Addition.txt

Document joint : LAdvlJRpXCZ_Addition.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Exécuté par phil (03-01-2022 21:32:57)
Exécuté depuis C:\Users\phil\Desktop
Microsoft Windows 10 Famille Version 21H2 19044.1415 (X64) (2020-08-04 17:58:58)
Mode d'amorçage: Normal
==========================================================

==================== Comptes: =============================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

Administrateur (S-1-5-21-3350074539-423247391-1307942942-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3350074539-423247391-1307942942-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3350074539-423247391-1307942942-1002 - Limited - Enabled)
Invité (S-1-5-21-3350074539-423247391-1307942942-501 - Limited - Disabled)
phil (S-1-5-21-3350074539-423247391-1307942942-1001 - Administrator - Enabled) => C:\Users\phil
WDAGUtilityAccount (S-1-5-21-3350074539-423247391-1307942942-504 - Limited - Disabled)

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
AceMoney Lite (HKLM-x32\...\AceMoney Lite_is1) (Version: - MechCAD Software)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1036-1033-7760-BC15014EA700}) (Version: 21.007.20099 - Adobe)
AlienFX for IskuFX (HKLM\...\{2C3FC2CC-0A8B-409E-B487-8CD54F4DC1D4}) (Version: 1.02 - Roccat GmbH) Hidden
AlienFX for IskuFX (HKLM-x32\...\InstallShield_{2C3FC2CC-0A8B-409E-B487-8CD54F4DC1D4}) (Version: 1.02 - Roccat GmbH)
AOMEI Partition Assistant Standard Edition 5.6 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
ATI AVIVO64 Codecs (HKLM\...\{86E42509-8029-7678-F522-0636D80CD277}) (Version: 11.6.0.10524 - ATI Technologies Inc.) Hidden
Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 21.5.2470 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 96.1.13589.111 - Auteurs de Avast Secure Browser)
CCleaner (HKLM\...\CCleaner) (Version: 5.87 - Piriform)
Contrôle d’intégrité du PC Windows (HKLM\...\{0150BDB3-AFFD-47A1-ADB8-DE06658EB3B2}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Discord (HKU\S-1-5-21-3350074539-423247391-1307942942-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Driver Booster 9 (HKLM-x32\...\Driver Booster_is1) (Version: 9.1.0 - IObit)
Dropbox (HKU\S-1-5-21-3350074539-423247391-1307942942-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Farming Simulator 19 (HKLM-x32\...\FarmingSimulator2019_is1) (Version: 1.7.1 - GIANTS Software)
Farming Simulator 22 (HKLM-x32\...\FarmingSimulator2022_is1) (Version: 1.0.0 - GIANTS Software)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
FreeMi UPnP Media Server (HKLM\...\FreeMi UPnP Media Server) (Version: 2.0.8 - Stéphane Mitermite)
GIANTS Editor 6.0.3 64-bit (HKLM-x32\...\giants_editor_6.0.3_win64_is1) (Version: 6.0.3 - GIANTS Software GmbH)
Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - Gigabyte Technology Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.110 - Google LLC)
HP Support Solutions Framework (HKLM-x32\...\{C6EF8EAA-2B44-4FC1-8DCD-3A1A5649FCA2}) (Version: 12.12.32.3 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.4.11.149 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.11.149 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft Office Professionnel Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E876418F-BE59-4D8C-B9A5-74B056B676FA}) (Version: 2.93.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 95.0.2 (x64 fr)) (Version: 95.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 95.0.2.8022 - Mozilla)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 5.0.0.25 - MSI)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 8.1.9.3 - Notepad++ Team)
NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.24.0.123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.123 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.38.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.94 - NVIDIA Corporation)
NVIDIA Pilote graphique 497.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 497.29 - NVIDIA Corporation)
Outlook (HKU\S-1-5-21-3350074539-423247391-1307942942-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
PowerPoint (HKU\S-1-5-21-3350074539-423247391-1307942942-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9071.1 - Realtek Semiconductor Corp.)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0013 - Roccat GmbH)
Savu Mouse (HKLM-x32\...\{6F4B8EA6-4546-4160-A05F-0706F7DC1EFF}) (Version: 1.1.9 - ROCCAT GmbH)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.2 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TomTom HOME (HKLM-x32\...\{9F1953B3-B0EE-402C-A29F-A8AB775A6D1D}) (Version: 2.11.3 - Nom de votre société)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
Tt eSPORTS ShockONE gaming headset Driver V1.0 (HKLM-x32\...\{4B4DB54B-A017-4E82-8995-AC752FEBCDD8}_is1) (Version: - Ttesports Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WD SmartWare (HKLM\...\{604CB4FC-3D32-405F-A109-165F170529B6}) (Version: 1.2.0.8 - Western Digital)
WinRAR 5.71 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Word (HKU\S-1-5-21-3350074539-423247391-1307942942-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)
XviD MPEG-4 Video Codec (HKLM-x32\...\xvid) (Version: - XviD Development Team)

