cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01
Exécuté par cora (13-06-2018 21:41:19)
Exécuté depuis C:\Users\cora\Downloads
Windows 10 Home Version 1803 17134.112 (X64) (2018-05-13 19:21:53)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================

Administrateur (S-1-5-21-1133026859-3786083032-2722230936-500 - Administrator - Disabled)
cora (S-1-5-21-1133026859-3786083032-2722230936-1001 - Administrator - Enabled) => C:\Users\cora
DefaultAccount (S-1-5-21-1133026859-3786083032-2722230936-503 - Limited - Disabled)
Invité (S-1-5-21-1133026859-3786083032-2722230936-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1133026859-3786083032-2722230936-504 - Limited - Disabled)

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

Action! (HKLM-x32\...\Mirillis Action!) (Version: 3.1.1 - Mirillis)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.5.0.331 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_3) (Version: 19.1.3 - Adobe Systems Incorporated)
Alice Retour au pays de la folie (HKLM-x32\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.7 - Advanced Micro Devices, Inc.)
Apple Application Support (32 bits) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{64695C4A-C68F-46B5-A734-50EBF124A68E}) (Version: 11.3.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 18.4.2338 - AVAST Software)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Nom de votre société) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
cFosSpeed v10.25 (HKLM\...\cFosSpeed) (Version: 10.25 - cFos Software GmbH, Bonn)
Cuphead (HKLM-x32\...\1963513391_is1) (Version: 20170929 - GOG.com)
Discord (HKU\S-1-5-21-1133026859-3786083032-2722230936-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
Discord (HKU\S-1-5-21-1133026859-3786083032-2722230936-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06132018203145505\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.11 - NVIDIA Corporation) Hidden
DriversCloud.com (64 bits) (HKLM\...\{8B044631-6E1E-4A0B-8E7F-8CB932CC660F}) (Version: 10.0.5.3 - Cybelsoft)
Fran Bow (HKLM-x32\...\1438948561_is1) (Version: 2.5.0.6 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.87 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
INSIDE (HKLM-x32\...\1916896012_is1) (Version: 10 - GOG.com)
iTunes (HKLM\...\{A116D7C2-6CD0-42EE-B5AA-0CFD0CF7939B}) (Version: 12.7.5.9 - Apple Inc.)
LAV Filters 0.68.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.68.1 - Hendrik Leppkes)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
MFC RunTime files (HKLM-x32\...\{70C592EC-AE9B-4734-928B-676E824FB41E}) (Version: 1.0.0 - Extensoft) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1133026859-3786083032-2722230936-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1133026859-3786083032-2722230936-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06132018203145505\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mises à jour NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
Mozilla Firefox 60.0.2 (x64 fr) (HKLM\...\Mozilla Firefox 60.0.2 (x64 fr)) (Version: 60.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.2 - Mozilla)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 3.0.0.65 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.2.0.68 - MSI)
MSI Gaming Lan Manager (HKLM-x32\...\{3318282C-D4D6-4B29-BBD5-95FC34B54FF0}_is1) (Version: 1.0.0.66 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.35 - MSI)
MSI RAMDisk (HKLM-x32\...\{F29CF050-7278-4CDB-9EF8-2DC6DAA87453}}_is1) (Version: 1.0.0.31 - MSI)
MSI Smart Tool (HKLM-x32\...\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1) (Version: 1.0.0.33 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.22 - MSI)
MSI X Boost (HKLM-x32\...\{515143BB-7A11-4D85-B941-D520AAAA099C}_is1) (Version: 1.0.0.43 - MSI)
NVIDIA GeForce Experience 3.14.0.139 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.0.139 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Pilote 3D Vision 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 398.11 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA Pilote du contrôleur 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Pilote graphique 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.11 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.1.2 - OBS Project)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Nom de votre société)
Ori and The Blind Forest - Definitive Edition (HKLM-x32\...\1384944984_is1) (Version: 2.0.0.2 - GOG.com)
Origin (HKLM-x32\...\Origin) (Version: 10.5.20.63112 - Electronic Arts, Inc.)
Panneau de configuration NVIDIA 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 398.11 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8412 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StreamLabels 0.2.8 (only current user) (HKU\S-1-5-21-1133026859-3786083032-2722230936-1001\...\8000d50a-fcb7-5b38-8a3b-a02a0ec79daa) (Version: 0.2.8 - Streamlabs)
StreamLabels 0.2.8 (only current user) (HKU\S-1-5-21-1133026859-3786083032-2722230936-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06132018203145505\...\8000d50a-fcb7-5b38-8a3b-a02a0ec79daa) (Version: 0.2.8 - Streamlabs)
Supercopier 1.2.3.6 (HKLM-x32\...\Supercopier) (Version: 1.2.3.6 - Supercopier)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Unravel™ (HKLM-x32\...\{5105E605-9EE7-4050-9CC0-005093BBF89A}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
UNRAVEL™ two (HKLM-x32\...\{5DB117FE-6F05-40AC-B7A3-5C67641F14C0}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WinRAR 5.60 beta 5 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.5 - win.rar GmbH)

