Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 11-01-2023 Exécuté par Jeremy (18-01-2023 19:40:09) Exécuté depuis C:\Users\Jeremy\Desktop Microsoft Windows 10 Professionnel Version 22H2 19045.2486 (X64) (2022-02-04 18:09:17) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-3638445059-336407056-3767679770-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3638445059-336407056-3767679770-503 - Limited - Disabled) Invité (S-1-5-21-3638445059-336407056-3767679770-501 - Limited - Disabled) Jeremy (S-1-5-21-3638445059-336407056-3767679770-1001 - Administrator - Enabled) => C:\Users\Jeremy WDAGUtilityAccount (S-1-5-21-3638445059-336407056-3767679770-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) AMD Ryzen Master (HKLM\...\{02247819-03CD-414E-AC8D-FD518BFBA445}) (Version: 2.10.0.2227 - Advanced Micro Devices, Inc.) Hidden AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.10.0.2227 - Advanced Micro Devices, Inc.) AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.10.0.2198 - Advanced Micro Devices, Inc.) BakkesMod version 3.0 (HKLM\...\{BF029534-4334-4CFC-B771-50B7EE54346F}_is1) (Version: 3.0 - BakkesMod) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield™ 2042 (HKLM-x32\...\{45e281f3-1414-47ea-bb64-4f50d50121f3}) (Version: 1.0.72.56215 - Electronic Arts) Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment) cFosSpeed 12.01 (HKLM\...\cFosSpeed) (Version: 12.01 - cFos Software GmbH, Bonn) Contrôle d’intégrité du PC Windows (HKLM\...\{90C6971F-ABF1-4FBF-BD98-24F14C5F5AB4}) (Version: 3.6.2204.08001 - Microsoft Corporation) CORSAIR iCUE 4 Software (HKLM\...\{86C13C65-A4F5-4ADD-B288-7725D2359512}) (Version: 4.31.168 - Corsair) deemix-gui (HKU\S-1-5-21-3638445059-336407056-3767679770-1001\...\7ea5d267-de32-53ab-b27a-3748ad144b22) (Version: 2022.8.19-r216.06305de9cf - RemixDev) Discord (HKU\S-1-5-21-3638445059-336407056-3767679770-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.) Epic Games Launcher (HKLM-x32\...\{BE9FFAD2-2901-4F9B-8A0C-59EA51773212}) (Version: 1.3.0.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.) FakerInput (HKLM\...\{BF63C434-BF91-4666-B817-AD7B5C34AE91}) (Version: 0.1.0 - Ryochan7) FiveM (HKU\S-1-5-21-3638445059-336407056-3767679770-1001\...\CitizenFX_FiveM) (Version: - Cfx.re) Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 68.0.2.0 - Google LLC) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.75 - Google LLC) Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2699.0 - Rockstar Games) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Logiciel de base du périphérique HP Deskjet 1050 J410 series (HKLM\...\{29640398-C020-4F79-9757-99A786AC2E5F}) (Version: 28.1.1333.0 - Hewlett-Packard Co.) Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2022.12.348746 - Logitech) Malwarebytes version 4.5.19.229 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.19.229 - Malwarebytes) Medicalia (HKLM-x32\...\MEDI_AR_ELExécutable Windows 32 bits) (Version: 1.0.12.4 - MDSI) Medicalia (HKLM-x32\...\MEDI_RV_GLExécutable Windows 32 bits) (Version: 1.0.14.1 - MDSI) Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host - 6.0.13 (x64) (HKLM\...\{9511601E-12FF-4972-BF9C-2992F2CA5A32}) (Version: 48.55.52137 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 5.0.13 (x64) (HKLM\...\{0F011389-4823-40D0-AB50-711628D820F5}) (Version: 40.52.30715 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.13 (x64) (HKLM\...\{8CDACE3C-0064-4A17-A02C-49F831D5F73A}) (Version: 48.55.52137 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 5.0.13 (x64) (HKLM\...\{C84C2DA1-52E2-4183-8F20-88176B77848F}) (Version: 40.52.30715 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 5.0.13 (x64) (HKLM-x32\...\{39e101fa-a1d2-4cea-a853-cf1eb6c70e4d}) (Version: 5.0.13.30715 - Microsoft Corporation) Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.13 (x64) (HKLM\...\{5F0DB006-2AE3-4D36-8077-65247FD687D4}) (Version: 48.55.52137 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 109.0.1518.55 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.52 - Microsoft Corporation) Microsoft Office Professionnel Plus 2019 - fr-fr (HKLM\...\ProPlus2019Retail - fr-fr) (Version: 16.0.15928.20216 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.238.1114.0002 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (HKLM\...