Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 27-02-2022 Exécuté par Win (04-03-2022 17:53:29) Exécuté depuis C:\Users\Win\Downloads Microsoft Windows 10 Famille Version 21H2 19044.1526 (X64) (2020-12-23 19:36:33) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-2109788823-578271313-3046296331-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2109788823-578271313-3046296331-503 - Limited - Disabled) Invité (S-1-5-21-2109788823-578271313-3046296331-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2109788823-578271313-3046296331-504 - Limited - Disabled) Win (S-1-5-21-2109788823-578271313-3046296331-1001 - Administrator - Enabled) => C:\Users\Win ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_0) (Version: 22.0.0.35 - Adobe Inc.) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.3.1 - Advanced Micro Devices, Inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP) Contrôle d’intégrité du PC Windows (HKLM\...\{0150BDB3-AFFD-47A1-ADB8-DE06658EB3B2}) (Version: 3.2.2110.14001 - Microsoft Corporation) Discord (HKU\S-1-5-21-2109788823-578271313-3046296331-1001\...\Discord) (Version: 0.0.309 - Discord Inc.) DriversCloud.com (64 bits) (HKLM\...\{8345D0DF-6F2B-42B5-BEA4-9D7B0F532294}) (Version: 10.1.1.1 - Cybelsoft) EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.146.5023 - Electronic Arts) Hidden Epic Games Launcher (HKLM-x32\...\{BE9FFAD2-2901-4F9B-8A0C-59EA51773212}) (Version: 1.3.0.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.) Google Chrome (HKLM\...\{56CF9805-415B-3B7A-A1BD-DC14F7E8FAB6}) (Version: 99.0.4844.51 - Google LLC) K-Lite Codec Pack 15.9.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.9.0 - KLCP) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKU\S-1-5-21-2109788823-578271313-3046296331-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.62 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 98.0.1108.62 - Microsoft Corporation) Microsoft Office Professionnel Plus 2019 - fr-fr (HKLM\...\ProPlus2019Retail - fr-fr) (Version: 16.0.14931.20120 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2109788823-578271313-3046296331-1001\...\OneDriveSetup.exe) (Version: 22.022.0130.0001 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{16E50919-B07A-4B4E-994A-476D4773F5BF}) (Version: 3.65.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30135 (HKLM-x32\...\{fa7f6d52-f85e-48ef-8f56-a37268aa5772}) (Version: 14.29.30135.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation) Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 95.0.2 (x64 fr)) (Version: 95.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 87.0 - Mozilla) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.0 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14931.20010 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20072 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20094 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.14931.20072 - Microsoft Corporation) Hidden osu! (HKLM-x32\...\{8769232f-6eee-49fc-8b34-ac3f1198c8da}) (Version: latest - ppy Pty Ltd) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.190.0.13 - Overwolf Ltd.) Parsec (HKLM-x32\...\Parsec) (Version: 150-47 - Parsec Cloud Inc.) Porofessor.gg (HKU\S-1-5-21-2109788823-578271313-3046296331-1001\...\Overwolf_pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh) (Version: 2.7.148 - Overwolf app) Roblox Player for Win (HKU\S-1-5-21-2109788823-578271313-3046296331-1001\...\roblox-player) (Version: - Roblox Corporation) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.42.369 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.5 - Rockstar Games) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Telegram Desktop (HKU\S-1-5-21-2109788823-578271313-3046296331-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.1.8 - Telegram FZ-LLC) TranslucentTB (HKLM-x32\...\TranslucentTB_is1) (Version: 7.0.0.0 - TranslucentTB Open Source Developers) Twitch (HKU\S-1-5-21-2109788823-578271313-3046296331-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 123.2.10554 - Ubisoft) VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN) Web Companion (HKLM-x32\...\{3c2a7a07-1ae6-408e-a97c-1ae3884c1b47}) (Version: 8.9.0.371 - Lavasoft) WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH) Zoom (HKU\S-1-5-21-2109788823-578271313-3046296331-1001\...