Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 11-04-2021 Exécuté par ggasp (14-04-2021 00:14:06) Exécuté depuis C:\Users\ggasp\Downloads Windows 10 Home Version 2004 19041.867 (X64) (2020-10-24 22:33:03) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-3810445886-1959473842-3287968692-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3810445886-1959473842-3287968692-503 - Limited - Disabled) ggasp (S-1-5-21-3810445886-1959473842-3287968692-1001 - Administrator - Enabled) => C:\Users\ggasp Invité (S-1-5-21-3810445886-1959473842-3287968692-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3810445886-1959473842-3287968692-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.6.1.393 - Adobe Systems Incorporated) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe) Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_6) (Version: 19.1.6 - Adobe Systems Incorporated) Age of Empires II Definitive Edition (HKLM-x32\...\Age of Empires II Definitive Edition_is1) (Version: - ) Age of Mythology Trial (HKLM-x32\...\Age of Mythology Demo 1.0) (Version: - ) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach) ASUS AURA Component Mouse (HKLM-x32\...\{da07e60b-2e6c-4e92-8a98-3183a81625e5}) (Version: 1.0.10 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA Component Mouse (HKLM-x32\...\{E911DCC4-F416-4243-A045-2AE7630FBDF7}) (Version: 1.0.10 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.8 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA Display Component (HKLM-x32\...\{f7089eb8-7a97-46d6-b8de-f1f8160e9e47}) (Version: 1.1.8 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA Headset Component (HKLM-x32\...\{b46046c4-381c-4791-9177-f76d51e77925}) (Version: 1.0.6 - ASUS) Hidden ASUS AURA Headset Component (HKLM-x32\...\{F7A97A76-D0D7-41EA-9D53-B6352C534A83}) (Version: 1.0.6 - ASUS) Hidden ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.) ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.00.11 - ASUSTek COMPUTER INC.) Hidden ASUS Keyboard HAL (HKLM-x32\...\{3c151c65-0d88-42db-8050-733de706f8ba}) (Version: 1.00.11 - ASUSTek COMPUTER INC.) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.8 - ASUSTeK COMPUTER INC.) Asus ProductDaemonSetup (HKLM\...\{36606417-B1C4-42C2-B5C1-67972DA63DAB}) (Version: 3.6.3201 - ASUSTeK COMPUTER INC) Hidden ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.25 - ASUSTek COMPUTER INC.) Asus Sonic Radar 3 (HKLM-x32\...\{5236d66f-9255-43b2-a673-c956c97127d6}) (Version: 3.6.32.48911 - ASUSTeK COMPUTER INC) Asus Sonic Studio 3 (HKLM-x32\...\{2130ccd5-7f38-4948-aecb-095529cb8d09}) (Version: 3.6.32.48911 - ASUSTeK COMPUTER INC) Asus SonicRadar3Setup (HKLM\...\{4843FBA4-16AA-4DAC-A531-A85E81E1DE0C}) (Version: 3.6.32.48911 - ASUSTeK COMPUTER INC) Hidden Asus SonicStudio3Setup (HKLM\...\{8E7BFF80-97E5-4030-A40B-24846D439183}) (Version: 3.6.32.48911 - ASUSTeK COMPUTER INC) Hidden Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team) AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 1.00.28 - ASUSTeK Computer Inc.) Hidden AURA Service (HKLM-x32\...\{77494f5f-a45e-4749-948e-61443145f821}) (Version: 1.00.28 - ASUSTeK Computer Inc.) Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 21.2.2455 - Avast Software) Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 21.1.9940.2746 - Avast Software) Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com) Battlefield 1942 (HKLM-x32\...\{61A27E1A-F65F-4AF6-885F-95C6E499607A}_is1) (Version: 1.61 - Electronic Arts) Battlefield 1942 Secret Weapons of WWII (HKLM-x32\...\{D2C0A6DE-0702-4473-AC64-6E7BA2722E41}_is1) (Version: 1.61 - Electronic Arts) Battlefield 1942 The Road to Rome (HKLM-x32\...\{F4F77065-BE02-4815-B5A9-D6FD7B2C5237}_is1) (Version: 1.61 - Electronic Arts) Boris Continuum Complete 9 OFX for Sony (64-Bit) (HKLM\...\{3DF67BF0-17E8-4537-951C-758102AB87F7}) (Version: 9.0.2005 - Boris FX, Inc.) Camel Audio CamelCrusher64 (HKLM-x32\...\Camel Audio CamelCrusher64) (Version: 1.01.0 - Camel Audio) CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform) Dada Life Pack (HKLM\...\{11C245F4-D7CE-44D7-8A66-8F397280BA82}) (Version: 2.0 - Dada Life) Discord (HKU\S-1-5-21-3810445886-1959473842-3287968692-1001\...\Discord) (Version: 0.0.309 - Discord Inc.) Diva (HKLM\...\u-he Diva_is1) (Version: 1.4.3.7422 - Team V.R) DJHERCULESMIX Products Series drivers (HKLM-x32\...\{33999F1F-EA46-4E55-A239-1BA803235396}) (Version: 1.HDJS.2020 - Guillemot Corporation) DroidCam Client (HKLM-x32\...\DroidCam) (Version: 6.3.2 - Dev47apps) FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts) FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line) FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line) Freemake Video Converter version 4.1.10.