Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Exécuté par User (31-12-2021 14:46:51)
Exécuté depuis C:\Users\User\Desktop
Microsoft Windows 10 Famille Version 21H1 19043.1415 (X64) (2021-10-13 14:34:06)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
Administrator (S-1-5-21-3347196526-849318526-2607168189-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3347196526-849318526-2607168189-503 - Limited - Disabled)
Gast (S-1-5-21-3347196526-849318526-2607168189-501 - Limited - Disabled)
User (S-1-5-21-3347196526-849318526-2607168189-1000 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-3347196526-849318526-2607168189-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
µTorrent (HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\uTorrent) (Version: 3.5.5.46096 - BitTorrent Inc.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.08.17.735 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{491043b2-acc5-4890-a5f2-1f5e3cc4427a}) (Version: 3.08.17.735 - Advanced Micro Devices, Inc.) Hidden
AOC G-Menu (HKLM\...\{177B7213-4D12-49AD-9746-C532580D6D52}) (Version: 1.2.003 - Portrait Displays, Inc.)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.8.1 - Electronic Arts, Inc.)
ARK: Survival Evolved (HKLM-x32\...\ARK: Survival Evolved_is1) (Version: - )
AZ Launcher - Minecraft (HKLM\...\{55F7FCD3-A4D2-43E1-AF0A-079BEB2563F8}_is1) (Version: 3.2.0-win64 - AZ)
Discord (HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\Discord) (Version: 1.0.9003 - Discord Inc.)
DriversCloud.com (HKLM\...\{228F042C-DFE3-456D-8493-0FED032FDDEA}) (Version: 11.0.5.0 - Cybelsoft)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.171.5063 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{6f5115cf-c3c7-489c-b98d-66ec45eaff05}) (Version: 12.0.171.5063 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{BE9FFAD2-2901-4F9B-8A0C-59EA51773212}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Glorious Model O Software (HKLM-x32\...\{0969D386-B5B4-41BD-98E3-4A1A7D32CB97}_is1) (Version: 1.0.9 - Glorious PC Gaming Race LLC.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.110 - Google LLC)
Java 8 Update 211 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Java 8 Update 311 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180311F0}) (Version: 8.0.3110.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Lunar Client (HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\1fcec38f-e773-5444-8669-32b8eb41524b) (Version: 2.9.3 - Moonsworth, LLC)
Malwarebytes version 4.5.0.152 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.0.152 - Malwarebytes)
MEmu (HKLM-x32\...\MEmu) (Version: 7.6.3.0 - Microvirt Software Technology Co. Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.0.0 - Mojang)
Nanoleaf Desktop App 0.9.1 (HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\b6be6a2f-55fe-5f28-875e-e8cb863aca16) (Version: 0.9.1 - Nanoleaf)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.40.5.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{BD0E4F38-D3F6-452D-A32E-B14D721839AC}) (Version: 1.0.1 - NordVPN)
NoxPlayer (HKLM-x32\...\Nox) (Version: 7.0.1.9 - Duodian Technology Co. Ltd.)
NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.24.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.38.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.94 - NVIDIA Corporation)
NVIDIA Pilote graphique 497.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 497.09 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.108.49699 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{04837102-5af2-4553-bb12-acb9ff136fea}) (Version: latest - ppy Pty Ltd)
Parsec (HKLM-x32\...\Parsec) (Version: 150-78 - Parsec Cloud Inc.)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.6.1215.121004 - Razer Inc.)
Roblox Player for User (HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\roblox-player) (Version: - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.51.568 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TLauncher (HKLM-x32\...\TLauncher2.82) (Version: 2.82 - TLauncher Inc.)
Windows-PC-Integritätsprüfung (HKLM\...\{68C9C2A4-C212-4310-AB68-12F97050A416}) (Version: 3.2.2110.14001 - Microsoft Corporation)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Packages:
=========
Deezer Music -> C:\Program Files\WindowsApps\Deezer.62021768415AF_5.30.120.0_x86__q7m17pa7q8kj0 [2021-12-11] (Deezer SA)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.22.2.0_x64__6rarf9sa4v8jt [2021-12-16] (Disney)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_133.1.340.0_x64__v10z8vjag6ke6 [2021-12-28] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-10-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-10-24] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12030.0_x64__8wekyb3d8bbwe [2021-12-11] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-12-08] (NVIDIA Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0 [2021-12-11] (Spotify AB) [Startup Task]
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-3347196526-849318526-2607168189-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3347196526-849318526-2607168189-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3347196526-849318526-2607168189-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3347196526-849318526-2607168189-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3347196526-849318526-2607168189-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3347196526-849318526-2607168189-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-12-31] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_642e50d7b66aa2a4\nvshext.dll [2021-11-27] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-12-31] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Avec liste blanche) ====================
==================== Raccourcis & WMI ========================
==================== Modules chargés (Avec liste blanche) =============
2021-10-23 19:51 - 2021-10-06 02:30 - 126961152 _____ () [Fichier non signé] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2021-10-23 19:51 - 2021-10-06 02:30 - 000384000 _____ () [Fichier non signé] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2021-10-23 19:51 - 2021-10-06 02:30 - 008006656 _____ () [Fichier non signé] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [Fichier non signé] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoFoundation.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000207872 _____ (Applied Informatics Software Engineering GmbH) [Fichier non signé] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoJSON.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000810496 _____ (Applied Informatics Software Engineering GmbH) [Fichier non signé] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNet.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000238592 _____ (Applied Informatics Software Engineering GmbH) [Fichier non signé] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNetSSLWin.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000335360 _____ (Applied Informatics Software Engineering GmbH) [Fichier non signé] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoUtil.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000455168 _____ (Applied Informatics Software Engineering GmbH) [Fichier non signé] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoXML.dll
2021-12-28 20:57 - 2021-12-28 20:58 - 116802560 _____ (HP Development Company, L.P.) [Fichier non signé] C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_133.1.340.0_x64__v10z8vjag6ke6\HP.Smart.dll
2021-12-28 20:57 - 2021-12-28 20:58 - 007170048 _____ (HP Development Company, L.P.) [Fichier non signé] C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_133.1.340.0_x64__v10z8vjag6ke6\HPPageLift.UWP.dll
2021-11-16 20:17 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [Fichier non signé] C:\Program Files\7-Zip\7-zip.dll
2021-10-23 19:51 - 2021-10-06 02:30 - 000983552 _____ (The Chromium Authors) [Fichier non signé] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2021-10-23 21:54 - 2021-10-23 21:54 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-10-23 21:54 - 2021-10-23 21:54 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\Origin\ssleay32.dll
2021-12-08 09:44 - 2021-12-08 09:44 - 002815488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2021-12-08 09:44 - 2021-12-08 09:44 - 000678400 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2021-10-23 21:54 - 2021-10-23 21:54 - 001611264 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-12-15 19:34 - 2021-10-23 21:54 - 005487104 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Core.dll
2021-12-15 19:34 - 2021-10-23 21:54 - 005841920 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Gui.dll
2021-12-15 19:34 - 2021-10-23 21:54 - 001179136 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Network.dll
2021-12-15 19:34 - 2021-10-23 21:54 - 000146432 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-12-15 19:34 - 2021-10-23 21:54 - 005089792 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-12-15 19:34 - 2021-10-23 21:54 - 000184832 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Xml.dll
2021-12-08 09:44 - 2021-12-08 09:44 - 000046592 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2021-12-08 09:44 - 2021-12-08 09:44 - 006270976 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2021-12-08 09:44 - 2021-12-08 09:44 - 001389568 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2021-12-08 09:44 - 2021-12-08 09:44 - 000157184 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
2021-12-08 09:44 - 2021-12-08 09:44 - 000210432 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Xml.dll
==================== Alternate Data Streams (Avec liste blanche) ========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [8666]
==================== Mode sans échec (Avec liste blanche) ==================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) =================
==================== Internet Explorer (Avec liste blanche) ==========
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_311\bin\ssv.dll [2021-10-28] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_311\bin\jp2ssv.dll [2021-10-28] (Oracle America, Inc. -> Oracle Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2019-12-07 10:14 - 2021-12-18 17:26 - 000002336 _____ C:\Windows\system32\drivers\etc\hosts
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
109.94.209.70 www.fitgirlpack.site # Fake FitGirl site
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;
HKU\S-1-5-21-3347196526-849318526-2607168189-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\fond d'ecran venom.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu est activé.