\{764384C5-BCA9-307C-9AAC-FD443662686A}) (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (HKLM\...\{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}) (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden Microsoft Visual Studio Code (User) (HKU\S-1-5-21-3638445059-336407056-3767679770-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.74.2 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM\...\{3C31CBA1-A0D9-4B95-A807-AD2313D12F47}) (Version: 40.68.31219 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM-x32\...\{20d5df4e-006c-4d6d-a0dc-490d009b9786}) (Version: 5.0.17.31219 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 6.0.13 (x64) (HKLM\...\{8484730A-68A4-4C63-93B4-52628D3B488D}) (Version: 48.55.53270 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.13 (x64) (HKLM-x32\...\{96cf40b0-81d6-43ed-ad0e-611e67899196}) (Version: 6.0.13.32001 - Microsoft Corporation) Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 109.0 (x64 fr)) (Version: 109.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 101.0.1 - Mozilla) MSI Afterburner 4.6.4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 - MSI Co., LTD) MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2022.1202.01 - MSI) MSI companion (HKU\S-1-5-21-3638445059-336407056-3767679770-1001\...\Overwolf_ddlhcmnbjcondncokaaocnpbhbmhchohknbhpnbd) (Version: 2.0.39 - Overwolf app) Nefarius Virtual Gamepad Emulation Bus Driver (HKLM\...\{93D91F60-7C94-4A79-863F-EA713D2EB3F3}) (Version: 1.17.333.0 - Nefarius Software Solutions e.U.) NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation) NVIDIA GeForce Experience 3.26.0.160 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.160 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation) NVIDIA Pilote graphique 528.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 528.02 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.15928.20198 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.5.116.52126 - Electronic Arts, Inc.) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.216.0.26 - Overwolf Ltd.) Package de pilotes Windows - Adafruit Industries LLC (usbser) Ports (02/25/2016 6.2.2600.0) (HKLM\...\1245A5961AC9D2C18ADF9EEC931D77E059B7F74E) (Version: 02/25/2016 6.2.2600.0 - Adafruit Industries LLC) Package de pilotes Windows - Arduino LLC (www.arduino.cc) Arduino USB Driver (11/24/2015 1.2.3.0) (HKLM\...\8B585560B248755A6C5A24D5C0F50FA998310883) (Version: 11/24/2015 1.2.3.0 - Arduino LLC (www.arduino.cc)) Package de pilotes Windows - Arduino LLC (www.arduino.cc) Genuino USB Driver (01/07/2016 1.0.3.0) (HKLM\...\EC414D98E2986DCA1628FAED2163CD1C9A4ED7EC) (Version: 01/07/2016 1.0.3.0 - Arduino LLC (www.arduino.cc)) Package de pilotes Windows - libusb-win32 (libusb0) libusb-win32 devices (04/21/2015 1.0.0.0) (HKLM\...\28E91B69CA377EB48D6E1B92C37F897036E8A818) (Version: 04/21/2015 1.0.0.0 - libusb-win32) Revo Uninstaller 2.4.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.2 - VS Revo Group, Ltd.) RivaTuner Statistics Server 7.3.3 (HKLM-x32\...\RTSS) (Version: 7.3.3 - Unwinder) RocketLeagueMaps Installer v2 (HKU\S-1-5-21-3638445059-336407056-3767679770-1001\...\c829e2e256ae77c8) (Version: 2.0.0.11 - RocketLeagueMaps Installer v2) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.65.1069 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.5.1 - Rockstar Games) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.46.0 - Samsung Electronics Co., Ltd.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamViewer (HKLM\...\TeamViewer) (Version: 15.26.4 - TeamViewer) Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 130.1.10657 - Ubisoft) UCheck version 4.5.0.0 (HKLM\...\C4E7EE54-826F-41C4-BE3C-375CC70DC1D8_is1) (Version: 4.5.0.0 - Adlice Software) Ultimaker Cura 5.2.1 (HKLM-x32\...