Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 10-08-2019 Exécuté par zemin (13-08-2019 15:56:57) Exécuté depuis C:\Users\zemin\OneDrive\Bureau Windows 10 Home Version 1809 17763.615 (X64) (2019-05-09 17:55:24) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-2451782770-2228194383-1575784187-500 - Administrator - Disabled) ASPNET (S-1-5-21-2451782770-2228194383-1575784187-1002 - Limited - Enabled) DefaultAccount (S-1-5-21-2451782770-2228194383-1575784187-503 - Limited - Disabled) Invité (S-1-5-21-2451782770-2228194383-1575784187-501 - Limited - Disabled) itch-player-5d43447a (S-1-5-21-2451782770-2228194383-1575784187-1003 - Limited - Enabled) => C:\Users\itch-player-5d43447a WDAGUtilityAccount (S-1-5-21-2451782770-2228194383-1575784187-504 - Limited - Disabled) zemin (S-1-5-21-2451782770-2228194383-1575784187-1001 - Administrator - Enabled) => C:\Users\zemin ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) Arma 3 Tanks (HKLM-x32\...\Arma 3 Tanks_is1) (Version: - ) Assetto Corsa Ready to Race (HKLM\...\YXNzZXR0b2NvcnNh_is1) (Version: 1 - ) ATV Drift and Tricks (HKLM-x32\...\ATV Drift and Tricks_is1) (Version: - ) Borderlands 2 - Game Of The Year Edition (HKLM-x32\...\Borderlands 2 - Game Of The Year Edition_is1) (Version: Borderlands 2 - Game Of The Year Edition - ) Call of Duty - Modern Warfare 2 - Version 1.0 (HKLM-x32\...\Call of Duty - Modern Warfare 2_is1) (Version: 1.0 - RePack by VickNet) City Car Driving v.1.5.7 (HKLM-x32\...\City Car Driving_is1) (Version: - ) CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien) CPUCores (HKLM-x32\...\{158EEC2E-0351-4C63-A89D-42B0BFB169F4}) (Version: 1.6.0 - cpucores.com) Crossout Launcher 1.0.3.93 (HKU\S-1-5-21-2451782770-2228194383-1575784187-1001\...\CrossOutLauncher_is1) (Version: - ) Crysis 3 version 1.3.0.0 (HKLM-x32\...\Crysis 3_is1) (Version: 1.3.0.0 - Mr DJ) Dead Space 2 version 1.0.0.0 (HKLM-x32\...\Dead Space 2_is1) (Version: 1.0.0.0 - Mr DJ) Dirt 3 Complete Edition version 1.2.0.0 (HKLM-x32\...\Dirt 3 Complete Edition_is1) (Version: 1.2.0.0 - Mr DJ) Discord (HKU\S-1-5-21-2451782770-2228194383-1575784187-1001\...\Discord) (Version: 0.0.305 - Discord Inc.) Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team) Driver - San Francisco (HKLM-x32\...\Driver - San Francisco_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter) Duke Nukem Forever Complete (HKLM-x32\...\Duke Nukem Forever Complete_is1) (Version: - ) Epic Games Launcher (HKLM-x32\...\{60BEDB5A-2186-461B-A562-E40088BCB0C6}) (Version: 1.1.220.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Euro Truck Simulator 2 Italia (HKLM-x32\...\Euro Truck Simulator 2 Italia_is1) (Version: - ) Facebook Gameroom 1.21.6907.27509 (HKLM-x32\...\{E34773A0-158F-4322-8849-2C13BBCD6C68}) (Version: 1.21.6907.27509 - Facebook) Far Cry 2 with Fortunes Pack (HKLM-x32\...\Far Cry 2 with Fortunes Pack_is1) (Version: - GOG.com) FURIDASHI Drift Cyber Sport (HKLM-x32\...\FURIDASHI Drift Cyber Sport_is1) (Version: - ) Garrys Mod version 16.02.26 (HKLM\...\{C8F834F5-46EA-4933-8AA9-F6CD7D29EED0}_is1) (Version: 16.02.26 - Strogino CS Portal) Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.) Goat Simulator: GOATY Edition (HKLM-x32\...\Goat Simulator: GOATY Edition_is1) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.100 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden Grand Theft Auto IV - Complete Edition (HKLM-x32\...\Grand Theft Auto IV - Complete Edition_is1) (Version: - ) GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games) HWiNFO64 Version 5.70 (HKLM\...\HWiNFO64_is1) (Version: 5.70 - Martin Malík - REALiX) itch (HKU\S-1-5-21-2451782770-2228194383-1575784187-1001\...\itch) (Version: 25.4.0 - itch corp.) Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation) Kerbal Space Program Making History (HKLM-x32\...\Kerbal Space Program Making History_is1) (Version: - ) Krunker.io Client 1.5.0 (HKU\S-1-5-21-2451782770-2228194383-1575784187-1001\...\da8a3810-a661-5791-be09-3df4701e9473) (Version: 1.5.0 - Yendis Entertainment Pty Ltd) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.80 - McAfee, LLC.) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft OneDrive (HKU\S-1-5-21-2451782770-2228194383-1575784187-1001\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Minecraft Launcher (HKLM-x32\...\{E154B2C8-2F3E-4763-B3D5-E7D34AE39C6B}) (Version: 1.0.0.0 - Mojang) Mises à jour NVIDIA 37.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 37.0.0.0 - NVIDIA Corporation) Hidden Need For Speed - Hot Pursuit (HKLM-x32\...\Need For Speed - Hot Pursuit_is1) (Version: - ) Need for Speed Most Wanted Limited Edition (HKLM-x32\...\Need for Speed Most Wanted Limited Edition_is1) (Version: 1.0 - PLAZA) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.70.5 - Black Tree Gaming) Nox APP Player (HKLM-x32\...\Nox) (Version: 6.3.0.2 - Duodian Technology Co. Ltd.) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 3.19.0.107 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.107 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation) NVIDIA Pilote graphique 431.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 431.60 - NVIDIA Corporation) OmniBus (HKLM-x32\...\1119659879_is1) (Version: 2.0.0.3 - GOG.com) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Outlast (HKLM-x32\...\Outlast_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) Panneau de configuration NVIDIA 431.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 431.60 - NVIDIA Corporation) Hidden Parsec (HKLM-x32\...\Parsec) (Version: - Parsec Cloud Inc.) Pokemon Uranium (HKLM-x32\...\Pokemon Uranium) (Version: 1.2.4 - Pokemon Uranium Team) Portal version 1.0.0.0 (HKLM-x32\...\{9AD3428A-B930-49E4-8966-1941D8B97CAC}_is1) (Version: 1.0.0.0 - Strogino CS Portal) Process Lasso (HKLM-x32\...\ProcessLasso) (Version: 9.0.0.546 - Bitsum) Project CARS Game Of The Year Edition (HKLM\...\cHJvamVjdGNhcnM_is1) (Version: 1 - ) RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - Sector3 Studios) RDS The Official Drift Videogame (HKLM-x32\...