Network Binding:
=============
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 3: NordVPN LightWeight Firewall -> NordLwf (enabled)
WLAN: NordVPN LightWeight Firewall -> NordLwf (enabled)
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
HKLM\...\StartupApproved\StartupFolder: => "WinZip Préchargeur.lnk"
HKLM\...\StartupApproved\Run: => "THX0521Helper"
HKLM\...\StartupApproved\Run: => "THX22adHelper"
HKLM\...\StartupApproved\Run: => "WinZip UN"
HKLM\...\StartupApproved\Run: => "DisplayTune.exe"
HKLM\...\StartupApproved\Run: => "AOC G-Menu"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\StartupApproved\Run: => "Parsec.App.0"
HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\StartupApproved\Run: => "ut"
HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\StartupApproved\Run: => "NordVPN"
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{E073B6E4-3193-4D45-8A18-4B385EAB0AD5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{955EED9C-FBBC-477A-8382-67C97C69F70C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9CAC0D96-BD09-4550-8D59-37E9F5502E55}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EADC04A7-AEE2-4703-BC05-72AF6EDD90B9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5C514B5B-6C60-4875-AA3A-CF44DA47381E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EB5F0D2E-1E23-469E-986B-B0DAADBC8C94}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{96FDFD94-8518-456A-8B1D-329D4A175232}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe (gamigo AG -> Trion Worlds Inc.)
FirewallRules: [{63557573-95F1-4E17-90D6-763645E2B0DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe (gamigo AG -> Trion Worlds Inc.)
FirewallRules: [TCP Query User{59920961-B3E2-403B-A0F8-709089FD4FEB}C:\program files\az-launcher\az-launcher.exe] => (Allow) C:\program files\az-launcher\az-launcher.exe () [Fichier non signé]
FirewallRules: [UDP Query User{1213BDE6-7A73-4F9D-A942-C914849BB745}C:\program files\az-launcher\az-launcher.exe] => (Allow) C:\program files\az-launcher\az-launcher.exe () [Fichier non signé]
FirewallRules: [{A6BCC243-9758-43FB-959E-4ED490B64F2A}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{0550E4CD-5B78-4E0C-AB78-B1353336C78D}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{B03143FB-5297-411B-80E3-FD9C43C79D76}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E6E3D45E-86D9-4F9B-AEA5-E3D25C8ECC9F}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E1E9CA89-2180-4D57-A454-61E4FEE5D552}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C0666BEE-3CA0-4F47-93DE-378823023CA0}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{AEC18014-A0F2-4907-822B-22AAD8045FE3}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{06D7962F-7219-4245-832F-FE9779E2A2B4}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{211C0233-44AB-43DA-9798-15661D40C06B}] => (Allow) C:\Program Files (x86)\MaskVPN\mask_svc.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)
FirewallRules: [{0D078138-DC21-4F79-9C46-2C548706843A}] => (Allow) C:\Program Files (x86)\MaskVPN\MaskVPN.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)
FirewallRules: [{BE784254-CB2E-4D62-ABF7-226C9F3318F3}] => (Allow) C:\Program Files (x86)\MaskVPN\MaskVPNUpdate.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)
FirewallRules: [{40D2EDDF-76EA-4C4D-8BBA-E596E0A1B2D1}] => (Allow) C:\Program Files (x86)\MaskVPN\tunnle.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)
FirewallRules: [TCP Query User{965B1E62-E872-4759-9CB4-2F837A815475}C:\users\user\downloads\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe] => (Allow) C:\users\user\downloads\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe () [Fichier non signé]
FirewallRules: [UDP Query User{2BAAD6BC-A624-496C-B432-596A069D8E62}C:\users\user\downloads\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe] => (Allow) C:\users\user\downloads\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe () [Fichier non signé]
FirewallRules: [TCP Query User{319341DB-2654-4070-9F85-A874654A2A79}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{FF229480-2AD8-458A-8BB4-0C9EFCB87077}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [TCP Query User{A72B417F-C645-407C-91BC-545F3598F8E7}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{BD8F2F0A-3F39-46DC-9C28-E7A315393034}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{1E8C2A56-CA75-4B2E-8BD0-16B4DFD06F5D}C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{96A0A3D4-17A8-4F1D-9A63-132820959EB4}C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{B9FAC48F-B9FC-4273-85B4-C652DF5A23C2}C:\users\user\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\user\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{32612C3D-8F03-446F-9D82-829A31F4B002}C:\users\user\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\user\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [{BAC5D22C-8CBC-457A-8419-F0211E5E5851}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\King of Seas\KOS.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [{F1B885D0-6527-48C4-8E5F-5EDAFC41E5BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\King of Seas\KOS.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [TCP Query User{007B5C56-3069-4FB5-8FF4-DB5ECD8CA0A2}C:\program files (x86)\steam\steamapps\common\king of seas\kos\binaries\win64\kos-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\king of seas\kos\binaries\win64\kos-win64-shipping.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [UDP Query User{0A068963-C0EF-4D23-B9A4-1564DA97B0B2}C:\program files (x86)\steam\steamapps\common\king of seas\kos\binaries\win64\kos-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\king of seas\kos\binaries\win64\kos-win64-shipping.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [TCP Query User{17E5CBF0-55EC-48AD-9E7D-26E8CB24BE82}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => Pas de fichier
FirewallRules: [UDP Query User{759D7363-B528-4067-9049-E06DC0148EBE}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => Pas de fichier
FirewallRules: [TCP Query User{388AAB9D-12F8-4D79-826B-75CD382E6D7A}C:\users\user\appdata\local\programs\nanoleaf smarter series\nanoleaf smarter series.exe] => (Allow) C:\users\user\appdata\local\programs\nanoleaf smarter series\nanoleaf smarter series.exe => Pas de fichier
FirewallRules: [UDP Query User{56606AB5-EFB6-4F7D-B19D-9BEA3F9493C6}C:\users\user\appdata\local\programs\nanoleaf smarter series\nanoleaf smarter series.exe] => (Allow) C:\users\user\appdata\local\programs\nanoleaf smarter series\nanoleaf smarter series.exe => Pas de fichier
FirewallRules: [TCP Query User{5052EC7A-D331-4ADB-8CC0-457B7F71538F}C:\users\user\appdata\local\programs\nanoleaf smarter series\nanoleaf desktop app.exe] => (Allow) C:\users\user\appdata\local\programs\nanoleaf smarter series\nanoleaf desktop app.exe (Nanoleaf Canada Limited -> Nanoleaf)
FirewallRules: [UDP Query User{6B86F3EE-554B-4E9C-A622-5E16B5B42CDF}C:\users\user\appdata\local\programs\nanoleaf smarter series\nanoleaf desktop app.exe] => (Allow) C:\users\user\appdata\local\programs\nanoleaf smarter series\nanoleaf desktop app.exe (Nanoleaf Canada Limited -> Nanoleaf)
FirewallRules: [TCP Query User{61299303-8417-47D4-A21D-50FA00313E10}C:\users\user\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\user\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => Pas de fichier
FirewallRules: [UDP Query User{C292CFBD-F516-41B0-855F-519401D06A9C}C:\users\user\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\user\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => Pas de fichier
FirewallRules: [{DA319644-2B2E-4992-AD3F-CFC7764D9444}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{90ECA909-F49B-4B53-9FE4-859EBB160DC3}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{0D6D46E1-4D1A-4C8C-9A0D-01F5D5FB0AA6}] => (Allow) C:\Program Files\Parsec\parsecd.exe (Parsec Cloud, Inc. -> Parsec)
FirewallRules: [{3FADF398-2DA1-49B8-A253-830FE7965A41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crab Game\Crab Game.exe () [Fichier non signé]
