Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 27-12-2021 Exécuté par phil (03-01-2022 21:32:57) Exécuté depuis C:\Users\phil\Desktop Microsoft Windows 10 Famille Version 21H2 19044.1415 (X64) (2020-08-04 17:58:58) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-3350074539-423247391-1307942942-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3350074539-423247391-1307942942-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3350074539-423247391-1307942942-1002 - Limited - Enabled) Invité (S-1-5-21-3350074539-423247391-1307942942-501 - Limited - Disabled) phil (S-1-5-21-3350074539-423247391-1307942942-1001 - Administrator - Enabled) => C:\Users\phil WDAGUtilityAccount (S-1-5-21-3350074539-423247391-1307942942-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden AceMoney Lite (HKLM-x32\...\AceMoney Lite_is1) (Version: - MechCAD Software) Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1036-1033-7760-BC15014EA700}) (Version: 21.007.20099 - Adobe) AlienFX for IskuFX (HKLM\...\{2C3FC2CC-0A8B-409E-B487-8CD54F4DC1D4}) (Version: 1.02 - Roccat GmbH) Hidden AlienFX for IskuFX (HKLM-x32\...\InstallShield_{2C3FC2CC-0A8B-409E-B487-8CD54F4DC1D4}) (Version: 1.02 - Roccat GmbH) AOMEI Partition Assistant Standard Edition 5.6 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.) ATI AVIVO64 Codecs (HKLM\...\{86E42509-8029-7678-F522-0636D80CD277}) (Version: 11.6.0.10524 - ATI Technologies Inc.) Hidden Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 21.5.2470 - Avast Software) Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 96.1.13589.111 - Auteurs de Avast Secure Browser) CCleaner (HKLM\...\CCleaner) (Version: 5.87 - Piriform) Contrôle d’intégrité du PC Windows (HKLM\...\{0150BDB3-AFFD-47A1-ADB8-DE06658EB3B2}) (Version: 3.2.2110.14001 - Microsoft Corporation) Discord (HKU\S-1-5-21-3350074539-423247391-1307942942-1001\...\Discord) (Version: 0.0.309 - Discord Inc.) Driver Booster 9 (HKLM-x32\...\Driver Booster_is1) (Version: 9.1.0 - IObit) Dropbox (HKU\S-1-5-21-3350074539-423247391-1307942942-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Farming Simulator 19 (HKLM-x32\...\FarmingSimulator2019_is1) (Version: 1.7.1 - GIANTS Software) Farming Simulator 22 (HKLM-x32\...\FarmingSimulator2022_is1) (Version: 1.0.0 - GIANTS Software) FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com) FreeMi UPnP Media Server (HKLM\...\FreeMi UPnP Media Server) (Version: 2.0.8 - Stéphane Mitermite) GIANTS Editor 6.0.3 64-bit (HKLM-x32\...\giants_editor_6.0.3_win64_is1) (Version: 6.0.3 - GIANTS Software GmbH) Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - Gigabyte Technology Corp.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.110 - Google LLC) HP Support Solutions Framework (HKLM-x32\...\{C6EF8EAA-2B44-4FC1-8DCD-3A1A5649FCA2}) (Version: 12.12.32.3 - HP Inc.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Malwarebytes version 4.4.11.149 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.11.149 - Malwarebytes) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation) Microsoft Office Professionnel Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{E876418F-BE59-4D8C-B9A5-74B056B676FA}) (Version: 2.93.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation) Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 95.0.2 (x64 fr)) (Version: 95.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 95.0.2.8022 - Mozilla) MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 5.0.0.25 - MSI) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 8.1.9.3 - Notepad++ Team) NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation) NVIDIA GeForce Experience 3.24.0.123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.123 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.38.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.94 - NVIDIA Corporation) NVIDIA Pilote graphique 497.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 497.29 - NVIDIA Corporation) Outlook (HKU\S-1-5-21-3350074539-423247391-1307942942-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook) PowerPoint (HKU\S-1-5-21-3350074539-423247391-1307942942-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint) Raptr (HKLM-x32\...\Raptr) (Version: - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9071.1 - Realtek Semiconductor Corp.) Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0013 - Roccat GmbH) Savu Mouse (HKLM-x32\...\{6F4B8EA6-4546-4160-A05F-0706F7DC1EFF}) (Version: 1.1.9 - ROCCAT GmbH) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.2 - TeamSpeak Systems GmbH) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) TomTom HOME (HKLM-x32\...\{9F1953B3-B0EE-402C-A29F-A8AB775A6D1D}) (Version: 2.11.3 - Nom de votre société) TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team) Tt eSPORTS ShockONE gaming headset Driver V1.0 (HKLM-x32\...\{4B4DB54B-A017-4E82-8995-AC752FEBCDD8}_is1) (Version: - Ttesports Inc.) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN) WD SmartWare (HKLM\...