Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 17-11-2020 Exécuté par titof (17-11-2020 22:39:43) Exécuté depuis C:\Users\titof\OneDrive\Desktop Windows 10 Pro Version 2009 19042.630 (X64) (2020-08-17 21:08:45) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-2034503659-2028986574-3912516512-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2034503659-2028986574-3912516512-503 - Limited - Disabled) Invité (S-1-5-21-2034503659-2028986574-3912516512-501 - Limited - Disabled) titof (S-1-5-21-2034503659-2028986574-3912516512-1001 - Administrator - Enabled) => C:\Users\titof WDAGUtilityAccount (S-1-5-21-2034503659-2028986574-3912516512-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 20.013.20064 - Adobe Systems Incorporated) Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.6.6.0 - Ask.com) Brother MFL-Pro Suite MFC-J4410DW (HKLM-x32\...\{DD98C438-D769-4677-AA87-3481FA32D20C}) (Version: 2.0.0.0 - Brother Industries, Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 5.72 - Piriform) Chengdu to Suining HS route (HKLM-x32\...\{F5F858DA-2391-4193-89FF-8661D41D79D3}) (Version: 1.00.000 - Just Trains) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.198 - Google LLC) MacroWorks 3.1 (HKLM-x32\...\{DF6AE5A8-26A1-4766-A058-62B55A4CB55A}) (Version: 1.1.2.11 - PI Engineering) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.69 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - ) Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation) Mises à jour NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden Newcastle to Edinburgh (HKLM-x32\...\{C4129CBE-E486-4C5A-AE90-1F4A09696926}) (Version: 1.00.000 - Just Trains) Newcastle to Edinburgh Scenario Pack 2 (HKLM-x32\...\{6FE98CC9-950F-4C20-BDEA-9785332F99C6}) (Version: 1.00.000 - Just Trains) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 3.20.4.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.4.14 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation) NVIDIA Pilote graphique 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation) NVIDIA USBC Driver 1.45.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.45.831.832 - NVIDIA Corporation) NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) RailDriver for Train Simulator 2019 (HKLM\...\{B85CAF26-9A21-4C25-8947-590A3CFFEF0B}) (Version: 1.0.0.5 - PI Engineering) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Voyager Advanced 2019 (HKLM-x32\...\{07D64AD9-44C5-438F-9195-73F31169EA1E}) (Version: 1.5 - Just Trains) Wargaming.net Game Center (HKU\S-1-5-21-2034503659-2028986574-3912516512-1001\...\Wargaming.net Game Center) (Version: 20.7.0.2519 - Wargaming.net) WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs) World_of_Warships_EU (HKU\S-1-5-21-2034503659-2028986574-3912516512-1001\...\WOWS.EU.PRODUCTION) (Version: - Wargaming.net) Packages: ========= Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-08-27] (Microsoft Corporation) Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-08-27] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-08-22] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-08-22] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Studios) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-08-21] (NVIDIA Corp.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.11.217.0_x64__dt26b99r8h8gj [2020-08-21] (Realtek Semiconductor Corp) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [Fichier non signé] ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [Fichier non signé] ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-27] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_feed726c6560f7a7\nvshext.dll [2020-10-02] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [Fichier non signé] ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== ==================== Modules chargés (Avec liste blanche) ============= 2019-11-13 10:12 - 2019-11-13 10:12 - 000192512 _____ () [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\PI Engineering\MacroWorks 3.1\ControlLib.dll 2019-11-13 10:11 - 2019-11-13 10:11 - 000020480 _____ () [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\PI Engineering\MacroWorks 3.1\Interfaces.dll 2010-06-03 09:58 - 2010-06-03 09:58 - 000081920 _____ () [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\PI Engineering\MacroWorks 3.1\Plugins\Interop.iTunesLib.dll 2020-09-16 12:50 - 2009-02-27 15:38 - 000139264 ____R () [Fichier non signé] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2020-09-16 12:50 - 2017-11-07 19:55 - 000137728 _____ () [Fichier non