FirewallRules: [{119478AA-1872-4867-A459-1DB9CE7E52D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crab Game\Crab Game.exe () [Fichier non signé]
FirewallRules: [{10C7B874-31A6-4A8A-BB10-304B77F4C9F3}] => (Allow) C:\Users\User\AppData\Local\Programs\Opera\81.0.4196.37\opera.exe => Pas de fichier
FirewallRules: [TCP Query User{AA52ED36-4C0E-4D07-9920-55C96975DAA9}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{464C2A89-BAA1-440F-99B1-BF012AF74E3E}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{1B54DE18-EA75-4039-959B-307AAF66A571}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{113D3BC6-31EC-42B1-8ABE-4B5CC5BCE1C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{6AFCF32A-E77F-46CC-A8B9-A1D2EFBFEA47}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{1945D63D-35C6-459B-A8AF-78ED2B4A9055}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{6C5D9623-CEC5-42BC-8F45-AAEE4AB9676B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{FAD17DEC-8EC9-46C2-9EB4-006E11ACE505}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{5E8E599E-F533-42CB-A8C7-2603F9599279}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{E6C36F51-8724-4C3C-9B1C-37B0B9EB5898}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{58744F6F-C7FE-4AD7-9552-A27074F971C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{75A85227-B9FD-4F47-ACC6-A4D65AE52110}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{1A388033-9110-41D1-9777-CBD97AE71184}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [Fichier non signé]
FirewallRules: [UDP Query User{FE1FB6E3-9880-47E9-B58E-1C04C8DF958D}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [Fichier non signé]
FirewallRules: [TCP Query User{D82C2CB6-CC1C-4B25-B1A4-32A5FE5CC966}D:\forza.horizon.5.premium.edition.steam.rip-insaneramzes\forzahorizon5\forzahorizon5.exe] => (Allow) D:\forza.horizon.5.premium.edition.steam.rip-insaneramzes\forzahorizon5\forzahorizon5.exe () [Fichier non signé]
FirewallRules: [UDP Query User{0512A86B-F317-4D55-8C4D-4B3706036D52}D:\forza.horizon.5.premium.edition.steam.rip-insaneramzes\forzahorizon5\forzahorizon5.exe] => (Allow) D:\forza.horizon.5.premium.edition.steam.rip-insaneramzes\forzahorizon5\forzahorizon5.exe () [Fichier non signé]
FirewallRules: [TCP Query User{F4CF01E2-E0FB-476A-9591-FCA23C0D9B6A}C:\users\user\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\user\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{86263190-F863-460F-BC86-3144E0233C88}C:\users\user\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\user\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [{15239438-ABDC-4FF7-8F19-9608D0BD9898}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Pas de fichier
FirewallRules: [{5A22C335-A0F9-4DB2-A0DC-3750ECACACBE}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Pas de fichier
FirewallRules: [{5DFBA573-6437-4454-BFA5-EDF97A100B4C}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems)
FirewallRules: [{A28B555E-FC2E-43FC-A059-E6C28DC19596}] => (Allow) C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [{D9F0CF2E-3831-4743-88A1-C13C6F8854B2}] => (Allow) C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [{6AD2A262-AB6A-4C5C-95D1-6AF015892C24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3FFA1339-DD4F-4FB4-BA14-E22E10DD6613}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AF2A3F52-9693-4A0E-9BBC-765E125C8846}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D2C23B47-46FC-4097-A57A-BFEC07514E66}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{29F668C0-5AC6-48DA-A778-60BC76471854}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1A32FC0E-AE5A-4731-8DA9-B1AC4D7F92A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DD432F42-CCAF-4ECB-9756-4E302CD38426}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8E8D8815-C795-4D6D-B55B-26786E09B564}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6BEBBC2F-62C9-4374-8103-DC031BB369F5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FF0D5AAB-A267-4A61-8342-A165BDA12C84}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BC746684-D3E4-4CE9-9583-12073D81CFFF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E946837E-227B-49D2-9C46-4C4ECC3DA015}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{C10E9140-EF42-4B87-ADE8-231426285F34}D:\gtav\gtav\gta5.exe] => (Allow) D:\gtav\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{8D192FE2-16AC-4EE7-B55C-D4869E04FFA1}D:\gtav\gtav\gta5.exe] => (Allow) D:\gtav\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{42EEE4C1-6539-4DEA-8C4D-A69D565D15F7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D54D7F4C-3D7C-494A-8AA2-0943D1A757ED}] => (Allow) D:\Program Files\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.)
FirewallRules: [{4D1C42AC-E7F4-44DF-9B68-B38D9CD3FBEB}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe (Nox Limited -> Nox Limited Corporation)
FirewallRules: [{D2A3D096-65F4-4D4E-9FC9-5065DDD842D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F2D60BAD-CD2B-41D1-85E6-78ED04AAEFAC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{678C39E4-9910-4054-8397-69BE62CDC272}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{4D2EDCAE-47C6-477C-8975-A1F18DFAF255}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{80292887-F058-40D1-88BB-C2153DC4EFA8}C:\users\user\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\user\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{237FFD27-0BCF-4738-8899-D043FF78889D}C:\users\user\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\user\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
==================== Points de restauration =========================
27-12-2021 15:58:23 Geplanter Prüfpunkt
==================== Éléments en erreur du Gestionnaire de périphériques ============
Name: HID-compliant headset
Description: HID-compliant headset
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (12/31/2021 12:47:17 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x800704CF
Arguments de la ligne de commande :
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (12/31/2021 12:47:03 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x800704CF
Arguments de la ligne de commande :
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=UserLogon;SessionId=2
Error: (12/31/2021 02:41:47 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: L’optimiseur de stockage n’a pas pu terminer erneut optimieren sur Volume (D:) car : Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)
Error: (12/31/2021 02:29:30 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x803F7001
Arguments de la ligne de commande :
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (12/31/2021 01:23:02 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-CTOEBHD$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep :
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 31 Dec 2021 00:22:13 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: f88d5a66-2133-4d59-9795-090ebe4fa594
Méthode : GET(281ms)
Étape : GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (12/31/2021 01:22:41 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x803F7001
Arguments de la ligne de commande :
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (12/31/2021 01:22:41 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x803F7001
Arguments de la ligne de commande :
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (12/31/2021 12:53:43 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-CTOEBHD$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep :
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Thu, 30 Dec 2021 23:52:55 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 03e5924b-c5e3-4443-ac61-01dbcff2321c
Méthode : GET(375ms)
Étape : GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Erreurs système:
=============
Error: (12/31/2021 02:29:41 AM) (Source: Schannel) (EventID: 4103) (User: NT-AUTORITÄT)
Description: Une erreur irrécupérable s'est produite lors de la création des informations d'identification Client pour TLS. État d'erreur interne : 10013.