\{604CB4FC-3D32-405F-A109-165F170529B6}) (Version: 1.2.0.8 - Western Digital) WinRAR 5.71 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) Word (HKU\S-1-5-21-3350074539-423247391-1307942942-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word) XviD MPEG-4 Video Codec (HKLM-x32\...\xvid) (Version: - XviD Development Team) Packages: ========= Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-09] (Microsoft Corporation) Excel -> C:\Program Files\WindowsApps\excel.office.com-4362FB92_1.0.0.6_neutral__2vp2pd36ganw2 [2021-11-07] (excel.office.com) Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_133.1.340.0_x64__v10z8vjag6ke6 [2021-12-14] (HP Inc.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-09] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-09] (Microsoft Corporation) [MS Ad] Microsoft Midi gm.dls -> C:\Program Files\WindowsApps\Microsoft.Midi.GmDls_1.0.1.0_neutral__8wekyb3d8bbwe [2020-03-30] (Microsoft Platform Extensions) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12160.0_x64__8wekyb3d8bbwe [2021-12-22] (Microsoft Studios) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-12-26] (NVIDIA Corp.) Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-01-23] (Adobe Systems Incorporated) Word -> C:\Program Files\WindowsApps\word.office.com-CECA1A7F_1.0.0.1_neutral__jc2kecmnkxwqc [2021-11-07] (word.office.com) WPS Office Suite - PDF, Word, Spreadsheet, Slide View & Edit -> C:\Program Files\WindowsApps\ZhuhaiKingsoftOfficeSoftw.WPSOffice2019_11.2.10307.0_x86__924xes6e8q1tw [2021-10-12] (Kingsoft Office Software Corporation Limited) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-3350074539-423247391-1307942942-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\phil\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox -> Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3350074539-423247391-1307942942-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\phil\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3350074539-423247391-1307942942-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\phil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3350074539-423247391-1307942942-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\phil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3350074539-423247391-1307942942-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\phil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3350074539-423247391-1307942942-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\phil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.) ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation) ShellExecuteHooks-x32: Pas de nom - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-07-03] (Avast Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\phil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\phil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\phil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\phil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-07-03] (Avast Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\phil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\phil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\phil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2021-12-08] (Notepad++ -> ) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-07-03] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-07-03] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-13] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> Pas de fichier ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Pas de fichier ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\nvshext.dll [2021-12-15] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-07-03] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1_S-1-5-21-3350074539-423247391-1307942942-1001: [DropboxExt] -> [CC]{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> Pas de fichier ContextMenuHandlers4_S-1-5-21-3350074539-423247391-1307942942-1001: [DropboxExt] -> [CC]{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> Pas de fichier ContextMenuHandlers5_S-1-5-21-3350074539-423247391-1307942942-1001: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\phil\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.) ==================== Codecs (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [Fichier non signé] HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [Fichier non signé] HKLM\...