Packages:
=========
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-09] (Microsoft Corporation)
Excel -> C:\Program Files\WindowsApps\excel.office.com-4362FB92_1.0.0.6_neutral__2vp2pd36ganw2 [2021-11-07] (excel.office.com)
Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_133.1.340.0_x64__v10z8vjag6ke6 [2021-12-14] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-09] (Microsoft Corporation) [MS Ad]
Microsoft Midi gm.dls -> C:\Program Files\WindowsApps\Microsoft.Midi.GmDls_1.0.1.0_neutral__8wekyb3d8bbwe [2020-03-30] (Microsoft Platform Extensions)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12160.0_x64__8wekyb3d8bbwe [2021-12-22] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-12-26] (NVIDIA Corp.)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-01-23] (Adobe Systems Incorporated)
Word -> C:\Program Files\WindowsApps\word.office.com-CECA1A7F_1.0.0.1_neutral__jc2kecmnkxwqc [2021-11-07] (word.office.com)
WPS Office Suite - PDF, Word, Spreadsheet, Slide View & Edit -> C:\Program Files\WindowsApps\ZhuhaiKingsoftOfficeSoftw.WPSOffice2019_11.2.10307.0_x86__924xes6e8q1tw [2021-10-12] (Kingsoft Office Software Corporation Limited)

==================== Personnalisé CLSID (Avec liste blanche): ==============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-3350074539-423247391-1307942942-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\phil\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3350074539-423247391-1307942942-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\phil\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3350074539-423247391-1307942942-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\phil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3350074539-423247391-1307942942-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\phil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3350074539-423247391-1307942942-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\phil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3350074539-423247391-1307942942-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\phil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Pas de nom - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-07-03] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\phil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\phil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\phil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\phil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-07-03] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\phil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\phil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\phil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2021-12-08] (Notepad++ -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-07-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-07-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> Pas de fichier
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Pas de fichier
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\nvshext.dll [2021-12-15] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-07-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3350074539-423247391-1307942942-1001: [DropboxExt] -> [CC]{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> Pas de fichier
ContextMenuHandlers4_S-1-5-21-3350074539-423247391-1307942942-1001: [DropboxExt] -> [CC]{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> Pas de fichier
ContextMenuHandlers5_S-1-5-21-3350074539-423247391-1307942942-1001: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\phil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)

==================== Codecs (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [Fichier non signé]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [Fichier non signé]
HKLM\...\Drivers32-x32: [vidc.asv2] => asusasv2.dll
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll

==================== Raccourcis & WMI ========================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

ShortcutWithArgument: C:\Users\phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb --app-url=hxxps://outlook.com/
ShortcutWithArgument: C:\Users\phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf --app-url=hxxps://powerpoint.office.com/
ShortcutWithArgument: C:\Users\phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi --app-url=hxxps://word.office.com/

==================== Modules chargés (Avec liste blanche) =============

==================== Alternate Data Streams (Avec liste blanche) ========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)

AlternateDataStreams: C:\Users\phil\Documents\Image (2).bmp:3or4kl4x13tuuug3Byamue2s4b [101]
AlternateDataStreams: C:\Users\phil\Documents\Image (2).bmp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Mode sans échec (Avec liste blanche) ==================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Avec liste blanche) =================

==================== Internet Explorer (Avec liste blanche) ==========

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Skype Software Sarl -> Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [Fichier non signé]
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Skype Software Sarl -> Microsoft Corporation)

