Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 29-04-2023
Exécuté par lordi (29-04-2023 19:48:26)
Exécuté depuis C:\Users\lordi\Desktop
Microsoft Windows 10 Professionnel Version 21H2 19044.2846 (X64) (2020-06-14 10:56:54)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================


(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

Administrateur (S-1-5-21-329816075-2688303404-493038192-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-329816075-2688303404-493038192-503 - Limited - Disabled)
Invité (S-1-5-21-329816075-2688303404-493038192-501 - Limited - Disabled)
lordi (S-1-5-21-329816075-2688303404-493038192-1001 - Administrator - Enabled) => C:\Users\lordi
WDAGUtilityAccount (S-1-5-21-329816075-2688303404-493038192-504 - Limited - Disabled)

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

3DMark (HKLM\...\{23759845-E30A-4716-B054-843A28B6F927}) (Version: 2.22.7359.0 - UL) Hidden
7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Acronis True Image (HKLM-x32\...\{831FFE5C-11F4-4E48-A3A5-8535FC93B75A}) (Version: 24.6.25700 - Acronis) Hidden
Acronis True Image (HKLM-x32\...\{831FFE5C-11F4-4E48-A3A5-8535FC93B75A}Visible) (Version: 24.6.25700 - Acronis)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.02.19.2221 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.22.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{260a52b1-dc81-4e22-b58d-5dd3b57a7b65}) (Version: 5.02.19.2221 - Advanced Micro Devices, Inc.) Hidden
Assassins Creed Valhalla MULTi14 - ElAmigos version 1.7.0 (HKLM-x32\...\{56CA5418-430C-43BD-A02B-2993D8A641D9}_is1) (Version: 1.7.0 - Ubisoft)
Autodesk Fusion 360 (HKU\S-1-5-21-329816075-2688303404-493038192-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.14337 - Autodesk, Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 112.1.50.121 - Auteurs de Brave)
Core Temp 1.18 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.18 - ALCPU)
CrossTheAgesLauncher (HKU\S-1-5-21-329816075-2688303404-493038192-1001\...\993072d0-f4cb-54c9-80ef-e1b51d41d412) (Version: 0.1.2 - Cross The Ages)
ENE_QSI_Loki_HAL (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE_QSI_Loki_HAL (HKLM-x32\...\{205ef3a8-937b-43cb-90fc-2f58f71408d8}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden
HashTab 6.0.0.34 (HKLM\...\HashTab) (Version: 6.0.0.34 - Implbits Software)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
ImDisk Virtual Disk Driver (HKLM\...\ImDisk) (Version: * - LTR Data)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2022.11.345634 - Logitech)
Malwarebytes version 4.5.27.262 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.27.262 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 112.0.1722.64 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 112.0.1722.58 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 (HKLM-x32\...\{d92971ab-f030-43c8-8545-c66c818d0e05}) (Version: 14.34.31938.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31938 (HKLM-x32\...\{4f84f2dc-3f70-433a-8f50-8293e0089b0f}) (Version: 14.34.31938.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938 (HKLM\...\{7DA37AE3-D8AE-49B1-9BDC-23CA0AB9FF22}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938 (HKLM\...\{0AE39060-F209-4D05-ABC7-54B8F9CFA32E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31938 (HKLM-x32\...\{080D8397-60F4-44B3-BB95-FBB950CB0B4E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31938 (HKLM-x32\...\{8DE5B0D4-A6D8-4F72-B8EF-28776A2EE5D5}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 112.0.2 (x64 fr)) (Version: 112.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.9.0 - Mozilla)
Mozilla Thunderbird (x86 fr) (HKLM-x32\...\Mozilla Thunderbird 102.10.0 (x86 fr)) (Version: 102.10.0 - Mozilla)
MSI Afterburner 4.6.4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 - MSI Co., LTD)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.8 - Notepad++ Team)
NVIDIA Logiciel système PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA Pilote graphique 516.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 516.94 - NVIDIA Corporation)
Package de pilotes Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9363.1 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.3.4 (HKLM-x32\...\RTSS) (Version: 7.3.4 - Unwinder)
Surfshark (HKLM-x32\...\{B401EC26-39FB-4C82-90D6-532BFDE87E66}) (Version: 4.11.2999 - Surfshark) Hidden
Surfshark (HKLM-x32\...\Surfshark 4.11.2999) (Version: 4.11.2999 - Surfshark)
Surfshark TAP Driver Windows (HKLM-x32\...\{364DA2C2-3C50-468A-A1BD-93E5B8502B40}) (Version: 1.0.1 - Surfshark)
Surfshark TAP Driver Windows (HKLM-x32\...\{3E0F2149-F7FA-4299-A940-5EB798F74D47}) (Version: 1.0.1 - Surfshark)
Surfshark TAP Driver Windows (HKLM-x32\...\{5B2D9FDF-9C17-4D36-B2BE-C7030183A9BD}) (Version: 1.0.1 - Surfshark)
Surfshark TAP Driver Windows (HKLM-x32\...\{DDAC9A61-90BD-4C63-ABB6-036D58573122}) (Version: 1.0.1 - Surfshark)