==================== Personnalisé CLSID (Avec liste blanche): ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-1133026859-3786083032-2722230936-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-2EA7F8FE6B69}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1133026859-3786083032-2722230936-1001_Classes\CLSID\{68D44A27-FFB6-4B89-A3E5-7B0E50A7AB33}\InprocServer32 -> C:\Program Files (x86)\Supercopier\PluginLoader\catchcopy-v0002\catchcopy32.dll ()
CustomCLSID: HKU\S-1-5-21-1133026859-3786083032-2722230936-1001_Classes\CLSID\{68FF37C4-51BC-4C2A-A992-7E39BC0E706F}\InprocServer32 -> C:\Program Files (x86)\Supercopier\PluginLoader\catchcopy-v0002\catchcopy64.dll ()
CustomCLSID: HKU\S-1-5-21-1133026859-3786083032-2722230936-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-16] (AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-16] (AVAST Software)
ContextMenuHandlers1: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Pas de fichier
ContextMenuHandlers1: [Glary Utilities 3] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Pas de fichier
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-04] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-04] (Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Pas de fichier
ContextMenuHandlers2: [Glary Utilities 3] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Pas de fichier
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-16] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-04] (Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-04] (Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-06-01] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-16] (AVAST Software)
ContextMenuHandlers6: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Pas de fichier
ContextMenuHandlers6: [Glary Utilities 3] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Pas de fichier
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-04] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-04] (Alexander Roshal)

==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0B112E1A-6A74-43F5-A5C0-63271360FD51} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-05-20] (NVIDIA Corporation)
Task: {0F3F7F70-580C-4464-A330-24276845C9BD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-06-05] (AVAST Software)
Task: {1A3CBD75-49A3-41B5-A202-0D6209CB9C9A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-05-20] (NVIDIA Corporation)
Task: {210528D5-BB23-48DD-8DFF-59AED1A92A8D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-05-16] (AVAST Software)
Task: {22338BF5-2533-45A8-837F-5C6C42C25D75} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {24395757-8200-46C2-8F3D-53344A7FC5E3} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-2U1TP2M-cora => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {27A2BB89-F2CE-4CAD-BBF1-17A881D8559C} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {2B265047-8B99-4841-B1CD-656452F30040} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-13] (Google Inc.)
Task: {2EFC54EB-B2E6-4C15-A429-88752F63CA3C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {391D897C-EAB3-4AB9-87BB-7AE0A17EDA58} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {43644B79-16A5-4E3B-8DE3-B2EAD3A7FDE7} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: {4CE037C5-2FFD-4ECB-9B8F-488C6FAD72EB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {5EF3A507-41B2-4605-A1D5-42418E88F820} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20] (NVIDIA Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {7849ED7D-D6A4-406E-BE03-0B53C631797C} - System32\Tasks\MSIOSDx64_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
Task: {80F0A7D0-D2FA-4E2B-B827-8B293AA91ED1} - System32\Tasks\MSIGH_Host => C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe [2018-03-22] (Micro-Star INT'L CO., LTD.)
Task: {8870733C-5CA5-43E1-823F-80F7C92CD15D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {B271537E-21DD-43F0-9EAA-07400368FA48} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20] (NVIDIA Corporation)
Task: {BEE98B86-2D58-4786-B01B-498CC08681A8} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {D08C42AD-996B-4B79-A058-3C4099BE39C0} - System32\Tasks\MSIOSDx86_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
Task: {E899D1AC-EBC0-4C17-BD16-648390BC4C12} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [2015-08-18] (MSI)
Task: {F2E0C9C1-C521-463E-936E-C6E3E43D8BFF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-05-20] (NVIDIA Corporation)
Task: {F7F29FDF-D850-49C9-AD96-2EF22B17C6B3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-13] (Google Inc.)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\MSISW_Host.job => C:\WINDOWS\SysWOW64\muachost.exe

==================== Raccourcis & WMI ========================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)


==================== Modules chargés (Avec liste blanche) ==============

2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2017-12-08 02:48 - 2017-12-08 02:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-05-15 18:58 - 2018-05-15 18:58 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-05-24 16:36 - 2018-05-20 19:36 - 001315296 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-02-10 01:12 - 2018-02-10 01:12 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-06-13 16:19 - 2018-06-08 10:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-06-02 14:53 - 2018-06-02 14:53 - 027118080 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-05-23 01:37 - 2018-05-23 01:37 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-05-23 01:37 - 2018-05-23 01:37 - 006748672 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-10-26 17:11 - 2017-10-26 17:13 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-23 01:37 - 2018-05-23 01:37 - 009358848 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-05-19 11:23 - 2018-05-19 11:23 - 000084992 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-05-08 10:57 - 2018-05-08 10:57 - 001873120 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-06-07 11:54 - 2018-06-07 11:54 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15913.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-06-07 11:54 - 2018-06-07 11:54 - 067230720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15913.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-26 17:37 - 2017-10-26 17:46 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15913.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-05-30 11:55 - 2018-05-30 11:55 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15913.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-05-30 11:55 - 2018-05-30 11:55 - 004214784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15913.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-04-26 09:35 - 2018-04-26 09:35 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15913.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-05-30 11:55 - 2018-05-30 11:55 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15913.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-04-05 15:23 - 2018-04-05 15:24 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15913.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-06-07 11:54 - 2018-06-07 11:54 - 014850560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15913.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-05-30 11:55 - 2018-05-30 11:55 - 004058624 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15913.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-06-07 11:54 - 2018-06-07 11:54 - 003265536 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15913.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-05-30 11:55 - 2018-05-30 11:55 - 001393664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15913.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-05-30 11:55 - 2018-05-30 11:55 - 004218080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15913.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-30 11:55 - 2018-05-30 11:55 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15913.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-06-07 11:54 - 2018-06-07 11:54 - 000165376 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15913.0_x64__8wekyb3d8bbwe\SKU.dll
2018-05-27 16:13 - 2016-04-20 14:12 - 000772608 _____ () C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\Lib\USB_DLL.dll
2018-05-27 16:11 - 2005-07-18 13:43 - 000160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2017-10-26 18:32 - 2017-08-02 14:48 - 000237568 _____ () C:\Program Files (x86)\MSI\Gaming APP\LEDControl.dll
2017-10-26 17:00 - 2018-05-20 19:36 - 001033184 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-05-16 17:20 - 2018-05-16 17:20 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-05-16 17:19 - 2018-05-16 17:19 - 000482520 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-05-16 17:19 - 2018-05-16 17:19 - 000293592 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2018-06-13 19:31 - 2018-06-12 07:46 - 003867480 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\libglesv2.dll
2018-06-13 19:31 - 2018-06-12 07:46 - 000085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\libegl.dll