Error: (12/31/2021 01:23:00 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service RasMan dépend du service SstpSvc qui n’a pas pu démarrer en raison de l’erreur :
L’opération a réussi.
Error: (12/31/2021 01:22:29 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 00:53:20 le 31.12.2021 n’était pas prévu.
Error: (12/31/2021 12:53:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service EABackgroundService n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (12/31/2021 12:53:29 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (45000 millisecondes) a été atteint lors de l’attente de la connexion du service EABackgroundService.
Error: (12/30/2021 12:04:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service EABackgroundService n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (12/30/2021 12:04:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (45000 millisecondes) a été atteint lors de l’attente de la connexion du service EABackgroundService.
Error: (12/30/2021 12:03:21 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CTOEBHD)
Description: Le serveur Microsoft.Windows.Search_1.14.2.19041_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXf8r3d8cn5hd71h9jyzah6ak9f3shj2d2.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Windows Defender:
================
Date: 2021-12-31 00:49:53
Description:
Microsoft Defender Antivirus a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/CryptInject!MSR&threatid=2147742967&enterprise=0
Nom : Trojan:Win32/CryptInject!MSR
ID : 2147742967
Gravité : Schwerwiegend
Catégorie : Trojaner
Chemin : containerfile:_C:\Users\User\Pictures\Adobe Films\dn8QNUrPXaNvHip5ztrVroSk.exe; file:_C:\Users\User\Pictures\Adobe Films\dn8QNUrPXaNvHip5ztrVroSk.exe; file:_C:\Users\User\Pictures\Adobe Films\dn8QNUrPXaNvHip5ztrVroSk.exe->(VFS:pidHTSIGEi8DrAmaYu9K8ghN89.dll); process:_pid:8204,ProcessStart:132853769937164270
Origine de la détection : Lokaler Computer
Type de détection : Konkret
Source de détection : Benutzer
Utilisateur : DESKTOP-CTOEBHD\User
Nom du processus : C:\Users\User\Pictures\Adobe Films\dn8QNUrPXaNvHip5ztrVroSk.exe
Version de la veille de sécurité : AV: 1.355.1114.0, AS: 1.355.1114.0, NIS: 1.355.1114.0
Version du moteur : AM: 1.1.18800.4, NIS: 1.1.18800.4
Date: 2021-12-31 00:48:18
Description:
Microsoft Defender Antivirus a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Formbook!MTB&threatid=2147740231&enterprise=0
Nom : Trojan:Win32/Formbook!MTB
ID : 2147740231
Gravité : Schwerwiegend
Catégorie : Trojaner
Chemin : file:_C:\Users\User\AppData\Local\Temp\Svpxda\fv1t-6tzfmtqzi.exe
Origine de la détection : Lokaler Computer
Type de détection : Konkret
Source de détection : Echtzeitschutz
Utilisateur : DESKTOP-CTOEBHD\User
Nom du processus : C:\Windows\explorer.exe
Version de la veille de sécurité : AV: 1.355.1114.0, AS: 1.355.1114.0, NIS: 1.355.1114.0
Version du moteur : AM: 1.1.18800.4, NIS: 1.1.18800.4
Date: 2021-12-31 00:46:43
Description:
Microsoft Defender Antivirus a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Formbook!MTB&threatid=2147740231&enterprise=0
Nom : Trojan:Win32/Formbook!MTB
ID : 2147740231
Gravité : Schwerwiegend
Catégorie : Trojaner
Chemin : file:_C:\Users\User\AppData\Local\Temp\Svpxda\fv1t-6tzfmtqzi.exe
Origine de la détection : Lokaler Computer
Type de détection : Konkret
Source de détection : Echtzeitschutz
Utilisateur : DESKTOP-CTOEBHD\User
Nom du processus : C:\Windows\explorer.exe
Version de la veille de sécurité : AV: 1.355.1114.0, AS: 1.355.1114.0, NIS: 1.355.1114.0
Version du moteur : AM: 1.1.18800.4, NIS: 1.1.18800.4
Date: 2021-12-31 00:44:45
Description:
Microsoft Defender Antivirus a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Formbook!MTB&threatid=2147740231&enterprise=0
Nom : Trojan:Win32/Formbook!MTB
ID : 2147740231
Gravité : Schwerwiegend
Catégorie : Trojaner
Chemin : file:_C:\Users\User\AppData\Local\Temp\Svpxda\fv1t-6tzfmtqzi.exe
Origine de la détection : Lokaler Computer
Type de détection : Konkret
Source de détection : Echtzeitschutz
Utilisateur : DESKTOP-CTOEBHD\User
Nom du processus : C:\Windows\explorer.exe
Version de la veille de sécurité : AV: 1.355.1114.0, AS: 1.355.1114.0, NIS: 1.355.1114.0
Version du moteur : AM: 1.1.18800.4, NIS: 1.1.18800.4
Date: 2021-12-31 00:43:10
Description:
Microsoft Defender Antivirus a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Formbook!MTB&threatid=2147740231&enterprise=0
Nom : Trojan:Win32/Formbook!MTB
ID : 2147740231
Gravité : Schwerwiegend
Catégorie : Trojaner
Chemin : file:_C:\Users\User\AppData\Local\Temp\Svpxda\fv1t-6tzfmtqzi.exe
Origine de la détection : Lokaler Computer
Type de détection : Konkret
Source de détection : Echtzeitschutz
Utilisateur : DESKTOP-CTOEBHD\User
Nom du processus : C:\Windows\explorer.exe
Version de la veille de sécurité : AV: 1.355.1114.0, AS: 1.355.1114.0, NIS: 1.355.1114.0
Version du moteur : AM: 1.1.18800.4, NIS: 1.1.18800.4
CodeIntegrity:
===============
Date: 2021-12-26 19:51:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2021-12-26 19:51:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Infos Mémoire ===========================
BIOS: American Megatrends Inc. H.30 11/30/2020
Carte mère: Micro-Star International Co., Ltd B450 TOMAHAWK MAX II (MS-7C02)
Processeur: AMD Ryzen 5 5600X 6-Core Processor
Pourcentage de mémoire utilisée: 39%
Mémoire physique - RAM - totale: 16309.73 MB
Mémoire physique - RAM - disponible: 9809.96 MB
Mémoire virtuelle totale: 18741.73 MB
Mémoire virtuelle disponible: 9387.35 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:446.5 GB) (Free:74.06 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.5 GB) (Free:131.33 GB) NTFS
\\?\Volume{758a4e58-8b22-4eaa-be7b-21aa776a3f27}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{ab856196-1a1a-4609-9abc-120932518fbb}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Fin de Addition.txt =======================
Exécuté par User (31-12-2021 14:46:51)
Exécuté depuis C:\Users\User\Desktop
Microsoft Windows 10 Famille Version 21H1 19043.1415 (X64) (2021-10-13 14:34:06)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
Administrator (S-1-5-21-3347196526-849318526-2607168189-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3347196526-849318526-2607168189-503 - Limited - Disabled)
Gast (S-1-5-21-3347196526-849318526-2607168189-501 - Limited - Disabled)
User (S-1-5-21-3347196526-849318526-2607168189-1000 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-3347196526-849318526-2607168189-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
µTorrent (HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\uTorrent) (Version: 3.5.5.46096 - BitTorrent Inc.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.08.17.735 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{491043b2-acc5-4890-a5f2-1f5e3cc4427a}) (Version: 3.08.17.735 - Advanced Micro Devices, Inc.) Hidden
AOC G-Menu (HKLM\...\{177B7213-4D12-49AD-9746-C532580D6D52}) (Version: 1.2.003 - Portrait Displays, Inc.)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.8.1 - Electronic Arts, Inc.)