Packages:
=========
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-09-08] (NVIDIA Corp.)

==================== Personnalisé CLSID (Avec liste blanche): ==============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-329816075-2688303404-493038192-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\lordi\AppData\Local\Autodesk\webdeploy\production\3f77c28c02b1b466e9d910ef562e48d42f47cc2b\NPreview10.dll (Autodesk, Inc. -> )
ShellIconOverlayIdentifiers: [     AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_6_25700.dll [2020-03-31] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_6_25700.dll [2020-03-31] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_6_25700.dll [2020-03-31] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_6_25700.dll [2020-03-31] (Acronis International GmbH -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2022-12-24] (Notepad++ -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-07] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmdig.inf_amd64_1f4f13287900d9b3\nvshext.dll [2022-09-08] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-07] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Drivers32: [VIDC.RTV1] => rtvcvfw64.dll
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Fichier non signé]

==================== Raccourcis & WMI ========================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

ShortcutWithArgument: C:\Users\lordi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\8a377216e161c7a2\Phantom.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\chrome_proxy.exe (Brave Software, Inc.) -> --profile-directory=Default --app-id=bfnaelmomeimhlpmgjnjophhpkkoljpa

==================== Modules chargés (Avec liste blanche) =============

2021-12-03 15:36 - 2021-12-03 15:36 - 000232960 _____ () [Fichier non signé] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000057344 _____ () [Fichier non signé] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000668672 _____ () [Fichier non signé] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000074240 _____ () [Fichier non signé] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000371712 _____ () [Fichier non signé] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2023-03-14 17:57 - 2023-03-14 17:57 - 000058368 _____ () [Fichier non signé] C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2023-03-14 17:57 - 2023-03-14 17:57 - 000074240 _____ () [Fichier non signé] C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2023-03-14 17:57 - 2023-03-14 17:57 - 000368640 _____ () [Fichier non signé] C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2022-08-31 13:51 - 2022-08-31 13:51 - 000151040 _____ () [Fichier non signé] C:\Program Files (x86)\Surfshark\Resources\x64\SplitTunnel.dll
2023-02-01 18:29 - 2023-02-01 18:29 - 000267264 _____ () [Fichier non signé] C:\Program Files (x86)\Surfshark\Resources\x64\Surfshark.Firewall.dll
2021-10-27 14:41 - 2021-10-27 14:41 - 001601536 _____ () [Fichier non signé] C:\Program Files (x86)\Surfshark\runtimes\win-x64\native\e_sqlite3.dll
2022-09-03 15:46 - 2022-07-15 16:00 - 000094720 _____ (Igor Pavlov) [Fichier non signé] C:\Program Files\7-Zip\7-zip.dll
2021-12-31 13:01 - 2022-07-15 16:00 - 000062976 _____ (Igor Pavlov) [Fichier non signé] C:\Program Files\7-Zip\7-zip32.dll

==================== Alternate Data Streams (Avec liste blanche) ========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)

AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [140]

==================== Mode sans échec (Avec liste blanche) ==================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Avec liste blanche) =================