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10.1 - Ellora Assets Corporation) GenArts Sapphire Plug-ins 6.10 for OFX (HKLM\...\GenArts Sapphire Plug-ins for OFX_is1) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.114 - Google LLC) Grand Theft Auto: San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.0.0.22 - Rockstar Games) Grand Theft Auto: San Andreas (HKLM-x32\...\Grand Theft Auto: San Andreas) (Version: 1.0.0.22 - Rockstar Games) Hearts of Iron IV Man the Guns (HKLM-x32\...\Hearts of Iron IV Man the Guns_is1) (Version: - ) IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation) Intel(R) Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.4.10500.5526 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1805.12.0.1097 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6446 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.1.1018 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1727.1 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001030-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.30.1 - Intel Corporation) Intel® Hardware Accelerated Execution Manager (HKLM\...\{754CC9DC-3DB4-4FB2-B71E-87331DB9EA17}) (Version: 7.5.4 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{1b3fcb8d-3d2b-4477-b722-0b3e2c1195ba}) (Version: 20.30.1 - Intel Corporation) iZotope RX 7 Post Production Suite (HKLM\...\RX 7 Post Production Suite_is1) (Version: 3.02 - iZotope & Team V.R) Java 8 Update 281 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180281F0}) (Version: 8.0.2810.9 - Oracle Corporation) League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc) LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.) loopMIDIBlockLegacy (HKLM-x32\...\{AEAF7978-3204-451D-8593-BC53EBDDA31D}) (Version: 9.9.9.9 - Tobias Erichsen) Hidden Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes) Microsoft 365 Apps for enterprise - fr-fr (HKLM\...\O365ProPlusRetail - fr-fr) (Version: 16.0.13901.20336 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.75 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3810445886-1959473842-3287968692-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation) Microsoft Project - fr-fr (HKLM\...\ProjectPro2019Retail - fr-fr) (Version: 16.0.13901.20336 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-3810445886-1959473842-3287968692-1001\...\Teams) (Version: 1.3.00.26064 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation) Mixxx (HKLM\...\{FEEA0F00-B745-11EA-A6BA-E85BA841712E}) (Version: 2.2.4.6798 - L'équipe de développement de Mixxx) Hidden Mixxx (HKLM-x32\...\{0a2b3a74-bac9-4c2c-b613-d0edef0869fe}) (Version: 2.2.4.6798 - The Mixxx Development Team) Mortal Kombat XL (HKLM-x32\...\Mortal Kombat XL_is1) (Version: - ) MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios) Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.12.1.129 - Native Instruments) NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation) NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden RAR Password Unlocker (HKLM-x32\...\{69B77D45-F5AD-4AB9-933D-352703324469}_is1) (Version: - RAR Password Unlocker, Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.29095 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8746.1 - Realtek Semiconductor Corp.) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.30.299 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.0 - Rockstar Games) ROG Aura Core Component (HKLM-x32\...\{2685EBD6-EEBE-486C-8941-76CD356A2A26}) (Version: 1.0.10 - ASUSTeK Computer Inc.) ROG Gaming Center (HKLM\...\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}) (Version: 2.5.6 - ASUSTeK COMPUTER INC.) RPG Maker MV (HKLM-x32\...\RPGMV_is1) (Version: 1.0.0.0 - KADOKAWA) rtpMIDIBlockLegacy (HKLM-x32\...\{FD937297-84C3-41A5-B5DF-1FAEEE669D68}) (Version: 9.9.9.9 - Tobias Erichsen) Hidden Sonic Academy Kick 2 (HKLM\...\{6B3B76A8-F156-430C-B02E-F88A854326FB}) (Version: 1.0.5 - Sonic Academy) Sonic Mania (HKLM-x32\...\{B01CBC6F-72DE-4658-95AD-2135F00A8695}_is1) (Version: - SEGA) Spotify (HKU\S-1-5-21-3810445886-1959473842-3287968692-1001\...\Spotify) (Version: 1.1.47.684.g136419d9 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Streamlabs OBS 0.23.2 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.23.2 - General Workings, Inc.) Sublime Text 3 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd) SynthMaster One (HKLM\...\{06630CE5-6BCE-4FE9-AF2F-EBECBDC0E562}_is1) (Version: 1.3.4 - KV331 Audio & Team V.R) TAL-NoiseMaker (64bit) (HKLM\...