\RDS The Official Drift Videogame_is1) (Version: - ) Redout Enhanced Edition Back to Earth Pack (HKLM-x32\...\Redout Enhanced Edition Back to Earth Pack_is1) (Version: - ) Revhead Boodja Dooga Lake (HKLM-x32\...\Revhead Boodja Dooga Lake_is1) (Version: - ) RIFT (HKLM-x32\...\Glyph RIFT) (Version: - Trion Worlds, Inc.) Rocket League DC Super Heroes (HKLM-x32\...\Rocket League DC Super Heroes_is1) (Version: - ) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.5 - Rockstar Games) San Andreas Mod Installer (HKLM-x32\...\San Andreas Mod Installer1.1) (Version: 1.1 - cpmusick) Slime Rancher Galactic Bundle (HKLM-x32\...\Slime Rancher Galactic Bundle_is1) (Version: - ) Spintires MudRunner The Ridge (HKLM-x32\...\Spintires MudRunner The Ridge_is1) (Version: - ) Spintires The Original Game (HKLM-x32\...\Spintires The Original Game_is1) (Version: - ) SpintiresMod version 1.7.9 (HKLM-x32\...\{0C458C66-ED15-43E3-B663-539BB6990C66}_is1) (Version: 1.7.9 - ) Starbound Bounty Hunter (HKLM-x32\...\Starbound Bounty Hunter_is1) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Strike Force Remastered (HKLM-x32\...\Strike Force Remastered_is1) (Version: - ) Subnautica (HKLM-x32\...\Subnautica_is1) (Version: - ) Technitium MAC Address Changer v6.0 (HKLM-x32\...\TMACv6.0) (Version: 6.0 - Technitium) Tetris Effect (HKLM-x32\...\Tetris Effect_is1) (Version: - ) The Forest (HKLM-x32\...\The Forest_is1) (Version: - ) Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 0.18.16 - Black Tree Gaming Ltd.) War Thunder Launcher 1.0.3.171 (HKU\S-1-5-21-2451782770-2228194383-1575784187-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment) WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs) Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.83 Build 20 - Windscribe Limited) WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH) Xpadder version 5.7 (HKLM-x32\...\{0DCE54A9-7256-4132-9D4E-1A64AE35E9B1}_is1) (Version: 5.7 - Xpadder, Inc.) ZombsRoyale.io (HKU\S-1-5-21-2451782770-2228194383-1575784187-1001\...\519338998791929866) (Version: - ) Packages: ========= Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.15.15.0_x86__kgqvnymyfvs32 [2019-08-09] (king.com) Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1550.4.0_x86__kgqvnymyfvs32 [2019-08-04] (king.com) Courrier et calendrier -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-04] (Microsoft Corporation) [MS Ad] Kauna -> C:\Program Files\WindowsApps\13545x2.Kauna_1.35.1.0_x64__s6p2eat6f0r4t [2019-08-05] (x2) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-09] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-09] (Microsoft Corporation) [MS Ad] Microsoft News: les actualités à ne pas manquer -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-08] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-17] (Microsoft Studios) [MS Ad] MSN Météo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-08-04] (Microsoft Corporation) [MS Ad] Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0 [2019-08-04] (Spotify AB) ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-2451782770-2228194383-1575784187-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2451782770-2228194383-1575784187-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2451782770-2228194383-1575784187-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2451782770-2228194383-1575784187-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2451782770-2228194383-1575784187-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2451782770-2228194383-1575784187-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\zemin\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\zemin\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\zemin\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\zemin\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\zemin\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\zemin\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> ) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\zemin\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> ) ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [Fichier non signé] ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\zemin\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> ) ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [Fichier non signé] ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\zemin\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> ) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\zemin\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> ) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-07-17] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [Fichier non signé] ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ShortcutWithArgument: C:\Users\zemin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Free Rider HD Offline Editor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kffmoglgaljfcfaadaknkiipcclifcbn ==================== Modules chargés (Avec liste blanche) ============== 2019-07-20 13:49 - 2019-07-20 13:50 - 098275328 _____ () [Fichier non signé] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll 2019-07-20 13:50 - 2019-07-20 13:50 - 000092672 _____ () [Fichier non signé] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll 2019-07-20 13:50 - 2019-07-20 13:50 - 003922432 _____ () [Fichier non signé] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll 2019-06-28 12:14 - 2014-04-03 02:08 - 000381952 _____ (Scarlet.Crush Productions) [Fichier non signé] C:\Users\zemin\OneDrive\Bureau\ScpServer\bin\ScpService.exe 2017-02-12 02:28 - 2015-09-28 20:08 - 000255488 _____ (Sysprogs OU) [Fichier non signé] C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll 2019-07-20 13:49 - 2019-07-20 13:49 - 000547840 _____ (The Chromium Authors) [Fichier non signé] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll 2017-09-14 08:37 - 2017-09-14 08:37 - 000026112 _____ (The Qt Company Ltd) [Fichier non