ARK: Survival Evolved (HKLM-x32\...\ARK: Survival Evolved_is1) (Version: - )
AZ Launcher - Minecraft (HKLM\...\{55F7FCD3-A4D2-43E1-AF0A-079BEB2563F8}_is1) (Version: 3.2.0-win64 - AZ)
Discord (HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\Discord) (Version: 1.0.9003 - Discord Inc.)
DriversCloud.com (HKLM\...\{228F042C-DFE3-456D-8493-0FED032FDDEA}) (Version: 11.0.5.0 - Cybelsoft)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.171.5063 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{6f5115cf-c3c7-489c-b98d-66ec45eaff05}) (Version: 12.0.171.5063 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{BE9FFAD2-2901-4F9B-8A0C-59EA51773212}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Glorious Model O Software (HKLM-x32\...\{0969D386-B5B4-41BD-98E3-4A1A7D32CB97}_is1) (Version: 1.0.9 - Glorious PC Gaming Race LLC.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.110 - Google LLC)
Java 8 Update 211 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Java 8 Update 311 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180311F0}) (Version: 8.0.3110.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Lunar Client (HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\1fcec38f-e773-5444-8669-32b8eb41524b) (Version: 2.9.3 - Moonsworth, LLC)
Malwarebytes version 4.5.0.152 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.0.152 - Malwarebytes)
MEmu (HKLM-x32\...\MEmu) (Version: 7.6.3.0 - Microvirt Software Technology Co. Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.0.0 - Mojang)
Nanoleaf Desktop App 0.9.1 (HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\b6be6a2f-55fe-5f28-875e-e8cb863aca16) (Version: 0.9.1 - Nanoleaf)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.40.5.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{BD0E4F38-D3F6-452D-A32E-B14D721839AC}) (Version: 1.0.1 - NordVPN)
NoxPlayer (HKLM-x32\...\Nox) (Version: 7.0.1.9 - Duodian Technology Co. Ltd.)
NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.24.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.38.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.94 - NVIDIA Corporation)
NVIDIA Pilote graphique 497.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 497.09 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.108.49699 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{04837102-5af2-4553-bb12-acb9ff136fea}) (Version: latest - ppy Pty Ltd)
Parsec (HKLM-x32\...\Parsec) (Version: 150-78 - Parsec Cloud Inc.)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.6.1215.121004 - Razer Inc.)
Roblox Player for User (HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\roblox-player) (Version: - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.51.568 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TLauncher (HKLM-x32\...\TLauncher2.82) (Version: 2.82 - TLauncher Inc.)
Windows-PC-Integritätsprüfung (HKLM\...\{68C9C2A4-C212-4310-AB68-12F97050A416}) (Version: 3.2.2110.14001 - Microsoft Corporation)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Packages:
=========
Deezer Music -> C:\Program Files\WindowsApps\Deezer.62021768415AF_5.30.120.0_x86__q7m17pa7q8kj0 [2021-12-11] (Deezer SA)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.22.2.0_x64__6rarf9sa4v8jt [2021-12-16] (Disney)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_133.1.340.0_x64__v10z8vjag6ke6 [2021-12-28] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-10-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-10-24] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12030.0_x64__8wekyb3d8bbwe [2021-12-11] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-12-08] (NVIDIA Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0 [2021-12-11] (Spotify AB) [Startup Task]
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-3347196526-849318526-2607168189-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3347196526-849318526-2607168189-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3347196526-849318526-2607168189-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3347196526-849318526-2607168189-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3347196526-849318526-2607168189-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3347196526-849318526-2607168189-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-12-31] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_642e50d7b66aa2a4\nvshext.dll [2021-11-27] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-12-31] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Avec liste blanche) ====================
==================== Raccourcis & WMI ========================
==================== Modules chargés (Avec liste blanche) =============
2021-10-23 19:51 - 2021-10-06 02:30 - 126961152 _____ () [Fichier non signé] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2021-10-23 19:51 - 2021-10-06 02:30 - 000384000 _____ () [Fichier non signé] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2021-10-23 19:51 - 2021-10-06 02:30 - 008006656 _____ () [Fichier non signé] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [Fichier non signé] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoFoundation.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000207872 _____ (Applied Informatics Software Engineering GmbH) [Fichier non signé] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoJSON.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000810496 _____ (Applied Informatics Software Engineering GmbH) [Fichier non signé] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNet.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000238592 _____ (Applied Informatics Software Engineering GmbH) [Fichier non signé] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNetSSLWin.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000335360 _____ (Applied Informatics Software Engineering GmbH) [Fichier non signé] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoUtil.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000455168 _____ (Applied Informatics Software Engineering GmbH) [Fichier non signé] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoXML.dll
2021-12-28 20:57 - 2021-12-28 20:58 - 116802560 _____ (HP Development Company, L.P.) [Fichier non signé] C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_133.1.340.0_x64__v10z8vjag6ke6\HP.Smart.dll
2021-12-28 20:57 - 2021-12-28 20:58 - 007170048 _____ (HP Development Company, L.P.) [Fichier non signé] C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_133.1.340.0_x64__v10z8vjag6ke6\HPPageLift.UWP.dll
2021-11-16 20:17 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [Fichier non signé] C:\Program Files\7-Zip\7-zip.dll
2021-10-23 19:51 - 2021-10-06 02:30 - 000983552 _____ (The Chromium Authors) [Fichier non signé] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2021-10-23 21:54 - 2021-10-23 21:54 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-10-23 21:54 - 2021-10-23 21:54 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\Origin\ssleay32.dll
2021-12-08 09:44 - 2021-12-08 09:44 - 002815488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2021-12-08 09:44 - 2021-12-08 09:44 - 000678400 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2021-10-23 21:54 - 2021-10-23 21:54 - 001611264 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-12-15 19:34 - 2021-10-23 21:54 - 005487104 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Core.dll
2021-12-15 19:34 - 2021-10-23 21:54 - 005841920 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Gui.dll
2021-12-15 19:34 - 2021-10-23 21:54 - 001179136 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Network.dll
2021-12-15 19:34 - 2021-10-23 21:54 - 000146432 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-12-15 19:34 - 2021-10-23 21:54 - 005089792 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-12-15 19:34 - 2021-10-23 21:54 - 000184832 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Xml.dll
2021-12-08 09:44 - 2021-12-08 09:44 - 000046592 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2021-12-08 09:44 - 2021-12-08 09:44 - 006270976 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2021-12-08 09:44 - 2021-12-08 09:44 - 001389568 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2021-12-08 09:44 - 2021-12-08 09:44 - 000157184 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
2021-12-08 09:44 - 2021-12-08 09:44 - 000210432 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Xml.dll
==================== Alternate Data Streams (Avec liste blanche) ========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [8666]
==================== Mode sans échec (Avec liste blanche) ==================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) =================
==================== Internet Explorer (Avec liste blanche) ==========
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_311\bin\ssv.dll [2021-10-28] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_311\bin\jp2ssv.dll [2021-10-28] (Oracle America, Inc. -> Oracle Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2019-12-07 10:14 - 2021-12-18 17:26 - 000002336 _____ C:\Windows\system32\drivers\etc\hosts
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
109.94.209.70 www.fitgirlpack.site # Fake FitGirl site
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;
HKU\S-1-5-21-3347196526-849318526-2607168189-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\fond d'ecran venom.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu est activé.