==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)


==================== Mode sans échec (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)


==================== Internet Explorer sites de confiance/sensibles ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)

IE trusted site: HKU\S-1-5-21-1133026859-3786083032-2722230936-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1133026859-3786083032-2722230936-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06132018203145505\...\localhost -> localhost

==================== Hosts contenu: ===============================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06132018203145436\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06132018203145466\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1133026859-3786083032-2722230936-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\cora\Pictures\Live\380a70fda491bd90e7d4650db277e88c.jpg
HKU\S-1-5-21-1133026859-3786083032-2722230936-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06132018203145505\Control Panel\Desktop\\Wallpaper -> C:\Users\cora\Pictures\Live\380a70fda491bd90e7d4650db277e88c.jpg
DNS Servers: 192.168.0.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "MSI Gaming Lan Manager"
HKLM\...\StartupApproved\Run32: => "X_Boost"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-1133026859-3786083032-2722230936-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1133026859-3786083032-2722230936-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1133026859-3786083032-2722230936-1001\...\StartupApproved\Run: => "ultracopier"
HKU\S-1-5-21-1133026859-3786083032-2722230936-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1133026859-3786083032-2722230936-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-1133026859-3786083032-2722230936-1001\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-1133026859-3786083032-2722230936-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1133026859-3786083032-2722230936-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1133026859-3786083032-2722230936-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06132018203145505\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1133026859-3786083032-2722230936-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06132018203145505\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1133026859-3786083032-2722230936-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06132018203145505\...\StartupApproved\Run: => "ultracopier"
HKU\S-1-5-21-1133026859-3786083032-2722230936-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06132018203145505\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1133026859-3786083032-2722230936-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06132018203145505\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-1133026859-3786083032-2722230936-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06132018203145505\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-1133026859-3786083032-2722230936-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06132018203145505\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1133026859-3786083032-2722230936-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06132018203145505\...\StartupApproved\Run: => "Discord"