signé] C:\Users\zemin\AppData\Local\MEGAsync\imageformats\qgif.dll 2017-09-14 08:42 - 2017-09-14 08:42 - 000033280 _____ (The Qt Company Ltd) [Fichier non signé] C:\Users\zemin\AppData\Local\MEGAsync\imageformats\qicns.dll 2017-09-14 08:37 - 2017-09-14 08:37 - 000027648 _____ (The Qt Company Ltd) [Fichier non signé] C:\Users\zemin\AppData\Local\MEGAsync\imageformats\qico.dll 2017-09-14 08:37 - 2017-09-14 08:37 - 000245760 _____ (The Qt Company Ltd) [Fichier non signé] C:\Users\zemin\AppData\Local\MEGAsync\imageformats\qjpeg.dll 2017-09-14 08:42 - 2017-09-14 08:42 - 000021504 _____ (The Qt Company Ltd) [Fichier non signé] C:\Users\zemin\AppData\Local\MEGAsync\imageformats\qsvg.dll 2017-09-14 08:42 - 2017-09-14 08:42 - 000020992 _____ (The Qt Company Ltd) [Fichier non signé] C:\Users\zemin\AppData\Local\MEGAsync\imageformats\qtga.dll 2017-09-14 08:42 - 2017-09-14 08:42 - 000316416 _____ (The Qt Company Ltd) [Fichier non signé] C:\Users\zemin\AppData\Local\MEGAsync\imageformats\qtiff.dll 2017-09-14 08:42 - 2017-09-14 08:42 - 000019968 _____ (The Qt Company Ltd) [Fichier non signé] C:\Users\zemin\AppData\Local\MEGAsync\imageformats\qwbmp.dll 2017-09-14 08:42 - 2017-09-14 08:42 - 000322560 _____ (The Qt Company Ltd) [Fichier non signé] C:\Users\zemin\AppData\Local\MEGAsync\imageformats\qwebp.dll 2017-09-14 08:37 - 2017-09-14 08:37 - 001010688 _____ (The Qt Company Ltd) [Fichier non signé] C:\Users\zemin\AppData\Local\MEGAsync\platforms\qwindows.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472] AlternateDataStreams: C:\Users\zemin\ntuser.ini:NTV [10458] ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) ==================== Hosts contenu: =============================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2019-07-27 12:03 - 2019-07-27 12:03 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;;C:\Program Files\Process Lasso\; HKU\S-1-5-21-2451782770-2228194383-1575784187-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\zemin\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\elfen-lied-wallpapers-25827-5350516.png DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé. HKU\S-1-5-21-2451782770-2228194383-1575784187-1001\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk" HKU\S-1-5-21-2451782770-2228194383-1575784187-1001\...\StartupApproved\Run: => "Windscribe" HKU\S-1-5-21-2451782770-2228194383-1575784187-1001\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-2451782770-2228194383-1575784187-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-2451782770-2228194383-1575784187-1001\...\StartupApproved\Run: => "Gaijin.Net Updater" HKU\S-1-5-21-2451782770-2228194383-1575784187-1001\...\StartupApproved\Run: => "Parsec.App.0" HKU\S-1-5-21-2451782770-2228194383-1575784187-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-2451782770-2228194383-1575784187-1001\...\StartupApproved\Run: => "Xpadder" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{20FDE4BB-369E-43DC-B8AB-CDA674276B51}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{21FC3291-F3C0-4D2B-A04A-EF4177249D9D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{5AD4A57A-7DF5-45D3-ADA8-B4B11FB9C1A9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Pas de fichier FirewallRules: [{727445CB-4BF7-477E-AC8C-EC82DABCED7F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Pas de fichier FirewallRules: [{6C0709ED-329C-48D2-954E-4B964546A9F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crossout\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment) FirewallRules: [{5C98A7B3-0CC3-4964-A00F-7A5DC0A9EEC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crossout\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment) FirewallRules: [{0A884E32-2596-4775-9327-55D3C729886F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{C10AAD68-4306-4684-A74C-D65D2517B39D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{CE9A83CF-BD51-4B64-91CE-EB8211E8F226}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\scram\scram.exe () [Fichier non signé] FirewallRules: [{67CCEC4A-72AC-4FFB-842F-88EB6A4E3AC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\scram\scram.exe () [Fichier non signé] FirewallRules: [{EBC3E435-8F22-4D85-B90D-F0C7CD1E2142}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{761FF7E1-48DF-40F3-A035-B32DDBFF9E12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [TCP Query User{B99D6C34-F75D-4030-9557-8AD8CACE52B3}C:\program files (x86)\need for speed most wanted limited edition\nfs13.exe] => (Allow) C:\program files (x86)\need for speed most wanted limited edition\nfs13.exe (Electronic Arts) [Fichier non signé] FirewallRules: [UDP Query User{5C34974A-63CF-43A9-A27E-16B6831194B6}C:\program files (x86)\need for speed most wanted limited edition\nfs13.exe] => (Allow) C:\program files (x86)\need for speed most wanted limited edition\nfs13.exe (Electronic Arts) [Fichier non signé] FirewallRules: [{B06A0CFE-5784-4691-8BBA-D862E227A314}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{0227EE88-4DAB-4AB8-9CFE-42C3784F5D8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [TCP Query User{F6C836C6-428D-40D8-8BE2-3027EFBB01F3}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [Fichier non signé] FirewallRules: [UDP Query User{4871188A-2F08-40B8-B0AD-64DA30358A72}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [Fichier non signé] FirewallRules: [TCP Query User{AC874CC5-76C2-4A7A-B958-69AA5DF5BAE6}C:\program files (x86)\electronic arts\need for speed - hot pursuit\nfs11.exe] => (Allow) C:\program files (x86)\electronic arts\need for speed - hot pursuit\nfs11.exe (Electronic Arts) [Fichier non signé] FirewallRules: [UDP Query User{A861ACF5-EF01-4830-84A4-E116F4FA85CC}C:\program files (x86)\electronic arts\need for speed - hot pursuit\nfs11.exe] => (Allow) C:\program files (x86)\electronic arts\need for speed - hot pursuit\nfs11.exe (Electronic Arts) [Fichier non signé] FirewallRules: [{397DC42C-831E-4FDD-9E7B-9189E9FD3C98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{2AFC7A5A-461A-4FF4-B95D-55FB09F5A8A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{7610E777-A5D9-4E18-9403-D6E53633B919}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{11BD77F5-D3CF-41DA-87D5-BCF157B3671B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> ) FirewallRules: [{36DDBCDA-502D-435F-B1A4-1807299808DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{EC04DC56-C168-442A-9B76-AEF6A1E7D766}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{4DB23EDC-5EF8-421C-B2F4-9F4AF84D44C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{90AB96A7-435C-4409-866D-4C683D789131}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> ) FirewallRules: [TCP Query User{A3DED8F7-D889-4C54-9140-7AABACE28B68}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe FirewallRules: [UDP Query User{7E2879F1-5D26-49F3-B92B-56A50FAF8D58}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe FirewallRules: [{DD4382B4-DFAB-4EBD-B200-21851B27E10B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{6CF1CEB3-9445-4A49-8AB8-07BAA1C2FF48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{E7DC5194-B5A8-4D08-AFDD-89B08BA8F313}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe (Smartly Dressed Games Ltd. -> ) [Fichier non signé] FirewallRules: [{EF179069-E5A4-4C83-B96F-3359641D4A30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe (Smartly Dressed Games Ltd. -> ) [Fichier non signé] FirewallRules: [TCP Query User{9A1A4CD6-1239-46F4-A37F-B6BE2F620C5C}C:\program files (x86)\r.g. mechanics\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\r.g. mechanics\outlast\binaries\win64\olgame.exe (Red Barrels Inc.) [Fichier non signé] FirewallRules: [UDP Query User{DABB07BF-3F11-4EEF-B400-3AAD1ED1C5B2}C:\program files (x86)\r.g. mechanics\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\r.g. mechanics\outlast\binaries\win64\olgame.exe (Red Barrels Inc.) [Fichier non signé] FirewallRules: [TCP Query User{DE988FD6-A49C-4715-AE2B-1EF1D694DE56}C:\users\zemin\onedrive\bureau\please, don’t touch anything 3d\pdta-steam.exe] => (Allow) C:\users\zemin\onedrive\bureau\please, don’t touch anything 3d\pdta-steam.exe Pas de fichier FirewallRules: [UDP Query User{F9D412EB-CE94-46E2-A303-7386DD3D1708}C:\users\zemin\onedrive\bureau\please, don’t touch anything 3d\pdta-steam.exe] => (Allow) C:\users\zemin\onedrive\bureau\please, don’t touch anything 3d\pdta-steam.exe Pas de fichier FirewallRules: [{32156055-6DED-4AFD-8AED-B5D9BA2295FE}] => (Allow) C:\Program Files (x86)\Mr DJ\Crysis 3\Bin32\Crysis3.exe (Crytek GmbH) [Fichier non signé] FirewallRules: [{4A2D4EF5-51DD-44A7-8D83-B3B1B07C50C6}] => (Allow) C:\Program Files (x86)\Mr DJ\Crysis 3\Bin32\Crysis3.exe (Crytek GmbH) [Fichier non signé] FirewallRules: [TCP Query User{B7660047-89CF-4F4A-8D97-1F343CD4E7CF}C:\users\zemin\onedrive\bureau\my.summer.car.v23.02.2018\mysummercar.exe] => (Allow) C:\users\zemin\onedrive\bureau\my.summer.car.v23.02.2018\mysummercar.exe Pas de fichier FirewallRules: [UDP Query User{74F706B1-03E7-45C4-9949-A07986C3D191}C:\users\zemin\onedrive\bureau\my.summer.car.v23.02.2018\mysummercar.exe] => (Allow) C:\users\zemin\onedrive\bureau\my.summer.car.v23.02.2018\mysummercar.exe Pas de fichier FirewallRules: [{1BB446C2-E4B1-40CB-A684-821C72108010}] => (Allow) C:\Program Files (x86)\Mr DJ\Dirt 3 Complete Edition\dirt3_game.exe (Codemasters Software Company Limited) [Fichier non signé] FirewallRules: [{8CF28E2E-54D7-4A16-9DE1-D1EE1DDC6A0E}] => (Allow) C:\Program Files (x86)\Mr DJ\Dirt 3 Complete Edition\dirt3_game.exe (Codemasters Software Company Limited) [Fichier non signé] FirewallRules: [TCP Query User{FBEDBCDF-4C02-40F9-AB01-D8729D5096DC}C:\program files\strogino cs portal\garrys mod\bin\tools\steamcmd.exe] => (Allow) C:\program files\strogino cs portal\garrys mod\bin\tools\steamcmd.exe Pas de fichier FirewallRules: [UDP Query User{187CEFC2-4B5B-458C-8AC5-C2309999ED3B}C:\program files\strogino cs portal\garrys mod\bin\tools\steamcmd.exe] => (Allow) C:\program files\strogino cs portal\garrys mod\bin\tools\steamcmd.exe Pas de fichier FirewallRules: [TCP Query User{A8D8AC4A-F155-4DE4-949B-4F2F104FA350}C:\program files\strogino cs portal\garrys mod\hl2.exe] => (Allow) C:\program files\strogino cs portal\garrys mod\hl2.exe Pas de fichier FirewallRules: [UDP Query User{B8678B7A-C51D-4B0F-8D29-E783291DA9B7}C:\program files\strogino cs portal\garrys mod\hl2.exe] => (Allow) C:\program files\strogino cs portal\garrys mod\hl2.exe Pas de fichier FirewallRules: [TCP Query User{75C50DAA-0D64-41D5-96AF-4954E5D741F7}C:\users\zemin\onedrive\bureau\universe.sandbox.2.alpha.19.7.1\universe sandbox.exe] => (Allow) C:\users\zemin\onedrive\bureau\universe.sandbox.2.alpha.19.7.1\universe sandbox.exe Pas de fichier FirewallRules: [UDP Query User{F1F0ABDB-7699-4447-87F8-D4B797563CCF}C:\users\zemin\onedrive\bureau\universe.sandbox.2.alpha.19.7.1\universe sandbox.exe] => (Allow) C:\users\zemin\onedrive\bureau\universe.sandbox.2.alpha.19.7.1\universe sandbox.exe Pas de fichier FirewallRules: [TCP Query User{C427F54F-EC83-41E7-9C50-D113B5B01476}C:\program files (x86)\beat hazard ultra\beathazard.exe] => (Allow) C:\program files (x86)\beat hazard ultra\beathazard.exe () [Fichier non signé] FirewallRules: [UDP Query User{D76DD1E0-9BF0-4871-B39E-BEB2BBDA8E5D}C:\program files (x86)\beat hazard ultra\beathazard.exe] => (Allow) C:\program files (x86)\beat hazard ultra\beathazard.exe () [Fichier non signé] FirewallRules: [TCP Query User{349ABED7-88CD-413F-A291-FFE40D9FE324}C:\users\zemin\onedrive\bureau\scrap.mechanic.v0.3.5\release\scrapmechanic.exe] => (Allow) C:\users\zemin\onedrive\bureau\scrap.mechanic.v0.3.5\release\scrapmechanic.exe Pas de fichier FirewallRules: [UDP Query User{F87258C9-7228-42C2-8B78-8D0034ECD1D8}C:\users\zemin\onedrive\bureau\scrap.mechanic.v0.3.5\release\scrapmechanic.exe] => (Allow) C:\users\zemin\onedrive\bureau\scrap.mechanic.v0.3.5\release\scrapmechanic.exe Pas de fichier FirewallRules: [TCP Query User{73686D3C-4830-43A1-8CA2-7BFB219F3666}D:\jeux ( crack installer )\scrap.mechanic.v0.3.5\release\scrapmechanic.exe] => (Allow) D:\jeux ( crack installer )\scrap.mechanic.v0.3.5\release\scrapmechanic.exe () [Fichier non signé] FirewallRules: [UDP Query User{7A6514D4-EE0A-47D8-B1BC-9DE853F3006C}D:\jeux ( crack installer )\scrap.mechanic.v0.3.5\release\scrapmechanic.exe] => (Allow) D:\jeux ( crack installer )\scrap.mechanic.v0.3.5\release\scrapmechanic.exe () [Fichier non signé] FirewallRules: [TCP Query User{CA6755ED-0DB8-4AED-8C92-7F7149A2E923}D:\garrys mod\bin\tools\steamcmd.exe] => (Allow) D:\garrys mod\bin\tools\steamcmd.exe (Valve -> Valve Corporation) FirewallRules: [UDP Query User{48ECC6CA-7B6E-4D31-A798-A89A08C23D6A}D:\garrys mod\bin\tools\steamcmd.exe] => (Allow) D:\garrys mod\bin\tools\steamcmd.