Network Binding:
=============
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 3: NordVPN LightWeight Firewall -> NordLwf (enabled)
WLAN: NordVPN LightWeight Firewall -> NordLwf (enabled)
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
HKLM\...\StartupApproved\StartupFolder: => "WinZip Préchargeur.lnk"
HKLM\...\StartupApproved\Run: => "THX0521Helper"
HKLM\...\StartupApproved\Run: => "THX22adHelper"
HKLM\...\StartupApproved\Run: => "WinZip UN"
HKLM\...\StartupApproved\Run: => "DisplayTune.exe"
HKLM\...\StartupApproved\Run: => "AOC G-Menu"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\StartupApproved\Run: => "Parsec.App.0"
HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\StartupApproved\Run: => "ut"
HKU\S-1-5-21-3347196526-849318526-2607168189-1000\...\StartupApproved\Run: => "NordVPN"
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{E073B6E4-3193-4D45-8A18-4B385EAB0AD5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{955EED9C-FBBC-477A-8382-67C97C69F70C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9CAC0D96-BD09-4550-8D59-37E9F5502E55}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EADC04A7-AEE2-4703-BC05-72AF6EDD90B9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5C514B5B-6C60-4875-AA3A-CF44DA47381E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EB5F0D2E-1E23-469E-986B-B0DAADBC8C94}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{96FDFD94-8518-456A-8B1D-329D4A175232}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe (gamigo AG -> Trion Worlds Inc.)
FirewallRules: [{63557573-95F1-4E17-90D6-763645E2B0DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe (gamigo AG -> Trion Worlds Inc.)
FirewallRules: [TCP Query User{59920961-B3E2-403B-A0F8-709089FD4FEB}C:\program files\az-launcher\az-launcher.exe] => (Allow) C:\program files\az-launcher\az-launcher.exe () [Fichier non signé]
FirewallRules: [UDP Query User{1213BDE6-7A73-4F9D-A942-C914849BB745}C:\program files\az-launcher\az-launcher.exe] => (Allow) C:\program files\az-launcher\az-launcher.exe () [Fichier non signé]
FirewallRules: [{A6BCC243-9758-43FB-959E-4ED490B64F2A}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{0550E4CD-5B78-4E0C-AB78-B1353336C78D}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{B03143FB-5297-411B-80E3-FD9C43C79D76}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E6E3D45E-86D9-4F9B-AEA5-E3D25C8ECC9F}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E1E9CA89-2180-4D57-A454-61E4FEE5D552}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C0666BEE-3CA0-4F47-93DE-378823023CA0}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{AEC18014-A0F2-4907-822B-22AAD8045FE3}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{06D7962F-7219-4245-832F-FE9779E2A2B4}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{211C0233-44AB-43DA-9798-15661D40C06B}] => (Allow) C:\Program Files (x86)\MaskVPN\mask_svc.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)
FirewallRules: [{0D078138-DC21-4F79-9C46-2C548706843A}] => (Allow) C:\Program Files (x86)\MaskVPN\MaskVPN.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)
FirewallRules: [{BE784254-CB2E-4D62-ABF7-226C9F3318F3}] => (Allow) C:\Program Files (x86)\MaskVPN\MaskVPNUpdate.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)
FirewallRules: [{40D2EDDF-76EA-4C4D-8BBA-E596E0A1B2D1}] => (Allow) C:\Program Files (x86)\MaskVPN\tunnle.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)
FirewallRules: [TCP Query User{965B1E62-E872-4759-9CB4-2F837A815475}C:\users\user\downloads\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe] => (Allow) C:\users\user\downloads\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe () [Fichier non signé]
FirewallRules: [UDP Query User{2BAAD6BC-A624-496C-B432-596A069D8E62}C:\users\user\downloads\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe] => (Allow) C:\users\user\downloads\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe () [Fichier non signé]
FirewallRules: [TCP Query User{319341DB-2654-4070-9F85-A874654A2A79}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{FF229480-2AD8-458A-8BB4-0C9EFCB87077}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [TCP Query User{A72B417F-C645-407C-91BC-545F3598F8E7}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{BD8F2F0A-3F39-46DC-9C28-E7A315393034}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{1E8C2A56-CA75-4B2E-8BD0-16B4DFD06F5D}C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{96A0A3D4-17A8-4F1D-9A63-132820959EB4}C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{B9FAC48F-B9FC-4273-85B4-C652DF5A23C2}C:\users\user\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\user\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{32612C3D-8F03-446F-9D82-829A31F4B002}C:\users\user\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\user\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [{BAC5D22C-8CBC-457A-8419-F0211E5E5851}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\King of Seas\KOS.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [{F1B885D0-6527-48C4-8E5F-5EDAFC41E5BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\King of Seas\KOS.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [TCP Query User{007B5C56-3069-4FB5-8FF4-DB5ECD8CA0A2}C:\program files (x86)\steam\steamapps\common\king of seas\kos\binaries\win64\kos-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\king of seas\kos\binaries\win64\kos-win64-shipping.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [UDP Query User{0A068963-C0EF-4D23-B9A4-1564DA97B0B2}C:\program files (x86)\steam\steamapps\common\king of seas\kos\binaries\win64\kos-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\king of seas\kos\binaries\win64\kos-win64-shipping.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [TCP Query User{17E5CBF0-55EC-48AD-9E7D-26E8CB24BE82}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => Pas de fichier
FirewallRules: [UDP Query User{759D7363-B528-4067-9049-E06DC0148EBE}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => Pas de fichier
FirewallRules: [TCP Query User{388AAB9D-12F8-4D79-826B-75CD382E6D7A}C:\users\user\appdata\local\programs\nanoleaf smarter series\nanoleaf smarter series.exe] => (Allow) C:\users\user\appdata\local\programs\nanoleaf smarter series\nanoleaf smarter series.exe => Pas de fichier
FirewallRules: [UDP Query User{56606AB5-EFB6-4F7D-B19D-9BEA3F9493C6}C:\users\user\appdata\local\programs\nanoleaf smarter series\nanoleaf smarter series.exe] => (Allow) C:\users\user\appdata\local\programs\nanoleaf smarter series\nanoleaf smarter series.exe => Pas de fichier
FirewallRules: [TCP Query User{5052EC7A-D331-4ADB-8CC0-457B7F71538F}C:\users\user\appdata\local\programs\nanoleaf smarter series\nanoleaf desktop app.exe] => (Allow) C:\users\user\appdata\local\programs\nanoleaf smarter series\nanoleaf desktop app.exe (Nanoleaf Canada Limited -> Nanoleaf)
FirewallRules: [UDP Query User{6B86F3EE-554B-4E9C-A622-5E16B5B42CDF}C:\users\user\appdata\local\programs\nanoleaf smarter series\nanoleaf desktop app.exe] => (Allow) C:\users\user\appdata\local\programs\nanoleaf smarter series\nanoleaf desktop app.exe (Nanoleaf Canada Limited -> Nanoleaf)
FirewallRules: [TCP Query User{61299303-8417-47D4-A21D-50FA00313E10}C:\users\user\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\user\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => Pas de fichier
FirewallRules: [UDP Query User{C292CFBD-F516-41B0-855F-519401D06A9C}C:\users\user\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\user\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => Pas de fichier
FirewallRules: [{DA319644-2B2E-4992-AD3F-CFC7764D9444}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{90ECA909-F49B-4B53-9FE4-859EBB160DC3}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{0D6D46E1-4D1A-4C8C-9A0D-01F5D5FB0AA6}] => (Allow) C:\Program Files\Parsec\parsecd.exe (Parsec Cloud, Inc. -> Parsec)
FirewallRules: [{3FADF398-2DA1-49B8-A253-830FE7965A41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crab Game\Crab Game.exe () [Fichier non signé]
