Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 09-02-2023 01 Exécuté par simon (17-02-2023 05:12:37) Exécuté depuis C:\Users\simon\Downloads Microsoft Windows 11 Famille Version 22H2 22621.1105 (X64) (2022-10-28 10:34:12) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-1569298020-3842767311-2654647004-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1569298020-3842767311-2654647004-503 - Limited - Disabled) Invité (S-1-5-21-1569298020-3842767311-2654647004-501 - Limited - Disabled) simon (S-1-5-21-1569298020-3842767311-2654647004-1001 - Administrator - Enabled) => C:\Users\simon WDAGUtilityAccount (S-1-5-21-1569298020-3842767311-2654647004-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411} FW: AVG Antivirus (Enabled) {2092F4DC-EC63-3680-C854-E2DACF7E736A} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) Adobe After Effects 2022 (HKLM-x32\...\AEFT_22_6) (Version: 22.6 - Adobe Inc.) Adobe After Effects 2022 v22.6.0.64 (HKLM-x32\...\{FB7631F2-EE03-48B9-BF96-B05B98E51040}) (Version: 1.0.0 - Adobe After Effects 2022 v22.6.0.64) AI Noise Cancelation Audio Software (HKLM-x32\...\{ab5f014e-883d-470d-bc2d-127ef91e5611}) (Version: 1.0.8 - ASUSTek Computer Inc.) AMD Ryzen Master (HKLM\...\{02247819-03CD-414E-AC8D-FD518BFBA445}) (Version: 2.9.0.2093 - Advanced Micro Devices, Inc.) Hidden AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.9.0.2093 - Advanced Micro Devices, Inc.) ARMOURY CRATE Service (HKLM\...\{01378DC3-088F-4F55-AAFA-DC6A9CCA292A}) (Version: 5.2.10 - ASUS) ASUS Aac_GmAcc HAL (HKLM\...\{998249B1-6913-447E-AA37-F445B8CA33D0}) (Version: 1.0.0.0 - ASUSTek COMPUTER INC.) Hidden ASUS Aac_GmAcc HAL (HKLM-x32\...\{fd4cf3d0-9937-417e-89b4-56658158819a}) (Version: 1.0.0.0 - ASUSTek COMPUTER INC.) Hidden ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.5.24.0 - ASUSTek COMPUTER INC.) Hidden ASUS Aac_NBDT HAL (HKLM-x32\...\{ba95a7ce-ede3-4308-a5d6-6c08a15bff04}) (Version: 2.5.24.0 - ASUSTek COMPUTER INC.) Hidden ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.1.50.0 - ASUSTek COMPUTER INC.) Hidden ASUS AIOFan HAL (HKLM-x32\...\{6aabd550-b97f-4b87-8c12-fb271d7c8047}) (Version: 1.1.50.0 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.2.12.0 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA Display Component (HKLM-x32\...\{fe2996bf-7174-4ad7-af8c-3e8e510c8263}) (Version: 1.2.12.0 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.3.26.0 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Headset Component (HKLM-x32\...\{b351ae91-a5dd-4741-8830-883dddd22eb7}) (Version: 1.3.26.0 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Motherboard HAL (HKLM\...\{4EBEAC95-76BC-46A8-8644-6E2F1C87CF70}) (Version: 1.3.9.1 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Motherboard HAL (HKLM-x32\...\{2fc4816b-566a-4170-9b4d-1dc8bad8a164}) (Version: 1.3.9.1 - ASUSTeK COMPUTER INC.) Hidden ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.17 - ASUSTek COMPUTER INC.) Hidden ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.3.7 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA VGA Component (HKLM-x32\...\{94368c41-8d06-4bfe-993a-bfbd5e5226b5}) (Version: 0.0.3.7 - ASUSTek COMPUTER INC. ) Hidden ASUS Framework Service (HKLM-x32\...\{80f60ecc-98e1-474b-aee2-0c470f02dbbc}) (Version: 2.0.2.6 - ASUSTek COMPUTER INC.) ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.0.2.6 - ASUSTek COMPUTER INC.) Hidden ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.1.48.0 - ASUSTek COMPUTER INC.) Hidden ASUS Keyboard HAL (HKLM-x32\...\{79497ebd-229a-42ac-9410-87264af2e929}) (Version: 1.1.48.0 - ASUSTek COMPUTER INC.) Hidden ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.40 - ASUSTeK Computer Inc.) Hidden ASUS MB Peripheral Products (HKLM-x32\...\{687d8d1b-026f-4cae-a027-149bbad9ec0c}) (Version: 1.0.40 - ASUSTeK Computer Inc.) Hidden ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 1.05.18 - ASUSTek Computer Inc.) ASUS Mouse HAL (HKLM\...\{B8F984F2-7887-4DD2-8D96-F9A4BC5A4AC5}) (Version: 1.1.0.45 - ASUSTek COMPUTER INC.) Hidden ASUS Mouse HAL (HKLM-x32\...\{559342ce-3e0f-4daf-bd9f-dfb67f065c28}) (Version: 1.1.0.45 - ASUSTek COMPUTER INC.) Hidden ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.93 - ASUSTeK Computer Inc.) Hidden AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.24 - ASUS) AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.24 - ASUS) AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.05.66 - ASUSTeK Computer Inc.) Hidden AURA Service (HKLM-x32\...\{d4425362-eb40-415b-bb0d-5933fa345e9c}) (Version: 3.05.66 - ASUSTeK Computer Inc.) AVG Internet Security (HKLM\...\AVG Antivirus) (Version: 23.1.3269 - AVG Technologies) AVG Secure Browser (HKLM-x32\...\AVG Secure Browser) (Version: 110.0.20188.101 - AVG Technologies) AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1582.3 - AVG Technologies) Hidden BitTorrent Web (HKU\S-1-5-21-1569298020-3842767311-2654647004-1001\...\btweb) (Version: 1.3.0 - Rainberry, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Discord (HKU\S-1-5-21-1569298020-3842767311-2654647004-1001\...\Discord) (Version: 1.0.9005 - Discord Inc.) Epic Games Launcher (HKLM-x32\...\{FAC47927-1A6A-4C6E-AD7D-E9756794A4BC}) (Version: 1.3.23.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.) Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.3 - ) FiveM (HKU\S-1-5-21-1569298020-3842767311-2654647004-1001\...