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User{74303D51-DDA8-450A-AB1D-B4ABAE85BFEB}D:\garrys mod\hl2.exe] => (Allow) D:\garrys mod\hl2.exe () [Fichier non signé] FirewallRules: [UDP Query User{C5099E1D-2E9A-4976-AFAA-CD6C8448A3E9}D:\garrys mod\hl2.exe] => (Allow) D:\garrys mod\hl2.exe () [Fichier non signé] FirewallRules: [TCP Query User{37A49692-6D8C-460D-99C4-E3886E234C9A}D:\games\furidashi drift cyber sport\furidashi.exe] => (Allow) D:\games\furidashi drift cyber sport\furidashi.exe () [Fichier non signé] FirewallRules: [UDP Query User{653B82F2-337E-42E0-B602-4D1A112796A7}D:\games\furidashi drift cyber sport\furidashi.exe] => (Allow) D:\games\furidashi drift cyber sport\furidashi.exe () [Fichier non signé] FirewallRules: [TCP Query User{9035283F-B252-402F-8033-6764710E8AFA}D:\jeux ( crack installer )\furidashi drift cyber sport\furidashi.exe] => (Allow) D:\jeux ( crack installer )\furidashi drift cyber sport\furidashi.exe () [Fichier non signé] FirewallRules: [UDP Query User{7B403215-91EF-43B7-A01C-1887A7A1176B}D:\jeux ( crack installer )\furidashi drift cyber sport\furidashi.exe] => (Allow) D:\jeux ( crack installer )\furidashi drift cyber sport\furidashi.exe () [Fichier non signé] FirewallRules: [TCP Query User{B1A38E1C-4C16-499E-8826-122D824F4FB2}D:\games\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) D:\games\goat simulator\binaries\win32\goatgame-win32-shipping.exe (Epic Games, Inc.) [Fichier non signé] FirewallRules: [UDP Query User{48CC23C4-FA89-47A6-B1E4-AFCA987565ED}D:\games\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) D:\games\goat simulator\binaries\win32\goatgame-win32-shipping.exe (Epic Games, Inc.) [Fichier non signé] FirewallRules: [TCP Query User{0E21B354-CFAC-4F9F-B2C6-BCA2BD573C30}C:\program files\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_211\bin\javaw.exe Pas de fichier FirewallRules: [UDP Query User{677652C8-2FE1-46B6-AED3-8FA0910E0FF0}C:\program files\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_211\bin\javaw.exe Pas de fichier FirewallRules: [TCP Query User{C15389CC-5C11-4EA7-86CB-19286CEEF5D9}C:\users\zemin\onedrive\bureau\igg-garbage.day.early.access\data_games\maps\engine\binaries\win32\ue4game-win32-shipping.exe] => (Allow) C:\users\zemin\onedrive\bureau\igg-garbage.day.early.access\data_games\maps\engine\binaries\win32\ue4game-win32-shipping.exe Pas de fichier FirewallRules: [UDP Query User{20D677A1-DEF7-44FE-B37E-E31FF51B0554}C:\users\zemin\onedrive\bureau\igg-garbage.day.early.access\data_games\maps\engine\binaries\win32\ue4game-win32-shipping.exe] => (Allow) C:\users\zemin\onedrive\bureau\igg-garbage.day.early.access\data_games\maps\engine\binaries\win32\ue4game-win32-shipping.exe Pas de fichier FirewallRules: [{B401C166-7B89-406F-AEAB-66CBD01F8CE1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{B273E4A7-57E5-4F9D-BF26-B128F3F27012}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User{C0EE24EE-2202-4367-8724-C0D72136A9F2}D:\games\subnautica\subnautica.exe] => (Allow) D:\games\subnautica\subnautica.exe () [Fichier non signé] FirewallRules: [UDP Query User{C152E7EE-94A5-4644-AFC7-693A0CE254D3}D:\games\subnautica\subnautica.exe] => (Allow) D:\games\subnautica\subnautica.exe () [Fichier non signé] FirewallRules: [TCP Query User{B044A935-5614-4E5C-A92B-020DD23D8F50}C:\games\saints row iv nosteam\saintsrowiv.exe] => (Allow) C:\games\saints row iv nosteam\saintsrowiv.exe (Koch Media GmbH) [Fichier non signé] FirewallRules: [UDP Query User{3D310F98-0795-4187-BEBE-2456FE554F65}C:\games\saints row iv nosteam\saintsrowiv.exe] => (Allow) C:\games\saints row iv nosteam\saintsrowiv.exe (Koch Media GmbH) [Fichier non signé] FirewallRules: [{6C735033-8F35-44A1-BC44-911EC342741C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Launcher\APBLauncher.exe (Little Orbit LLC -> K2 Network, Inc.) FirewallRules: [{6DC1756E-A762-492D-AAF6-46C259937B33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Launcher\APBLauncher.exe (Little Orbit LLC -> K2 Network, Inc.) FirewallRules: [{A195D351-F4B2-4571-9C71-670E9F0858AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Binaries\APB.exe (Little Orbit LLC -> Little Orbit LLC) FirewallRules: [{217AB75D-97BF-4809-9C4E-E007B535B239}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Binaries\APB.exe (Little Orbit LLC -> Little Orbit LLC) FirewallRules: [{AAD2D11E-1AC9-44D9-9F61-0095C583CBB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Binaries\APB_EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{11C983B9-36CE-494B-B850-F7B13AFEDF31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Binaries\APB_EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{95CC6784-D24E-4DF9-BCF1-35E7F5BC2650}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe (Little Orbit LLC -> Vivox Inc.) FirewallRules: [{27D7F941-FEF7-4AF7-9EF9-1426C795F7BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe (Little Orbit LLC -> Vivox Inc.) FirewallRules: [{14F6C63F-7138-42E6-8CE5-90128710CCD9}] => (Allow) C:\Program Files\Parsec\parsecd.exe (Parsec Cloud, Inc. -> Parsec) FirewallRules: [{327A7AC1-C572-4951-B592-0C441C119E89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe () [Fichier non signé] FirewallRules: [{DD4F2EC8-616E-4B72-881B-F1D419337584}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe () [Fichier non signé] FirewallRules: [{1F10D206-11ED-4FD9-9B4D-DE26925571E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\SCPSL.exe () [Fichier non signé] FirewallRules: [{C2F30B11-446E-4ABC-A771-6BB1310DD97D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\SCPSL.exe () [Fichier non signé] FirewallRules: [{0629A3F2-3948-4A19-9B66-D8866E027A79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\LocalAdmin.exe () [Fichier non signé] FirewallRules: [{26976DAB-2E34-48F9-BA3E-A55963D1D691}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\LocalAdmin.exe () [Fichier non signé] FirewallRules: [{CA63C698-238B-42B7-99D0-A0627DF16608}] => (Allow) C:\Program Files (x86)\Mr DJ\Dead Space 2\deadspace2.exe (Electronic Arts Inc.) [Fichier non signé] FirewallRules: [{302EAEA8-A7A5-4C54-A4FD-9883DF21C628}] => (Allow) C:\Program Files (x86)\Mr DJ\Dead Space 2\deadspace2.exe (Electronic Arts Inc.) [Fichier non signé] FirewallRules: [TCP Query User{C608D6F9-D394-4D70-B29D-777ABF1D6966}C:\program files (x86)\gog.com\far cry 2\bin\farcry2.exe] => (Allow) C:\program files (x86)\gog.com\far cry 2\bin\farcry2.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment) FirewallRules: [UDP Query User{31375500-634E-4ACD-AB9D-D845BF752134}C:\program files (x86)\gog.com\far cry 2\bin\farcry2.exe] => (Allow) C:\program files (x86)\gog.com\far cry 2\bin\farcry2.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment) FirewallRules: [TCP Query User{97665094-98D6-4430-AB21-39CC77B42694}D:\games\call of duty - modern warfare 2\iw4x.exe] => (Allow) D:\games\call of duty - modern warfare 2\iw4x.exe ( ) [Fichier non signé] FirewallRules: [UDP Query User{E7E70913-B6C6-4290-8B55-C38597715799}D:\games\call of duty - modern warfare 2\iw4x.exe] => (Allow) D:\games\call of duty - modern warfare 2\iw4x.exe ( ) [Fichier non signé] FirewallRules: [{4ABFBADF-0D6C-472A-BABC-BE9F4C763173}] => (Allow) C:\Users\zemin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{A512905E-4BAD-449C-8F87-86FCFF09B14A}] => (Allow) C:\Users\zemin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{AB108D79-DA27-4200-9F62-CE925F1B71FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> ) FirewallRules: [{1A47ADD3-C1C7-4194-86C1-B90EE983FE01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> ) FirewallRules: [{AE65E39B-8777-4F1A-A775-FD23A8D17E94}] => (Allow) C:\Program Files (x86)\2K Games\Borderlands 2 - Game Of The Year Edition\Binaries\Win32\borderlands2.exe (Valve Corporation -> Take-Two Interactive Software, Inc.) [Fichier non signé] FirewallRules: [{3B549E50-0F4A-4192-94A6-FF44435E4932}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{C210E1E6-AC4C-46D0-820F-45FDC8285570}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{A02CF40A-6361-464F-96D9-3B3250412500}] => (Allow) D:\Program Files\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.) FirewallRules: [{032BF09B-96E7-4473-AEE1-A829F8F63CF2}] => (Allow) C:\Program Files (x86)\\Bignox\\BigNoxVM\\RT\NoxVMHandle.exe (Nox Limited -> BigNox Corporation) FirewallRules: [{FDA6AFC5-4E75-42E9-8CFF-3ECB59D65573}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HideandShriek\HideandShriek.exe () [Fichier non signé] FirewallRules: [{733C91FD-EBA9-4F67-B3A8-AE3104E7AE39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HideandShriek\HideandShriek.exe () [Fichier non signé] FirewallRules: [TCP Query User{7518471D-81C0-425F-A41B-D7D06FB72513}C:\program files (x86)\steam\steamapps\common\hideandshriek\hideandshriek\binaries\win64\hideandshriek-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\hideandshriek\hideandshriek\binaries\win64\hideandshriek-win64-shipping.exe (Funcom Oslo AS) [Fichier non signé] FirewallRules: [UDP Query User{5CD0751E-00F0-4E81-8C6D-545FCC26D011}C:\program files (x86)\steam\steamapps\common\hideandshriek\hideandshriek\binaries\win64\hideandshriek-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\hideandshriek\hideandshriek\binaries\win64\hideandshriek-win64-shipping.exe (Funcom Oslo AS) [Fichier non signé] FirewallRules: [{72FE4D19-C75A-4DC9-8657-039B99D3D75B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [Fichier non signé] FirewallRules: [{32A3D494-D6DB-4AB3-8C96-F7B56BA5B9A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [Fichier non signé] FirewallRules: [TCP Query User{A38CCED5-D5B4-45FE-8305-937ED0697F11}C:\program files (x86)\r.g. mechanics\driver - san francisco\driver.exe] => (Allow) C:\program files (x86)\r.g. mechanics\driver - san francisco\driver.exe (Ubisoft Entertainment -> ) FirewallRules: [UDP Query User{2442A112-312F-4228-95C4-D553F2CE8021}C:\program files (x86)\r.g. mechanics\driver - san francisco\driver.exe] => (Allow) C:\program files (x86)\r.g. mechanics\driver - san francisco\driver.exe (Ubisoft Entertainment -> ) FirewallRules: [TCP Query User{0EB79045-CD51-41DF-B9FC-2727AA2AB8A5}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited) FirewallRules: [UDP Query User{25E8D665-8B39-46B9-9E9E-8B3B404653B0}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited) FirewallRules: [TCP Query User{26308C78-0A56-48F4-8F83-5912DB4423FA}C:\users\zemin\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\zemin\appdata\local\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment) FirewallRules: [UDP Query User{7367E188-D89F-4104-826E-0E16D51F0D0B}C:\users\zemin\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\zemin\appdata\local\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment) FirewallRules: [TCP Query User{26FDD2EA-E093-4478-9B8A-EECCB090D21F}C:\users\zemin\appdata\local\warthunder\win32\aces.exe] => (Allow) C:\users\zemin\appdata\local\warthunder\win32\aces.exe (Gaijin Network LTD -> Gaijin Entertainment) FirewallRules: [UDP Query User{79888ED7-B12E-475C-B510-B9150692C64E}C:\users\zemin\appdata\local\warthunder\win32\aces.exe] => (Allow) C:\users\zemin\appdata\local\warthunder\win32\aces.exe (Gaijin Network LTD -> Gaijin Entertainment) FirewallRules: [{69E391D3-B606-412C-BACC-83CB8E215573}] => (Allow) D:\SteamLibrary\steamapps\common\raceroom racing