FirewallRules: [{119478AA-1872-4867-A459-1DB9CE7E52D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crab Game\Crab Game.exe () [Fichier non signé]
FirewallRules: [{10C7B874-31A6-4A8A-BB10-304B77F4C9F3}] => (Allow) C:\Users\User\AppData\Local\Programs\Opera\81.0.4196.37\opera.exe => Pas de fichier
FirewallRules: [TCP Query User{AA52ED36-4C0E-4D07-9920-55C96975DAA9}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{464C2A89-BAA1-440F-99B1-BF012AF74E3E}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{1B54DE18-EA75-4039-959B-307AAF66A571}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{113D3BC6-31EC-42B1-8ABE-4B5CC5BCE1C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{6AFCF32A-E77F-46CC-A8B9-A1D2EFBFEA47}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{1945D63D-35C6-459B-A8AF-78ED2B4A9055}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{6C5D9623-CEC5-42BC-8F45-AAEE4AB9676B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{FAD17DEC-8EC9-46C2-9EB4-006E11ACE505}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{5E8E599E-F533-42CB-A8C7-2603F9599279}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{E6C36F51-8724-4C3C-9B1C-37B0B9EB5898}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{58744F6F-C7FE-4AD7-9552-A27074F971C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{75A85227-B9FD-4F47-ACC6-A4D65AE52110}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{1A388033-9110-41D1-9777-CBD97AE71184}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [Fichier non signé]
FirewallRules: [UDP Query User{FE1FB6E3-9880-47E9-B58E-1C04C8DF958D}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [Fichier non signé]
FirewallRules: [TCP Query User{D82C2CB6-CC1C-4B25-B1A4-32A5FE5CC966}D:\forza.horizon.5.premium.edition.steam.rip-insaneramzes\forzahorizon5\forzahorizon5.exe] => (Allow) D:\forza.horizon.5.premium.edition.steam.rip-insaneramzes\forzahorizon5\forzahorizon5.exe () [Fichier non signé]
FirewallRules: [UDP Query User{0512A86B-F317-4D55-8C4D-4B3706036D52}D:\forza.horizon.5.premium.edition.steam.rip-insaneramzes\forzahorizon5\forzahorizon5.exe] => (Allow) D:\forza.horizon.5.premium.edition.steam.rip-insaneramzes\forzahorizon5\forzahorizon5.exe () [Fichier non signé]
FirewallRules: [TCP Query User{F4CF01E2-E0FB-476A-9591-FCA23C0D9B6A}C:\users\user\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\user\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{86263190-F863-460F-BC86-3144E0233C88}C:\users\user\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\user\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [{15239438-ABDC-4FF7-8F19-9608D0BD9898}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Pas de fichier
FirewallRules: [{5A22C335-A0F9-4DB2-A0DC-3750ECACACBE}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Pas de fichier
FirewallRules: [{5DFBA573-6437-4454-BFA5-EDF97A100B4C}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems)
FirewallRules: [{A28B555E-FC2E-43FC-A059-E6C28DC19596}] => (Allow) C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [{D9F0CF2E-3831-4743-88A1-C13C6F8854B2}] => (Allow) C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [{6AD2A262-AB6A-4C5C-95D1-6AF015892C24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3FFA1339-DD4F-4FB4-BA14-E22E10DD6613}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AF2A3F52-9693-4A0E-9BBC-765E125C8846}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D2C23B47-46FC-4097-A57A-BFEC07514E66}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{29F668C0-5AC6-48DA-A778-60BC76471854}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1A32FC0E-AE5A-4731-8DA9-B1AC4D7F92A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DD432F42-CCAF-4ECB-9756-4E302CD38426}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8E8D8815-C795-4D6D-B55B-26786E09B564}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6BEBBC2F-62C9-4374-8103-DC031BB369F5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FF0D5AAB-A267-4A61-8342-A165BDA12C84}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BC746684-D3E4-4CE9-9583-12073D81CFFF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E946837E-227B-49D2-9C46-4C4ECC3DA015}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{C10E9140-EF42-4B87-ADE8-231426285F34}D:\gtav\gtav\gta5.exe] => (Allow) D:\gtav\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{8D192FE2-16AC-4EE7-B55C-D4869E04FFA1}D:\gtav\gtav\gta5.exe] => (Allow) D:\gtav\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{42EEE4C1-6539-4DEA-8C4D-A69D565D15F7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D54D7F4C-3D7C-494A-8AA2-0943D1A757ED}] => (Allow) D:\Program Files\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.)
FirewallRules: [{4D1C42AC-E7F4-44DF-9B68-B38D9CD3FBEB}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe (Nox Limited -> Nox Limited Corporation)
FirewallRules: [{D2A3D096-65F4-4D4E-9FC9-5065DDD842D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F2D60BAD-CD2B-41D1-85E6-78ED04AAEFAC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{678C39E4-9910-4054-8397-69BE62CDC272}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{4D2EDCAE-47C6-477C-8975-A1F18DFAF255}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{80292887-F058-40D1-88BB-C2153DC4EFA8}C:\users\user\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\user\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{237FFD27-0BCF-4738-8899-D043FF78889D}C:\users\user\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\user\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
==================== Points de restauration =========================
27-12-2021 15:58:23 Geplanter Prüfpunkt
==================== Éléments en erreur du Gestionnaire de périphériques ============
Name: HID-compliant headset
Description: HID-compliant headset
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (12/31/2021 12:47:17 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x800704CF
Arguments de la ligne de commande :
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (12/31/2021 12:47:03 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x800704CF
Arguments de la ligne de commande :
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=UserLogon;SessionId=2
Error: (12/31/2021 02:41:47 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: L’optimiseur de stockage n’a pas pu terminer erneut optimieren sur Volume (D:) car : Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)
Error: (12/31/2021 02:29:30 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x803F7001
Arguments de la ligne de commande :
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (12/31/2021 01:23:02 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-CTOEBHD$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep :
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 31 Dec 2021 00:22:13 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: f88d5a66-2133-4d59-9795-090ebe4fa594
Méthode : GET(281ms)
Étape : GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (12/31/2021 01:22:41 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x803F7001
Arguments de la ligne de commande :
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (12/31/2021 01:22:41 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x803F7001
Arguments de la ligne de commande :
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (12/31/2021 12:53:43 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-CTOEBHD$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep :
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Thu, 30 Dec 2021 23:52:55 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 03e5924b-c5e3-4443-ac61-01dbcff2321c
Méthode : GET(375ms)
Étape : GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Erreurs système:
=============
Error: (12/31/2021 02:29:41 AM) (Source: Schannel) (EventID: 4103) (User: NT-AUTORITÄT)
Description: Une erreur irrécupérable s'est produite lors de la création des informations d'identification Client pour TLS. État d'erreur interne : 10013.