\CitizenFX_FiveM) (Version: - Cfx.re) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 110.0.5481.77 - Google LLC) Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2824.0 - Rockstar Games) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) iVCam 7.0 (HKLM\...\iVCam_is1) (Version: 7.0.4 - e2eSoft) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKU\S-1-5-21-1569298020-3842767311-2654647004-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2023.1.364056 - Logitech) Magic Bullet Suite (HKLM\...\Magic Bullet Suite v15.1.0) (Version: - Maxon Computer GmbH) Microsoft .NET 6.0 Templates 6.0.301 (x64) (HKLM\...\{F2DADB12-6DEF-4CE5-B152-35B9567F40A2}) (Version: 24.5.32792 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 6.0.6 (x64) (HKLM\...\{723332DF-FBC6-4912-A93C-6F9815798E29}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 6.0.6 (x64_arm) (HKLM\...\{1A8223D5-6B69-4AB2-8082-59F7A48BAA3D}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 6.0.6 (x64_arm64) (HKLM\...\{7CFC58A6-2C50-4DB7-9A9D-7E33E1D8CFE0}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 6.0.6 (x64_x86) (HKLM\...\{E49DA4E3-198A-47F7-BC15-CFC05F40879D}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host - 6.0.6 (x64) (HKLM\...\{F48FB46C-3334-47AA-98ED-D5A47DED33F1}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.6 (x64) (HKLM\...\{089493D9-430B-4210-8A47-8F611288F461}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.6 (x64) (HKLM\...\{00478901-CD97-4A20-8FF3-3276865A2B44}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.6 (x64) (HKLM-x32\...\{181821d4-9e02-4733-abf3-9eadb0f3f92b}) (Version: 6.0.6.31317 - Microsoft Corporation) Microsoft .NET SDK 6.0.301 (x64) (HKLM-x32\...\{466ee7aa-cb20-4072-baea-f88947334d78}) (Version: 6.3.122.27704 - Microsoft Corporation) Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) (HKLM\...\{A7036CFB-B403-4598-85FF-D397ABB88173}) (Version: 24.0.28113 - Microsoft Corporation) Hidden Microsoft .NET Targeting Pack - 6.0.6 (x64) (HKLM\...\{AFF8B960-E63B-4609-AE1D-206B6BE45F70}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft .NET Toolset 6.0.301 (x64) (HKLM\...\{550A4B5A-1101-412B-963C-450F457B461D}) (Version: 24.5.16408 - Microsoft Corporation) Hidden Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.16026.20146 - Microsoft Corporation) Microsoft ASP.NET Core 6.0.6 Shared Framework (x64) (HKLM\...\{83501F7C-3E4B-3AF3-9AA6-0A9F5EB13A1F}) (Version: 6.0.6.22268 - Microsoft Corporation) Hidden Microsoft ASP.NET Core 6.0.6 Targeting Pack (x64) (HKLM\...\{21DC5DB1-ECFD-340F-B778-1C7D910F83E4}) (Version: 6.0.6.22268 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.46 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.78 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1569298020-3842767311-2654647004-1001\...\OneDriveSetup.exe) (Version: 23.023.0129.0002 - Microsoft Corporation) Microsoft OneNote - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 16.0.16026.20146 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{EF9EBC42-6969-45CE-A8D2-B9249B00C838}) (Version: 5.69.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM\...\{3C31CBA1-A0D9-4B95-A807-AD2313D12F47}) (Version: 40.68.31219 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM-x32\...\{20d5df4e-006c-4d6d-a0dc-490d009b9786}) (Version: 5.0.17.31219 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 6.0.6 (x64) (HKLM\...\{B9E46F95-AC34-4943-AFE2-B72EFD56C6C0}) (Version: 48.27.42342 - Microsoft Corporation) Hidden Microsoft Windows Desktop Targeting Pack - 6.0.6 (x64) (HKLM\...\{259FACFD-87E7-40DB-BED3-EE725E623CAF}) (Version: 48.27.42342 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.Android.Manifest-6.0.300 (HKLM\...\{052CDF8C-E534-462F-8D12-CCB3EA4FC3B3}) (Version: 128.75.4 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.iOS.Manifest-6.0.300 (HKLM\...\{D6421A31-9594-4FE3-86C6-3F9E0D3FCE3C}) (Version: 60.89.125 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.MacCatalyst.Manifest-6.0.300 (HKLM\...\{459CC7DE-B28A-445C-920D-794B37FF7D55}) (Version: 60.89.125 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.macOS.Manifest-6.0.300 (HKLM\...\{2AB77B83-C379-404E-9652-4AB1B4980227}) (Version: 48.57.125 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.Maui.Manifest-6.0.300 (HKLM\...\{A560FBB0-69A7-4797-8B25-869C30F7EDBB}) (Version: 24.75.5355 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.tvOS.Manifest-6.0.300 (HKLM\...\{DAE08CB9-F109-4101-8C24-C648E1E7AD45}) (Version: 60.89.125 - Microsoft Corporation) Hidden Microsoft.NET.Workload.Emscripten.Manifest (HKLM\...\{7CBF3451-2A94-4DFD-8355-6B97C5EABB26}) (Version: 48.27.39026 - Microsoft Corporation) Hidden Microsoft.NET.Workload.Mono.Toolchain.Manifest (HKLM\...\{A626E240-C89F-45CD-BFD7-B263C3D33CAD}) (Version: 48.3.39076 - Microsoft Corporation) Hidden Nefarius Software Solutions e.U. HidHide (x64) (HKLM\...\{B62A2DE2-E6A8-438B-B05B-6E9287A0191D}) (Version: 1.0.30.0 - Nefarius Software Solutions e.U.) Nefarius Virtual Gamepad Emulation Bus Driver (HKLM\...