==================== Internet Explorer (Avec liste blanche) ==========


==================== Hosts contenu: =========================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2021-09-20 12:54 - 2022-02-05 20:28 - 000045184 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1       localhost
109.94.209.70      *.fitgirl-repacks.xyz           # Fake FitGirl site
109.94.209.70      fitgirlrepacks.co               # Fake FitGirl site
109.94.209.70      fitgirl-repacks.cc              # Fake FitGirl site
109.94.209.70      fitgirl-repack.com              # Fake FitGirl site
109.94.209.70      fitgirl-repacks.website         # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.co           # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.cc          # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.com          # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.website     # Fake FitGirl site
109.94.209.70      ww9.fitgirl-repacks.xyz         # Fake FitGirl site
109.94.209.70      *.fitgirl-repacks.xyz           # Fake FitGirl site
109.94.209.70      fitgirl-repacks.xyz             # Fake FitGirl site
109.94.209.70      fitgirl-repack.net              # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.net          # Fake FitGirl site
109.94.209.70      fitgirlpack.site                # Fake FitGirl site
109.94.209.70      www.fitgirlpack.site            # Fake FitGirl site
127.0.0.1 web-api-tih.acronis.com
127.0.0.1 activation.acronis.com 
127.0.0.1 lm.auslogics.com
0.0.0.0 betrad.com # Ghostery Enterprise
0.0.0.0 www.betrad.com # Ghostery Enterprise
0.0.0.0 a.ads1.msn.com 
0.0.0.0 a.ads2.msads.net 
0.0.0.0 a.ads2.msn.com 
0.0.0.0 a.rad.msn.com 
0.0.0.0 a-0001.a-msedge.net 
0.0.0.0 a-0002.a-msedge.net 
0.0.0.0 a-0003.a-msedge.net 
0.0.0.0 a-0004.a-msedge.net 

Il y a 1933 plus de lignes.


2021-12-30 17:38 - 2023-04-29 17:22 - 000000517 _____ C:\Windows\system32\drivers\etc\hosts.ics
172.22.160.1 DESKTOP-JHCR99Q.mshome.net # 2028 4 4 27 15 22 45 991
8.128.1 DESKTOP-JHCR99Q.mshome.net # 2027 10 2 19 6 38 10 347

==================== Autres zones ===========================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-329816075-2688303404-493038192-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\lordi\Documents\miloud_by_brightknightcopie2k.jpg
DNS Servers: 9.9.9.9 - 149.112.112.112
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKU\S-1-5-21-329816075-2688303404-493038192-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0)
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-329816075-2688303404-493038192-1001\...\StartupApproved\StartupFolder: => "MSI LED Tool - Raccourci.lnk"
HKU\S-1-5-21-329816075-2688303404-493038192-1001\...\StartupApproved\StartupFolder: => "OpenRGB - Raccourci.lnk"
HKU\S-1-5-21-329816075-2688303404-493038192-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-329816075-2688303404-493038192-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_6C48C0CA9278FE6DCA8E403B5C1137CF"