\{75E692A0-5118-4BE0-98CE-649A21B7C76A}) (Version: 1.3.7 - TAL - Togu Audio Line) Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.24753 - Microsoft Corporation) teVirtualMIDI for Presonus (HKLM-x32\...\{c13c2c35-8a4f-4de2-87c4-c7c3413d61c1}) (Version: 1.3.0.43 - Tobias Erichsen) Hidden teVirtualMIDI64 (HKLM\...\{2F802731-3731-453E-B30B-4381BEED22AC}) (Version: 1.3.0.43 - Tobias Erichsen) Hidden The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com) UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden Universal Control (HKLM\...\Universal Control) (Version: 3.4.1.63149 - PreSonus Audio Electronics) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden uTorrent Web (HKU\S-1-5-21-3810445886-1959473842-3287968692-1001\...\utweb) (Version: 1.1.0 - BitTorrent, Inc.) VEGAS Pro 14.0 (64-bit) (HKLM\...\{4D318F4F-79F9-11E6-86C2-BB95F5A309BD}) (Version: 14.0.161 - VEGAS) VirtualDJ 8 (HKLM-x32\...\{5A89A21C-6391-4AFC-8502-66F6F7250125}) (Version: 8.0.2325.0 - Atomix Productions) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden WhatsApp (HKU\S-1-5-21-3810445886-1959473842-3287968692-1001\...\WhatsApp) (Version: 2.2108.8 - WhatsApp) Windows Driver Package - ASUSTek COMPUTER INC. (AsusPTPDrv) HIDClass (10/25/2017 11.0.0.21) (HKLM\...\38D64A6EF13E2FAA5DE3820CB44E2994223DD766) (Version: 10/25/2017 11.0.0.21 - ASUSTek COMPUTER INC.) Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - ) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.6 - ASUSTeK COMPUTER INC.) WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH) Packages: ========= ASUS Keyboard Hotkeys -> C:\Program Files\WindowsApps\B9ECED6F.ASUSKeyboardHotkeys_1.0.12.0_x86__qmba6cd70vzyy [2019-09-20] (ASUSTeK COMPUTER INC.) [Startup Task] ASUS Product Registration Program -> C:\Program Files\WindowsApps\B9ECED6F.ASUSProductRegistrationProgram_3.0.3.0_x86__qmba6cd70vzyy [2018-09-01] (ASUSTeK COMPUTER INC.) [Startup Task] Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1990.3.0_x86__kgqvnymyfvs32 [2021-04-02] (king.com) Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.190.200.0_x86__kgqvnymyfvs32 [2021-04-02] (king.com) Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-29] (Microsoft Corporation) Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.2028.0_x64__rz1tebttyb220 [2021-03-21] (Dolby Laboratories) Hidden City : Jeu d’objets cachés -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.40.4002.0_x86__ytsefhwckbdv6 [2021-03-29] (G5 Entertainment AB) LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-09-01] (LinkedIn) March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_5.5.1.1_x86__h6adky7gbf63m [2021-04-10] (Gameloft SE) McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.60.0_x64__wafk5atnkzcwy [2021-02-26] (McAfee LLC.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-02] (Microsoft Studios) [MS Ad] Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.22002.0_x64__8wekyb3d8bbwe [2021-04-07] (Microsoft Studios) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-17] (Netflix, Inc.) ROG Aura Core -> C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.1.30.0_x86__qmba6cd70vzyy [2018-12-14] (ASUSTeK COMPUTER INC.) [Startup Task] ROG GameVisual -> C:\Program Files\WindowsApps\B9ECED6F.ROGGameVisual_1.2.1.0_x64__qmba6cd70vzyy [2019-12-12] (ASUSTeK COMPUTER INC.) [Startup Task] ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-3810445886-1959473842-3287968692-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-B20A90B1E9D3} -> [Creative Cloud Files] => C:\Users\ggasp\Creative Cloud Files [2018-09-01 20:25] CustomCLSID: HKU\S-1-5-21-3810445886-1959473842-3287968692-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\ggasp\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3810445886-1959473842-3287968692-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\ggasp\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3810445886-1959473842-3287968692-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Pas de fichier ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Pas de fichier ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Pas de fichier ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-11] (Avast Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-11] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-11] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-11] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-12] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_28d80681d3523b1c\igfxDTCM.dll [2019-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-04-25] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-11] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-12] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x64.dll [652288 2013-05-28] () [Fichier non signé] HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-28] () [Fichier non signé] ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) Shortcut: C:\Users\ggasp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki Shortcut: C:\Users\ggasp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com ==================== Modules chargés (Avec liste blanche) ============= 2017-12-26 14:10 - 2017-12-26 14:10 - 000053248 _____ () [Fichier non signé] C:\Program Files (x86)\LightingService\cpuutil.dll 2017-12-28 20:09 - 2017-12-28 20:09 - 000018432 _____ () [Fichier non signé] C:\Program Files (x86)\LightingService\Log4cxxWrapper.dll 2017-12-26 14:10 - 2017-12-26 14:10 - 001951232 _____ () [Fichier non signé] C:\Program Files (x86)\LightingService\R2Clib.dll 2019-04-16 09:21 - 2019-04-16 09:21 - 000190976 _____ () [Fichier non signé] C:\Program Files\WindowsApps\B9ECED6F.ROGGameVisual_1.2.1.0_x64__qmba6cd70vzyy\CCTAdjust.dll 2019-04-16 09:21 - 2019-04-16 09:21 - 000038400 _____ () [Fichier non signé] C:\Program Files\WindowsApps\B9ECED6F.ROGGameVisual_1.2.1.0_x64__qmba6cd70vzyy\DetectDisplayDC.dll 2018-05-14 16:19 - 2018-05-14 16:19 - 000038912 _____ () [Fichier non signé] C:\Program Files\WindowsApps\B9ECED6F.ROGGameVisual_1.2.1.0_x64__qmba6cd70vzyy\VideoEnhance.dll 2017-12-28 20:09 - 2017-12-28 20:09 - 002831360 _____ (Apache Software Foundation) [Fichier non signé] C:\Program Files (x86)\LightingService\log4cxx.dll 2018-01-12 20:21 - 2018-01-12 20:21 - 000183448 _____ (ASUSTeK Computer Inc. -> ) [Fichier non signé] C:\Program Files (x86)\ASUS\AacHeadSet\AacAudioHal.dll 2018-01-12 03:23 - 2018-01-12 03:23 - 000081920 _____ (ASUSTeK Computer Inc.) [Fichier non signé] C:\Program Files (x86)\ASUS\AacHeadSet\AudioLEDCtrl.dll 2019-04-16 09:21 - 2019-04-16 09:21 - 000462848 _____ (ASUSTeK Computer Inc.) [Fichier non signé] C:\Program Files\WindowsApps\B9ECED6F.ROGGameVisual_1.2.1.0_x64__qmba6cd70vzyy\ColorU.dll 2018-12-14 23:38 - 2018-12-14 23:38 - 000019456 _____ (TODO: ) [Fichier non signé] C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.1.30.0_x86__qmba6cd70vzyy\Hook.dll 2019-04-16 09:21 - 2019-04-16 09:21 - 000452608 _____ (TODO: ) [Fichier non signé] C:\Program Files\WindowsApps\B9ECED6F.ROGGameVisual_1.2.1.0_x64__qmba6cd70vzyy\ColorUGameDLL.dll 2019-04-16 09:21 - 2019-04-16 09:21 - 000029696 _____ (TODO: ) [Fichier non signé] C:\Program Files\WindowsApps\B9ECED6F.ROGGameVisual_1.2.1.0_x64__qmba6cd70vzyy\GLCDdll.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== HKU\S-1-5-21-3810445886-1959473842-3287968692-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE SearchScopes: HKLM -> DefaultScope la valeur est absente SearchScopes: HKLM-x32 -> DefaultScope la valeur est absente SearchScopes: HKU\S-1-5-21-3810445886-1959473842-3287968692-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_281\bin\ssv.dll [2021-02-24] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_281\bin\jp2ssv.dll [2021-02-24] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-07] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-07] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-07] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-07] (Microsoft Corporation -> Microsoft Corporation) Handler: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - Pas de fichier (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\S-1-5-21-3810445886-1959473842-3287968692-1001\...\sharepoint.com -> hxxps://vichyuniversite-files.sharepoint.com ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2017-09-29 15:46 - 2021-04-13 23:10 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64_win\compiler;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-3810445886-1959473842-3287968692-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ggasp\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\papier peint de la visionneuse de photos windows.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKLM\...\StartupApproved\StartupFolder: => "Avast Cleanup Premium.lnk" HKLM\...\StartupApproved\Run: => "Sonic Studio 3" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "Hercules DJ Series TrayAgent" HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller" HKU\S-1-5-21-3810445886-1959473842-3287968692-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3810445886-1959473842-3287968692-1001\...\StartupApproved\Run: => "utweb" HKU\S-1-5-21-3810445886-1959473842-3287968692-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-3810445886-1959473842-3287968692-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-3810445886-1959473842-3287968692-1001\...