\{93D91F60-7C94-4A79-863F-EA713D2EB3F3}) (Version: 1.17.333.0 - Nefarius Software Solutions e.U.) NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation) NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation) NVIDIA Pilote graphique 527.56 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 527.56 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 29.0.0 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16026.20146 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14026.20302 - Microsoft Corporation) Hidden Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.69.1334 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.6.7 - Rockstar Games) ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.5.11.0 - ASUSTek COMPUTER INC.) Skype version 8.90 (HKLM-x32\...\Skype_is1) (Version: 8.90 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version: - VB-Audio Software) Packages: ========= ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.3.4.0_x64__qmba6cd70vzyy [2023-02-16] (ASUSTeK COMPUTER INC.) AURA Creator -> C:\Program Files\WindowsApps\B9ECED6F.AURACreator_3.5.6.0_x64__qmba6cd70vzyy [2023-02-02] (ASUSTeK COMPUTER INC.) Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.15.0_neutral__yxz26nhyzhsrt [2023-01-17] (Microsoft Corp.) Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.45.5.0_x64__6rarf9sa4v8jt [2023-02-02] (Disney) DTS Audio Processing -> C:\Program Files\WindowsApps\DTSInc.DTSAudioProcessing_1.10.9.0_x64__t5j2fzbtdg37r [2022-10-28] (DTS, Inc.) McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2022-06-20] (McAfee LLC.) Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.39.0_x64__8wekyb3d8bbwe [2023-01-06] (Microsoft Corp.) ms-resource://MicrosoftCorporationII.QuickAssist/resources/APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.16.0_x64__8wekyb3d8bbwe [2023-02-02] (Microsoft Corp.) ms-resource:AppDisplayName -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.13.0_x64__qmba6cd70vzyy [2022-12-26] (ASUSTeK COMPUTER INC.) ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.40041.0_x64__8wekyb3d8bbwe [2023-01-11] (Microsoft Corporation) ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-10-28] (Microsoft Corporation) ms-resource:ProductPkgDisplayName -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2023-01-23] (ms-resource:ProductPublisherDisplayName) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-12-09] (NVIDIA Corp.) Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.125.0_x64__pwbj9vvecjh7j [2023-02-09] (Amazon Development Centre (London) Ltd) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.30.259.0_x64__dt26b99r8h8gj [2023-02-06] (Realtek Semiconductor Corp) Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-10] (Microsoft Studios) [MS Ad] Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0 [2023-02-06] (Spotify AB) [Startup Task] WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.747.1945.0_x64__8wekyb3d8bbwe [2023-02-06] (Microsoft Corporation) WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.747.1945.0_x86__8wekyb3d8bbwe [2023-02-06] (Microsoft Corporation) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-1569298020-3842767311-2654647004-1001_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> "C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe" -ToastActivated => Pas de fichier CustomCLSID: HKU\S-1-5-21-1569298020-3842767311-2654647004-1001_Classes\CLSID\{D3E34B21-9D75-101A-8C3D-00AA001A1652}\localserver32 -> C:\Program Files\WindowsApps\Microsoft.Paint_11.2210.4.0_x64__8wekyb3d8bbwe\PaintApp\mspaint.exe () [Fichier non signé] ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-02-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-02-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-02-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-02-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvaki.inf_amd64_864d3de5336e226f\nvshext.dll [2022-12-06] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-02-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== ==================== Modules chargés (Avec liste blanche) ============= 2021-03-09 19:01 - 2021-03-09 19:01 - 000477696 _____ () [Fichier non signé] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node 2021-03-09 19:01 - 2021-03-09 19:01 - 000471040 _____ () [Fichier non signé] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node 2021-03-09 19:01 - 2021-03-09 19:01 - 000454656 _____ () [Fichier non signé] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\registry-js\prebuilds\win32-ia32\node.napi.node 2021-11-12 00:13 - 2021-02-18 21:07 - 000085504 _____ () [Fichier non signé] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\zlib1.dll 2021-03-09 19:01 - 2021-03-09 19:01 - 000081920 _____ () [Fichier non signé] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll 2023-02-12 16:14 - 2023-02-12 16:14 - 000967168 _____ () [Fichier non signé] C:\Program Files (x86)\VB\Voicemeeter\mp3lame\lame_enc.dll 2022-12-31 23:42 - 2022-02-24 17:58 - 000143360 _____ () [Fichier non signé] C:\Program Files\e2eSoft\iVCam\MLProcessor.dll 2023-02-13 15:41 - 2023-02-09 00:21 - 000155136 _____ () [Fichier non signé] C:\Program Files\LGHUB\resources\app.asar.unpacked\keytar.node 2022-06-20 19:22 - 2022-06-20 19:22 - 000094720 _____ () [Fichier non signé] C:\Program Files\Rockstar Games\Grand Theft Auto V\GFSDK_TXAA_AlphaResolve.win64.dll 2022-06-20 13:16 - 2022-06-20 13:16 - 001165824 _____ () [Fichier non signé] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\e_sqlite3.dll 2022-10-16 23:27 - 2022-10-16 23:27 - 084076544 _____ () [Fichier non signé] C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.3.4.0_x64__qmba6cd70vzyy\ArmouryCrate.dll 2022-07-01 20:47 - 2022-07-01 20:47 - 003954688 _____ () [Fichier non