signé] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll 2020-09-16 12:50 - 2017-08-18 11:23 - 000087552 _____ () [Fichier non signé] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll 2020-09-16 12:50 - 2017-08-18 11:23 - 017974784 _____ () [Fichier non signé] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll 2020-09-16 12:50 - 2017-11-07 20:04 - 000096256 _____ () [Fichier non signé] C:\Program Files (x86)\ControlCenter4\BrCcLFre.dll 2020-11-04 09:38 - 2017-11-07 19:55 - 000440832 _____ () [Fichier non signé] C:\Program Files (x86)\ControlCenter4\Track.dll 2020-09-16 12:50 - 2005-04-22 05:36 - 000143360 _____ () [Fichier non signé] C:\WINDOWS\system32\BrSNMP64.dll 2020-09-16 12:50 - 2012-04-23 14:03 - 000380928 ____N (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\BrMonitor.dll 2020-09-16 12:50 - 2010-09-29 16:07 - 000180224 ____N (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\BroSNMP.dll 2020-09-16 12:50 - 2011-02-28 10:32 - 000208896 ____N (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll 2020-09-16 12:50 - 2012-01-11 13:39 - 000626688 ____N (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll 2020-10-01 12:58 - 2012-07-27 06:07 - 000087040 _____ (Brother Industries, Ltd.) [Fichier non signé] C:\WINDOWS\system32\BrNetSti.dll 2020-08-12 22:15 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [Fichier non signé] C:\Program Files\7-Zip\7-zip.dll 2011-04-15 10:51 - 2011-04-15 10:51 - 000036864 _____ (P.I. Engineering) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\PI Engineering\MacroWorks 3.1\PIEHid32Net.dll 2019-11-13 10:11 - 2019-11-13 10:11 - 000182784 _____ (PI Engineering) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\PI Engineering\MacroWorks 3.1\MW3Lib.dll 2011-02-24 10:14 - 2011-02-24 10:14 - 000005632 _____ (PI Engineering) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\PI Engineering\MacroWorks 3.1\Plugins\MediaPlayer.dll 2017-02-12 01:28 - 2015-09-28 19:08 - 000255488 _____ (Sysprogs OU) [Fichier non signé] C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== HKU\S-1-5-21-2034503659-2028986574-3912516512-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.search.ask.com/?l=dis&o=15438 SearchScopes: HKU\S-1-5-21-2034503659-2028986574-3912516512-1001 -> DefaultScope {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=BT5&o=&src=crm&q={searchTerms}&locale= SearchScopes: HKU\S-1-5-21-2034503659-2028986574-3912516512-1001 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=BT5&o=&src=crm&q={searchTerms}&locale= ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-2034503659-2028986574-3912516512-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\titof\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\01 gettyimages-dv028074_resized.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{BB0F3477-26F2-4DFD-BB4F-85F8268D3B5D}] => (Allow) I:\Program Files (x86)\steamapps\common\RailWorks\RailWorks64.exe () [Fichier non signé] FirewallRules: [{C3436C2C-E544-477A-92A5-119E00E62E5F}] => (Allow) I:\Program Files (x86)\steamapps\common\RailWorks\RailWorks64.exe () [Fichier non signé] FirewallRules: [{9892CC9D-6EDF-4698-920E-30AF5C1A066C}] => (Allow) I:\Program Files (x86)\steamapps\common\RailWorks\RailWorks.exe () [Fichier non signé] FirewallRules: [{A231E5AD-9FE9-4BCB-8EE0-50CC6FEEFEC1}] => (Allow) I:\Program Files (x86)\steamapps\common\RailWorks\RailWorks.exe () [Fichier non signé] FirewallRules: [{0CE10829-40EF-4F8B-9820-E478E6FFD011}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{DF9A79E2-AF3B-42B2-BCCD-C0B8985251BC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{904C2988-A1BE-4F4F-87F8-25A47ED2E827}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{AE455A4D-F2B1-467F-A49D-EC2ECC3B1645}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{7C1DDE79-678F-452B-81C4-51E6BC145D95}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{F5419DD7-B53B-4A1B-941F-07BE4AA7F572}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{43891D61-377E-40DD-906A-3D264DD0ACAB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{105A4A54-5887-44CE-9CBF-5408D46B6846}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{B30C8959-C6B8-451F-AAA8-BBF7EB8FF5CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{10724B57-C15C-4F6A-9CB0-EE38602AE494}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{F7A4572A-2795-4E14-8B1C-B2AB02054808}] => (Allow) C:\Program Files (x86)\Brother\Brmfl12b\FAXRX.exe (Brother Industries, Ltd.) [Fichier non signé] FirewallRules: [{F15E1965-C1FC-45AC-93C8-4B47CBF5061A}] => (Allow) C:\Program