\ZoomUMX) (Version: 5.4.7 (59784.1220) - Zoom Video Communications, Inc.) Packages: ========= Age of Empires II: Definitive Edition -> C:\Program Files\WindowsApps\Microsoft.MSPhoenix_101.101.59165.0_x64__8wekyb3d8bbwe [2022-02-23] (Microsoft Studios) Age of Empires III: Definitive Edition -> C:\Program Files\WindowsApps\Microsoft.MSGPBoston_100.12.63727.0_x64__8wekyb3d8bbwe [2022-02-20] (Microsoft Studios) ARK: Aberration -> C:\Program Files\WindowsApps\StudioWildcard.ARKAberration_1.55.934.2_x64__1w2mm55455e38 [2021-08-07] (Studio Wildcard) ARK: Extinction -> C:\Program Files\WindowsApps\StudioWildcard.ARKExtinction_1.38.933.2_x64__1w2mm55455e38 [2021-07-28] (Studio Wildcard) ARK: Scorched Earth -> C:\Program Files\WindowsApps\StudioWildcard.ARKScorchedEarthGamePreview_1.50.928.2_x64__1w2mm55455e38 [2021-07-20] (Studio Wildcard) ARK: Survival Evolved -> C:\Program Files\WindowsApps\StudioWildcard.4558480580BB9_1.114.934.2_x64__1w2mm55455e38 [2021-08-15] (Studio Wildcard) ARK: Survival Evolved Aberrant Skins -> C:\Program Files\WindowsApps\StudioWildcard.17716C21E3D1F_1.5.769.2_x64__1w2mm55455e38 [2021-07-20] (Studio Wildcard) Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-11] (Microsoft Corporation) Crusader Kings III -> C:\Program Files\WindowsApps\ParadoxInteractive.ProjectTitus_1.0.313.0_x64__zfnrdv2de78ny [2022-02-17] (Paradox Interactive) EarTrumpet -> C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.1.8.0_x86__1sdd7yawvg6ne [2021-02-19] (File-New-Project) [Startup Task] Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-12-09] (Microsoft Corporation) No Man's Sky -> C:\Program Files\WindowsApps\HelloGames.NoMansSky_3.84.18475.0_x64__bs190hzg1sesy [2022-03-04] (Hello Games) Sea of Thieves -> C:\Program Files\WindowsApps\Microsoft.SeaofThieves_2.103.2791.2_x64__8wekyb3d8bbwe [2021-07-21] (ms-resource:PublisherDisplayName) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0 [2021-08-07] (Spotify AB) [Startup Task] TranslucentTB -> C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_9.0.0.0_x86__v826wp6bftszj [2021-11-21] (Charles Milette) [Startup Task] ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-2109788823-578271313-3046296331-1001_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> "C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe" -ToastActivated => Pas de fichier ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Win\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Win\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Win\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Win\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Win\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Win\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Win\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2021-11-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== ==================== Modules chargés (Avec liste blanche) ============= 2021-01-05 10:56 - 2021-01-05 10:56 - 000017920 _____ () [Fichier non signé] C:\Program Files\AMD\CNext\CNext\libEGL.dll 2021-01-05 10:56 - 2021-01-05 10:56 - 003567616 _____ () [Fichier non signé] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2021-03-10 13:21 - 2021-03-10 13:21 - 001640448 _____ (Advanced Micro Devices, Inc.) [Fichier non signé] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll 2021-01-07 21:35 - 2021-01-07 21:35 - 000059392 _____ (by nICO (chick80@libero.it) - 2004. Modified by TranslucentTB devs) [Fichier non signé] C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_9.0.0.0_x86__v826wp6bftszj\TranslucentTB\CPicker.dll 2021-10-24 15:21 - 2021-10-24 15:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll 2021-10-24 15:21 - 2021-10-24 15:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll 2021-01-05 10:57 - 2021-01-05 10:57 - 000031744 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll 2021-01-05 10:57 - 2021-01-05 10:57 - 000039424 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll 2021-01-05 10:57 - 2021-01-05 10:57 - 000031744 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll 2021-01-05 10:57 - 2021-01-05 10:57 - 000414720 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll 2021-01-05 10:57 - 2021-01-05 10:57 - 000025088 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll 2021-01-05 10:57 - 2021-01-05 10:57 - 000024576 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll 2021-01-05 10:57 - 2021-01-05 10:57 - 000023552 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll 2021-01-05 10:57 - 2021-01-05 10:57 - 000532992 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll 2021-01-05 10:57 - 2021-01-05 10:57 - 001441792 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll 2021-01-05 10:57 - 2021-01-05 10:57 - 001189888 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll 2021-01-05 10:57 - 2021-01-05 10:57 - 000134656 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll 2021-01-05 10:56 - 2021-01-05 10:56 - 006184448 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll 2021-01-05 10:56 - 2021-01-05 10:56 - 006867456 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll 2021-01-05 10:56 - 2021-01-05 10:56 - 001104896 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll 2021-01-05 10:56 - 2021-01-05 10:56 - 000325120 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll 2021-01-05 10:56 - 2021-01-05 10:56 - 003668480 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll 2021-01-05 10:56 - 2021-01-05 10:56 - 000517120 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll 2021-01-05 10:56 - 2021-01-05 10:56 - 000051712 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll 2021-01-05 10:56 - 2021-01-05 10:56 - 004228608 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll 2021-01-05 10:56 - 2021-01-05 10:56 - 000171008 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll 2021-01-05 10:56 - 2021-01-05 10:56 - 001085440 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll 2021-01-05 10:56 - 2021-01-05 10:56 - 000205824 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll 2021-01-05 10:56 - 2021-01-05 10:56 - 000329728 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll 2021-01-05 10:56 - 2021-01-05 10:56 - 000127488 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll 2021-01-05 10:56 - 2021-01-05 10:56 - 000390656 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll 2021-01-05 10:56 - 2021-01-05 10:56 - 095598080 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll 2021-01-05 10:56 - 2021-01-05 10:56 - 005587968 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll 2021-01-05 10:56 - 2021-01-05 10:56 - 000462848 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll 2021-01-05 10:56 - 2021-01-05 10:56 - 000188928 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll 2021-01-05 10:56 - 2021-01-05 10:56 - 002878464 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll 2021-01-05 10:57 - 2021-01-05 10:57 - 000055808 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll 2021-01-05 10:57 - 2021-01-05 10:57 - 000059392 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll 2021-01-05 10:57 - 2021-01-05 10:57 - 000017920 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll 2021-01-05 10:57 - 2021-01-05 10:57 - 000017920 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2021-01-05 10:57 - 2021-01-05 10:57 - 000284160 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll 2021-01-05 10:57 - 2021-01-05 10:57 - 000333824 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2021-01-05 10:57 - 2021-01-05 10:57 - 000136704 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll 2021-01-05 10:57 - 2021-01-05 10:57 - 000090112 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2021-01-05 10:57 - 2021-01-05 10:57 - 000313856 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll 2021-01-05 10:57 - 2021-01-05 10:57 - 000017920 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2021-03-10 13:32 - 2021-03-10 13:32 - 000091648 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll ==================== Alternate Data Streams (Avec liste blanche) ======== (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [8080] AlternateDataStreams: C:\Users\Win\Application Data:a71eda622791298bf432424e2ed8fdad [394] AlternateDataStreams: C:\Users\Win\AppData\Roaming:a71eda622791298bf432424e2ed8fdad [394] ==================== Mode sans échec (Avec liste blanche) ================== ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-03-03] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2022-03-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-03] (Microsoft Corporation -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com IE trusted site: HKU\S-1-5-21-2109788823-578271313-3046296331-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-2109788823-578271313-3046296331-1001\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2019-12-07 10:14 - 2022-02-27 23:02 - 000002509 _____ C:\Windows\system32\drivers\etc\hosts 127.0.0.1 checkhost.local 109.94.209.70 fitgirlrepacks.in # Fake FitGirl site 109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site 109.94.209.70 fitgirlrepacks.co # Fake FitGirl site 109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site 109.94.209.70 fitgirl-repacks.to # Fake FitGirl site 109.94.209.70 fitgirl-repack.com # Fake FitGirl site 109.94.209.70 fitgirl-repacks.website # Fake FitGirl site 109.94.209.70 fitgirlrepack.games # Fake FitGirl site 109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site 109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site 109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site 109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site 109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site 109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site 109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site 109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site 109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site 109.94.209.70 fitgirl-repack.net # Fake FitGirl site 109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site 109.94.209.70 fitgirlpack.site # Fake FitGirl site 109.94.209.70 www.fitgirlpack.site # Fake FitGirl site 109.94.209.70 fitgirl-repack.org # Fake FitGirl site 109.94.209.70 www.fitgirl-repack.org # Fake FitGirl site ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-2109788823-578271313-3046296331-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Win\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\sj7zGU.jpg DNS Servers: 62.197.111.140 - 109.88.203.3 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKU\S-1-5-21-2109788823-578271313-3046296331-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk" HKU\S-1-5-21-2109788823-578271313-3046296331-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-2109788823-578271313-3046296331-1001\...\StartupApproved\Run: => "Parsec.App.0" HKU\S-1-5-21-2109788823-578271313-3046296331-1001\...\StartupApproved\Run: => "Steam" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [TCP Query User{32C164EB-2307-426F-8EFF-B6D1A7F17442}C:\program files\windowsapps\spotifyab.spotifymusic_1.154.592.0_x86__zpdnekdrzrea0\spotify.exe] => (Block) C:\program files\windowsapps\spotifyab.spotifymusic_1.154.592.0_x86__zpdnekdrzrea0\spotify.exe => Pas de fichier FirewallRules: [UDP Query User{2EDFA656-0753-4C2E-AF40-5455C54DA495}C:\program files\windowsapps\spotifyab.spotifymusic_1.154.592.0_x86__zpdnekdrzrea0\spotify.exe] => (Block) C:\program files\windowsapps\spotifyab.spotifymusic_1.154.592.0_x86__zpdnekdrzrea0\spotify.exe => Pas de fichier FirewallRules: [{1A518AA5-F8F9-47CF-BBF0-DC440434F47F}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{ABEE482D-7F89-4E21-A351-0BA3D235438A}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{C1C2FE17-F90A-42B4-BDC6-CD147212690D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{AA034A15-F221-4842-A126-7ECBC1190AE0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [TCP Query User{00D2F5D2-49DB-45A3-8183-F53FE4925A5B}C:\grand theft auto v\gta5.exe] => (Allow) C:\grand theft auto v\gta5.exe => Pas de fichier FirewallRules: [UDP Query User{1E031940-7FFC-4009-9A8C-C6252B662B53}C:\grand theft auto v\gta5.exe] => (Allow) C:\grand theft auto v\gta5.exe => Pas de fichier FirewallRules: [{42F987FA-E401-4B0B-AF9C-E58197C506DC}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft) FirewallRules: [{67F5A077-1B3F-4B7D-8667-142DEB3240FE}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft) FirewallRules: [TCP Query User{41461A36-16FE-458B-934D-47DCDF3E57F8}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [UDP Query User{8BAE79B2-7C89-4D39-93C8-9C62F5485A9D}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{13AFC65F-D7C1-4A48-8F47-42931BF723F3}C:\stg games\the escapists 2\theescapists2.exe] => (Allow) C:\stg games\the escapists 2\theescapists2.exe => Pas de fichier FirewallRules: [UDP Query User{F15C1AAE-F15D-4DF2-8FB7-E257FAD95D60}C:\stg games\the escapists 2\theescapists2.exe] => (Allow) C:\stg games\the escapists 2\theescapists2.exe => Pas de