signé] C:\Users\simon\AppData\Local\FiveM\FiveM.app\bin\gfsdk_shadowlib.dll 2022-07-01 20:47 - 2022-07-01 20:47 - 001952768 _____ () [Fichier non signé] C:\Users\simon\AppData\Local\FiveM\FiveM.app\bin\icui18n.dll 2022-07-01 20:47 - 2022-07-01 20:47 - 001254400 _____ () [Fichier non signé] C:\Users\simon\AppData\Local\FiveM\FiveM.app\bin\icuuc.dll 2022-07-01 20:47 - 2022-11-08 15:45 - 174233600 _____ () [Fichier non signé] C:\Users\simon\AppData\Local\FiveM\FiveM.app\bin\libcef.dll 2022-07-01 20:47 - 2022-11-08 15:45 - 000442368 _____ () [Fichier non signé] C:\Users\simon\AppData\Local\FiveM\FiveM.app\bin\libEGL.dll 2022-07-01 20:47 - 2022-11-08 15:45 - 006435328 _____ () [Fichier non signé] C:\Users\simon\AppData\Local\FiveM\FiveM.app\bin\libGLESv2.dll 2022-07-01 20:47 - 2022-08-12 15:59 - 006358528 _____ () [Fichier non signé] C:\Users\simon\AppData\Local\FiveM\FiveM.app\bin\mono-2.0-sgen.dll 2022-07-01 20:47 - 2023-01-12 17:05 - 000308224 _____ () [Fichier non signé] C:\Users\simon\AppData\Local\FiveM\FiveM.app\bin\ros.dll 2022-11-08 15:45 - 2022-11-08 15:45 - 004060672 _____ () [Fichier non signé] C:\Users\simon\AppData\Local\FiveM\FiveM.app\bin\vk_swiftshader.dll 2022-07-01 20:47 - 2022-07-01 20:47 - 015249408 _____ () [Fichier non signé] C:\Users\simon\AppData\Local\FiveM\FiveM.app\v8-9.3.345.16.dll 2022-12-31 23:42 - 2022-02-14 08:11 - 036402176 _____ (FFmpeg Project) [Fichier non signé] C:\Program Files\e2eSoft\iVCam\avcodec.dll 2022-12-31 23:42 - 2022-02-14 08:11 - 008498688 _____ (FFmpeg Project) [Fichier non signé] C:\Program Files\e2eSoft\iVCam\avformat.dll 2022-12-31 23:42 - 2022-02-14 08:11 - 000797184 _____ (FFmpeg Project) [Fichier non signé] C:\Program Files\e2eSoft\iVCam\avutil.dll 2022-12-31 23:42 - 2022-02-14 08:11 - 000304128 _____ (FFmpeg Project) [Fichier non signé] C:\Program Files\e2eSoft\iVCam\swresample.dll 2022-12-31 23:42 - 2022-02-14 08:11 - 000612352 _____ (FFmpeg Project) [Fichier non signé] C:\Program Files\e2eSoft\iVCam\swscale.dll 2022-07-01 20:47 - 2022-07-01 20:47 - 000653312 _____ (FFmpeg Project) [Fichier non signé] C:\Users\simon\AppData\Local\FiveM\FiveM.app\bin\avutil-56.dll 2022-07-01 20:47 - 2022-07-01 20:47 - 000376832 _____ (FFmpeg Project) [Fichier non signé] C:\Users\simon\AppData\Local\FiveM\FiveM.app\bin\swresample-3.dll 2022-07-01 20:47 - 2022-07-01 20:47 - 006251520 _____ (Google Inc.) [Fichier non signé] C:\Users\simon\AppData\Local\FiveM\FiveM.app\bin\SwiftShaderD3D9_64.dll 2022-06-20 13:16 - 2022-06-20 13:16 - 016742912 _____ (McAfee LLC) [Fichier non signé] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.dll 2022-06-20 19:22 - 2022-06-20 19:22 - 000435712 _____ (RAD Game Tools, Inc.) [Fichier non signé] C:\Program Files\Rockstar Games\Grand Theft Auto V\bink2w64.dll 2022-07-01 20:47 - 2022-11-08 15:45 - 001218048 _____ (The Chromium Authors) [Fichier non signé] C:\Users\simon\AppData\Local\FiveM\FiveM.app\bin\chrome_elf.dll 2021-11-12 00:13 - 2021-02-18 21:07 - 000287232 _____ (The curl library, hxxps://curl.haxx.se/) [Fichier non signé] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\libcurl.dll 2021-11-12 00:13 - 2021-02-18 21:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\libcrypto-1_1-x64.dll 2021-11-12 00:13 - 2021-02-18 21:07 - 002281984 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\LIBEAY32.dll 2021-11-12 00:13 - 2021-02-18 21:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\libssl-1_1-x64.dll 2021-11-12 00:13 - 2021-02-18 21:07 - 000361472 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\SSLEAY32.dll 2021-11-12 00:13 - 2020-05-15 00:15 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\libcrypto-1_1-x64.dll 2021-11-12 00:13 - 2020-05-15 00:15 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\libssl-1_1-x64.dll ==================== Alternate Data Streams (Avec liste blanche) ======== (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6070] ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2021-06-05 13:08 - 2023-02-17 04:00 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\dotnet\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-1569298020-3842767311-2654647004-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\themea\img20.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess" HKU\S-1-5-21-1569298020-3842767311-2654647004-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-1569298020-3842767311-2654647004-1001\...\StartupApproved\Run: => "Skype for Desktop" HKU\S-1-5-21-1569298020-3842767311-2654647004-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1569298020-3842767311-2654647004-1001\...\StartupApproved\Run: => "btweb" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{347ECACC-BABB-40F4-861E-5B4A84E4DB2E}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => Pas de fichier FirewallRules: [{B861FAB4-8D53-42F2-9ED4-DF78BAAD8100}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. -> ) FirewallRules: [{785035D3-D189-4864-8CE8-17284C876830}] => (Allow) C:\Users\simon\AppData\Local\Packages\B9ECED6F.ArmouryCrate_qmba6cd70vzyy\LocalState\GridUpdateFile\ASUSGCDriverUpdateClient.