\Ultimaker Cura 5.2.1-5.2.1) (Version: 5.2.1 - Ultimaker B.V.) WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH) Packages: ========= Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-11-09] (Microsoft Corporation) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_141.2.441.0_x64__v10z8vjag6ke6 [2022-12-05] (HP Inc.) MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.6.0_x64__kzh8wxbdkxb8p [2023-01-05] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task] MSI Game Bar -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSIGameBar_2.0.8.0_x64__kzh8wxbdkxb8p [2022-12-30] (MICRO-STAR INTERNATIONAL CO., LTD) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2023-01-06] (NVIDIA Corp.) Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-08] (Microsoft Studios) [MS Ad] Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0 [2022-12-08] (Spotify AB) [Startup Task] Telegram Desktop -> C:\Program Files\WindowsApps\TelegramMessengerLLP.TelegramDesktop_4.5.3.0_x64__t4vj0pshhgkwm [2023-01-09] (Telegram Messenger LLP) [Startup Task] ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-21] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_2f8b15057bd04fc7\nvshext.dll [2022-12-29] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-21] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Fichier non signé] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Fichier non signé] ==================== Raccourcis & WMI ======================== ==================== Modules chargés (Avec liste blanche) ============= 2022-08-12 16:50 - 2022-08-07 20:02 - 000019968 _____ () [Fichier non signé] [Fichier en cours d'utilisation] C:\Users\Jeremy\Desktop\DS4Windows\SharpOSC.dll 2022-12-22 12:36 - 2022-09-29 11:46 - 000265728 _____ (Benjamin Höglinger-Stelzer) [Fichier non signé] [Fichier en cours d'utilisation] C:\Users\Jeremy\Desktop\DS4Windows\Nefarius.Utilities.DeviceManagement.dll 2022-08-12 16:50 - 2022-01-17 01:30 - 000090624 _____ (Bernhard Millauer,Uwe Mayer, Konrad Mattheis) [Fichier non signé] [Fichier en cours d'utilisation] C:\Users\Jeremy\Desktop\DS4Windows\WPFLocalizeExtension.dll 2022-08-12 16:50 - 2022-11-05 10:44 - 000125952 _____ (Bevan Arps(original); whistyun) [Fichier non signé] [Fichier en cours d'utilisation] C:\Users\Jeremy\Desktop\DS4Windows\MdXaml.dll 2022-08-12 16:50 - 2020-01-28 21:08 - 000013824 _____ (bloomtom) [Fichier non signé] [Fichier en cours d'utilisation] C:\Users\Jeremy\Desktop\DS4Windows\HttpProgress.dll 2022-08-12 16:50 - 2022-04-05 05:57 - 001199104 _____ (DotNetProjects) [Fichier non signé] [Fichier en cours d'utilisation] C:\Users\Jeremy\Desktop\DS4Windows\DotNetProjects.Wpf.Extended.Toolkit.dll 2022-08-12 16:50 - 2022-02-10 17:07 - 000336896 _____ (GitHub Community) [Fichier non signé] [Fichier en cours d'utilisation] C:\Users\Jeremy\Desktop\DS4Windows\Microsoft.Win32.TaskScheduler.dll 2022-08-12 16:50 - 2022-11-08 10:46 - 000339456 _____ (havendv -> Lakritzator and Philipp Sumi) [Fichier non signé] [Fichier en cours d'utilisation] C:\Users\Jeremy\Desktop\DS4Windows\H.NotifyIcon.dll 2022-08-12 16:50 - 2022-11-08 10:47 - 000109568 _____ (havendv -> Lakritzator and Philipp Sumi) [Fichier non signé] [Fichier en cours d'utilisation] C:\Users\Jeremy\Desktop\DS4Windows\H.NotifyIcon.Wpf.dll 2022-12-22 12:36 - 2022-09-08 00:16 - 000017920 _____ (Michael Denny, Contributors (see GitHub repo)) [Fichier non signé] [Fichier en cours d'utilisation] C:\Users\Jeremy\Desktop\DS4Windows\WpfScreenHelper.dll 2022-08-12 16:50 - 2022-10-25 19:21 - 000212992 _____ (Nefarius Software Solutions e.U.) [Fichier non signé] [Fichier en cours d'utilisation] C:\Users\Jeremy\Desktop\DS4Windows\Nefarius.ViGEm.Client.dll 2023-01-05 18:04 - 2023-01-05 18:04 - 000174592 _____ (Nefarius Software Solutions e.U.) [Fichier non signé] C:\Users\Jeremy\AppData\Local\Temp\Costura\B4046D3CFAA9590D376E0436D537BF26\64\vigemclient.dll 2022-08-12 16:50 - 2022-11-27 03:45 - 000836096 _____ (NLog) [Fichier non signé] [Fichier en cours d'utilisation] C:\Users\Jeremy\Desktop\DS4Windows\NLog.dll 2022-08-12 16:50 - 2022-12-20 11:45 - 003621376 _____ (Ryochan7) [Fichier non signé] [Fichier en cours d'utilisation] C:\Users\Jeremy\Desktop\DS4Windows\DS4Windows.dll 2022-08-12 16:50 - 2022-07-06 21:01 - 000010752 _____ (Ryochan7) [Fichier non signé] [Fichier en cours d'utilisation] C:\Users\Jeremy\Desktop\DS4Windows\FakerInputWrapper.dll 2022-10-26 14:13 - 2022-10-26 14:13 - 000090112 _____ (Silicon Laboratories, Inc.) [Fichier non signé] C:\Program Files\Corsair\CORSAIR iCUE 4 Software\SiUSBXp.dll 2022-11-22 