==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [{C1840642-B845-45E9-8011-D218A071E214}] => (Allow) D:\Steam\steamapps\common\Tomb Raider Anniversary\tra.exe
FirewallRules: [{CB0FA991-EE65-4BD2-A993-9564CF5CFF61}] => (Allow) D:\Steam\steamapps\common\Tomb Raider Anniversary\tra.exe
FirewallRules: [UDP Query User{6F24D40D-83B8-4307-BF14-AC6BE941766A}D:\vlc\vlc.exe] => (Allow) D:\vlc\vlc.exe
FirewallRules: [TCP Query User{343ACD2A-FC2C-4B4D-A325-DD02DECC115C}D:\vlc\vlc.exe] => (Allow) D:\vlc\vlc.exe
FirewallRules: [UDP Query User{EE7C1910-8ED7-40B1-9DDF-AFC386F07385}C:\program files (x86)\origin games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe] => (Allow) C:\program files (x86)\origin games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe
FirewallRules: [TCP Query User{3C17A209-BB8A-47F8-B856-44BCD4905515}C:\program files (x86)\origin games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe] => (Allow) C:\program files (x86)\origin games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe
FirewallRules: [{A6E51CB6-BB7E-4628-B70D-6EC46C978277}] => (Allow) D:\Steam\steamapps\common\Tomb Raider Underworld\tru.exe
FirewallRules: [{5EC077FB-1063-4F98-BDD5-E76A896CDF8A}] => (Allow) D:\Steam\steamapps\common\Tomb Raider Underworld\tru.exe
FirewallRules: [{37A5B818-E0AB-4B4A-9AB7-C26418DB5643}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{B373A47E-C5BE-4276-8888-54451AFAE3D4}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe
FirewallRules: [{0123DB0E-6937-4FC0-88F3-E71F9D1C2D9F}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe
FirewallRules: [{7AD3652E-2FEF-47D3-9BBC-8D4978C80B5A}] => (Allow) LPort=26789
FirewallRules: [{04C4A44B-6515-41C0-99D8-5EF19563AF61}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{F3710F16-9448-4C4B-BADD-E48F99C27604}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{75E09A56-A5DA-4FC8-B5D7-267994779BA7}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{17EFC228-C162-4D4B-B421-ED901054362A}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A4A6D4B9-1CE3-4A11-A599-5607B73CD09F}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{5E93067A-B95A-41E6-98D8-7B19754A7404}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{2E6D1813-7EB2-4848-B02B-6ACBC73BDBA3}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{65685EAF-3117-420A-9A08-8C60A2A814F3}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{AE996D6F-D3A8-46B3-B6EB-EA7DF2C7092C}] => (Allow) D:\Steam\steamapps\common\60 Seconds!\60Seconds.exe
FirewallRules: [{5D215FB3-E316-4593-B11F-6FB70D4ABB66}] => (Allow) D:\Steam\steamapps\common\60 Seconds!\60Seconds.exe
FirewallRules: [{6C9B8405-E8E8-49AD-A4E5-D1767A53EF5A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B314C9DE-E56F-4006-8F20-73E1C5962F23}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0D38FB47-483A-4564-982F-769D534DCFDB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7185B00B-5E3A-4E11-92C5-802D3EA3F6E6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{3505C41D-4D0D-4BD8-B4DD-3B7DCFE75666}D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{41A673E3-CB62-4C79-B9D1-F63F254E9BE1}D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{AD4197FC-FC26-4D7E-BEFC-290FBDBFA112}] => (Allow) D:\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{780E3D5C-9D11-4790-BC14-CFE1F60D8E59}] => (Allow) D:\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{A37887E2-65AA-4E3C-96D1-2064B96963B0}] => (Allow) D:\Steam\steamapps\common\Little Nightmares\Atlas\Binaries\Win64\LittleNightmares.exe
FirewallRules: [{60D0A5BE-8690-44CA-A9BE-601A197A4B8C}] => (Allow) D:\Steam\steamapps\common\Little Nightmares\Atlas\Binaries\Win64\LittleNightmares.exe
FirewallRules: [{B5F656CE-D890-495A-8D6D-2709D63FC8ED}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe
FirewallRules: [{CD292AA9-168A-4153-9124-500DF41C27FD}] => (Allow) C:\Program Files (x86)\XuaUuOVKa.exe
FirewallRules: [{02273E39-5AD2-4950-B380-0E8E17AB3FAE}] => (Allow) C:\Users\cora\AUWFEyeucqa.exe
FirewallRules: [{753C0287-3583-4E78-AABD-F4AC7E53CB77}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{A7871A66-A780-4844-8AFD-43BED133391B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F6BA83BE-86FB-43D8-9DB3-D4C807C8B6BB}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{F470BE3A-DEE1-4759-B38E-BAD6CBD62B47}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{7B5036AD-B6BC-4E81-BDC1-F128FD4CFB55}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{C92FF035-85BA-4B59-8319-BD902C0E33A7}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{60EF439E-EDB4-493A-AD56-1597D06BDADE}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{19486DB2-9F9A-4B37-9CEA-285684F07241}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{84A936CE-CE9B-4C76-ABBE-C4A18F508169}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{0B786699-36D8-4AD0-BCC2-B19144820D1E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{EB83720D-2889-4493-B498-52B7004EDD46}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{3AB32341-EE3B-4804-936B-4640D552645C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{6A3C630B-2515-44D4-90B0-29D517652236}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{B386F484-0948-4820-A5F1-BB3119B7B19F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{B78E91D6-F0C8-48A2-BCEB-C6BE3A5F1AE8}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{F6234803-47B4-404C-996D-BDE1383E3397}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{CF433705-1683-43EE-A4EB-E384E7A465BD}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{03E30E75-66E8-4D04-8313-585437776544}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{C1425539-0A17-47F4-B0E9-27F10148BF26}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{91AB16B8-8322-4437-9E5D-8CE5DB3CC632}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{D1C60BAE-1991-4CCD-BD27-468B06EDA168}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{0AF21C40-C13F-4C9D-AE14-33E5D710AAB4}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{A9868904-21A0-42EB-8894-005FC358A5D2}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{08410C7D-2936-4691-81BA-46955F11F5F5}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{C7F406E1-EDE7-4ECD-8A26-B9049ABF48A8}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{E36EA03B-4BD5-41C8-BF2B-1C7E7023DE57}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{44F51AA3-BE2A-4C9B-AD3A-9EF12C4657C2}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{1421FEBE-14B1-4706-A48A-011C828F2BA8}] => (Allow) D:\Steam\steamapps\common\Overlord\Overlord.exe
FirewallRules: [{C7DFDC73-AC15-4582-94FD-25D2AB37119F}] => (Allow) D:\Steam\steamapps\common\Overlord\Overlord.exe