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) FirewallRules: [UDP Query User{1354A680-EA54-40F7-9447-3B76F521F8BB}C:\users\simon\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\simon\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re) FirewallRules: [TCP Query User{5E933A8B-37E7-4CE5-869D-2D690091606D}C:\users\simon\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\simon\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re) FirewallRules: [UDP Query User{F1568D25-7156-4F03-8E77-4C0133BE6B7A}C:\users\simon\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe] => (Allow) C:\users\simon\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe => Pas de fichier FirewallRules: [TCP Query User{AFBA8B78-9AB8-4F84-B9EE-7A873EBABC05}C:\users\simon\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe] => (Allow) C:\users\simon\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe => Pas de fichier FirewallRules: [{18FE0B77-35FC-495E-86E1-7AD175E3FB7C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6569290F-B093-4708-B617-25C2045A03D2}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => Pas de fichier FirewallRules: [{F559A3B4-AFE7-4947-8D8E-79A93F39C3FD}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) FirewallRules: [{72302A52-EF56-4781-8BC8-1CD98491826C}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS) FirewallRules: [{4818AB3D-0BAD-40C8-90B3-9590F89B08FB}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS) FirewallRules: [{00A65014-95C8-43C4-A9CB-8FE3C824FC82}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) FirewallRules: [{1D0CDEA0-EFE0-4D02-B9F4-3DDF423451D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{8F661A1D-11EE-4579-9005-68EC3C0199F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{9F0EC8B5-2C79-468F-A079-946E041BF580}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{23F12B65-F5BB-42E2-A007-40817B6A44F4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{5D580191-ABE0-4909-9663-C955D86267A3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{8003FA8C-D219-42F6-BE49-7C7C7EB22EDD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{7767ACF1-0356-4835-A5A9-E13A97281076}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{96849AC0-45C8-4734-B485-9A9BEB8B5472}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{CA6277FB-FB8F-493B-94D7-A7A86F922E52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Goose Goose Duck\Goose Goose Duck.exe (Gaggle Studios, Inc. -> Unity Technologies ApS) FirewallRules: [{65D25BAC-E4BB-4D35-8ACC-F665A4C18072}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Goose Goose Duck\Goose Goose Duck.exe (Gaggle Studios, Inc. -> Unity Technologies ApS) FirewallRules: [{3F273419-755C-4ACB-8F25-DF45748BA0C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [Fichier non signé] FirewallRules: [{D4E2C270-6899-4445-96A0-A243626257B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [Fichier non signé] FirewallRules: [{DF2C6680-DD5C-4001-8164-78CC4B2500D4}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.13.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [Fichier non signé] FirewallRules: [{20635873-C1D8-4EBF-9544-BA8A565C79D9}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.13.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [Fichier non signé] FirewallRules: [{A3B78E18-E2FB-442F-AF27-F6803859D494}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.13.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [Fichier non signé] FirewallRules: [{5EA4216C-ABDD-4767-8926-E83F79010A1A}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.13.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [Fichier non signé] FirewallRules: [{176AD968-7E04-4D60-9C07-361A1A95DCF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\First Class Trouble\FCTClient.exe (Epic Games, Inc.) [Fichier non signé] FirewallRules: [{BCCAE447-CAAA-407E-BAF4-B6903E77662D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\First Class Trouble\FCTClient.exe (Epic Games, Inc.) [Fichier non signé] FirewallRules: [TCP Query User{59910F5D-D0CD-453D-9A2E-AE73E4888186}C:\program files (x86)\steam\steamapps\common\first class trouble\fct\binaries\win64\fctclient-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\first class trouble\fct\binaries\win64\fctclient-win64-shipping.exe (Invisible Walls) [Fichier non signé] FirewallRules: [UDP Query User{6B85C6B0-9FFD-4E86-9E06-41ECB5E4DCE9}C:\program files (x86)\steam\steamapps\common\first class trouble\fct\binaries\win64\fctclient-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\first class trouble\fct\binaries\win64\fctclient-win64-shipping.exe (Invisible Walls) [Fichier non signé] FirewallRules: [TCP Query User{104817D0-22F9-445D-B784-C79085EAF2CA}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{D290F510-BAC7-4114-84AE-D9077468B5A4}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{A5DA8306-710D-4952-8503-CB7296A018DC}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{A1417416-3530-4563-A00B-742810F27955}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{5EA30052-802C-4726-BB76-FEEDD0105DDF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{04459CF8-0D13-421B-AB2B-7D21E2FB9108}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{5B6A1FD4-58E8-4C6B-A7D0-CC6F712D6BA5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{5FDCD69E-16CE-4420-98E3-9CC07AA67C4F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [TCP Query User{D3C2E800-B06A-4913-B9F0-EF1F8F7BF071}C:\program files\e2esoft\ivcam\ivcam.exe] => (Allow) C:\program files\e2esoft\ivcam\ivcam.exe (Shanghai Yitu Information Technology Co., Ltd. -> ) FirewallRules: [UDP Query User{1CDE3C69-9228-4594-8081-581833600C85}C:\program