Error: (12/31/2021 01:23:00 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service RasMan dépend du service SstpSvc qui n’a pas pu démarrer en raison de l’erreur :
L’opération a réussi.
Error: (12/31/2021 01:22:29 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 00:53:20 le 31.12.2021 n’était pas prévu.
Error: (12/31/2021 12:53:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service EABackgroundService n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (12/31/2021 12:53:29 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (45000 millisecondes) a été atteint lors de l’attente de la connexion du service EABackgroundService.
Error: (12/30/2021 12:04:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service EABackgroundService n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (12/30/2021 12:04:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (45000 millisecondes) a été atteint lors de l’attente de la connexion du service EABackgroundService.
Error: (12/30/2021 12:03:21 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CTOEBHD)
Description: Le serveur Microsoft.Windows.Search_1.14.2.19041_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXf8r3d8cn5hd71h9jyzah6ak9f3shj2d2.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Windows Defender:
================
Date: 2021-12-31 00:49:53
Description:
Microsoft Defender Antivirus a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/CryptInject!MSR&threatid=2147742967&enterprise=0
Nom : Trojan:Win32/CryptInject!MSR
ID : 2147742967
Gravité : Schwerwiegend
Catégorie : Trojaner
Chemin : containerfile:_C:\Users\User\Pictures\Adobe Films\dn8QNUrPXaNvHip5ztrVroSk.exe; file:_C:\Users\User\Pictures\Adobe Films\dn8QNUrPXaNvHip5ztrVroSk.exe; file:_C:\Users\User\Pictures\Adobe Films\dn8QNUrPXaNvHip5ztrVroSk.exe->(VFS:pidHTSIGEi8DrAmaYu9K8ghN89.dll); process:_pid:8204,ProcessStart:132853769937164270
Origine de la détection : Lokaler Computer
Type de détection : Konkret
Source de détection : Benutzer
Utilisateur : DESKTOP-CTOEBHD\User
Nom du processus : C:\Users\User\Pictures\Adobe Films\dn8QNUrPXaNvHip5ztrVroSk.exe
Version de la veille de sécurité : AV: 1.355.1114.0, AS: 1.355.1114.0, NIS: 1.355.1114.0
Version du moteur : AM: 1.1.18800.4, NIS: 1.1.18800.4
Date: 2021-12-31 00:48:18
Description:
Microsoft Defender Antivirus a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Formbook!MTB&threatid=2147740231&enterprise=0
Nom : Trojan:Win32/Formbook!MTB
ID : 2147740231
Gravité : Schwerwiegend
Catégorie : Trojaner
Chemin : file:_C:\Users\User\AppData\Local\Temp\Svpxda\fv1t-6tzfmtqzi.exe
Origine de la détection : Lokaler Computer
Type de détection : Konkret
Source de détection : Echtzeitschutz
Utilisateur : DESKTOP-CTOEBHD\User
Nom du processus : C:\Windows\explorer.exe
Version de la veille de sécurité : AV: 1.355.1114.0, AS: 1.355.1114.0, NIS: 1.355.1114.0
Version du moteur : AM: 1.1.18800.4, NIS: 1.1.18800.4
Date: 2021-12-31 00:46:43
Description:
Microsoft Defender Antivirus a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Formbook!MTB&threatid=2147740231&enterprise=0
Nom : Trojan:Win32/Formbook!MTB
ID : 2147740231
Gravité : Schwerwiegend
Catégorie : Trojaner
Chemin : file:_C:\Users\User\AppData\Local\Temp\Svpxda\fv1t-6tzfmtqzi.exe
Origine de la détection : Lokaler Computer
Type de détection : Konkret
Source de détection : Echtzeitschutz
Utilisateur : DESKTOP-CTOEBHD\User
Nom du processus : C:\Windows\explorer.exe
Version de la veille de sécurité : AV: 1.355.1114.0, AS: 1.355.1114.0, NIS: 1.355.1114.0
Version du moteur : AM: 1.1.18800.4, NIS: 1.1.18800.4
Date: 2021-12-31 00:44:45
Description:
Microsoft Defender Antivirus a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Formbook!MTB&threatid=2147740231&enterprise=0
Nom : Trojan:Win32/Formbook!MTB
ID : 2147740231
Gravité : Schwerwiegend
Catégorie : Trojaner
Chemin : file:_C:\Users\User\AppData\Local\Temp\Svpxda\fv1t-6tzfmtqzi.exe
Origine de la détection : Lokaler Computer
Type de détection : Konkret
Source de détection : Echtzeitschutz
Utilisateur : DESKTOP-CTOEBHD\User
Nom du processus : C:\Windows\explorer.exe
Version de la veille de sécurité : AV: 1.355.1114.0, AS: 1.355.1114.0, NIS: 1.355.1114.0
Version du moteur : AM: 1.1.18800.4, NIS: 1.1.18800.4
Date: 2021-12-31 00:43:10
Description:
Microsoft Defender Antivirus a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Formbook!MTB&threatid=2147740231&enterprise=0
Nom : Trojan:Win32/Formbook!MTB
ID : 2147740231
Gravité : Schwerwiegend
Catégorie : Trojaner
Chemin : file:_C:\Users\User\AppData\Local\Temp\Svpxda\fv1t-6tzfmtqzi.exe
Origine de la détection : Lokaler Computer
Type de détection : Konkret
Source de détection : Echtzeitschutz
Utilisateur : DESKTOP-CTOEBHD\User
Nom du processus : C:\Windows\explorer.exe
Version de la veille de sécurité : AV: 1.355.1114.0, AS: 1.355.1114.0, NIS: 1.355.1114.0
Version du moteur : AM: 1.1.18800.4, NIS: 1.1.18800.4
CodeIntegrity:
===============
Date: 2021-12-26 19:51:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2021-12-26 19:51:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Infos Mémoire ===========================
BIOS: American Megatrends Inc. H.30 11/30/2020
Carte mère: Micro-Star International Co., Ltd B450 TOMAHAWK MAX II (MS-7C02)
Processeur: AMD Ryzen 5 5600X 6-Core Processor
Pourcentage de mémoire utilisée: 39%
Mémoire physique - RAM - totale: 16309.73 MB
Mémoire physique - RAM - disponible: 9809.96 MB
Mémoire virtuelle totale: 18741.73 MB
Mémoire virtuelle disponible: 9387.35 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:446.5 GB) (Free:74.06 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.5 GB) (Free:131.33 GB) NTFS
\\?\Volume{758a4e58-8b22-4eaa-be7b-21aa776a3f27}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{ab856196-1a1a-4609-9abc-120932518fbb}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Fin de Addition.txt =======================