==================== RèglesPare-feu (Avec liste blanche) ================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [TCP Query User{8AF10116-07F3-45FD-8749-35FCE169F0DA}C:\program files\bravesoftware\brave-browser\application\brave.exe] => (Block) C:\program files\bravesoftware\brave-browser\application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [UDP Query User{B9AB8A04-25D1-4F6B-ABC3-B6979841F995}C:\program files\bravesoftware\brave-browser\application\brave.exe] => (Block) C:\program files\bravesoftware\brave-browser\application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{E18878DE-704D-4309-BAF0-F5A45B8ECE5D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2740AD50-1760-4268-ACE4-BE94D1A4F66D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{A1102EC4-5201-42FA-ADA4-EDE314D0763C}G:\programme portable\jdownloader 2 (64-bit)\jdownloader2.exe] => (Block) G:\programme portable\jdownloader 2 (64-bit)\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [UDP Query User{06844088-7A45-4ACF-A43D-F945B59E9E82}G:\programme portable\jdownloader 2 (64-bit)\jdownloader2.exe] => (Block) G:\programme portable\jdownloader 2 (64-bit)\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [TCP Query User{DC3DD493-B48D-4A5F-AE35-C63BD50D22AE}G:\programme portable\deluge\deluge.exe] => (Block) G:\programme portable\deluge\deluge.exe (Deluge Team) [Fichier non signé]
FirewallRules: [UDP Query User{4DBB8366-11CD-4199-9E61-2007D126D606}G:\programme portable\deluge\deluge.exe] => (Block) G:\programme portable\deluge\deluge.exe (Deluge Team) [Fichier non signé]
FirewallRules: [TCP Query User{91082760-F89F-41A4-97A0-ADD3D303A4E5}G:\telegram\telegram.exe] => (Block) G:\telegram\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [UDP Query User{A6506358-F424-44C8-A207-B046F51AC0F4}G:\telegram\telegram.exe] => (Block) G:\telegram\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [TCP Query User{7ADEF212-BA8C-4703-8EF6-65DB4455DD85}G:\programme portable\opera\opera.exe] => (Block) G:\programme portable\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{947C92ED-DF89-4F8F-B659-A3FB798B5174}G:\programme portable\opera\opera.exe] => (Block) G:\programme portable\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{20C4A474-87E1-4838-8F85-59E8B6D3B9B8}] => (Allow) G:\Programme Portable\Opera\87.0.4390.35\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{303089F4-8B68-4AD0-B0BE-74B4655225E4}C:\xiaomi\xiaomitool2\bin\javaw.exe] => (Block) C:\xiaomi\xiaomitool2\bin\javaw.exe
FirewallRules: [UDP Query User{C4A9F59B-5004-43F2-9EE1-EE7316E6CB06}C:\xiaomi\xiaomitool2\bin\javaw.exe] => (Block) C:\xiaomi\xiaomitool2\bin\javaw.exe
FirewallRules: [TCP Query User{DB48FD88-606C-45DE-A99E-DF1E64453A90}C:\users\lordi\appdata\roaming\cross-the-ages-launcher\game\crosstheagestcg.exe] => (Block) C:\users\lordi\appdata\roaming\cross-the-ages-launcher\game\crosstheagestcg.exe (CrossTheAges -> ) [Fichier non signé]
FirewallRules: [UDP Query User{756B9B44-ED75-4613-87AA-949372C01C19}C:\users\lordi\appdata\roaming\cross-the-ages-launcher\game\crosstheagestcg.exe] => (Block) C:\users\lordi\appdata\roaming\cross-the-ages-launcher\game\crosstheagestcg.exe (CrossTheAges -> ) [Fichier non signé]
FirewallRules: [TCP Query User{B3E688F1-6801-48BC-892F-05D08692EE33}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Block) C:\program files (x86)\mozilla thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{6583A46F-B40D-40F3-9A92-E70295A0E4EE}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Block) C:\program files (x86)\mozilla thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{5D11B77A-992D-4C5C-B6DD-8D390249ECE7}G:\kodiportable\app\kodi\kodi.exe] => (Block) G:\kodiportable\app\kodi\kodi.exe (XBMC Foundation) [Fichier non signé]
FirewallRules: [UDP Query User{93B33369-5BB0-44E9-9609-028C5CBD428E}G:\kodiportable\app\kodi\kodi.exe] => (Block) G:\kodiportable\app\kodi\kodi.exe (XBMC Foundation) [Fichier non signé]
FirewallRules: [{9BAB51F1-CBEF-44E3-9D05-E22273CDD0EE}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{3F61364A-2974-43C6-8E3A-8B3297E8B835}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.58\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{83CBF9E5-0B22-43A1-8453-36CED664EE03}] => (Allow) C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloud.exe => Pas de fichier
FirewallRules: [{512447D2-6A25-45B4-868C-0CAE23E2C32A}] => (Allow) C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloud.exe => Pas de fichier

==================== Points de restauration =========================

ATTENTION: La Restauration système est désactivée (Total:60.19 GB) (Free:28.24 GB) (47%)

==================== Éléments en erreur du Gestionnaire de périphériques ============


==================== Erreurs du Journal des événements: ========================

Erreurs Application:
==================
Error: (04/29/2023 05:22:51 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-JHCR99Q$ via https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep :

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 29 Apr 2023 15:23:08 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 43d8183b-d263-4468-a84e-20430c759b7f

Méthode : GET(328ms)
Étape : GetCACaps
Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (04/29/2023 12:52:53 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-JHCR99Q$ via https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep :

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 29 Apr 2023 10:53:08 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 629ce2f5-a746-468a-97ff-ce1e3560e675