==================== Hosts contenu: =========================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2009-07-14 03:34 - 2019-01-04 13:24 - 000000828 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Autres zones ===========================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-3350074539-423247391-1307942942-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Fond d’écran.bmp
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Pas de fichier)
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: avast => 2
MSCONFIG\Services: avast! Tools => 2
MSCONFIG\Services: avastm => 3
MSCONFIG\Services: AvastSecureBrowserElevationService => 3
MSCONFIG\Services: c2cautoupdatesvc => 2
MSCONFIG\Services: c2cpnrsvc => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: FvSvc => 3
MSCONFIG\Services: GamingApp_Service => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: HPPrintScanDoctorService => 2
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: Microsoft SharePoint Workspace Audit Service => 3
MSCONFIG\Services: MozillaMaintenance => 2
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamNetworkSvc => 3
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: NvTelemetryContainer => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: ss_conn_service => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: TomTomHOMEService => 2
MSCONFIG\Services: WDDMService => 2
MSCONFIG\Services: WDSmartWareBackgroundService => 2
MSCONFIG\Services: WsAppService => 2
MSCONFIG\Services: WsDrvInst => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Roccat Talk.lnk => C:\Windows\pss\Roccat Talk.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WDDMStatus.lnk => C:\Windows\pss\WDDMStatus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WDSmartWare.lnk => C:\Windows\pss\WDSmartWare.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^phil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^phil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 - Capture d’écran et lancement.lnk => C:\Windows\pss\OneNote 2010 - Capture d’écran et lancement.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Discord => C:\Users\phil\AppData\Local\Discord\app-0.0.301\Discord.exe
MSCONFIG\startupreg: DriverMax_RESTART => "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -RESTART
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Live Update => C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
MSCONFIG\startupreg: Malwarebytes TrayApp => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\RAPTRS~1.EXE --startup
MSCONFIG\startupreg: ROCCAT Savu Gaming Mouse => "C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe" /Automation
MSCONFIG\startupreg: RoccatIskuFX => "C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe"
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s
MSCONFIG\startupreg: Ttesports => C:\Program Files (x86)\Ttesports\ShockONE\ShockTray.exe
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "ROCCAT Savu Gaming Mouse"
HKU\S-1-5-21-3350074539-423247391-1307942942-1001\...\StartupApproved\StartupFolder: => "OneNote 2010 - Capture d’écran et lancement.lnk"
HKU\S-1-5-21-3350074539-423247391-1307942942-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3350074539-423247391-1307942942-1001\...\StartupApproved\Run: => "OfficeSyncProcess"
HKU\S-1-5-21-3350074539-423247391-1307942942-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3350074539-423247391-1307942942-1001\...\StartupApproved\Run: => "Adobe Reader Synchronizer"