files\e2esoft\ivcam\ivcam.exe] => (Allow) C:\program files\e2esoft\ivcam\ivcam.exe (Shanghai Yitu Information Technology Co., Ltd. -> ) FirewallRules: [{B8118C18-4DD2-4A10-ACCE-B10072D7905D}] => (Allow) C:\Program Files\e2eSoft\iVCam\iVCam.exe (Shanghai Yitu Information Technology Co., Ltd. -> ) FirewallRules: [{0AE1CD7E-C8B1-4E12-8011-1BC92C785BDC}] => (Allow) C:\Program Files\e2eSoft\iVCam\iVCam.exe (Shanghai Yitu Information Technology Co., Ltd. -> ) FirewallRules: [{6CEB14C7-EE28-44D7-8E6F-23BFBAA29C72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{26075DDE-0F1F-43B7-8936-86201EC452E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{3EB0FFAE-F52E-425B-9AB4-0A8B26047135}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.61\msedgewebview2.exe => Pas de fichier FirewallRules: [{2A99C771-B7BB-453D-9071-699CEC30361E}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C923DFC3-985E-4CE3-8D94-7FA959937598}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{951A2F0D-2B7E-43F1-83EE-72C679392FA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{8D6CBE9E-7B7F-46ED-8DBD-EEB59BB022EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{2DD008DF-C5FE-41D7-8048-468C539918A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{1DD41D21-33E9-4CE0-AD48-34BA8B520B01}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{89BB6900-72E0-4F8A-B645-0DB61C0B8FBA}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.78\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{80B77E35-FC72-4D45-81B5-65E86CF2E169}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D172698B-558A-4BD5-8B54-94EEA4B74283}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{ACF093AD-8DDD-4EC2-9DFB-7A2A5EA35743}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{5EFD47DA-62B8-4FC4-B1E9-4D58BE43805C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{84020029-6AC4-4BC2-AAA1-37F9E91032A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{9A1D811E-251B-4892-B0C9-EEC4D904B7A3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{DFFBFBC1-2D0E-4CEA-B826-8E09D848ADBC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{5D89DD56-22D3-47C7-BDFA-5AC6D1B6F66D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{409FF857-90F7-44EA-BAC6-0AEFB8F4E73D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe (Warner Bros. Interactive) [Fichier non signé] FirewallRules: [{8D4BF094-7892-48FA-A513-F37F26FA7699}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe (Warner Bros. Interactive) [Fichier non signé] FirewallRules: [{DAEDCFD3-8D02-4C5E-AF98-17AA9706C10E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Goose Goose Duck\GGDLauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc.) FirewallRules: [{2EF2CC91-433B-4F5C-9F06-8C5F2D1981B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Goose Goose Duck\GGDLauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc.) FirewallRules: [{32E73185-49DA-4680-A8F8-CD6507E786B3}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{8052E5F5-8312-49A7-9249-AFE33F0824E5}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{EB368628-193F-4486-856B-FF70B78CFEB4}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{CDA2E1A9-AAB1-4298-BA02-764E6CF4C67E}] => (Allow) C:\Users\simon\AppData\Roaming\BitTorrent Web\btweb.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{C8C1E01E-BEE5-4E13-B7F7-DE8CD8F05643}] => (Allow) C:\Users\simon\AppData\Roaming\BitTorrent Web\btweb.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{EF93E3FF-34F7-4E1E-BF9D-66588A39E413}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{4A451C94-DA40-461F-9F08-8B95FF9F21D3}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{D31F4AB1-64C3-40AC-9152-04545E2717E6}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, LLC -> AVG Technologies) FirewallRules: [TCP Query User{99E9C61A-4C48-4EFB-8B20-474306D33E01}C:\program files\maxon cinema 4d r25\cinema 4d team render client.exe] => (Block) C:\program files\maxon cinema 4d r25\cinema 4d team render client.exe => Pas de fichier FirewallRules: [UDP Query User{847D9FCF-2D3E-4E38-81CF-3F07B794D8BE}C:\program files\maxon cinema 4d r25\cinema 4d team render client.exe] => (Block) C:\program files\maxon cinema 4d r25\cinema 4d team render client.exe => Pas de fichier FirewallRules: [{3B1414CD-65BD-4775-8CBD-1CE30715ACA8}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) FirewallRules: [{E16C24E4-F358-4C6C-B3AC-88AF3655AC98}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSwitch\AsusSwitchNet.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) FirewallRules: [{05608035-9CEF-4271-B48D-2B5C0A941AF9}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) FirewallRules: [{9F2DEED7-9D13-4F20-AAE9-6436C9698F0E}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) FirewallRules: [{5BA6F95D-8D65-4B75-890E-4853EC908939}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0100494bef227dd5\ASUSSwitch\AsusSwitchNetMDNS.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) FirewallRules: [{30BD5610-A1BB-49F3-8D51-9FBD9DE44768}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. -> ) FirewallRules: [{9AE1D1AF-06A3-4953-A5D0-BBE6B6DB4E82}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. -> ) ==================== Points de restauration ========================= 13-02-2023 15:50:06 Programme d’installation pour les modules Windows 16-02-2023 16:37:15 Installed Adobe After Effects 2022 v22.6.0.64 17-02-2023 02:22:11 Removed FakerInput 17-02-2023 02:24:01 WinZip 26.0 supprimé. 