\StartupApproved\Run: => "Spotify" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [UDP Query User{4C2795E8-AB3F-4F30-8AC4-5888CAE95210}C:\temp\uwamp\bin\uwamp_x32_3-1-0\bin\apache\bin\httpd.exe] => (Allow) C:\temp\uwamp\bin\uwamp_x32_3-1-0\bin\apache\bin\httpd.exe (Apache Software Foundation) [Fichier non signé] FirewallRules: [TCP Query User{DC13E2DD-68EA-47AA-A6F5-8A0B91B14A57}C:\temp\uwamp\bin\uwamp_x32_3-1-0\bin\apache\bin\httpd.exe] => (Allow) C:\temp\uwamp\bin\uwamp_x32_3-1-0\bin\apache\bin\httpd.exe (Apache Software Foundation) [Fichier non signé] FirewallRules: [UDP Query User{F50C89DF-8ADC-4BFE-8DC3-D0002377FD6C}C:\temp\uwamp\bin\uwamp_x32_3-1-0\bin\database\mysql-5.7.11\bin\mysqld.exe] => (Allow) C:\temp\uwamp\bin\uwamp_x32_3-1-0\bin\database\mysql-5.7.11\bin\mysqld.exe () [Fichier non signé] FirewallRules: [TCP Query User{C5931C65-3C08-4093-A945-758257AE32F3}C:\temp\uwamp\bin\uwamp_x32_3-1-0\bin\database\mysql-5.7.11\bin\mysqld.exe] => (Allow) C:\temp\uwamp\bin\uwamp_x32_3-1-0\bin\database\mysql-5.7.11\bin\mysqld.exe () [Fichier non signé] FirewallRules: [UDP Query User{E077011B-B60D-4EC3-9095-AAEDC3FC0A24}C:\program files (x86)\droidcam\droidcamapp.exe] => (Allow) C:\program files (x86)\droidcam\droidcamapp.exe (DEV47 APPS -> ) FirewallRules: [TCP Query User{37FBA9A6-B30A-4241-BFB3-3A4BD9591947}C:\program files (x86)\droidcam\droidcamapp.exe] => (Allow) C:\program files (x86)\droidcam\droidcamapp.exe (DEV47 APPS -> ) FirewallRules: [UDP Query User{76A97ECA-23F5-49E7-8C84-AEFA721D68B7}D:\games\age of empires ii definitive edition\battleserver\battleserver.exe] => (Allow) D:\games\age of empires ii definitive edition\battleserver\battleserver.exe () [Fichier non signé] FirewallRules: [TCP Query User{257F1329-E364-40B1-891F-D002FA602BC3}D:\games\age of empires ii definitive edition\battleserver\battleserver.exe] => (Allow) D:\games\age of empires ii definitive edition\battleserver\battleserver.exe () [Fichier non signé] FirewallRules: [UDP Query User{97298B5E-1235-4B5E-9CE3-52896267A590}D:\games\age of empires ii definitive edition\aoe2de_s.exe] => (Allow) D:\games\age of empires ii definitive edition\aoe2de_s.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{E68F176F-6B3D-4431-AD1A-F78AE08A50AC}D:\games\age of empires ii definitive edition\aoe2de_s.exe] => (Allow) D:\games\age of empires ii definitive edition\aoe2de_s.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5F30E5D5-5396-4D83-93E7-53727967BD9C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{CF9F7942-2FF4-45D8-94D1-23ECECE89F04}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{B3FAFF2E-FC4B-48EE-8B68-A619F5A07276}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{EC926882-687A-43C5-9D24-669CE657369C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{E73712BC-B808-4AB5-A7FE-C07590D8587A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FF3A2B32-9CAD-4AA9-A643-27DFFA49D256}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [UDP Query User{7CDA93A6-01A1-4D21-87AB-DD15A82481D6}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe] => (Allow) C:\program files (x86)\ea games\battlefield 1942\bf1942.exe () [Fichier non signé] FirewallRules: [TCP Query User{530BFC74-840F-4020-9213-0431C992B703}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe] => (Allow) C:\program files (x86)\ea games\battlefield 1942\bf1942.exe () [Fichier non signé] FirewallRules: [{12F3C90E-5F80-4344-AA3C-B0E2EB1BC5E7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D2E6F09F-C5C7-4D39-8CED-F59E4AAB8A73}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{57865D02-9455-4645-9AD8-A428C627D843}C:\users\ggasp\appdata\roaming\utorrent web\utweb.exe] => (Allow) C:\users\ggasp\appdata\roaming\utorrent web\utweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [Fichier non signé] FirewallRules: [TCP Query User{C95887A7-0A1B-4B7B-B0FD-5C63C07A1C08}C:\users\ggasp\appdata\roaming\utorrent web\utweb.exe] => (Allow) C:\users\ggasp\appdata\roaming\utorrent web\utweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [Fichier non signé] FirewallRules: [UDP Query User{94018F69-F907-46BE-AD3F-850D4B3CA8E0}D:\games\h1z1\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\games\h1z1\steamapps\common\h1z1\h1z1.exe (Daybreak Game Company LLC -> Daybreak Game Company) FirewallRules: [TCP Query User{6CADA212-8B97-4ED5-AB78-7D8D163BF48E}D:\games\h1z1\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\games\h1z1\steamapps\common\h1z1\h1z1.exe (Daybreak Game Company LLC -> Daybreak Game Company) FirewallRules: [{4CFE1B7E-57B2-4E27-9FCD-6D56A625F5D8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9F9C6FA5-6E33-4401-99FE-10C4CD577C7A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{42CB2607-4DF7-4902-9FE0-D136625EA6C5}D:\games\mortal kombat xl\binaries\retail\mk10.exe] => (Allow) D:\games\mortal kombat xl\binaries\retail\mk10.exe (WARNER BROS. ENTERTAINMENT INC. -> ) FirewallRules: [TCP Query User{98EA85BA-C3C2-480C-BCF8-4EBA71CF0538}D:\games\mortal kombat xl\binaries\retail\mk10.exe] => (Allow) D:\games\mortal kombat xl\binaries\retail\mk10.exe (WARNER BROS. ENTERTAINMENT INC. -> ) FirewallRules: [{A83E1A1B-4F72-4DD3-B712-6AC878F63D02}] => (Allow) D:\Games\H1Z1\steamapps\common\H1Z1\H1Z1_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{31C3A88B-1005-4C3D-8093-D3E662E70BF6}] => (Allow) D:\Games\H1Z1\steamapps\common\H1Z1\H1Z1_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{B827F3AB-A3FA-4D03-9522-F9D8BEB21860}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{963994E9-164A-4F93-972F-C3E4B8139C3E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{8EBB4E2C-36C8-4539-85AD-CDAF15A63CB9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{CB4706E6-B3CE-49E5-8648-ADF08DE3CAA7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{EB035210-3B62-47E6-8B63-8135C0057C7B}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [{34BD6E35-4D03-4238-A6CE-9F38E715DD2A}] => (Allow) C:\Users\ggasp\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [Fichier non signé] FirewallRules: [{140662B6-B912-48DD-A67C-80B54FAFFDC0}] => (Allow) C:\Users\ggasp\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [Fichier non signé] FirewallRules: [{1922881A-7E58-47FF-83C1-237D9A7FFE45}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{93CD3F48-C11A-4314-A22C-5CC0E8319E24}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{9DC170FF-5DDF-410E-AF65-ABC381040CD3}] => (Allow) C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGCAndroidService.exe (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) FirewallRules: [TCP Query User{8FB0FD6E-F335-484B-9EFD-591FDEB2A149}D:\games\h1z1\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\games\h1z1\steamapps\common\h1z1\h1z1.exe (Daybreak Game Company LLC -> Daybreak Game Company) FirewallRules: [UDP Query User{9BD79ABE-05BD-4DCE-8C67-F299EC0D34AA}D:\games\h1z1\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\games\h1z1\steamapps\common\h1z1\h1z1.exe (Daybreak Game Company LLC -> Daybreak Game Company) FirewallRules: [TCP Query User{7498FC56-1483-42CB-9EE7-08036BCBAA90}D:\games\mortal kombat xl\binaries\retail\mk10.exe] => (Allow) D:\games\mortal kombat xl\binaries\retail\mk10.exe (WARNER BROS. ENTERTAINMENT INC. -> ) FirewallRules: [UDP Query User{9E8385E0-BC13-42EF-A538-C08745505D27}D:\games\mortal kombat xl\binaries\retail\mk10.exe] => (Allow) D:\games\mortal kombat xl\binaries\retail\mk10.exe (WARNER BROS. ENTERTAINMENT INC. -> ) FirewallRules: [TCP Query User{B3D87066-AD5F-47AD-A293-E35EF161F764}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe (Riot Games, Inc. -> ) FirewallRules: [UDP Query User{9EAB50A4-BBF4-41DC-8B17-DB18654EEAB5}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe (Riot Games, Inc. -> ) FirewallRules: [{8719464A-017D-4E12-8598-5E92618ED440}] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe (Riot Games, Inc. -> ) FirewallRules: [{6F081A39-ED68-401A-AD47-CE2DFD255A4D}] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe (Riot Games, Inc. -> ) FirewallRules: [{4F2CA6BC-BCD9-4AA0-8750-38669B154228}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11601.20144.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{FCB90FF5-8660-4E5E-9365-8B800DB82124}C:\users\ggasp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ggasp\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{510C3982-1684-4851-8805-756866B6615B}C:\users\ggasp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ggasp\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{F30968FE-2D2E-49D2-9843-2E8DC9AB6CC6}] => (Allow) D:\Games\Fifa\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{C6B79249-7469-40B3-A7E3-387EC68902A9}] => (Allow) D:\Games\Fifa\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [TCP Query User{54DF5BA5-262A-498C-9070-C6A2220D4050}D:\games\fifa\fifa19.exe] => (Allow) D:\games\fifa\fifa19.exe (Electronic Arts) [Fichier non signé] FirewallRules: [UDP Query User{A7A3FAF3-6ECA-4CFA-A59A-516EC628FE76}D:\games\fifa\fifa19.exe] => (Allow) D:\games\fifa\fifa19.exe (Electronic Arts) [Fichier non signé] FirewallRules: [TCP Query User{932514AA-E9A2-44D5-976B-DECAF9F26F2E}C:\mysql\bin\mysqld.exe] => (Allow) C:\mysql\bin\mysqld.exe () [Fichier non signé] FirewallRules: [UDP Query User{4682EE71-7A66-4855-AB29-624FFA756BCA}C:\mysql\bin\mysqld.exe] => (Allow) C:\mysql\bin\mysqld.exe () [Fichier non signé] FirewallRules: [TCP Query User{D550DD05-5A72-463C-9E29-57339E6C5020}C:\temp\uwamp\bin\uwamp_x32_3-1-0\bin\database\mysql-5.7.11\bin\mysqld.exe] => (Allow) C:\temp\uwamp\bin\uwamp_x32_3-1-0\bin\database\mysql-5.7.11\bin\mysqld.exe () [Fichier non signé] FirewallRules: [UDP Query User{0FBA1573-E2C8-4976-A716-A0E5A86DA8D5}C:\temp\uwamp\bin\uwamp_x32_3-1-0\bin\database\mysql-5.7.11\bin\mysqld.exe] => (Allow) C:\temp\uwamp\bin\uwamp_x32_3-1-0\bin\database\mysql-5.7.11\bin\mysqld.exe () [Fichier non signé] FirewallRules: [TCP Query User{9575BE53-B8BF-4E0C-8441-A372D8FD7E09}C:\temp\uwamp\bin\uwamp_x32_3-1-0\bin\apache\bin\httpd.exe] => (Allow) C:\temp\uwamp\bin\uwamp_x32_3-1-0\bin\apache\bin\httpd.exe (Apache Software Foundation) [Fichier non signé] FirewallRules: [UDP Query User{44CD1B73-2397-46D1-87A1-E702B83683AB}C:\temp\uwamp\bin\uwamp_x32_3-1-0\bin\apache\bin\httpd.exe] => (Allow) C:\temp\uwamp\bin\uwamp_x32_3-1-0\bin\apache\bin\httpd.exe (Apache Software Foundation) [Fichier non signé] FirewallRules: [TCP Query User{173DE4D1-BD26-456B-A03D-321DF44F6728}C:\users\ggasp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ggasp\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{69646AC2-5C49-4CCF-A0BD-BCAB3952E1AA}C:\users\ggasp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ggasp\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{B271DFBD-0AC9-4072-9970-BD67EDC5D443}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{176995FC-527A-4FB3-B26B-8F3B76CEE311}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{21904370-6DC9-4356-B74D-8B05A8AC5D4E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{091E22C8-8764-4D67-BC9B-520416AA0270}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C673DD60-D409-486A-929F-E905D4BB224E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{ECB2D0A5-EF64-4137-8CB8-D2B5A538D92C}] => (Allow) C:\Program Files\PreSonus\Universal Control\Universal Control.exe (PreSonus Audio Electronics, Inc. -> PreSonus) FirewallRules: [{C1BE24C8-8B77-4465-805D-0EA2B83D49D6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Points de restauration ========================= 12-04-2021 22:59:48 RP_AdsFix : 12/04/2021 22:59:48 13-04-2021 11:18:06 RP_AdsFix : 13/04/2021 11:18:06 13-04-2021 22:56:00 Installed VirtualDJ 8 13-04-2021 23:03:01 Restauration - Testes RST64 13-04-2021 23:22:23 Restore Point Created by FRST ==================== Éléments en erreur du Gestionnaire de périphériques ============ Name: LogMeIn Hamachi Virtual Ethernet Adapter Description: LogMeIn Hamachi Virtual Ethernet Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: LogMeIn Inc. Service: Hamachi Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (04/14/2021 12:02:30 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante wwahost.exe, version : 10.0.19041.789, horodatage : 0x9bbd7506 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.804, horodatage : 0x0e9c5eae Code d’exception : 0x8000ffff Décalage d’erreur : 0x000000000010bd5c ID du processus défaillant : 0x2b64 Heure de début de l’application défaillante : 0x01d730b0b243cde9 Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\wwahost.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 1be756ad-15c4-443f-82f6-acc85add43d3 Nom complet du package défaillant : 4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 ID de l’application relative au package défaillant : Netflix.App Error: (04/14/2021 12:02:23 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante WinStore.App.exe, version : 12101.1001.14.0, horodatage : 0x602c1229 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.804, horodatage : 0x0e9c5eae Code d’exception : 0xc000027b Décalage d’erreur : 0x000000000010bd5c ID du processus défaillant : 0x3d9c Heure de début de l’application défaillante : 0x01d730b0add4f3c3 Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : dda699c4-c1ee-4cf0-94f4-f1b248c02b54 Nom complet du package défaillant : Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : App Error: (04/14/2021 12:01:10 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante wwahost.exe, version : 10.0.19041.789, horodatage : 0x9bbd7506 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.804, horodatage : 0x0e9c5eae Code d’exception : 0x8000ffff Décalage d’erreur : 0x000000000010bd5c ID du processus défaillant : 0x2d24 Heure de début de l’application défaillante : 0x01d730b081a066c5 Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\wwahost.