fichier FirewallRules: [TCP Query User{4D994457-8EBB-45ED-AFF4-F6A706B39C59}D:\stg games\human fall flat\human.exe] => (Block) D:\stg games\human fall flat\human.exe () [Fichier non signé] FirewallRules: [UDP Query User{05CFAE08-F727-4F56-AA2E-533FFD696A83}D:\stg games\human fall flat\human.exe] => (Block) D:\stg games\human fall flat\human.exe () [Fichier non signé] FirewallRules: [{299A3994-84F5-4005-9986-148FE51A671F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{48DFE4D2-9320-42FF-B7CC-D1A0CCCDE038}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{79A30425-93D4-4BA1-A1C7-17A4EE1EF2EB}C:\users\win\desktop\among us\among us.exe] => (Allow) C:\users\win\desktop\among us\among us.exe => Pas de fichier FirewallRules: [UDP Query User{3AD15B45-E185-4535-950C-850AE146030A}C:\users\win\desktop\among us\among us.exe] => (Allow) C:\users\win\desktop\among us\among us.exe => Pas de fichier FirewallRules: [TCP Query User{A9C3BB5C-B420-44CE-BFCC-EA5F2D42B396}C:\users\win\desktop\scrap.mechanic.v0.5.0.652\scrap.mechanic.v0.5.0.652\release\scrapmechanic.exe] => (Allow) C:\users\win\desktop\scrap.mechanic.v0.5.0.652\scrap.mechanic.v0.5.0.652\release\scrapmechanic.exe => Pas de fichier FirewallRules: [UDP Query User{4500CEBB-37B1-4CB6-9CDE-81F322DEE3EE}C:\users\win\desktop\scrap.mechanic.v0.5.0.652\scrap.mechanic.v0.5.0.652\release\scrapmechanic.exe] => (Allow) C:\users\win\desktop\scrap.mechanic.v0.5.0.652\scrap.mechanic.v0.5.0.652\release\scrapmechanic.exe => Pas de fichier FirewallRules: [{D6E939F3-997C-4DF6-8D3A-4215B6FEC797}] => (Allow) D:\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe (Stunlock Studios AB -> ) FirewallRules: [{0859D940-BAE8-4AAA-8FE5-BC501743B78B}] => (Allow) D:\SteamLibrary\steamapps\common\Battlerite\Battlerite.exe (Stunlock Studios AB -> ) FirewallRules: [TCP Query User{8D94C2E0-F595-474F-AE18-858D0607D679}D:\program files\epic games\paladins\binaries\win64\paladins.exe] => (Allow) D:\program files\epic games\paladins\binaries\win64\paladins.exe => Pas de fichier FirewallRules: [UDP Query User{DC5ECEA7-6048-459F-BD70-54872809E96B}D:\program files\epic games\paladins\binaries\win64\paladins.exe] => (Allow) D:\program files\epic games\paladins\binaries\win64\paladins.exe => Pas de fichier FirewallRules: [TCP Query User{E47AE827-C645-4455-8A50-CD9507E54120}C:\users\win\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\win\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [UDP Query User{46196B50-99FF-44EB-A6D9-B52A9D5FD0E1}C:\users\win\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\win\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{24883F37-187C-437D-944C-CD18F3024C53}] => (Allow) C:\Users\Win\AppData\Local\Programs\Opera\76.0.4017.123\opera.exe => Pas de fichier FirewallRules: [TCP Query User{D4193DCD-DCF9-485F-B71E-7098A23C44A5}C:\program files\dnplayerext2\ldboxheadless.exe] => (Allow) C:\program files\dnplayerext2\ldboxheadless.exe => Pas de fichier FirewallRules: [UDP Query User{DA0DEC09-E214-4EEF-B3A4-9418889833C6}C:\program files\dnplayerext2\ldboxheadless.exe] => (Allow) C:\program files\dnplayerext2\ldboxheadless.exe => Pas de fichier FirewallRules: [{6A9FFD61-A791-4A8C-BEF1-C592F02D3937}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => Pas de fichier FirewallRules: [TCP Query User{D5F3C45C-5C3F-4B1E-87EC-87742D48F5AA}D:\steamlibrary\steamapps\common\knockoutcity\knockoutcity.exe] => (Block) D:\steamlibrary\steamapps\common\knockoutcity\knockoutcity.exe => Pas de fichier FirewallRules: [UDP Query User{0E80C581-C084-44AB-8B1B-3B661BF345EE}D:\steamlibrary\steamapps\common\knockoutcity\knockoutcity.exe] => (Block) D:\steamlibrary\steamapps\common\knockoutcity\knockoutcity.exe => Pas de fichier FirewallRules: [{66900708-A4E8-472C-B88E-FFF01C92128C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe => Pas de fichier FirewallRules: [{DDEC8C1C-E211-4CFA-9A03-304F81468AB3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe => Pas de fichier FirewallRules: [TCP Query User{2BCCBB33-0898-4ED3-9AC5-824EEC85E5EA}D:\grand theft auto v\gta5.exe] => (Block) D:\grand theft auto v\gta5.exe => Pas de fichier FirewallRules: [UDP Query User{38EF0574-D484-4A63-9416-035DE3058C58}D:\grand theft auto v\gta5.exe] => (Block) D:\grand theft auto v\gta5.exe => Pas de fichier FirewallRules: [{44C6BEB3-1EA6-4F74-996E-3941A5287F40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe (Blue Mammoth Games) [Fichier non signé] FirewallRules: [{91DCDC3F-E150-4BF2-82FD-B5FA2AEEA07C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe (Blue Mammoth Games) [Fichier non signé] FirewallRules: [TCP Query User{D96827D7-61BA-41E9-A021-9696B94AB8FA}C:\riot games\riot client\riotclientservices.exe] => (Block) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query User{1DE2468C-B172-4F21-8D9A-B55419878217}C:\riot games\riot client\riotclientservices.exe] => (Block) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [TCP Query User{A2D19A6F-C153-47EB-A190-6C6BE571E0E4}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe => Pas de fichier FirewallRules: [UDP Query User{5CB1A02A-4AF5-4788-A5EF-BCA96AEB0014}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe => Pas de fichier FirewallRules: [TCP Query User{068D4E0B-24D5-452A-8F2F-C2178DADB6DB}D:\fifa 21\fifa21.exe] => (Allow) D:\fifa 21\fifa21.exe => Pas de fichier FirewallRules: [UDP Query User{053F83DD-B689-44A0-8D6C-85E7D2664DE1}D:\fifa 21\fifa21.exe] => (Allow) D:\fifa 21\fifa21.exe => Pas de fichier FirewallRules: [{0B4A7229-E549-4A78-B422-3ADFFF38B0D0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{E8C842B2-1A3B-4EC1-B4D1-70D8DF9F59A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{88374B71-83DC-4C16-BB49-E13A8AAC03E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{1658C02A-33A4-406A-8562-517A36928D43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{4378B79E-3935-4DD6-9EF9-FA4A09C9AD3B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{6C05577F-982F-44A7-86E1-FEBB79BBDBD8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{691B8F0F-642D-44E0-AD1D-C6B19182B0A8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{2C985EFF-8339-406E-AA4B-5B89F983FA98}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{2E8909C7-51BC-4FE3-910B-BB417CDE70AB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{65F975BE-D032-43CB-907F-2D7C45C7BE5E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{63FBEE8C-0BFA-4F7F-B3CD-B65B3906243A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2EAAA8DC-CE38-49EE-94C1-09BDC9C6A2B0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2EF5A2DF-F061-46CB-A00D-EF87E72B27A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Splitgate\PortalWars\Binaries\Win64\PortalWars-Win64-Shipping.exe => Pas de fichier FirewallRules: [{531AE339-B589-4BB6-99D3-4A4E751BD912}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Splitgate\PortalWars\Binaries\Win64\PortalWars-Win64-Shipping.exe => Pas de fichier FirewallRules: [{64583F69-B773-4252-950B-5887717410B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spacewar\SteamworksExample.exe () [Fichier non signé] FirewallRules: [{871EFE24-05B3-4145-AA81-EF876C1179CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spacewar\SteamworksExample.exe () [Fichier non signé] FirewallRules: [{A2CB1E14-E75E-4590-A744-646D367E1701}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A3F93BA8-E26B-4D40-8532-215EDDB5C7F9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{945EF8DB-0795-4473-8883-A358D835DBFA}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{0F4295B7-232B-4CCB-A1D7-A44ED93EBF74}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{14E1A759-45C6-4236-A25C-449B586612D1}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query User{9A1747D1-BC6E-480C-84AD-7EBFF6356FB0}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{F5980B16-9D4A-432E-8C09-74F3B62F48B5}] => (Allow) C:\Users\Win\AppData\Local\Programs\Opera\82.0.4227.33_0\opera.exe => Pas de fichier FirewallRules: [{255D1AEE-4BCC-4874-99A9-90B716DE0ED8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NARAKA BLADEPOINT\StartGame.exe => Pas de fichier FirewallRules: [{B68CBFBF-BA65-4AFC-96CB-E1F25CF9B5A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NARAKA BLADEPOINT\StartGame.exe => Pas de fichier FirewallRules: [TCP Query User{1A8C624B-5D7B-481B-972D-171B57FCDB51}C:\program files (x86)\steam\steamapps\common\naraka bladepoint\narakabladepoint.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\naraka bladepoint\narakabladepoint.exe => Pas de fichier FirewallRules: [UDP Query User{7E396C20-D2E7-49CB-A5EC-B731A6DABD78}C:\program files (x86)\steam\steamapps\common\naraka bladepoint\narakabladepoint.