FirewallRules: [{A45CC73D-2A70-4788-B240-81CB63B043C8}] => (Allow) D:\Steam\steamapps\common\Overlord\Config.exe
FirewallRules: [{C7C50426-19C5-407E-8B65-FDB8855F1E98}] => (Allow) D:\Steam\steamapps\common\Overlord\Config.exe
FirewallRules: [{5EC03FE7-C5D4-463A-8EB4-E25DED7691ED}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{FAE1A3D4-8BB0-4DCF-90E0-BBA8F9FBB4AC}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{4D8EC489-C57E-4FF1-9A8B-E00680145F87}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{791FD420-523A-40AF-A717-68A454FB01E3}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{759EC206-B326-466E-81EE-9A027B280921}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{CBD8EC82-C243-4DBC-BB4F-72A971AD3EC0}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{317F2126-9F4E-4FDC-A9AC-3CEC6AD77B08}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{E3010F94-20A2-4F79-92C3-E16D61EA3039}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E48AAD43-876B-4F28-ABF4-8272339CB4EA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B7DF2D16-E51B-45D4-909F-3BC8DE844B39}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{FAA1EB2A-8912-4ABD-909A-6F2868941ABA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{593A84A5-4431-4A3F-B80D-294AE4CCC4D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D99189C5-EAD7-47B2-8645-1B117B1FD2E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3AF8C9C3-1A9A-4159-AF38-413065DE9E91}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{570800BC-D97B-4731-BE79-8E555C592912}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{E6682BC3-5EE5-453B-839B-78B6F56242DA}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{23F8073E-CE79-4FDF-9D20-B13497856D2A}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{B0D56101-CC39-4F02-B464-3FB8276BFA69}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{4E1A4656-6FE6-4ABE-9F7A-880FA3847CBD}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{6CFD82F1-7956-49E8-9F30-7EE672B5F3A7}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{861F2619-96FD-4AD9-AC43-F82192CE79E2}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{28436F0B-DF55-44B6-8E67-CEA2632FE9C2}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{8A31AABB-3448-4A12-81D6-890C1A507C47}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{B6CD0B01-27D8-4A70-98E7-D1ED7E5BA9A2}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{F370C7F5-7CCF-4D38-87D8-06EBF6992B37}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{BFBF3E55-E925-4D2B-8983-679258721C6D}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{333D7DD6-0E72-4C71-A624-7623B3DC7573}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{0E0FDF24-0539-4364-A574-1C25EBD384B2}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{90855E05-B9FD-4819-BA3C-3DB1780624FE}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{E0FC7B97-7225-4597-82F2-9DADAA47340B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{8FE28AA8-B713-4049-8E58-C6D92C4D7FEC}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{E5892C83-7FCC-4541-84EA-2520F37387B7}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{3B4CFBDA-A4C7-4834-AD5C-01C70EE52067}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{0D88082B-603F-4AEC-B790-C646CA95A196}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{32C48B7A-98E7-4299-B0DC-19FF2FF04889}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{A6BF6029-A708-49AB-BF05-C5A21F035D20}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{59995604-45A7-489F-BE20-4F8A249B9187}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{235CC269-BF6B-4BF4-ADF0-0439D05352C7}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{1F8019E6-5EAC-40A1-99EE-D7FD44CFF67A}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{3A3BAA19-F822-4964-8120-C9FEEBF0BD19}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{6632D432-B1C2-46A0-B2A4-35879A4C4EA0}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{25B2F694-7670-43D1-B53F-6644B7C564AC}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{A56FCD71-CE24-4466-88F4-2F5668C8AADE}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{2F377314-C03C-428E-9DD3-96D856434A4B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{9E82FAA4-8B1A-4F63-8971-5D8E19F8C601}] => (Allow) C:\Users\cora\AppData\Local\CamStudio 2.7\msiexec64.exe
FirewallRules: [{A88893E3-83CA-4760-AF9E-1C07E8466380}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{BE08D47A-87F9-490D-971D-2189FB679358}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{9DEE9C43-57E6-4B24-AFBD-B6F9A375F3B0}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{597F0DB0-2E18-42A4-A7FE-BE83ADC0F0DB}] => (Allow) C:\Users\cora\AppData\Local\CamStudio 2.7\msiexec64.exe
FirewallRules: [{D20F6D3D-25C0-4B5F-A5A9-B16365AFA3CB}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{5C1F5C66-45BE-4284-AB09-A9A9B335E184}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{F02EDB27-100A-46FB-A284-4BE602D96C63}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{4955E0E3-9B43-409D-A93F-022D6FD29851}] => (Allow) C:\Users\cora\AppData\Local\CamStudio 2.7\msiexec64.exe
FirewallRules: [{CBBB3C2C-BD82-42B2-9F97-41C69A2BA8C3}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{87C90D1E-0E1C-4114-BA22-45879975BA8E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{A17E9C9D-9CB3-45A1-AAA4-9B512A31C351}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{9A7DE498-33AD-4FA5-8B84-298572D31A84}] => (Allow) C:\Users\cora\AppData\Local\CamStudio 2.7\msiexec64.exe
FirewallRules: [{3FEBA5D2-D4EF-4020-B3DA-CC8BC88A8315}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{9E6926A7-5EB7-48D8-9B6E-3F56B96BAB78}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{29ECC82E-5370-4CBF-BA38-7EA71BA23AE1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{08354BDC-AFFE-4E13-8E44-643766139B3C}] => (Allow) D:\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{421D357B-CB11-490B-AB51-28639805EDA1}] => (Allow) D:\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{91FBF5E5-0C91-4ED5-82B0-3C29A268E0C3}] => (Allow) C:\Users\cora\AppData\Local\CamStudio 2.7\msiexec64.exe
FirewallRules: [{9DAC6F72-FC35-4A60-8FB3-3EDD787DBE48}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{D723C382-AE9C-40FF-82AF-A611D3CE4533}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{D8747BC6-73FF-4034-B74B-0DB8D09697ED}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{5CFE7CA6-4810-4573-8641-E0EAB9B9FA45}] => (Allow) C:\Users\cora\AppData\Local\CamStudio 2.7\msiexec64.exe
FirewallRules: [{C6D778EF-544A-4CC1-B8C6-9F5350EBE5D9}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{478C8061-B80D-40E8-85C7-D5F8DB3C2D13}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{F580EEEB-368D-4EF5-8E6A-BB8EE654EA2B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{81BB5E7B-FEDD-443F-9091-FEAA0D16D90C}] => (Allow) C:\Program Files (x86)\Origin Games\UnravelTwo\UnravelTwo.exe