Files (x86)\Brother\Brmfl12b\FAXRX.exe (Brother Industries, Ltd.) [Fichier non signé] FirewallRules: [{8B8221B5-F1D1-4EDC-BF5C-B55B0C3EDFEA}] => (Allow) LPort=54925 FirewallRules: [TCP Query User{824C5F83-8190-4280-8375-BAAC91A12709}D:\program files (x86)\steamapps\common\train sim world 2\windowsnoeditor\ts2prototype\binaries\win64\ts2prototype-win64-shipping.exe] => (Allow) D:\program files (x86)\steamapps\common\train sim world 2\windowsnoeditor\ts2prototype\binaries\win64\ts2prototype-win64-shipping.exe (Dovetail Games) [Fichier non signé] FirewallRules: [UDP Query User{9CBBDDFA-0836-4DF5-97CA-BDFBC95B4228}D:\program files (x86)\steamapps\common\train sim world 2\windowsnoeditor\ts2prototype\binaries\win64\ts2prototype-win64-shipping.exe] => (Allow) D:\program files (x86)\steamapps\common\train sim world 2\windowsnoeditor\ts2prototype\binaries\win64\ts2prototype-win64-shipping.exe (Dovetail Games) [Fichier non signé] FirewallRules: [{CC26DDAA-3462-4650-A890-4C4181A375A3}] => (Allow) D:\Program Files (x86)\steamapps\common\Train Sim World 2\WindowsNoEditor\TS2Prototype.exe (Epic Games, Inc.) [Fichier non signé] FirewallRules: [{DDA5619C-3151-41E2-9D95-20AC3AA89B2E}] => (Allow) D:\Program Files (x86)\steamapps\common\Train Sim World 2\WindowsNoEditor\TS2Prototype.exe (Epic Games, Inc.) [Fichier non signé] FirewallRules: [{70C32697-3AE5-4F0B-8D7A-295A6738A09E}] => (Allow) I:\Program Files (x86)\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{BDDC6407-32ED-4071-8C62-7F570AFA492C}] => (Allow) I:\Program Files (x86)\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [TCP Query User{C633A253-7BAE-4217-B615-936F02243EE9}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [UDP Query User{5DE87786-7094-4D27-AE53-E27F9FD7995B}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [{9F0686A7-DE3B-4029-BCB1-083080676338}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{DF2062FE-A0CE-4670-869B-C3907C49EF47}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{66F0D8B0-CC8A-4469-9FC9-BFF17B133E52}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8CE54DF8-1FA7-4006-8AAF-80C42F609638}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{F83D93FC-8664-4978-B8C2-481B0859A3C2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{7EE533B2-62D6-4B7C-B071-C549D70E96B7}] => (Allow) D:\Program Files (x86)\steamapps\common\Train Sim World\WindowsNoEditor\TS2Prototype.exe () [Fichier non signé] FirewallRules: [{98368077-99EC-43D5-A1EF-AF0F3E61F05B}] => (Allow) D:\Program Files (x86)\steamapps\common\Train Sim World\WindowsNoEditor\TS2Prototype.exe () [Fichier non signé] ==================== Points de restauration ========================= 07-11-2020 13:09:11 Programme d’installation pour les modules Windows 11-11-2020 08:26:35 Programme d’installation pour les modules Windows ==================== Éléments en erreur du Gestionnaire de périphériques ============ Name: Bluetooth Device (Personal Area Network) Description: Périphérique Bluetooth (réseau personnel) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: BthPan Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (11/13/2020 02:04:30 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante StartMenuExperienceHost.exe, version : 0.0.0.0, horodatage : 0x4fe0bcb3 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.572, horodatage : 0x1183946c Code d’exception : 0xc0000409 Décalage d’erreur : 0x000000000010b65c ID du processus défaillant : 0x247c Heure de début de l’application défaillante : 0x01d6b9bd85d9dae3 Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 12974e6b-e176-4b9d-8405-e2934c7e7694 Nom complet du package défaillant : Microsoft.Windows.StartMenuExperienceHost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App Error: (11/11/2020 08:58:07 AM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: C4IFC BrtC4IFC: [2020/11/11 08:58:07.336]: [00002176]: L_FileInfo() error. [C:\Users\titof\OneDrive\Images\citizen (3).jpg:-9] Error: (11/11/2020 08:54:55 AM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: C4IFC BrtC4IFC: [2020/11/11 08:54:55.177]: [00002176]: L_FileInfo() error. [C:\Users\titof\OneDrive\Images\citizen (3).jpg:-9] Error: (11/11/2020 08:54:23 AM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: C4IFC BrtC4IFC: [2020/11/11 08:54:23.788]: [00002176]: L_FileInfo() error. [C:\Users\titof\OneDrive\Images\citizen (3).jpg:-9] Error: (11/11/2020 08:52:25 AM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: C4IFC BrtC4IFC: [2020/11/11 08:52:25.607]: [00002176]: L_FileInfo() error. [C:\Users\titof\OneDrive\Images\citizen (3).jpg:-9] Error: (11/11/2020 08:51:27 AM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: C4IFC BrtC4IFC: [2020/11/11 08:51:27.951]: [00002176]: L_FileInfo() error. [C:\Users\titof\OneDrive\Images\citizen (3).jpg:-9] Error: (11/11/2020 08:48:56 AM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2020/11/11 08:48:56.012]: [00000608]: Initialize TwdsMain Class failed! Error: (11/11/2020 08:48:56 AM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2020/11/11 08:48:56.012]: [00000608]: ##### Fatal ERROR!! Create STI-device failed! ##### Erreurs système: ============= Error: (11/14/2020 08:55:06 AM) (Source: Schannel) (EventID: 4103) (User: AUTORITE NT) Description: Une erreur irrécupérable s'est produite lors de la création des informations d'identification client pour TLS. État d'erreur interne : 10013. Error: (11/13/2020 02:15:13 PM) (Source: DCOM) (EventID: 10010) (User: TITOF70110) Description: Le serveur {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (11/13/2020 02:04:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Steam Client Service n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (11/13/2020 02:04:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Steam Client Service. Error: (11/11/2020 08:45:17 AM) (Source: DCOM) (EventID: 10010) (User: TITOF70110) Description: Le serveur {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (11/11/2020 08:20:54 AM) (Source: Schannel) (EventID: 4103) (User: AUTORITE NT) Description: Une erreur irrécupérable s'est produite lors de la création des informations d'identification client pour TLS. État d'erreur interne : 10013. Error: (11/09/2020 02:21:16 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: L’arrêt système précédant à 21:44:52 le ‎07/‎11/‎2020 n’était pas prévu. Error: (11/09/2020 02:21:07 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: AUTORITE NT) Description: 3221225684Une erreur irrécupérable s’est produite pendant le traitement des données de restauration. Windows Defender: =================================== Date: 2020-11-17 09:58:03.2170000Z Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {DEA3DC91-7177-4029-80D1-2CF00E91EB26} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2020-11-16 11:52:57.0570000Z Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {7BB7A682-DAE1-49F4-85F0-C54FBB7E3EB0} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2020-11-14 20:08:40.4570000Z Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {306F246C-2A8D-4734-8888-D318B4120294} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2020-11-11 08:31:17.6260000Z Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {265C6AA5-B3B8-4D8D-9307-27528C627ACE} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2020-11-10 13:52:46.1600000Z Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {ED7B69ED-9DB7-4355-96C3-57BF4330CE3B} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. F14 08/13/2019 Carte mère: Gigabyte Technology Co., Ltd. Z370 AORUS ULTRA GAMING 2.0-CF Processeur: Intel(R) Core(TM) i7-8700K CPU @ 3.70GHz Pourcentage de mémoire utilisée: 17% Mémoire physique - RAM - totale: 32673.29 MB Mémoire physique - RAM - disponible: 26963.08 MB Mémoire virtuelle totale: 37537.29 MB Mémoire virtuelle disponible: 29727.2 MB ==================== Lecteurs ================================ Drive c: (WINDOWS 10) (Fixed) (Total:237.84 GB) (Free:177.95 GB) NTFS Drive d: (JEUX) (Fixed) (Total:465.75 GB) (Free:227.84 GB) NTFS Drive e: (UTILITAIRES & GAMES) (Fixed) (Total:491.33 GB) (Free:233.75 GB) NTFS Drive f: (DIVERS & AUTRES) (Fixed) (Total:440.18 GB) (Free:240.87 GB) NTFS Drive i: (SEAGATE EXPANSION DRIVE) (Fixed) (Total:1863.02 GB) (Free:1049.49 GB) NTFS Drive j: () (Removable) (Total:14.71 GB) (Free:14.71 GB) FAT32 \\?\Volume{e98ff62e-d314-40aa-8feb-4d951f378764}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS \\?\Volume{1afa332d-8460-447f-968e-f8cd8c4f71a8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: 9CF922D7) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 7A71739C) Partition 1: (Active) - (Size=491.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=440.2 GB) - (Type=07 NTFS) ========================================================== Disk: 3 (Size: 1863 GB) (Disk ID: 99505598) Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS) ========================================================== Disk: 4 (Size: 14.7 GB) (Disk ID: 69737369) No partition Table on disk 4. ==================== Fin de Addition.txt =======================