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\naraka bladepoint\narakabladepoint.exe => Pas de fichier FirewallRules: [TCP Query User{71DF2239-5E3A-417A-85E1-FB0FB42A440C}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{7FED1B20-CEC4-4247-945E-BF1CB80D4919}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{5D0D6DBE-C376-4A50-96BF-EFDECC65E4BA}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => Pas de fichier FirewallRules: [{6320943C-5805-4B77-8575-50CF4ABF1418}] => (Allow) C:\Users\Win\AppData\Local\Programs\Opera\82.0.4227.43\opera.exe => Pas de fichier FirewallRules: [{E4360730-48BC-4EDE-9208-41B7B117DCE3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{25270559-1A29-46D8-B5A6-8BB82F63C262}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{55FB3144-1E63-4555-AA08-0C27F7BF483F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{00F5728C-BFE5-41B4-98EF-08E2DFDC3969}] => (Allow) C:\Program Files (x86)\Overwolf\0.190.0.12\OverwolfBrowser.exe => Pas de fichier FirewallRules: [{45549DA5-2851-460A-966E-812A3BFD65E0}] => (Allow) C:\Program Files (x86)\Overwolf\0.190.0.12\OverwolfBrowser.exe => Pas de fichier FirewallRules: [{CADE757A-B674-41F0-A20B-B10E9C596C9D}] => (Block) C:\Program Files (x86)\Overwolf\0.190.0.12\OverwolfBrowser.exe => Pas de fichier FirewallRules: [{503916EC-D896-409A-8FE2-AEFA3087B2FD}] => (Block) C:\Program Files (x86)\Overwolf\0.190.0.12\OverwolfBrowser.exe => Pas de fichier FirewallRules: [{7AF42919-01C2-4ED6-9DEF-2A3C09441C77}] => (Allow) C:\Program Files (x86)\Overwolf\0.190.0.13\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{94A25F0F-8671-41ED-8B0F-96CA2FAD8D47}] => (Allow) C:\Program Files (x86)\Overwolf\0.190.0.13\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{D3B45C44-5F64-4DD4-BAFC-847195702B7D}] => (Block) C:\Program Files (x86)\Overwolf\0.190.0.13\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{CC2A25E2-8076-48BE-A03A-167E6F46039C}] => (Block) C:\Program Files (x86)\Overwolf\0.190.0.13\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{77F2ED1B-3CC2-4F0B-966A-F6C9594F0719}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D87F6DA0-BD7B-4F3C-96DE-EB77DF3428D1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{CFEC71DE-2187-4C37-93B3-7CEC2B1F9D6F}C:\users\win\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\win\appdata\local\discord\app-1.0.9004\discord.exe (Discord Inc. -> Discord Inc.) FirewallRules: [UDP Query User{8AA346E1-E085-481D-9F02-04E77B0D1456}C:\users\win\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\win\appdata\local\discord\app-1.0.9004\discord.exe (Discord Inc. -> Discord Inc.) ==================== Points de restauration ========================= ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (03/04/2022 05:53:40 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-3KI949B) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (03/04/2022 05:52:40 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-3KI949B) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (03/04/2022 05:51:40 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-3KI949B) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (03/04/2022 05:50:40 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-3KI949B) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (03/04/2022 05:49:40 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-3KI949B) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (03/04/2022 05:48:40 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-3KI949B) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (03/04/2022 05:47:39 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-3KI949B) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (03/04/2022 05:46:39 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-3KI949B) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Erreurs système: ============= Error: (03/04/2022 05:10:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service EABackgroundService n’a pas pu démarrer en raison de l’erreur : Le fichier spécifié est introuvable. Error: (03/04/2022 05:10:00 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: AUTORITE NT) Description: Échec du démarrage du service BITS. Erreur 2147500053. Error: (03/03/2022 09:07:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3KI949B) Description: Le serveur Windows.Media.Capture.Internal.AppCaptureShell ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (03/03/2022 08:15:32 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3KI949B) Description: Le serveur Windows.Media.Capture.Internal.AppCaptureShell ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (03/03/2022 07:19:25 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3KI949B) Description: Le serveur Windows.Media.Capture.Internal.AppCaptureShell ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (03/03/2022 01:08:07 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3KI949B) Description: Le serveur {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (03/01/2022 11:09:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service EABackgroundService n’a pas pu démarrer en raison de l’erreur : Le fichier spécifié est introuvable. Error: (03/01/2022 12:32:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service EABackgroundService n’a pas pu démarrer en raison de l’erreur : Le fichier spécifié est introuvable. Windows Defender: ================ Date: 2022-03-04 17:48:37 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=PUABundler:Win32/uTorrent_BundleInstaller&threatid=311958&enterprise=0 Nom : PUABundler:Win32/uTorrent_BundleInstaller ID : 311958 Gravité : Faible Catégorie : Logiciel potentiellement non désiré Chemin : file:_C:\Users\Win\Downloads\utweb_installer.exe Origine de la détection : Ordinateur local Type de détection : Chemin rapide Source de détection : Protection en temps réel Utilisateur : DESKTOP-3KI949B\Win Nom du processus : C:\Users\Win\Downloads\FRST64.exe Version de la veille de sécurité : AV: 1.359.1358.0, AS: 1.359.1358.0, NIS: 1.359.1358.0 Version du moteur : AM: 1.1.18900.3, NIS: 1.1.18900.3 Date: 2022-03-04 17:48:28 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Uwamson.A!ml&threatid=250070&enterprise=0 Nom : Program:Win32/Uwamson.A!ml ID : 250070 Gravité : Faible Catégorie : Logiciel potentiellement non désiré Chemin : file:_C:\Users\Win\Downloads\ModSkin_11.11.zip Origine de la détection : Ordinateur local Type de détection : Chemin rapide Source de détection : Protection en temps réel Utilisateur : DESKTOP-3KI949B\Win Nom du processus : C:\Users\Win\Downloads\FRST64.exe Version de la veille de sécurité : AV: 1.359.1358.0, AS: 1.359.1358.0, NIS: 1.359.1358.0 Version du moteur : AM: 1.1.18900.3, NIS: 1.1.18900.3 Date: 2022-02-25 19:52:04 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {4A2E2B84-EC0C-40D7-A8E0-D38173932F34} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2022-02-23 17:47:40 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {8BA4605C-59A4-4B61-8C1E-AD3751F4700D} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2022-02-23 14:35:04 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {0DD61C94-74BC-466F-BA74-8A7DA801F19A} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système  CodeIntegrity: =============== Date: 2021-08-11 16:57:40 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2021-08-11 16:56:37 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. 1.40 08/21/2020 Carte mère: Micro-Star International Co., Ltd. B460M-A PRO (MS-7C88) Processeur: Intel(R) Core(TM) i5-10400F CPU @ 2.90GHz Pourcentage de mémoire utilisée: 37% Mémoire physique - RAM - totale: 16322.01 MB Mémoire physique - RAM - disponible: 10262.8 MB Mémoire virtuelle totale: 20674.01 MB Mémoire virtuelle disponible: 12070.05 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:465.15 GB) (Free:37.73 GB) NTFS Drive d: () (Fixed) (Total:1863 GB) (Free:1413.49 GB) NTFS \\?\Volume{2c452d71-5e49-40d7-aa41-58da6872e862}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS \\?\Volume{aa330bf0-8d2e-b478-adde-28f7b36f3407}\ () (Fixed) (Total:7.56 GB) (Free:0 GB) NTFS \\?\Volume{3056f5d8-d9ec-93c5-f7e1-a3ffd0650911}\ () (Fixed) (Total:48.81 GB) (Free:0 GB) NTFS \\?\Volume{7f469638-0dd4-2a5e-fd4c-37262b248dfc}\ () (Fixed) (Total:21.5 GB) (Free:0 GB) NTFS \\?\Volume{31506bff-b864-efc5-ddca-9c2c970b022d}\ () (Fixed) (Total:12.01 GB) (Free:0 GB) NTFS \\?\Volume{e9d8f914-96c7-4e57-b786-306e362a69aa}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 2. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 3. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 4. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 5. ==================== Fin de Addition.txt =======================