FirewallRules: [{B5E42171-9EE8-4C36-A8AC-39FACB534B14}] => (Allow) C:\Program Files (x86)\Origin Games\UnravelTwo\UnravelTwo.exe
FirewallRules: [{8F3F52F0-1373-4C40-BA8E-670388D046A8}] => (Allow) C:\Program Files (x86)\Origin Games\UnravelTwo\UnravelTwo_trial.exe
FirewallRules: [{DCB9F8C5-F620-46D6-841B-742DEF7BECCB}] => (Allow) C:\Program Files (x86)\Origin Games\UnravelTwo\UnravelTwo_trial.exe
FirewallRules: [{11AF48E9-9A02-4003-AA44-E25B2E7C9DCF}] => (Allow) C:\Users\cora\AppData\Local\Microsoft Websites\msiexec64.exe
FirewallRules: [{71ADCCEB-2851-4235-8C14-3925B40F2A21}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{E466A93A-DBA9-4922-863E-8785DCA10D13}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{BA42DDA0-B65F-4711-8369-DEDB05E57599}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{E7B98FAA-13DD-4310-A841-BA7892C344CF}] => (Allow) D:\iTunes\iTunes.exe
FirewallRules: [{2E7D31F2-454B-4664-9C04-71A29F95BCB2}] => (Allow) C:\Users\cora\AppData\Local\Microsoft Websites\msiexec64.exe
FirewallRules: [{CBB06B2D-676D-47F2-8D08-4E1E6AC112C0}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{BB4CE18F-FB08-47BF-BF46-0EAD67C12877}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{D205685D-BCF5-4D9D-B91E-63CE095A5293}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{E0A033B0-782E-4F26-B1DE-A10679A1747C}] => (Allow) C:\Users\cora\AppData\Local\Microsoft Websites\msiexec64.exe
FirewallRules: [{AC1602E7-2E30-4B49-BFBD-7D694F92F8B8}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{6CD0CB93-0ED5-4A10-8D6B-9B8365CC4AE3}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{6482FFE4-3F71-4938-8136-87F48AA39377}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{A5183E14-35F9-483C-86D2-38A400EFF2A2}] => (Allow) C:\Users\cora\AppData\Local\Microsoft Websites\msiexec64.exe
FirewallRules: [{BBBCE1C8-DFED-4332-B41E-AA2732D42A13}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{21BD5502-9EC3-4D40-959F-8870255B0EE8}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{AFE3F931-1D1A-4F22-BE1A-FEEBD93E2BC6}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{54A71603-9084-457D-B3D0-D3AEE92F818A}] => (Allow) C:\Users\cora\AppData\Local\Microsoft Websites\msiexec64.exe
FirewallRules: [{4D0A63C7-B429-4867-9CC8-16D6700C7096}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{78884784-F12A-4EF7-91CB-6EF45DC64B72}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{A0E2E838-B028-4E2F-9BE6-1C0ACD082E67}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{C85AE475-2338-42F7-8DB9-C58BDA87B613}] => (Allow) C:\Users\cora\AppData\Local\Microsoft Websites\msiexec64.exe
FirewallRules: [{60D176D8-F3EA-4359-968F-CFCF3A6CF877}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{C0DD69F0-2F84-4EF4-965A-8C19D937E218}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{496B072E-E09F-473B-A2C6-076471893098}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{58E2DFEF-9B1A-4D7E-99FD-6A0392F83706}] => (Allow) C:\Users\cora\AppData\Local\Microsoft Websites\msiexec64.exe
FirewallRules: [{15AB8DE2-606C-446F-95D5-DF692AE9D995}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{50912B08-FAB3-4AF1-8622-0ED518C33456}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{1B8BDA63-E5EE-4258-85C7-D4837E43A6B9}] => (Allow) C:\Users\cora\AppData\Local\Microsoft Websites\msiexec64.exe
FirewallRules: [{91825795-52BE-4A55-9E05-40C8DF312070}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{E47E6D41-7B7C-4BB1-85C3-9350A3933E95}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{BF2ACA12-0258-494F-98F0-E2F387FD5C26}] => (Allow) C:\Users\cora\AppData\Local\Microsoft Websites\msiexec64.exe
FirewallRules: [{9218EEFD-5066-41C2-92BB-CEB56AAF693F}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{422E341E-662C-4AEF-A21F-36F3102BF274}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{7FFD3AD9-E7FF-4A11-AA14-7C83A30F5650}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{85899B0B-D998-4A0F-BA48-9961E981BF0B}] => (Allow) C:\Users\cora\AppData\Local\Microsoft Websites\msiexec64.exe
FirewallRules: [{4231FC0A-E9FD-480E-8C85-5C6F938A4B18}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{51B6CC98-391E-44B0-A6F8-5F4CE50DB39F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{91854038-5A40-4B50-8D4D-11623F9ACA4C}] => (Allow) C:\Users\cora\AppData\Local\Microsoft Websites\msiexec64.exe
FirewallRules: [{7EE45CAD-AF3E-48EE-9649-E140D7F3C271}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{F25D1690-7739-401F-902F-DE2EE06E08D1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{578301DE-C9E8-4BAB-930B-3F40BC61C45B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{D375435B-FE67-40BE-A6E4-6DF13D66287C}] => (Allow) C:\Users\cora\AppData\Local\Microsoft Websites\msiexec64.exe
FirewallRules: [{7F53D357-D31C-444D-B018-54147077FD57}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{F4F78EBD-E3CB-4A38-B2AD-1B9A47AD0464}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{B30C6D7A-59E9-4E6F-BB45-6B15D82859F3}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{26A3C290-E95D-446D-87CE-7FA2DCBAB27A}] => (Allow) C:\Users\cora\AppData\Local\Microsoft Websites\msiexec64.exe
FirewallRules: [{6BAE8BC4-063E-4B96-B1CB-62C19F8FAAA5}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{B2FAD1C0-D0B0-406A-9F67-D9078BF5A930}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{F1A9F23F-5831-4B9E-B5FD-56737EAB2F92}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{F9655680-0D80-4C67-B2B2-6B8CA4E11665}] => (Allow) C:\Users\cora\AppData\Local\Microsoft Websites\msiexec64.exe
FirewallRules: [{0B99E7FA-07CD-400D-8B5E-649A6F2DE8EC}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{196C43DF-D39D-4D07-98E6-264CEB699210}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{0ECF5426-CDDE-4537-A094-CEDDDC5E029A}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{60B35C21-99B6-40ED-A5F9-287F38D810C2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{DAFBEC22-9BEC-4FFC-8872-4C9A0F58D7B3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{F7A2C6B9-62CF-4DCA-9884-FC3ECEE43EC5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{9A737882-89EF-48A4-98F7-8B9374C37565}] => (Allow) C:\Users\cora\AppData\Local\Microsoft Websites\msiexec64.exe
FirewallRules: [{B74D6384-FB97-47B8-BD57-E550907836CB}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe
FirewallRules: [{0D625748-EB4A-4F41-A569-E189AC0F775F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{2475973F-540C-4E92-BB39-F7E6F60C32AA}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe

==================== Points de restauration =========================

05-06-2018 16:35:56 Point de contrôle planifié
09-06-2018 19:09:38 Windows Update
13-06-2018 16:19:36 Windows Update

==================== Éléments en erreur du Gestionnaire de périphériques =============


==================== Erreurs du Journal des événements: =========================

Erreurs Application:
==================
Error: (06/13/2018 08:15:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme CCleaner64.exe version 5.43.151.6522 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance.

ID de processus : afc

Heure de début : 01d40341fa113acf

Heure de fin : 4294967295

Chemin d'accès de l'application : C:\Program Files\CCleaner\CCleaner64.exe

ID de rapport : a3cf1b01-ebe1-4514-9c21-e273e4270d01

Nom complet du package défaillant :

ID de l'application relative au package défaillant :

Error: (06/13/2018 07:44:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme CCleaner64.exe version 5.43.151.6522 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance.

ID de processus : 1ec4

Heure de début : 01d4033ddae27966

Heure de fin : 4294967295

Chemin d'accès de l'application : C:\Program Files\CCleaner\CCleaner64.exe

ID de rapport : 7f976879-26a5-4a0c-b52c-b3c7a26d3b39

Nom complet du package défaillant :

ID de l'application relative au package défaillant :

Error: (06/13/2018 07:40:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme CCleaner64.exe version 5.43.151.6522 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance.

ID de processus : 5d0

Heure de début : 01d4033c57e8fc7a

Heure de fin : 4294967295

Chemin d'accès de l'application : C:\Program Files\CCleaner\CCleaner64.exe

ID de rapport : 2cb97ece-ab96-4144-b4ed-24a62d38e6bb

Nom complet du package défaillant :

ID de l'application relative au package défaillant :

Error: (06/13/2018 07:36:00 PM) (Source: MsiInstaller) (EventID: 11704) (User: AUTORITE NT)
Description: Product: Google Update Helper -- Error 1704. An installation for IC__iPackage is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?

Error: (06/13/2018 07:24:29 PM) (Source: MsiInstaller) (EventID: 11704) (User: DESKTOP-2U1TP2M)
Description: Product: Google Update Helper -- Error 1704. An installation for IC__iPackage is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?

Error: (06/13/2018 07:16:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-2U1TP2M.local already in use; will try DESKTOP-2U1TP2M-2.local instead

Error: (06/13/2018 07:16:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 16 DESKTOP-2U1TP2M.local. AAAA 2A01:0E0A:0066:A750:40DC:76F2:A88E:BC48

Error: (06/13/2018 07:16:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from FE80:0000:0000:0000:40DC:76F2:A88E:BC48:5353 4 DESKTOP-2U1TP2M.local. Addr 192.168.0.10


Erreurs système:
=============
Error: (06/13/2018 09:39:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2U1TP2M)
Description: Le serveur {9E175B6D-F52A-11D8-B9A5-505054503030} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (06/13/2018 09:37:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2U1TP2M)
Description: Le serveur {9E175B6D-F52A-11D8-B9A5-505054503030} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (06/13/2018 09:35:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2U1TP2M)
Description: Le serveur {9E175B6D-F52A-11D8-B9A5-505054503030} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (06/13/2018 09:33:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2U1TP2M)
Description: Le serveur {9E175B6D-F52A-11D8-B9A5-505054503030} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (06/13/2018 09:31:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2U1TP2M)
Description: Le serveur {9E175B6D-F52A-11D8-B9A5-505054503030} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (06/13/2018 09:29:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2U1TP2M)
Description: Le serveur {9E175B6D-F52A-11D8-B9A5-505054503030} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (06/13/2018 09:27:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2U1TP2M)
Description: Le serveur {9E175B6D-F52A-11D8-B9A5-505054503030} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (06/13/2018 09:25:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2U1TP2M)
Description: Le serveur {9E175B6D-F52A-11D8-B9A5-505054503030} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.