20:20 - 2022-04-06 16:46 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] D:\Jeux\Origin\LIBEAY32.dll 2022-11-22 20:20 - 2022-04-06 16:46 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] D:\Jeux\Origin\ssleay32.dll 2022-11-22 20:20 - 2022-04-06 16:46 - 001611264 _____ (The Qt Company Ltd) [Fichier non signé] D:\Jeux\Origin\platforms\qwindows.dll 2022-11-22 20:20 - 2022-04-06 16:46 - 005487104 _____ (The Qt Company Ltd) [Fichier non signé] D:\Jeux\Origin\Qt5Core.dll 2022-11-22 20:20 - 2022-04-06 16:46 - 005841920 _____ (The Qt Company Ltd) [Fichier non signé] D:\Jeux\Origin\Qt5Gui.dll 2022-11-22 20:20 - 2022-04-06 16:46 - 001179136 _____ (The Qt Company Ltd) [Fichier non signé] D:\Jeux\Origin\Qt5Network.dll 2022-11-22 20:20 - 2022-04-06 16:46 - 000146432 _____ (The Qt Company Ltd) [Fichier non signé] D:\Jeux\Origin\Qt5WebSockets.dll 2022-11-22 20:20 - 2022-04-06 16:46 - 005089792 _____ (The Qt Company Ltd) [Fichier non signé] D:\Jeux\Origin\Qt5Widgets.dll 2022-11-22 20:20 - 2022-04-06 16:46 - 000184832 _____ (The Qt Company Ltd) [Fichier non signé] D:\Jeux\Origin\Qt5Xml.dll 2022-08-12 16:50 - 2022-01-17 01:12 - 000036864 _____ (Uwe Mayer,Konrad Mattheis,Bernhard Millauer) [Fichier non signé] [Fichier en cours d'utilisation] C:\Users\Jeremy\Desktop\DS4Windows\XAMLMarkupExtensions.dll 2022-12-22 12:36 - 2022-11-05 10:44 - 000008704 _____ (whistyun) [Fichier non signé] [Fichier en cours d'utilisation] C:\Users\Jeremy\Desktop\DS4Windows\MdXaml.Plugins.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-17] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-17] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-17] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-17] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-3638445059-336407056-3767679770-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jeremy\Desktop\fond-decran-anime-battlefield-2042-edition-ultimate-hd_Moment.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKLM\...\StartupApproved\Run: => "CORSAIR iCUE 4 Software" HKU\S-1-5-21-3638445059-336407056-3767679770-1001\...\StartupApproved\Run: => "BakkesMod" HKU\S-1-5-21-3638445059-336407056-3767679770-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-3638445059-336407056-3767679770-1001\...\StartupApproved\Run: => "EADM" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [TCP Query User{78B43537-BF89-4E2E-A532-4CA7538EC2AD}D:\jeux\steam\steam.exe] => (Allow) D:\jeux\steam\steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [UDP Query User{F63A8A05-C99F-45DE-9BA3-F3A529FDCACD}D:\jeux\steam\steam.exe] => (Allow) D:\jeux\steam\steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{471B4E2B-8943-4A9B-9B51-C2A5D967682F}] => (Allow) D:\Jeux\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{21D8187E-0D01-425A-8211-492F1D430F0A}] => (Allow) D:\Jeux\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [TCP Query User{4D3ED06B-6F37-4B9A-B43B-698F315EBFD7}D:\jeux\gta\grand theft auto v\gta5.exe] => (Allow) D:\jeux\gta\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{9A0518BF-8B27-4B7A-8F92-32A65B54F5CB}D:\jeux\gta\grand theft auto v\gta5.exe] => (Allow) D:\jeux\gta\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{3393B48D-737B-48BC-8148-74D2DDE475E6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C393FFF1-5790-40CF-96C1-3C7F1B7EBAFF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F5B88761-296C-48E5-9963-12024CE1B160}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{2500F5FE-D623-4FB8-B24D-3874FC5C4D0B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{784D6F07-0B5C-4BA1-9FCF-D32C22D462F7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D10BC122-E0FB-4574-AD7B-4DE0045C4CF9}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{725B4BB0-B7C3-448F-9596-4918834F0949}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{3F316ADE-326C-4135-9F2E-AB0A3C89338E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{9D139B84-278E-4BA4-89C9-8CA6DAF3A1C3}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [TCP Query User{75864C8C-10AD-4FDE-9AFA-31D101EF21D3}C:\program files (x86)\origin games\battlefield 2042\bf2042.exe] => (Allow) C:\program files (x86)\origin games\battlefield 2042\bf2042.