==================== RèglesPare-feu (Avec liste blanche) ================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [UDP Query User{36EF5D6C-92AC-4177-AC3C-9DFAD62A2385}C:\program files\microsoft office\office14\groove.exe] => (Block) C:\program files\microsoft office\office14\groove.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{55D2BE59-D27D-49A3-AA4E-A7ABB8D29190}C:\program files\microsoft office\office14\groove.exe] => (Block) C:\program files\microsoft office\office14\groove.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6C4DB241-C9A4-4301-A7AA-2CA87458EC40}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{71AD1E01-80F0-44B1-870C-EF9D1B89342D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{2B3E4EBD-C61F-4D0B-AACB-C399771D01BD}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{42344255-71DE-497C-8705-16FD14211868}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A5361BFD-CD06-4FC1-B617-CC966827840B}] => (Allow) C:\Users\phil\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox -> Dropbox, Inc.)
FirewallRules: [{C496DC4D-5F3D-4422-AD34-FA851CD8F9A6}] => (Allow) C:\Users\phil\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox -> Dropbox, Inc.)
FirewallRules: [{640BD948-D971-45FE-AF5E-4244F2FA2BE2}] => (Allow) C:\Program Files\FreeMi UPnP Media Server\FreeMi UPnP Media Server.exe (Stéphane Mitermite) [Fichier non signé]
FirewallRules: [{736A7BEC-7187-43D2-A47A-1F9E3B768CC7}] => (Allow) C:\Program Files\FreeMi UPnP Media Server\FreeMi UPnP Media Server.exe (Stéphane Mitermite) [Fichier non signé]
FirewallRules: [TCP Query User{712D5008-E483-4667-BCDD-E6D9E3EFAAA3}C:\program files\freemi upnp media server\freemi upnp media server.exe] => (Allow) C:\program files\freemi upnp media server\freemi upnp media server.exe (Stéphane Mitermite) [Fichier non signé]
FirewallRules: [UDP Query User{B4F17D13-BC5F-422D-AB6F-B48F12CB39A6}C:\program files\freemi upnp media server\freemi upnp media server.exe] => (Allow) C:\program files\freemi upnp media server\freemi upnp media server.exe (Stéphane Mitermite) [Fichier non signé]
FirewallRules: [{75B70961-1711-432B-AD34-6C1EDF4008A2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E02FF1C4-D6AC-47CA-94C5-F239983DD399}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{45652E94-C959-4B96-B716-5F831D5402BE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4EECDC61-6EBE-4F83-BBE7-6A8D42E2D97E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1897DEA3-7F11-4A4D-87A2-25A048BFF741}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{88F5F55A-2225-456B-8B4C-DE56561AE584}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{8DFAC59C-CA45-4A82-8FB2-B5731370F9D2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5ED12105-557D-4C8D-8A2F-99F79F87DB68}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E2E36F99-DCC5-44BB-AE67-C1CD69994288}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe (Raptr, Inc -> Raptr, Inc)
FirewallRules: [{7001E581-5693-4AEF-ADA8-8A52D40A2C3D}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe (Raptr, Inc -> Raptr, Inc)
FirewallRules: [{61182F50-5727-43F6-9327-967BAE611A69}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe (Raptr, Inc -> Raptr, Inc)
FirewallRules: [{9789AEFD-9A2F-4602-9E4B-F3B83E82B6E5}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe (Raptr, Inc -> Raptr, Inc)
FirewallRules: [{266BDFDA-C854-496F-B4CF-FB9CCE765E32}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6AF7A828-7A4C-4E5E-9B21-C5CDB5C9E429}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{252A4342-2040-4FFE-9E7E-C2508F45C23B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fishing\FishingGame\Binaries\Win64\FishingGame-Win64-Shipping.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [{72BEEC26-C13E-4124-9093-41225A588B8F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fishing\FishingGame\Binaries\Win64\FishingGame-Win64-Shipping.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [{F08BA406-17E4-4D0A-8ABC-DDC119B5D454}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3F1463C9-67CE-40E8-93E4-19873A05F1BA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E419CC69-0876-421E-86C1-0CB787FF3E81}] => (Allow) C:\Program Files (x86)\Farming Simulator 2019\FarmingSimulator2019.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{8E4812DA-3169-4FFA-8545-3F11B0B91541}] => (Allow) C:\Program Files (x86)\Farming Simulator 2019\FarmingSimulator2019.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{BD490DF2-261C-4AED-9F5B-8B3F9BD0BFCD}] => (Allow) C:\Program Files (x86)\Farming Simulator 2019\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{C4252299-B1ED-43C3-80AB-6D29465E374D}] => (Allow) C:\Program Files (x86)\Farming Simulator 2019\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{DAA1019A-AE39-4FEE-9606-FBBDE45325D0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{E9B776C2-4F62-4B42-AA8F-C5A6D020BEDD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{313DAB69-8D17-4359-AE6C-6FC3E348F4EB}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{5CB84C78-08D6-49C2-9495-2919CBA3C49F}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{CA879554-F072-40AD-8A31-C794CC031B9E}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{9F0D1DDB-EDA8-437B-B1E3-EE91320AAD7F}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{35164BD8-5128-49D5-9FBC-5CB6257C5BD6}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{82057101-908C-4087-842B-0113EE401A2D}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{F0C7379E-26A6-4AA1-9B23-9101B53689A6}] => (Allow) C:\Program Files (x86)\Farming Simulator 2022\FarmingSimulator2022.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{DEABB14A-BA34-4D0E-8441-57AF3D5EEEA8}] => (Allow) C:\Program Files (x86)\Farming Simulator 2022\FarmingSimulator2022.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{D5837161-7100-4FB7-BF52-484737D6D9A9}] => (Allow) C:\Program Files (x86)\Farming Simulator 2022\x64\FarmingSimulator2022Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{F0664F4E-B5F5-49BD-A5D6-0164D0807D22}] => (Allow) C:\Program Files (x86)\Farming Simulator 2022\x64\FarmingSimulator2022Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [TCP Query User{DA6A6C9D-79A8-4D68-B553-A8DBF9EC23E7}C:\program files (x86)\farming simulator 2022\dedicatedserver.exe] => (Block) C:\program files (x86)\farming simulator 2022\dedicatedserver.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [UDP Query User{3273EFDA-DF9B-4004-B111-76B1D9B8EDB7}C:\program files (x86)\farming simulator 2022\dedicatedserver.exe] => (Block) C:\program files (x86)\farming simulator 2022\dedicatedserver.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{B0DCB73D-83F1-42A8-9640-1097EDF9544F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F439091E-EEBF-4309-B79E-9B5F71915FE1}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{39F082EE-54F2-4FC4-9185-88BD79ACCF40}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AF3994C1-A695-4942-997C-66987F70C206}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DB9BB6C8-8C24-498C-B70A-D011C520952C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B3C0C867-0ACA-43EF-BE95-57E31F703903}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{5A6F26BC-3355-4B0B-9446-942A1267D083}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{C6A6CAEE-1418-4F80-B564-71E554CB4C2E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{1342CCA3-86CA-4486-AFD9-7D88641890E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{B75C81E9-6DD1-41A1-BFCE-EF5CE8397E9F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{B0DD6627-180F-40DD-B663-7F14753734F6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{319D3B1B-577D-4D71-A0A3-BE03D388CE0C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)