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 57f59b21-a6f8-4ae3-b3bb-b0c681022b85 Nom complet du package défaillant : 4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 ID de l’application relative au package défaillant : Netflix.App Error: (04/14/2021 12:00:24 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours. . Error: (04/14/2021 12:00:24 AM) (Source: VSS) (EventID: 13) (User: ) Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours. ] Error: (04/14/2021 12:00:24 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours. . Error: (04/14/2021 12:00:24 AM) (Source: VSS) (EventID: 13) (User: ) Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours. ] Error: (04/13/2021 11:59:58 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x8007001f, Un périphérique attaché au système ne fonctionne pas correctement. . Opération : Opération asynchrone en cours d’exécution Contexte : État actuel: DoSnapshotSet Erreurs système: ============= Error: (04/14/2021 12:01:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Browser n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (04/14/2021 12:01:08 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Browser. Error: (04/14/2021 12:01:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Browser n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (04/14/2021 12:01:08 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Browser. Error: (04/14/2021 12:01:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Browser n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (04/14/2021 12:01:07 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Browser. Error: (04/14/2021 12:01:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Browser n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (04/14/2021 12:01:07 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Browser. Windows Defender: ================ Date: 2021-04-11 21:56:38 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Formbookinj.GL!MTB&threatid=2147778575&enterprise=0 Nom : Trojan:MSIL/Formbookinj.GL!MTB ID : 2147778575 Gravité : Grave Catégorie : Cheval de Troie Chemin : amsi:_C:\ProgramData\2523936.exe Origine de la détection : Inconnu Type de détection : Concret Source de détection : AMSI Utilisateur : LAPTOP-C92N962T\ggasp Nom du processus : C:\ProgramData\2523936.exe Version de la veille de sécurité : AV: 1.335.639.0, AS: 1.335.639.0, NIS: 1.335.639.0 Version du moteur : AM: 1.1.18000.5, NIS: 1.1.18000.5 Date: 2021-04-11 21:55:56 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Formbookinj.GL!MTB&threatid=2147778575&enterprise=0 Nom : Trojan:MSIL/Formbookinj.GL!MTB ID : 2147778575 Gravité : Grave Catégorie : Cheval de Troie Chemin : amsi:_C:\ProgramData\56250.exe Origine de la détection : Inconnu Type de détection : Concret Source de détection : AMSI Utilisateur : LAPTOP-C92N962T\ggasp Nom du processus : C:\ProgramData\56250.exe Version de la veille de sécurité : AV: 1.335.639.0, AS: 1.335.639.0, NIS: 1.335.639.0 Version du moteur : AM: 1.1.18000.5, NIS: 1.1.18000.5 Date: 2021-04-10 16:45:30 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {C729D9D4-8AA7-4DBA-8F86-295A6D9FBC7F} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2021-04-10 12:22:16 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {C0EC94FC-1316-494B-B9EC-D6BCAC783F7E} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2021-04-08 23:24:51 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {645E8405-6CBA-4642-8ACC-8CD890DC4C23} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système  CodeIntegrity: =============== Date: 2021-04-14 00:14:55 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. GL703GE.318 07/19/2019 Carte mère: ASUSTeK COMPUTER INC. GL703GE Processeur: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz Pourcentage de mémoire utilisée: 37% Mémoire physique - RAM - totale: 16238.79 MB Mémoire physique - RAM - disponible: 10118.29 MB Mémoire virtuelle totale: 18670.79 MB Mémoire virtuelle disponible: 11036.74 MB ==================== Lecteurs ================================ Drive c: (OS) (Fixed) (Total:237.42 GB) (Free:42.5 GB) NTFS Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:515.69 GB) NTFS \\?\Volume{07f6dfec-8ff7-4dec-8701-eed5505a085d}\ () (Fixed) (Total:0.78 GB) (Free:0.32 GB) NTFS \\?\Volume{ab8fea3f-eb1e-47ce-9b3d-fe33a69e9950}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: 54F339D3) Partition: GPT. ========================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: D668C5E6) Partition: GPT. ==================== Fin de Addition.txt =======================