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [UDP Query User{6E66C58D-898C-4942-8EAE-72BB0D383551}C:\program files (x86)\origin games\battlefield 2042\bf2042.exe] => (Allow) C:\program files (x86)\origin games\battlefield 2042\bf2042.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [TCP Query User{DEC9C25C-A0C0-45E3-B52F-3D54FD8AAC62}C:\users\jeremy\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\jeremy\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re) FirewallRules: [UDP Query User{DD01C941-45C0-440D-B391-3D8468540237}C:\users\jeremy\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\jeremy\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re) FirewallRules: [TCP Query User{0153534D-1096-44C2-BF22-BBBB6E1D14EA}D:\jeux\epicgame\rocket league\rocketleague\binaries\win64\rocketleague.exe] => (Allow) D:\jeux\epicgame\rocket league\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC) FirewallRules: [UDP Query User{66A09EF9-B6F4-4746-A22C-26E7F76BA416}D:\jeux\epicgame\rocket league\rocketleague\binaries\win64\rocketleague.exe] => (Allow) D:\jeux\epicgame\rocket league\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC) FirewallRules: [{A7FF88DF-F088-404C-901D-6AF0B4B5958C}] => (Allow) D:\Jeux\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> ) FirewallRules: [{9EF6326A-164C-4A2F-A256-6C6A1DD0FE64}] => (Allow) D:\Jeux\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> ) FirewallRules: [{840A182A-A445-460A-96F3-95BBC674FD50}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 2042\BF2042_launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{6E03E852-27F0-4CD6-B602-DA7B138AF091}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 2042\BF2042_launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{033A57F2-9B8E-4000-B549-867F13800143}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{C1F119A2-DECF-43D8-99F2-90BE1CD3F3EF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{4771775D-958A-434A-BC3F-65B06BDDE40D}D:\jeux\epicgame\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\jeux\epicgame\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{C2EB27F9-C615-4D74-859F-9CA915B09DA8}D:\jeux\epicgame\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\jeux\epicgame\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{6A48C998-D4DB-43FE-88ED-818572F1F4D2}] => (Allow) D:\Jeux\Ubisoft\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{75264023-B8CB-43AD-97C5-BB9A25534337}] => (Allow) D:\Jeux\Ubisoft\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{85DE3791-4B30-4115-AFC6-482B02E08E25}] => (Allow) D:\Jeux\Ubisoft\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{70B14C6B-694B-48BC-A1AE-1592F4E9A7E4}] => (Allow) D:\Jeux\Ubisoft\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [TCP Query User{6D298B43-A693-4C93-9D6D-18244B467C52}D:\jeux\call of duty\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\jeux\call of duty\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision) FirewallRules: [UDP Query User{C4421DAA-BD4C-4FC7-A71D-1791C12E4472}D:\jeux\call of duty\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\jeux\call of duty\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision) FirewallRules: [{A4D47308-B364-4459-91A0-A81F15FCA108}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe (HP Inc. -> Hewlett-Packard Co.) FirewallRules: [{623F4FCB-DED9-4BDB-AD47-9D14DCA42837}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [{24F27E2C-D7EC-4B58-B04F-A1D9DFC84B00}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [TCP Query User{BE103F3B-4F92-4D96-8C33-8D577AB77CD6}C:\program files\ultimaker cura 5.2.1\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.2.1\ultimaker-cura.exe () [Fichier non signé] FirewallRules: [UDP Query User{B84D9B02-07A6-4C9E-8DCE-55B6229BB33F}C:\program files\ultimaker cura 5.2.1\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.2.1\ultimaker-cura.exe () [Fichier non signé] FirewallRules: [{0BE015FF-DC01-4B36-B1E2-845FE97AEDC0}] => (Allow) D:\Jeux\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> ) FirewallRules: [{6AF49D99-3196-4512-B1E7-30A0B169A7AB}] => (Allow) D:\Jeux\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> ) FirewallRules: [TCP Query