17-02-2023 02:24:12 WinZip 26.0 supprimé. 17-02-2023 04:00:34 Restore Point Created by FRST ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (02/17/2023 04:02:05 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-AJ6G9D4) Description: Nom de l’application défaillante ArmourySocketServer.exe, version : 0.0.6.3, horodatage : 0x608230db Nom du module défaillant : ArmourySocketServer.exe, version : 0.0.6.3, horodatage : 0x608230db Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000049f90 ID du processus défaillant : 0x0x2638 Heure de début de l’application défaillante : 0x0x1d9427c3348cc59 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ID de rapport : 8298b7b5-d872-4fbb-a9f0-b8caa9204000 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (02/17/2023 04:02:04 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT) Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-AJ6G9D4$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep : GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Fri, 17 Feb 2023 03:02:05 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 876a2a49-2223-4053-b6a9-7836be207a49 Méthode : GET(219ms) Étape : GetCACaps Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (02/17/2023 04:02:04 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT) Description: Échec de l’initialisation de l’inscription du certificat SCEP pour Système local via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep : GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Fri, 17 Feb 2023 03:02:04 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 4096b17d-b701-46dd-919a-0792ab03df7f Méthode : GET(516ms) Étape : GetCACaps Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (02/17/2023 02:10:38 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-AJ6G9D4) Description: Nom de l’application défaillante btweb.exe, version : 1.3.0.5649, horodatage : 0x63e29429 Nom du module défaillant : ntdll.dll, version : 10.0.22621.1105, horodatage : 0xee6cffcb Code d’exception : 0xc0000005 Décalage d’erreur : 0x000653f5 ID du processus défaillant : 0x0x57f4 Heure de début de l’application défaillante : 0x0x1d942673351843a Chemin d’accès de l’application défaillante : C:\Users\simon\AppData\Roaming\BitTorrent Web\btweb.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : 7ef63420-6829-47ae-889a-2c8f2a479275 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (02/17/2023 01:46:21 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-AJ6G9D4) Description: Nom de l’application défaillante RegAsm.exe, version : 4.8.9032.0, horodatage : 0x95e58572 Nom du module défaillant : KERNELBASE.dll, version : 10.0.22621.963, horodatage : 0x766ca8ae Code d’exception : 0xe0434352 Décalage d’erreur : 0x00000000000906bc ID du processus défaillant : 0x0x30ec Heure de début de l’application défaillante : 0x0x1d94267288d35c8 Chemin d’accès de l’application défaillante : C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : aeb78530-ca22-4451-b9af-82ea91efe239 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (02/17/2023 01:46:21 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application : RegAsm.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : System.ComponentModel.Win32Exception à System.Diagnostics.Process.StartWithShellExecuteEx(System.Diagnostics.ProcessStartInfo) à ConsoleApp38.Program.Main(System.String[]) Error: (02/17/2023 01:31:23 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT) Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-AJ6G9D4$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep : GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Fri, 17 Feb 2023 00:31:24 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 2d982729-b984-4de8-8012-3757c475cbda Méthode : GET(234ms) Étape : GetCACaps Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (02/17/2023 01:31:23 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT) Description: Échec de l’initialisation de l’inscription du certificat SCEP pour Système local via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep : GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Fri, 17 Feb 2023 00:31:24 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 9d400d10-20f6-4c61-8200-5250da581441 Méthode : GET(281ms) Étape : GetCACaps Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Erreurs système: ============= Error: (02/17/2023 04:03:49 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJ6G9D4) Description: Le serveur {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (02/17/2023 04:01:50 AM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: AUTORITE NT) Description: Le service de journalisation des événements a rencontré une erreur lors de l’initialisation des ressources de publication pour le canal Nefarius-Drivers-HidHideClient/Diagnostic. Si le canal est de type « Analyse » ou « Déboguer », cela peut signifier qu’une erreur s’est également produite lors de l’initialisation des ressources de journalisation. Error: (02/17/2023 04:01:50 AM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: AUTORITE NT) Description: Le service de journalisation des événements a rencontré une erreur lors de l’initialisation des ressources de publication pour le canal Nefarius-Drivers-HidHide/Diagnostic. Si le canal est de type « Analyse » ou « Déboguer », cela peut signifier qu’une erreur s’est