
Description: Une erreur irrécupérable s'est produite lors de la création des informations d'identification client pour TLS. État d'erreur interne : 10013.

Error: (10/24/2021 03:00:32 AM) (Source: Schannel) (EventID: 4103) (User: AUTORITE NT)
Description: Une erreur irrécupérable s'est produite lors de la création des informations d'identification client pour TLS. État d'erreur interne : 10013.

Error: (10/21/2021 08:41:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service LenovoVantageService s’est terminé de façon inattendue pour la 1ème fois.

Error: (10/21/2021 08:37:17 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 01:03:18 le ‎21/‎10/‎2021 n’était pas prévu.

Windows Defender:
================
Date: 2021-10-23 22:34:09
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {773549B1-9885-47EC-9315-A72F4E5AC9B4}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2021-10-22 21:46:51
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {FA557FE2-2CF5-443F-9506-8166E8DD6060}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2021-10-22 10:37:45
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {DD007D75-3683-4F2D-BF21-98C8B9EFA741}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2021-10-20 23:28:59
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {77F8EABE-5B04-4470-8228-185AE967CF85}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2021-10-17 21:44:41
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {A99EEA5E-A489-469C-ACAD-F662E0C301AD}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

==================== Infos Mémoire ===========================

BIOS: LENOVO O4BKT17A 11/30/2020
Carte mère: LENOVO 3704
Processeur: Intel(R) Core(TM) i5-9400F CPU @ 2.90GHz
Pourcentage de mémoire utilisée: 34%
Mémoire physique - RAM - totale: 16288.96 MB
Mémoire physique - RAM - disponible: 10609.54 MB
Mémoire virtuelle totale: 23712.96 MB
Mémoire virtuelle disponible: 10471.47 MB

==================== Lecteurs ================================

Drive c: (Windows) (Fixed) (Total:118 GB) (Free:35.01 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.39 GB) (Free:422.98 GB) NTFS
Drive f: (AXELLE) (Removable) (Total:14.92 GB) (Free:3.03 GB) FAT32

\\?\Volume{668a0eee-368b-454a-a5eb-94b72709ed7a}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.49 GB) NTFS
\\?\Volume{1e5c18a1-e63b-4614-a50c-ecb8376fcc29}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Table des partitions ====================

==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: FD04BEFA)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: FD04BED6)

Partition: GPT.

==========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 14.9 GB) (Disk ID: 35FD0341)
Partition 1: (Not Active) - (Size=14.9 GB) - (Type=0C)

==================== Fin de Addition.txt =======================

Signaler le contenu de ce document