User{7356EF40-FD40-4D61-87A7-DF6D203BE64F}D:\jeux\ubisoft\tom clancy's rainbow six siege\rainbowsix_vulkan.exe] => (Allow) D:\jeux\ubisoft\tom clancy's rainbow six siege\rainbowsix_vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [UDP Query User{6BB6E8C6-1A23-454E-8BD6-5CB793BF925F}D:\jeux\ubisoft\tom clancy's rainbow six siege\rainbowsix_vulkan.exe] => (Allow) D:\jeux\ubisoft\tom clancy's rainbow six siege\rainbowsix_vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{971BFB1A-BAFC-48BD-801C-776819B47899}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{47376EA3-9D4B-4B81-B76F-8BAB7F6A19CA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{E90F067B-54FA-4965-B189-BE1984E19828}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{73C6F256-2129-4FCA-A8E8-BC54E9CED12F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D1E4FD6C-94DB-4AF7-A2A6-5E7C2F8F51D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{FF95CCA2-35D5-452A-9CE5-783315064868}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{78BE3A05-7D6F-4718-919B-E914463E8789}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{283D577F-B73E-4F6D-BEC1-79CA61E167DC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{1B8851E8-2AAD-46D5-9ED6-2FBF08901C30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{8C8279FE-6FC3-4C51-B881-2ACEA56172FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{8F6245AA-A18A-45C9-8F10-3B97C4BEC961}] => (Allow) LPort=32682 FirewallRules: [{9904939C-96B4-4BED-8823-892792C9D0F0}] => (Allow) D:\Jeux\Steam\steamapps\common\Call of Duty HQ\cod.exe (Activision Publishing Inc -> Activision) FirewallRules: [{42A809D5-E007-4A2D-AE55-699A6F4CD151}] => (Allow) D:\Jeux\Steam\steamapps\common\Call of Duty HQ\cod.exe (Activision Publishing Inc -> Activision) FirewallRules: [TCP Query User{E8977030-7691-4585-98FA-6DC8B3D46692}C:\users\jeremy\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\jeremy\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re) FirewallRules: [UDP Query User{4433671E-2BB2-42B8-9E71-2DDB874B25EB}C:\users\jeremy\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\jeremy\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re) FirewallRules: [{5A6F2DE5-7B95-4ABE-B5CA-E377D865821B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{AE5240AB-8BB8-486C-908D-8920B7C0881A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{01E8C7F0-1AF9-49BC-84D9-65668CAD3D45}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{AB5E897F-1E30-41DC-BC3D-C67EE099C870}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{470DA68F-9019-4704-9C1B-06CD06690EA7}] => (Allow) D:\Jeux\Steam\steamapps\common\The Forest\TheForest.exe () [Fichier non signé] FirewallRules: [{9DFF7990-0480-40B0-9696-5A54199C9926}] => (Allow) D:\Jeux\Steam\steamapps\common\The Forest\TheForest.exe () [Fichier non signé] FirewallRules: [{C9B51E1F-32F4-402B-82CC-39AD8B9A1097}] => (Allow) D:\Jeux\Steam\steamapps\common\The Forest\TheForestVR.exe () [Fichier non signé] FirewallRules: [{5F66B2EA-0BC3-420D-A530-7C63A263BF24}] => (Allow) D:\Jeux\Steam\steamapps\common\The Forest\TheForestVR.exe () [Fichier non signé] FirewallRules: [{41AFD5AA-C2FA-4666-95E4-6A804445CE46}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{CDCD14ED-8DC6-4EE2-AF06-38422EAE4305}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{D6DBEAD9-8ABC-42E6-BBAA-12E693E3C88A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{3004E316-4DEE-40AA-ADA5-C943E1883C7B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{204569F5-0C51-4AC3-B1E8-EDFF1091BAEF}] => (Allow) LPort=32683 FirewallRules: [{07C64647-7D19-425A-84FB-6A5B2041AA28}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E46946F1-E418-4BF0-A556-490BAC15809E}] => (Allow) C:\Program Files (x86)\Overwolf\0.215.0.15\OverwolfBrowser.exe => Pas de fichier FirewallRules: [{997B55EB-9454-47F1-84EC-13E30F2591C8}] => (Allow) C:\Program Files (x86)\Overwolf\0.215.0.15\OverwolfBrowser.exe => Pas de fichier FirewallRules: [{677744D4-0C12-44C1-A9F2-F255E1685E21}] => (Block) C:\Program Files (x86)\Overwolf\0.215.0.15\OverwolfBrowser.exe => Pas de fichier FirewallRules: [{738F4128-FF70-4ED9-9C4F-6DEDB8E3EBF3}] => (Block) C:\Program Files (x86)\Overwolf\0.215.0.15\OverwolfBrowser.exe => Pas de