experience\Game\x64\RRRE64.exe (Sector3 Studios AB -> Simbin Studios AB) FirewallRules: [{E6B8449F-82A6-40BA-9DB3-7747099B035B}] => (Allow) D:\SteamLibrary\steamapps\common\raceroom racing experience\Game\x64\RRRE64.exe (Sector3 Studios AB -> Simbin Studios AB) FirewallRules: [{4F588078-BA2C-4FF2-BBE8-10384DB5B821}] => (Allow) D:\SteamLibrary\steamapps\common\raceroom racing experience\Game\RRRE.exe (Sector3 Studios AB -> Simbin Studios AB) FirewallRules: [{130CB1A6-2720-40C9-95B2-4244B59AD121}] => (Allow) D:\SteamLibrary\steamapps\common\raceroom racing experience\Game\RRRE.exe (Sector3 Studios AB -> Simbin Studios AB) FirewallRules: [TCP Query User{7C6A6741-0681-48E4-88A9-1E9D442CF6AF}C:\games\city car driving\bin\win32\starter.exe] => (Allow) C:\games\city car driving\bin\win32\starter.exe (Forward Development) [Fichier non signé] FirewallRules: [UDP Query User{7A8F3961-4C30-428A-8142-31DA38D0F6DA}C:\games\city car driving\bin\win32\starter.exe] => (Allow) C:\games\city car driving\bin\win32\starter.exe (Forward Development) [Fichier non signé] FirewallRules: [TCP Query User{0B8A8199-5571-45BF-AD05-B0B08F670675}D:\jeux ( crack installer )\please, don’t touch anything 3d\pdta-steam.exe] => (Allow) D:\jeux ( crack installer )\please, don’t touch anything 3d\pdta-steam.exe () [Fichier non signé] FirewallRules: [UDP Query User{92369BFA-521C-4F0C-857B-67CF12284157}D:\jeux ( crack installer )\please, don’t touch anything 3d\pdta-steam.exe] => (Allow) D:\jeux ( crack installer )\please, don’t touch anything 3d\pdta-steam.exe () [Fichier non signé] FirewallRules: [{66AB1B95-88C0-4017-92D0-34F92FBFF57D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{291D3ACF-8A47-4697-BA92-A37F95F25A63}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{B1DD272B-2CBD-4A49-844E-059F26C76162}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{29F85BDC-A11E-406E-9889-CD3F10E7917D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{984769C1-2A64-4B90-9E5F-A6A78F4EC5C9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{3DD1DAB5-AE77-44C8-9FB2-B22B16990687}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{7ACFFD70-3C1E-41A3-B5EF-CC76A2A30272}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{445D7DE1-59B5-4FA4-9D0C-65F3510B8FFF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{DCE23292-E50A-4CA8-B678-573129A76FDA}C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{41CF8D66-2DE6-46FA-B195-159455DC5126}C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{F8C36417-A234-497D-B6D3-2645F01C3C3A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{1E9BE405-2C36-49DA-8177-B26625E70F2F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{921A2890-19C2-40FA-BA65-1B7A5A3339CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{6D18D29D-75F4-4202-8E65-21D970D53105}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{AA74C653-C467-43A6-AD35-30BD781512DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) ==================== Points de restauration ========================= 08-08-2019 19:53:27 Point de contrôle planifié 13-08-2019 13:33:43 ZHPcleaner ==================== Éléments en erreur du Gestionnaire de périphériques ============= Name: Clavier standard PS/2 Description: Clavier standard PS/2 Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (Claviers standard) Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (08/13/2019 03:41:37 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0x8007232B Arguments de la ligne de commande : RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable Error: (08/13/2019 03:33:11 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0x8007267C Arguments de la ligne de commande : RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable Error: (08/13/2019 03:32:49 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0x8007007B Arguments de la ligne de commande : RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable Error: (08/13/2019 03:32:45 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0x8007007B Arguments de la ligne de commande : RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable Error: (08/13/2019 03:32:40 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0x8007007B Arguments de la ligne de commande : RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable Error: (08/13/2019 03:31:37 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0x8007232B Arguments de la ligne de commande : RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable Error: (08/13/2019 03:31:35 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0x8007232B Arguments de la ligne de commande : RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable Error: (08/13/2019 03:30:38 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0x8007232B Arguments de la ligne de commande : RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable Erreurs système: ============= Error: (08/13/2019 03:49:12 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KCOBLC3) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} et l’APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} au SID DESKTOP-KCOBLC3\zemin de l’utilisateur (S-1-5-21-2451782770-2228194383-1575784187-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (08/13/2019 03:49:12 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KCOBLC3) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} et l’APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} au SID DESKTOP-KCOBLC3\zemin de l’utilisateur (S-1-5-21-2451782770-2228194383-1575784187-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (08/13/2019 01:44:43 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Exécution pour l’application serveur COM avec le CLSID Windows.SecurityCenter.SecurityAppBroker et l’APPID Non disponible au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (08/13/2019 01:44:43 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Exécution pour l’application serveur COM avec le CLSID Windows.SecurityCenter.WscBrokerManager et l’APPID Non disponible