\Drivers32-x32: [vidc.asv2] => asusasv2.dll HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ShortcutWithArgument: C:\Users\phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb --app-url=hxxps://outlook.com/ ShortcutWithArgument: C:\Users\phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf --app-url=hxxps://powerpoint.office.com/ ShortcutWithArgument: C:\Users\phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi --app-url=hxxps://word.office.com/ ==================== Modules chargés (Avec liste blanche) ============= ==================== Alternate Data Streams (Avec liste blanche) ======== (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\Users\phil\Documents\Image (2).bmp:3or4kl4x13tuuug3Byamue2s4b [101] AlternateDataStreams: C:\Users\phil\Documents\Image (2).bmp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Skype Software Sarl -> Microsoft Corporation) Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [Fichier non signé] Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Skype Software Sarl -> Microsoft Corporation) ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2009-07-14 03:34 - 2019-01-04 13:24 - 000000828 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-3350074539-423247391-1307942942-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\phil\AppData\Roaming\Mozilla\Firefox\Fond d’écran.bmp DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Pas de fichier) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: avast => 2 MSCONFIG\Services: avast! Tools => 2 MSCONFIG\Services: avastm => 3 MSCONFIG\Services: AvastSecureBrowserElevationService => 3 MSCONFIG\Services: c2cautoupdatesvc => 2 MSCONFIG\Services: c2cpnrsvc => 2 MSCONFIG\Services: Fax => 3 MSCONFIG\Services: FvSvc => 3 MSCONFIG\Services: GamingApp_Service => 2 MSCONFIG\Services: GfExperienceService => 2 MSCONFIG\Services: GoogleChromeElevationService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: gusvc => 3 MSCONFIG\Services: HPPrintScanDoctorService => 2 MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2 MSCONFIG\Services: ICCS => 3 MSCONFIG\Services: IDriverT => 3 MSCONFIG\Services: LiveUpdateSvc => 2 MSCONFIG\Services: MBAMScheduler => 2 MSCONFIG\Services: Microsoft SharePoint Workspace Audit Service => 3 MSCONFIG\Services: MozillaMaintenance => 2 MSCONFIG\Services: NvContainerLocalSystem => 2 MSCONFIG\Services: NvContainerNetworkService => 3 MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2 MSCONFIG\Services: NvNetworkService => 2 MSCONFIG\Services: NvStreamNetworkSvc => 3 MSCONFIG\Services: NvStreamSvc => 2 MSCONFIG\Services: nvsvc => 2 MSCONFIG\Services: NvTelemetryContainer => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: ss_conn_service => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: Stereo Service => 2 MSCONFIG\Services: TomTomHOMEService => 2 MSCONFIG\Services: WDDMService => 2 MSCONFIG\Services: WDSmartWareBackgroundService => 2 MSCONFIG\Services: WsAppService => 2 MSCONFIG\Services: WsDrvInst => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Roccat Talk.lnk => C:\Windows\pss\Roccat Talk.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WDDMStatus.lnk => C:\Windows\pss\WDDMStatus.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WDSmartWare.lnk => C:\Windows\pss\WDSmartWare.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^phil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup MSCONFIG\startupfolder: C:^Users^phil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 - Capture d’écran et lancement.lnk => C:\Windows\pss\OneNote 2010 - Capture d’écran et lancement.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: Discord => C:\Users\phil\AppData\Local\Discord\app-0.0.301\Discord.exe MSCONFIG\startupreg: DriverMax_RESTART => "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -RESTART MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: Live Update => C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER MSCONFIG\startupreg: Malwarebytes TrayApp => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\RAPTRS~1.EXE --startup MSCONFIG\startupreg: ROCCAT Savu Gaming Mouse => "C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe" /Automation MSCONFIG\startupreg: RoccatIskuFX => "C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe" MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s MSCONFIG\startupreg: Ttesports => C:\Program Files (x86)\Ttesports\ShockONE\ShockTray.exe HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "RtHDVCpl" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "ROCCAT Savu Gaming Mouse" HKU\S-1-5-21-3350074539-423247391-1307942942-1001\...\StartupApproved\StartupFolder: => "OneNote 2010 - Capture d’écran et lancement.lnk" HKU\S-1-5-21-3350074539-423247391-1307942942-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3350074539-423247391-1307942942-1001\...\StartupApproved\Run: => "OfficeSyncProcess" HKU\S-1-5-21-3350074539-423247391-1307942942-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-3350074539-423247391-1307942942-1001\...\StartupApproved\Run: => "Adobe Reader Synchronizer" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [UDP Query User{36EF5D6C-92AC-4177-AC3C-9DFAD62A2385}C:\program files\microsoft office\office14\groove.exe] => (Block) C:\program files\microsoft office\office14\groove.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{55D2BE59-D27D-49A3-AA4E-A7ABB8D29190}C:\program files\microsoft office\office14\groove.exe] => (Block) C:\program files\microsoft office\office14\groove.