Windows Defender:
===================================
Date: 2018-05-16 16:03:18.849
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Soctuseer!excl&threatid=237119&enterprise=0
Nom : BrowserModifier:Win32/Soctuseer!excl
ID : 237119
Gravité : Élevée
Catégorie : Modificateur de navigateur
Chemin : regkeyvalue:_HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\\c:\program files\0302be6d45e9d1dad74b1e47482bd66f\
Origine de la détection : Inconnu
Type de détection : Concret
Source de détection : Système
Utilisateur : AUTORITE NT\Système
Nom du processus : Unknown
Version de la signature : AV: 1.267.1375.0, AS: 1.267.1375.0, NIS: 1.267.1375.0
Version du moteur : AM: 1.1.14800.3, NIS: 1.1.14800.3

Date: 2018-05-16 16:02:55.762
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Soctuseer!excl&threatid=237119&enterprise=0
Nom : BrowserModifier:Win32/Soctuseer!excl
ID : 237119
Gravité : Élevée
Catégorie : Modificateur de navigateur
Chemin : regkeyvalue:_HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\\c:\program files\0302be6d45e9d1dad74b1e47482bd66f\
Origine de la détection : Inconnu
Type de détection : Concret
Source de détection : Système
Utilisateur : AUTORITE NT\Système
Nom du processus : Unknown
Version de la signature : AV: 1.267.1375.0, AS: 1.267.1375.0, NIS: 1.267.1375.0
Version du moteur : AM: 1.1.14800.3, NIS: 1.1.14800.3

Date: 2018-05-15 17:14:01.355
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Soctuseer!excl&threatid=237119&enterprise=0
Nom : BrowserModifier:Win32/Soctuseer!excl
ID : 237119
Gravité : Élevée
Catégorie : Modificateur de navigateur
Chemin : regkeyvalue:_HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\\c:\program files\0302be6d45e9d1dad74b1e47482bd66f\
Origine de la détection : Inconnu
Type de détection : Concret
Source de détection : Système
Utilisateur : AUTORITE NT\Système
Nom du processus : Unknown
Version de la signature : AV: 1.267.1375.0, AS: 1.267.1375.0, NIS: 1.267.1375.0
Version du moteur : AM: 1.1.14800.3, NIS: 1.1.14800.3

Date: 2018-05-15 15:42:13.413
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {7FEE6476-BD0B-400C-A476-56C410F62520}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse complète
Utilisateur : DESKTOP-2U1TP2M\cora

Date: 2018-05-15 15:29:33.858
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Soctuseer!excl&threatid=237119&enterprise=0
Nom : BrowserModifier:Win32/Soctuseer!excl
ID : 237119
Gravité : Élevée
Catégorie : Modificateur de navigateur
Chemin : regkeyvalue:_HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\\c:\program files\0302be6d45e9d1dad74b1e47482bd66f\
Origine de la détection : Inconnu
Type de détection : Concret
Source de détection : Système
Utilisateur : AUTORITE NT\Système
Nom du processus : Unknown
Version de la signature : AV: 1.267.1375.0, AS: 1.267.1375.0, NIS: 1.267.1375.0
Version du moteur : AM: 1.1.14800.3, NIS: 1.1.14800.3

CodeIntegrity:
===================================

Date: 2018-06-13 20:24:57.007
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-13 02:26:02.999
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-06-13 02:26:02.991
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-06-13 02:26:02.946
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-06-04 14:56:19.309
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-06-04 14:56:19.301
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-06-04 14:56:19.256
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-05-28 13:31:22.778
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.

==================== Infos Mémoire ===========================

Processeur: AMD Ryzen 5 1500X Quad-Core Processor
Pourcentage de mémoire utilisée: 26%
Mémoire physique - RAM - totale: 16336.58 MB
Mémoire physique - RAM - disponible: 11950.09 MB
Mémoire virtuelle totale: 35792.58 MB
Mémoire virtuelle disponible: 29705.8 MB

==================== Lecteurs ================================

Drive b: (RAMDisk) (Fixed) (Total:0.25 GB) (Free:0.25 GB) FAT
Drive c: () (Fixed) (Total:222.54 GB) (Free:118.05 GB) NTFS
Drive d: (Nouveau nom) (Fixed) (Total:1862.89 GB) (Free:1118.92 GB) NTFS

\\?\Volume{dd691653-73bd-4a87-88f7-69423b43171b}\ (Récupération) (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS
\\?\Volume{6801264f-52bc-452e-9256-f3a437f3614d}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS
\\?\Volume{55985b3d-4fd2-4200-bea9-aa3d5451fdd8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Table des partitions ==================

========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Fin de Addition.txt ============================

Publicité

Signaler le contenu de ce document

Publicité