Méthode : GET(359ms)
Étape : GetCACaps
Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (04/29/2023 08:22:12 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-JHCR99Q$ via https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep :

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 29 Apr 2023 06:22:28 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 4b02fb08-b27b-4031-ae47-7248e4a8fb33

Méthode : GET(297ms)
Étape : GetCACaps
Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (04/28/2023 04:21:15 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-JHCR99Q$ via https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep :

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 28 Apr 2023 14:21:29 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 21c67a31-1b62-4197-9c7c-03ceff97aabe

Méthode : GET(656ms)
Étape : GetCACaps
Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (04/28/2023 02:05:07 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-JHCR99Q$ via https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep :

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 28 Apr 2023 12:05:22 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 228b5fdb-cf0d-47bc-a6ce-e047dadf17ae

Méthode : GET(657ms)
Étape : GetCACaps
Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (04/28/2023 08:27:02 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-JHCR99Q$ via https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep :

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 28 Apr 2023 06:27:15 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: d4a6e11b-6da5-419d-9fcc-df345f4d57b5

Méthode : GET(328ms)
Étape : GetCACaps
Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (04/27/2023 05:38:59 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-JHCR99Q$ via https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep :

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Thu, 27 Apr 2023 15:39:12 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: eed31d62-fdf2-45a2-a2e2-6e12a0872abe

Méthode : GET(328ms)
Étape : GetCACaps
Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (04/27/2023 02:58:18 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « D:\Users\lordi\AppData\Local\Temp\SPOON\CACHE\0x3BA408B124B3B097\sxs\manifests\mfc80u.dll_0xCCC2E312486AE6B80970211DA472268B.1000.manifest ».
Assembly dépendant Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.


Erreurs système:
=============
Error: (04/29/2023 06:28:06 PM) (Source: nvlddmkm) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/29/2023 05:22:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service CMigrationService n’a pas pu démarrer en raison de l’erreur : 
Le fichier spécifié est introuvable.

Error: (04/29/2023 12:52:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service CMigrationService n’a pas pu démarrer en raison de l’erreur : 
Le fichier spécifié est introuvable.

Error: (04/29/2023 08:22:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service CMigrationService n’a pas pu démarrer en raison de l’erreur : 
Le fichier spécifié est introuvable.

Error: (04/28/2023 04:21:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service CMigrationService s’est terminé de façon inattendue pour la 1ème fois.

Error: (04/26/2023 09:02:48 PM) (Source: nvlddmkm) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/26/2023 08:14:04 PM) (Source: nvlddmkm) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/26/2023 06:51:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT)
Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80240017 : Mise à jour intelligente de la sécurité pour Microsoft Defender Antivirus - KB2267602 (version 1.387.2106.0).


==================== Infos Mémoire =========================== 

BIOS: American Megatrends International, LLC. 2.H0 07/27/2022
Carte mère: Micro-Star International Co., Ltd. B450M MORTAR MAX (MS-7B89)
Processeur: AMD Ryzen 5 3600 6-Core Processor 
Pourcentage de mémoire utilisée: 34%
Mémoire physique - RAM - totale: 16309.58 MB
Mémoire physique - RAM - disponible: 10664.13 MB
Mémoire virtuelle totale: 21941.58 MB
Mémoire virtuelle disponible: 12810.79 MB

==================== Lecteurs ================================

Drive c: () (Fixed) (Total:60.19 GB) (Free:28.24 GB) (Model: Samsung SSD 860 EVO 250GB) NTFS
Drive d: (Stockage) (Fixed) (Total:891.51 GB) (Free:102.5 GB) (Model: SanDisk SDSSDH3 1T00) NTFS
Drive g: (Games) (Fixed) (Total:172.07 GB) (Free:54.25 GB) (Model: Samsung SSD 860 EVO 250GB) NTFS

\\?\Volume{eb864e4b-9031-4232-91d1-f665d351a9ce}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{6b40423c-07b6-4c96-95fc-1c82ff622d3f}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Table des partitions ====================

==========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 892611B7)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 149EDACE)
Partition 1: (Not Active) - (Size=891.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=30.5 GB) - (Type=83)
Partition 3: (Not Active) - (Size=9.5 GB) - (Type=83)

==================== Fin de Addition.txt =======================