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6C4DB241-C9A4-4301-A7AA-2CA87458EC40}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{71AD1E01-80F0-44B1-870C-EF9D1B89342D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{2B3E4EBD-C61F-4D0B-AACB-C399771D01BD}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{42344255-71DE-497C-8705-16FD14211868}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A5361BFD-CD06-4FC1-B617-CC966827840B}] => (Allow) C:\Users\phil\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox -> Dropbox, Inc.) FirewallRules: [{C496DC4D-5F3D-4422-AD34-FA851CD8F9A6}] => (Allow) C:\Users\phil\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox -> Dropbox, Inc.) FirewallRules: [{640BD948-D971-45FE-AF5E-4244F2FA2BE2}] => (Allow) C:\Program Files\FreeMi UPnP Media Server\FreeMi UPnP Media Server.exe (Stéphane Mitermite) [Fichier non signé] FirewallRules: [{736A7BEC-7187-43D2-A47A-1F9E3B768CC7}] => (Allow) C:\Program Files\FreeMi UPnP Media Server\FreeMi UPnP Media Server.exe (Stéphane Mitermite) [Fichier non signé] FirewallRules: [TCP Query User{712D5008-E483-4667-BCDD-E6D9E3EFAAA3}C:\program files\freemi upnp media server\freemi upnp media server.exe] => (Allow) C:\program files\freemi upnp media server\freemi upnp media server.exe (Stéphane Mitermite) [Fichier non signé] FirewallRules: [UDP Query User{B4F17D13-BC5F-422D-AB6F-B48F12CB39A6}C:\program files\freemi upnp media server\freemi upnp media server.exe] => (Allow) C:\program files\freemi upnp media server\freemi upnp media server.exe (Stéphane Mitermite) [Fichier non signé] FirewallRules: [{75B70961-1711-432B-AD34-6C1EDF4008A2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{E02FF1C4-D6AC-47CA-94C5-F239983DD399}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{45652E94-C959-4B96-B716-5F831D5402BE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{4EECDC61-6EBE-4F83-BBE7-6A8D42E2D97E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{1897DEA3-7F11-4A4D-87A2-25A048BFF741}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{88F5F55A-2225-456B-8B4C-DE56561AE584}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{8DFAC59C-CA45-4A82-8FB2-B5731370F9D2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{5ED12105-557D-4C8D-8A2F-99F79F87DB68}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{E2E36F99-DCC5-44BB-AE67-C1CD69994288}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe (Raptr, Inc -> Raptr, Inc) FirewallRules: [{7001E581-5693-4AEF-ADA8-8A52D40A2C3D}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe (Raptr, Inc -> Raptr, Inc) FirewallRules: [{61182F50-5727-43F6-9327-967BAE611A69}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe (Raptr, Inc -> Raptr, Inc) FirewallRules: [{9789AEFD-9A2F-4602-9E4B-F3B83E82B6E5}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe (Raptr, Inc -> Raptr, Inc) FirewallRules: [{266BDFDA-C854-496F-B4CF-FB9CCE765E32}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{6AF7A828-7A4C-4E5E-9B21-C5CDB5C9E429}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{252A4342-2040-4FFE-9E7E-C2508F45C23B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fishing\FishingGame\Binaries\Win64\FishingGame-Win64-Shipping.exe (Epic Games, Inc.) [Fichier non signé] FirewallRules: [{72BEEC26-C13E-4124-9093-41225A588B8F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fishing\FishingGame\Binaries\Win64\FishingGame-Win64-Shipping.exe (Epic Games, Inc.) [Fichier non signé] FirewallRules: [{F08BA406-17E4-4D0A-8ABC-DDC119B5D454}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{3F1463C9-67CE-40E8-93E4-19873A05F1BA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{E419CC69-0876-421E-86C1-0CB787FF3E81}] => (Allow) C:\Program Files (x86)\Farming Simulator 2019\FarmingSimulator2019.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{8E4812DA-3169-4FFA-8545-3F11B0B91541}] => (Allow) C:\Program Files (x86)\Farming Simulator 2019\FarmingSimulator2019.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{BD490DF2-261C-4AED-9F5B-8B3F9BD0BFCD}] => (Allow) C:\Program Files (x86)\Farming Simulator 2019\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{C4252299-B1ED-43C3-80AB-6D29465E374D}] => (Allow) C:\Program Files (x86)\Farming Simulator 2019\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{DAA1019A-AE39-4FEE-9606-FBBDE45325D0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform) FirewallRules: [{E9B776C2-4F62-4B42-AA8F-C5A6D020BEDD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform) FirewallRules: [TCP Query User{313DAB69-8D17-4359-AE6C-6FC3E348F4EB}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{5CB84C78-08D6-49C2-9495-2919CBA3C49F}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{CA879554-F072-40AD-8A31-C794CC031B9E}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [{9F0D1DDB-EDA8-437B-B1E3-EE91320AAD7F}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [{35164BD8-5128-49D5-9FBC-5CB6257C5BD6}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [{82057101-908C-4087-842B-0113EE401A2D}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [{F0C7379E-26A6-4AA1-9B23-9101B53689A6}] => (Allow) C:\Program Files (x86)\Farming Simulator 2022\FarmingSimulator2022.