==================== Points de restauration =========================

28-12-2021 09:30:13 Point de contrôle planifié

==================== Éléments en erreur du Gestionnaire de périphériques ============

==================== Erreurs du Journal des événements: ========================

Erreurs Application:
==================
Error: (01/02/2022 07:35:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante FarmingSimulator2022Game.exe, version : 9.0.0.0, horodatage : 0x61c0b4ab
Nom du module défaillant : FarmingSimulator2022Game.exe, version : 9.0.0.0, horodatage : 0x61c0b4ab
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000050325b
ID du processus défaillant : 0xeb0
Heure de début de l’application défaillante : 0x01d8000759059856
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Farming Simulator 2022\x64\FarmingSimulator2022Game.exe
Chemin d’accès du module défaillant: C:\Program Files (x86)\Farming Simulator 2022\x64\FarmingSimulator2022Game.exe
ID de rapport : f875f1e8-e2dd-45da-9fce-d1e0c845697b
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (01/02/2022 07:33:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante FarmingSimulator2022Game.exe, version : 9.0.0.0, horodatage : 0x61c0b4ab
Nom du module défaillant : FarmingSimulator2022Game.exe, version : 9.0.0.0, horodatage : 0x61c0b4ab
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000050325b
ID du processus défaillant : 0x2934
Heure de début de l’application défaillante : 0x01d80006d7c9ce53
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Farming Simulator 2022\x64\FarmingSimulator2022Game.exe
Chemin d’accès du module défaillant: C:\Program Files (x86)\Farming Simulator 2022\x64\FarmingSimulator2022Game.exe
ID de rapport : 104541db-1125-47fa-ae76-e8442e7645cb
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (01/02/2022 07:00:10 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Échec de la sauvegarde. Raison : une erreur d'écriture s'est produite à l'emplacement de sauvegarde (G:\). Erreur : Emplacement de sauvegarde introuvable ou non valide. Vérifiez-le en passant en revue vos paramètres de sauvegarde. (0x81000006).

Error: (01/01/2022 09:00:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme YourPhone.exe version 1.21113.36.0 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance.

ID de processus : fe4

Heure de début : 01d7feec28ece249

Heure d'arrêt : 4294967295

Chemin d'accès à l'application : C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21113.36.0_x64__8wekyb3d8bbwe\YourPhone.exe

ID de rapport : e719be4c-aa15-411d-b647-19a374b074ad

Nom complet du package défectueux : Microsoft.YourPhone_1.21113.36.0_x64__8wekyb3d8bbwe

ID de l'application relative à un package défectueux : App

Type de blocage : Quiesce

Error: (01/01/2022 07:42:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante FarmingSimulator2022Game.exe, version : 9.0.0.0, horodatage : 0x61c0b4ab
Nom du module défaillant : FarmingSimulator2022Game.exe, version : 9.0.0.0, horodatage : 0x61c0b4ab
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000050325b
ID du processus défaillant : 0x21fc
Heure de début de l’application défaillante : 0x01d7ff3f08b856e2
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Farming Simulator 2022\x64\FarmingSimulator2022Game.exe
Chemin d’accès du module défaillant: C:\Program Files (x86)\Farming Simulator 2022\x64\FarmingSimulator2022Game.exe
ID de rapport : 4b3d6718-d7ac-4a4d-907c-d5d088c4f55d
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (12/27/2021 09:35:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme Video.UI.exe version 10.21111.1051.0 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance.