au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (08/13/2019 01:44:43 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT) Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Exécution pour l’application serveur COM avec le CLSID Windows.SecurityCenter.WscDataProtection et l’APPID Non disponible au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. Error: (08/13/2019 01:37:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service SCP DS3 Service s’est terminé de façon inattendue pour la 1ème fois. Error: (08/13/2019 01:37:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Parsec s’est terminé de façon inattendue pour la 1ème fois. Error: (08/13/2019 01:37:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service WindscribeService s’est terminé de façon inattendue pour la 1ème fois. Windows Defender: =================================== Date: 2019-08-13 14:20:03.341 Description: L’analyse Antivirus Windows Defender a été arrêtée avant la fin. ID de l’analyse : {445D3E2E-F291-40E4-96E1-D06A19B9FAC3} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2019-08-13 13:13:15.431 Description: L’analyse Antivirus Windows Defender a été arrêtée avant la fin. ID de l’analyse : {E97C792D-A260-4C3C-91DC-132B5FA1DD50} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2019-08-13 12:11:44.721 Description: L’analyse Antivirus Windows Defender a été arrêtée avant la fin. ID de l’analyse : {030DD910-F18F-4908-8AC8-624CFC7BA5B5} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2019-08-13 12:06:54.913 Description: L’analyse Antivirus Windows Defender a été arrêtée avant la fin. ID de l’analyse : {FE83F438-2CFF-48B7-B80A-1E0BF82E0CFB} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2019-08-12 23:23:59.957 Description: Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0 Nom : Trojan:Win32/Tiggre!rfn ID : 2147723625 Gravité : Grave Catégorie : Cheval de Troie Chemin : file:_D:\Games\Ritual.Sorcerer.Angel.v2.0-SiMPLEX\SIMPLEX.EXE Origine de la détection : Ordinateur local Type de détection : Chemin rapide Source de détection : Protection en temps réel Utilisateur : DESKTOP-KCOBLC3\zemin Nom du processus : C:\Windows\explorer.exe Version de la signature : AV: 1.299.1838.0, AS: 1.299.1838.0, NIS: 1.299.1838.0 Version du moteur : AM: 1.1.16200.1, NIS: 1.1.16200.1 Date: 2019-08-12 18:59:51.369 Description: Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures. Nouvelle version de la signature : Version précédente de la signature : 1.299.1628.0 Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants Type de signature : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\SERVICE RÉSEAU Version actuelle du moteur : Version précédente du moteur : 1.1.16200.1 Code d’erreur : 0x80072ee7 Description de l’erreur : L’adresse ou le nom de serveur n’a pas pu être résolu Date: 2019-08-12 18:59:51.369 Description: Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures. Nouvelle version de la signature : Version précédente de la signature : 1.299.1628.0 Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants Type de signature : Logiciel anti-espion Type de mise à jour : Complet Utilisateur : AUTORITE NT\SERVICE RÉSEAU Version actuelle du moteur : Version précédente du moteur : 1.1.16200.1 Code d’erreur : 0x80072ee7 Description de l’erreur : L’adresse ou le nom de serveur n’a pas pu être résolu Date: 2019-08-12 18:59:51.368 Description: Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures. Nouvelle version de la signature : Version précédente de la signature : 1.299.1628.0 Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants Type de signature : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\SERVICE RÉSEAU Version actuelle du moteur : Version précédente du moteur : 1.1.16200.1 Code d’erreur : 0x80072ee7 Description de l’erreur : L’adresse ou le nom de serveur n’a pas pu être résolu Date: 2019-08-12 18:59:51.357 Description: Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures. Nouvelle version de la signature : Version précédente de la signature : 1.299.1628.0 Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants Type de signature : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\SERVICE RÉSEAU Version actuelle du moteur : Version précédente du moteur : 1.1.16200.1 Code d’erreur : 0x80072ee7 Description de l’erreur : L’adresse ou le nom de serveur n’a pas pu être résolu Date: 2019-08-12 18:59:51.356 Description: Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures. Nouvelle version de la signature : Version précédente de la signature : 1.299.1628.0 Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants Type de signature : Logiciel anti-espion Type de mise à jour : Complet Utilisateur : AUTORITE NT\SERVICE RÉSEAU Version actuelle du moteur : Version précédente du moteur : 1.1.16200.1 Code d’erreur : 0x80072ee7 Description de l’erreur : L’adresse ou le nom de serveur n’a pas pu être résolu ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. 1201 10/14/2008 Motherboard: ASUSTeK Computer INC. P5K Processeur: Intel(R) Core(TM)2 Duo CPU E4600 @ 2.40GHz Pourcentage de mémoire utilisée: 61% Mémoire physique - RAM - totale: 4095.11 MB Mémoire physique - RAM - disponible: 1595.34 MB Mémoire virtuelle totale: 9215.11 MB Mémoire virtuelle disponible: 5514.96 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:697.86 GB) (Free:44.02 GB) NTFS Drive d: (DD n°2) (Fixed) (Total:462.61 GB) (Free:180.09 GB) NTFS \\?\Volume{cf3374f7-0000-0000-0000-500600000000}\ (DD n°2 ) (Fixed) (Total:3.05 GB) (Free:2.94 GB) NTFS \\?\Volume{e2a00f3f-0000-0000-0000-4077ae000000}\ () (Fixed) (Total:0.77 GB) (Free:0.34 GB) NTFS ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: CF3374F7) Partition 1: (Active) - (Size=3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=462.6 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: E2A00F3F) Partition 1: (Not Active) - (Size=697.9 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=790 MB) - (Type=27) ==================== Fin de Addition.txt ============================