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{DEABB14A-BA34-4D0E-8441-57AF3D5EEEA8}] => (Allow) C:\Program Files (x86)\Farming Simulator 2022\FarmingSimulator2022.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{D5837161-7100-4FB7-BF52-484737D6D9A9}] => (Allow) C:\Program Files (x86)\Farming Simulator 2022\x64\FarmingSimulator2022Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{F0664F4E-B5F5-49BD-A5D6-0164D0807D22}] => (Allow) C:\Program Files (x86)\Farming Simulator 2022\x64\FarmingSimulator2022Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [TCP Query User{DA6A6C9D-79A8-4D68-B553-A8DBF9EC23E7}C:\program files (x86)\farming simulator 2022\dedicatedserver.exe] => (Block) C:\program files (x86)\farming simulator 2022\dedicatedserver.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [UDP Query User{3273EFDA-DF9B-4004-B111-76B1D9B8EDB7}C:\program files (x86)\farming simulator 2022\dedicatedserver.exe] => (Block) C:\program files (x86)\farming simulator 2022\dedicatedserver.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{B0DCB73D-83F1-42A8-9640-1097EDF9544F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{F439091E-EEBF-4309-B79E-9B5F71915FE1}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{39F082EE-54F2-4FC4-9185-88BD79ACCF40}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{AF3994C1-A695-4942-997C-66987F70C206}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{DB9BB6C8-8C24-498C-B70A-D011C520952C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{B3C0C867-0ACA-43EF-BE95-57E31F703903}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{5A6F26BC-3355-4B0B-9446-942A1267D083}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{C6A6CAEE-1418-4F80-B564-71E554CB4C2E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{1342CCA3-86CA-4486-AFD9-7D88641890E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{B75C81E9-6DD1-41A1-BFCE-EF5CE8397E9F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{B0DD6627-180F-40DD-B663-7F14753734F6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{319D3B1B-577D-4D71-A0A3-BE03D388CE0C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software) ==================== Points de restauration ========================= 28-12-2021 09:30:13 Point de contrôle planifié ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (01/02/2022 07:35:00 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante FarmingSimulator2022Game.exe, version : 9.0.0.0, horodatage : 0x61c0b4ab Nom du module défaillant : FarmingSimulator2022Game.exe, version : 9.0.0.0, horodatage : 0x61c0b4ab Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000050325b ID du processus défaillant : 0xeb0 Heure de début de l’application défaillante : 0x01d8000759059856 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Farming Simulator 2022\x64\FarmingSimulator2022Game.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Farming Simulator 2022\x64\FarmingSimulator2022Game.exe ID de rapport : f875f1e8-e2dd-45da-9fce-d1e0c845697b Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (01/02/2022 07:33:32 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante FarmingSimulator2022Game.exe, version : 9.0.0.0, horodatage : 0x61c0b4ab Nom du module défaillant : FarmingSimulator2022Game.exe, version : 9.0.0.0, horodatage : 0x61c0b4ab Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000050325b ID du processus défaillant : 0x2934 Heure de début de l’application défaillante : 0x01d80006d7c9ce53 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Farming Simulator 2022\x64\FarmingSimulator2022Game.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Farming Simulator 2022\x64\FarmingSimulator2022Game.exe ID de rapport : 104541db-1125-47fa-ae76-e8442e7645cb Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (01/02/2022 07:00:10 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: Échec de la sauvegarde. Raison : une erreur d'écriture s'est produite à l'emplacement de sauvegarde (G:\). Erreur : Emplacement de sauvegarde introuvable ou non valide. Vérifiez-le en passant en revue vos paramètres de sauvegarde. (0x81000006). Error: (01/01/2022 09:00:22 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme YourPhone.exe version 1.21113.36.0 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : fe4 Heure de début : 01d7feec28ece249 Heure d'arrêt : 4294967295 Chemin d'accès à l'application : C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21113.36.0_x64__8wekyb3d8bbwe\YourPhone.exe ID de rapport : e719be4c-aa15-411d-b647-19a374b074ad Nom complet du package défectueux : Microsoft.YourPhone_1.21113.36.0_x64__8wekyb3d8bbwe ID de l'application relative à un package défectueux : App Type de blocage : Quiesce Error: (01/01/2022 07:42:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante FarmingSimulator2022Game.exe, version : 9.0.0.0, horodatage : 0x61c0b4ab Nom du module défaillant : FarmingSimulator2022Game.exe, version : 9.0.0.0, horodatage : 0x61c0b4ab Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000050325b ID du processus défaillant : 0x21fc Heure de début de l’application défaillante : 0x01d7ff3f08b856e2 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Farming Simulator 2022\x64\FarmingSimulator2022Game.