fichier FirewallRules: [{4A0B87AB-1594-4521-8AE0-9AD9CFA86522}] => (Allow) C:\Program Files (x86)\Overwolf\0.216.0.26\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{A6FA1361-5FDA-46B3-A490-533329A4BF82}] => (Allow) C:\Program Files (x86)\Overwolf\0.216.0.26\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{95A160D9-8F22-41C1-887C-39AA59ABE681}] => (Allow) D:\Jeux\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{D9C881CB-FF9E-4723-8C76-2C5085406635}] => (Allow) D:\Jeux\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{B76D36C4-B5EB-4149-AC11-45F12135330E}] => (Allow) D:\Jeux\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{F2E0FB56-53AA-453C-BFD4-55C7970A86D7}] => (Allow) D:\Jeux\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{20B55B42-C0CD-472E-9E58-3831A42E85E4}] => (Allow) LPort=26822 FirewallRules: [{EDC755E1-1DAD-4CE6-A64A-4BE32EC4BE0B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Points de restauration ========================= 07-01-2023 12:31:32 KpRm 11-01-2023 18:18:30 Programme d’installation pour les modules Windows ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (01/16/2023 05:28:53 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme StartMenuExperienceHost.exe version 0.0.0.0 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 2670 Heure de début : 01d929c77af1cedb Heure d'arrêt : 4294967295 Chemin d'accès à l'application : C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe ID de rapport : 7443489c-de7f-4ffa-9be6-30002af9f957 Nom complet du package défectueux : Microsoft.Windows.StartMenuExperienceHost_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy ID de l'application relative à un package défectueux : App Type de blocage : Activation Error: (01/13/2023 06:46:10 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: L’optimiseur de stockage n’a pas pu terminer réoptimisation sur (E:) car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A) Error: (01/13/2023 06:46:10 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: L’optimiseur de stockage n’a pas pu terminer réoptimisation sur (D:) car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A) Error: (01/13/2023 05:51:05 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme SearchApp.exe version 10.0.19041.2486 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 3e34 Heure de début : 01d9276f2ce1cfaf Heure d'arrêt : 4294967295 Chemin d'accès à l'application : C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe ID de rapport : 703c23e8-733c-4ff4-bcca-514f47fc11cc Nom complet du package défectueux : Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy ID de l'application relative à un package défectueux : CortanaUI Type de blocage : Quiesce Error: (01/13/2023 05:50:40 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme StartMenuExperienceHost.exe version 0.0.0.0 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 1df0 Heure de début : 01d9276f0635b9a7 Heure d'arrêt : 4294967295 Chemin d'accès à l'application : C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe ID de rapport : 3d635426-44d3-435c-bf57-2cb0735e069b Nom complet du package défectueux : Microsoft.Windows.StartMenuExperienceHost_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy ID de l'application relative à un package défectueux : App Type de blocage : Activation Error: (01/11/2023 07:10:18 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours. . Error: (01/11/2023 07:10:18 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours. ] Error: (01/11/2023 07:10:18 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours. . Erreurs système: ============= Error: (01/18/2023 06:09:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service WSearch. Error: (01/18/2023 06:08:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service WSearch. Error: (01/18/2023 06:08:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service WSearch. Error: (01/18/2023 06:08:04 PM) (Source: DCOM) (EventID: 10005) (User: AUTORITE NT) Description: DCOM a reçu l’erreur « 1053 » lors de la tentative de démarrage du service TrustedInstaller avec les arguments « Non disponible » pour exécuter le serveur : {752073A1-23F2-4396-85F0-8FDB879ED0ED} Error: (01/18/2023 