ID de processus : 2840

Heure de début : 01d7fb611cdacf03

Heure d'arrêt : 4294967295

Chemin d'accès à l'application : C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.21111.10511.0_x64__8wekyb3d8bbwe\Video.UI.exe

ID de rapport : f0d03c02-80f3-447c-8962-857f01f9c19f

Nom complet du package défectueux : Microsoft.ZuneVideo_10.21111.10511.0_x64__8wekyb3d8bbwe

ID de l'application relative à un package défectueux : Microsoft.ZuneVideo

Type de blocage : Quiesce

Error: (12/26/2021 07:01:27 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Échec de la sauvegarde. Raison : une erreur d'écriture s'est produite à l'emplacement de sauvegarde (G:\). Erreur : Emplacement de sauvegarde introuvable ou non valide. Vérifiez-le en passant en revue vos paramètres de sauvegarde. (0x81000006).

Error: (12/26/2021 05:23:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme HxCalendarAppImm.exe version 16.0.14326.20544 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance.

ID de processus : 2124

Heure de début : 01d7fa74bddba0cd

Heure d'arrêt : 4294967295

Chemin d'accès à l'application : C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe

ID de rapport : 79fbed61-9b01-48f3-bdf7-d563380bc647

Nom complet du package défectueux : microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe

ID de l'application relative à un package défectueux : microsoft.windowslive.calendar

Type de blocage : Quiesce

Erreurs système:
=============
Error: (01/03/2022 09:25:36 AM) (Source: Schannel) (EventID: 4103) (User: AUTORITE NT)
Description: Une erreur irrécupérable s'est produite lors de la création des informations d'identification client pour TLS. État d'erreur interne : 10013.

Error: (01/02/2022 09:50:57 PM) (Source: DCOM) (EventID: 10010) (User: phil-PC)
Description: Le serveur {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (01/02/2022 09:50:57 PM) (Source: DCOM) (EventID: 10010) (User: phil-PC)
Description: Le serveur {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (01/02/2022 09:50:57 PM) (Source: DCOM) (EventID: 10010) (User: phil-PC)
Description: Le serveur {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (12/31/2021 01:46:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Service Partage réseau du Lecteur Windows Media s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service.

Error: (12/31/2021 01:46:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Service Sécurité Windows s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 60000 millisecondes : Redémarrer le service.

Error: (12/31/2021 01:46:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service NVIDIA LocalSystem Container s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 6000 millisecondes : Redémarrer le service.

Error: (12/31/2021 01:46:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Message Queuing s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 120000 millisecondes : Redémarrer le service.

Windows Defender:
================
Date: 2021-09-15 19:53:17
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {19C4031D-5E0B-4E3C-8034-C2A48BFD9E53}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2021-09-15 19:09:25
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {CBFDDD1D-8A99-47BE-8B51-5B4AA2C2891A}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

CodeIntegrity:
===============
Date: 2022-01-03 21:32:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2022-01-03 21:22:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\setup\uat_3076.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Infos Mémoire ===========================

BIOS: Award Software International, Inc. GBT - 42302e31 12/14/2007
Carte mère: Gigabyte Technology Co., Ltd. P35-DS4
Processeur: Intel(R) Core(TM)2 Quad CPU Q9300 @ 2.50GHz
Pourcentage de mémoire utilisée: 43%
Mémoire physique - RAM - totale: 8190.49 MB
Mémoire physique - RAM - disponible: 4630.06 MB
Mémoire virtuelle totale: 16382.49 MB
Mémoire virtuelle disponible: 11972.01 MB

==================== Lecteurs ================================

Drive c: () (Fixed) (Total:284.74 GB) (Free:105.86 GB) NTFS
Drive e: (FarmingSimulator22_1) (CDROM) (Total:7.81 GB) (Free:0 GB) UDF
Drive h: (ACERDATA) (Fixed) (Total:13.34 GB) (Free:10.73 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]

==================== MBR & Table des partitions ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: BE08D558)
Partition 1: (Active) - (Size=13.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=284.7 GB) - (Type=0F Extended)

==================== Fin de Addition.txt =======================

Signaler le contenu de ce document