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Farming Simulator 2022\x64\FarmingSimulator2022Game.exe ID de rapport : 4b3d6718-d7ac-4a4d-907c-d5d088c4f55d Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (12/27/2021 09:35:30 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme Video.UI.exe version 10.21111.1051.0 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 2840 Heure de début : 01d7fb611cdacf03 Heure d'arrêt : 4294967295 Chemin d'accès à l'application : C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.21111.10511.0_x64__8wekyb3d8bbwe\Video.UI.exe ID de rapport : f0d03c02-80f3-447c-8962-857f01f9c19f Nom complet du package défectueux : Microsoft.ZuneVideo_10.21111.10511.0_x64__8wekyb3d8bbwe ID de l'application relative à un package défectueux : Microsoft.ZuneVideo Type de blocage : Quiesce Error: (12/26/2021 07:01:27 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: Échec de la sauvegarde. Raison : une erreur d'écriture s'est produite à l'emplacement de sauvegarde (G:\). Erreur : Emplacement de sauvegarde introuvable ou non valide. Vérifiez-le en passant en revue vos paramètres de sauvegarde. (0x81000006). Error: (12/26/2021 05:23:12 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme HxCalendarAppImm.exe version 16.0.14326.20544 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 2124 Heure de début : 01d7fa74bddba0cd Heure d'arrêt : 4294967295 Chemin d'accès à l'application : C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe ID de rapport : 79fbed61-9b01-48f3-bdf7-d563380bc647 Nom complet du package défectueux : microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe ID de l'application relative à un package défectueux : microsoft.windowslive.calendar Type de blocage : Quiesce Erreurs système: ============= Error: (01/03/2022 09:25:36 AM) (Source: Schannel) (EventID: 4103) (User: AUTORITE NT) Description: Une erreur irrécupérable s'est produite lors de la création des informations d'identification client pour TLS. État d'erreur interne : 10013. Error: (01/02/2022 09:50:57 PM) (Source: DCOM) (EventID: 10010) (User: phil-PC) Description: Le serveur {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (01/02/2022 09:50:57 PM) (Source: DCOM) (EventID: 10010) (User: phil-PC) Description: Le serveur {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (01/02/2022 09:50:57 PM) (Source: DCOM) (EventID: 10010) (User: phil-PC) Description: Le serveur {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (12/31/2021 01:46:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Service Partage réseau du Lecteur Windows Media s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service. Error: (12/31/2021 01:46:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Service Sécurité Windows s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 60000 millisecondes : Redémarrer le service. Error: (12/31/2021 01:46:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service NVIDIA LocalSystem Container s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 6000 millisecondes : Redémarrer le service. Error: (12/31/2021 01:46:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Message Queuing s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 120000 millisecondes : Redémarrer le service. Windows Defender: ================ Date: 2021-09-15 19:53:17 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {19C4031D-5E0B-4E3C-8034-C2A48BFD9E53} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2021-09-15 19:09:25 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {CBFDDD1D-8A99-47BE-8B51-5B4AA2C2891A} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système  CodeIntegrity: =============== Date: 2022-01-03 21:32:26 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2022-01-03 21:22:11 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\setup\uat_3076.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Infos Mémoire =========================== BIOS: Award Software International, Inc. GBT - 42302e31 12/14/2007 Carte mère: Gigabyte Technology Co., Ltd. P35-DS4 Processeur: Intel(R) Core(TM)2 Quad CPU Q9300 @ 2.50GHz Pourcentage de mémoire utilisée: 43% Mémoire physique - RAM - totale: 8190.49 MB Mémoire physique - RAM - disponible: 4630.06 MB Mémoire virtuelle totale: 16382.49 MB Mémoire virtuelle disponible: 11972.01 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:284.74 GB) (Free:105.86 GB) NTFS Drive e: (FarmingSimulator22_1) (CDROM) (Total:7.81 GB) (Free:0 GB) UDF Drive h: (ACERDATA) (Fixed) (Total:13.34 GB) (Free:10.73 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)] ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: BE08D558) Partition 1: (Active) - (Size=13.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=284.7 GB) - (Type=0F Extended) ==================== Fin de Addition.txt =======================