06:08:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Programme d’installation pour les modules Windows n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (01/18/2023 06:08:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Programme d’installation pour les modules Windows. Error: (01/16/2023 09:40:19 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-10V1PE3) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (01/16/2023 09:40:19 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-10V1PE3) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Windows Defender: ================ Date: 2023-01-13 18:33:11 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {129007BC-69F1-43BC-9395-8358E62BDB58} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2023-01-13 18:04:37 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Vidar.AK!MTB&threatid=2147819223&enterprise=0 Nom : Trojan:Win32/Vidar.AK!MTB ID : 2147819223 Gravité : Grave Catégorie : Cheval de Troie Chemin : file:_C:\Users\Jeremy\Downloads\Telegram Desktop\Tradingview_Premium (desktop v.1.0.6).zip Origine de la détection : Ordinateur local Type de détection : Chemin rapide Source de détection : Protection en temps réel Utilisateur : DESKTOP-10V1PE3\Jeremy Nom du processus : C:\Windows\explorer.exe Version de la veille de sécurité : AV: 1.381.2140.0, AS: 1.381.2140.0, NIS: 1.381.2140.0 Version du moteur : AM: 1.1.19900.2, NIS: 1.1.19900.2 Date: 2023-01-13 18:04:36 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Formbook!ml&threatid=2147760507&enterprise=0 Nom : Trojan:Win32/Formbook!ml ID : 2147760507 Gravité : Grave Catégorie : Cheval de Troie Chemin : file:_C:\Users\Jeremy\Downloads\Telegram Desktop\TradingView Pro+ beta_v1.54.zip Origine de la détection : Ordinateur local Type de détection : Chemin rapide Source de détection : Protection en temps réel Utilisateur : DESKTOP-10V1PE3\Jeremy Nom du processus : C:\Windows\explorer.exe Version de la veille de sécurité : AV: 1.381.2140.0, AS: 1.381.2140.0, NIS: 1.381.2140.0 Version du moteur : AM: 1.1.19900.2, NIS: 1.1.19900.2 Date: 2023-01-12 17:49:35 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {46A04108-78B7-4E96-8E6B-58561D3B86B5} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : DESKTOP-10V1PE3\Jeremy Date: 2022-12-21 22:58:07 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {603A5B72-E5AC-404B-92E3-DB8FDAEB6297} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système  CodeIntegrity: =============== Date: 2023-01-17 19:48:43 Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume8\Program Files\Google\Drive File Stream\68.0.2.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements. Date: 2023-01-13 18:33:11 Description: Code Integrity determined that a process (\Device\HarddiskVolume8\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume8\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-12-13 10:13:07 Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume8\Program Files\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements. Date: 2022-12-13 10:13:07 Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume8\Program Files\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. 1202 10/22/2020 Carte mère: ASUSTeK COMPUTER INC. TUF GAMING B550-PLUS Processeur: AMD Ryzen 7 3700X 8-Core Processor Pourcentage de mémoire utilisée: 36% Mémoire physique - RAM - totale: 16265.77 MB Mémoire physique - RAM - disponible: 10392.2 MB Mémoire virtuelle totale: 24969.77 MB Mémoire virtuelle disponible: 15033.91 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:222.95 GB) (Free:30.14 GB) (Model: Force MP510) NTFS Drive d: () (Fixed) (Total:488.28 GB) (Free:75.25 GB) (Model: ST1000DM010-2EP102) NTFS Drive e: () (Fixed) (Total:443.21 GB) (Free:435.8 GB) (Model: ST1000DM010-2EP102) NTFS Drive g: (Google Drive) (Fixed) (Total:15 GB) (Free:12.64 GB) (Model: ST1000DM010-2EP102) FAT32 \\?\Volume{32a077ef-f4d4-4aa5-916e-165813a526ec}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS \\?\Volume{3dc2d7e2-1653-4014-a039-9ec761157400}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 2 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000) Partition: GPT. ==================== Fin de Addition.txt =======================