également produite lors de l’initialisation des ressources de journalisation. Error: (02/17/2023 04:01:27 AM) (Source: DCOM) (EventID: 10005) (User: AUTORITE NT) Description: DCOM a reçu l’erreur « 1053 » lors de la tentative de démarrage du service asComSvc avec les arguments « Non disponible » pour exécuter le serveur : {BC50CF2A-E12C-4F18-90CE-714CC8600CEE} Error: (02/17/2023 04:01:23 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORITE NT) Description: Le module d’extensibilité WLAN s’est arrêté de façon inattendue. Chemin d’accès du module : C:\WINDOWS\system32\mtkihvx.dll Error: (02/17/2023 04:01:23 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORITE NT) Description: Le module d’extensibilité WLAN s’est arrêté de façon inattendue. Chemin d’accès du module : C:\WINDOWS\system32\mtkihvx.dll Error: (02/17/2023 04:00:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Windows Search s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service. Error: (02/17/2023 04:00:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service LGHUB Updater Service s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 5000 millisecondes : Redémarrer le service. Windows Defender: ================ Date: 2023-02-16 16:38:51 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Remcos.REN!MTB&threatid=2147830638&enterprise=0 Nom : Trojan:MSIL/Remcos.REN!MTB ID : 2147830638 Gravité : Grave Catégorie : Cheval de Troie Chemin : file:_C:\Users\simon\AppData\Roaming\Adobe After Effects 2022 v22.6.0.64\Adobe After Effects 2022 v22.6.0.64 1.0.0\install\8E51040\AppDataFolder\WindowsActiveServices\AutoActivation.exe Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : DESKTOP-AJ6G9D4\simon Nom du processus : C:\Windows\System32\msiexec.exe Version de la veille de sécurité : AV: 1.383.70.0, AS: 1.383.70.0, NIS: 1.383.70.0 Version du moteur : AM: 1.1.20000.2, NIS: 1.1.20000.2 Date: 2023-02-16 16:38:47 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Remcos.REN!MTB&threatid=2147830638&enterprise=0 Nom : Trojan:MSIL/Remcos.REN!MTB ID : 2147830638 Gravité : Grave Catégorie : Cheval de Troie Chemin : file:_C:\Users\simon\AppData\Roaming\Adobe After Effects 2022 v22.6.0.64\Adobe After Effects 2022 v22.6.0.64 1.0.0\install\8E51040\AppDataFolder\WindowsActiveServices\AutoActivation.exe Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : DESKTOP-AJ6G9D4\simon Nom du processus : C:\Users\simon\Downloads\Adobe After Effects 2022 v22.6.0.64 (x64) Pre-Cracked\Adobe After Effects 2022 v22.6.0.64.exe Version de la veille de sécurité : AV: 1.383.70.0, AS: 1.383.70.0, NIS: 1.383.70.0 Version du moteur : AM: 1.1.20000.2, NIS: 1.1.20000.2 Date: 2023-02-16 16:37:51 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Remcos.REN!MTB&threatid=2147830638&enterprise=0 Nom : Trojan:MSIL/Remcos.REN!MTB ID : 2147830638 Gravité : Grave Catégorie : Cheval de Troie Chemin : file:_C:\Users\simon\AppData\Roaming\Adobe After Effects 2022 v22.6.0.64\Adobe After Effects 2022 v22.6.0.64 1.0.0\install\8E51040\AppDataFolder\WindowsActiveServices\AutoActivation.exe Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : DESKTOP-AJ6G9D4\simon Nom du processus : C:\Windows\System32\msiexec.exe Version de la veille de sécurité : AV: 1.383.70.0, AS: 1.383.70.0, NIS: 1.383.70.0 Version du moteur : AM: 1.1.20000.2, NIS: 1.1.20000.2 Date: 2023-02-16 16:37:46 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Remcos.REN!MTB&threatid=2147830638&enterprise=0 Nom : Trojan:MSIL/Remcos.REN!MTB ID : 2147830638 Gravité : Grave Catégorie : Cheval de Troie Chemin : file:_C:\Users\simon\AppData\Roaming\Adobe After Effects 2022 v22.6.0.64\Adobe After Effects 2022 v22.6.0.64 1.0.0\install\8E51040\AppDataFolder\WindowsActiveServices\AutoActivation.exe Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : DESKTOP-AJ6G9D4\simon Nom du processus : C:\Users\simon\Downloads\Adobe After Effects 2022 v22.6.0.64 (x64) Pre-Cracked\Adobe After Effects 2022 v22.6.0.64.exe Version de la veille de sécurité : AV: 1.383.70.0, AS: 1.383.70.0, NIS: 1.383.70.0 Version du moteur : AM: 1.1.20000.2, NIS: 1.1.20000.2  CodeIntegrity: =============== Date: 2023-02-17 05:11:05 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswidsagent.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-02-17 05:05:42 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Infos Mémoire =========================== BIOS: ASUSTek COMPUTER INC. 301 09/09/2021 Carte mère: ASUSTeK COMPUTER INC. G15DK Processeur: AMD Ryzen 7 5800X 8-Core Processor Pourcentage de mémoire utilisée: 69% Mémoire physique - RAM - totale: 16275.11 MB Mémoire physique - RAM - disponible: 4887.71 MB Mémoire virtuelle totale: 53139.11 MB Mémoire virtuelle disponible: 33219.08 MB ==================== Lecteurs ================================ Drive c: (OS) (Fixed) (Total:930.67 GB) (Free:296.09 GB) (Model: Micron_2210_MTFDHBA1T0QFD) NTFS \\?\Volume{c7c462d3-b680-4c96-b9c5-4988d9fc76c6}\ (RECOVERY) (Fixed) (Total:0.73 GB) (Free:0.14 GB) NTFS \\?\Volume{64b7d885-4884-47eb-a499-1089c9b7f954}\ (RESTORE) (Fixed) (Total:22 GB) (Free:8.33 GB) NTFS \\?\Volume{ad90945e-0ae8-40a2-8c16-cb3f871012be}\ (MYASUS) (Fixed) (Total:0.19 GB) (Free:0.13 GB) FAT32 \\?\Volume{d6a9704b-6e0b-44ea-9058-de2c7c955078}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 953.9 GB) (Disk ID: C17C50D0) Partition: GPT. ==================== Fin de Addition.txt =======================