Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 09-06-2021 Exécuté par titof (10-06-2021 15:34:03) Exécuté depuis C:\Users\titof\OneDrive\Desktop Windows 10 Pro Version 21H1 19043.1052 (X64) (2020-08-17 21:08:45) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-2034503659-2028986574-3912516512-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2034503659-2028986574-3912516512-503 - Limited - Disabled) Invité (S-1-5-21-2034503659-2028986574-3912516512-501 - Limited - Enabled) titof (S-1-5-21-2034503659-2028986574-3912516512-1001 - Administrator - Enabled) => C:\Users\titof WDAGUtilityAccount (S-1-5-21-2034503659-2028986574-3912516512-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) @BIOS (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.21.0414.1 - GIGABYTE) Hidden @BIOS (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.21.0414.1 - GIGABYTE) 3DZUG - ICE 4 (BR 412) (HKLM-x32\...\1A0434FC-EA63-4280-BAE1-DASDBADA2A2E_is1) (Version: 1.08 - 3DZUG) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated) AORUS ENGINE (HKLM-x32\...\AORUS ENGINE_is1) (Version: 1.9.8.0 - GIGABYTE Technology Co.,Inc.) APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.21.0426.1 - GIGABYTE) Hidden APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.21.0426.1 - GIGABYTE) Brother MFL-Pro Suite MFC-J4410DW (HKLM-x32\...\{DD98C438-D769-4677-AA87-3481FA32D20C}) (Version: 2.0.0.0 - Brother Industries, Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 5.81 - Piriform) Chengdu to Suining HS route (HKLM-x32\...\{F5F858DA-2391-4193-89FF-8661D41D79D3}) (Version: 1.00.000 - Just Trains) Dropbox (HKLM-x32\...\Dropbox) (Version: 123.4.4832 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden Dynamic Application Loader Host Interface Service (HKLM\...\{F8197FEC-9FA0-4488-AC9D-38E67D58FDAC}) (Version: 1.0.0.0 - Intel Corporation) Hidden EasyTune (HKLM-x32\...\{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.21.0414.1 - GIGABYTE) Hidden EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.21.0414.1 - GIGABYTE) EasyTuneEngineService (HKLM-x32\...\{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.21.0527.1 - GIGABYTE) Hidden EasyTuneEngineService (HKLM-x32\...\InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.21.0527.1 - GIGABYTE) ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.0.10 - Ene Tech.) Hidden ENE_DRAM_RGB_AIO (HKLM-x32\...\{52d1d7de-19c3-4f83-97bb-f9435dc84c5b}) (Version: 1.0.0.10 - Ene Tech.) Hidden ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.8.4 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM-x32\...\{0f607f07-7957-4887-9d5e-be8efe9595a9}) (Version: 1.0.8.4 - ENE TECHNOLOGY INC.) Hidden ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden ENE_MousePad_HAL (HKLM-x32\...\{bf256b46-8ff7-48be-ab7f-5661e9a0651f}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.3.1 - ENE TECHNOLOGY INC.) Hidden ENE_X_AIC_HAL (HKLM-x32\...\{33f042cf-0ae3-4241-b8c8-7f544533ea8e}) (Version: 1.0.3.1 - ENE TECHNOLOGY INC.) Hidden ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden Fast Boot (HKLM-x32\...\{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.21.0414.1 - GIGABYTE) Hidden Fast Boot (HKLM-x32\...\InstallShield_{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.21.0414.1 - GIGABYTE) Gigabyte Speed 11.04 (HKLM\...\Gigabyte Speed) (Version: 11.04 - cFos Software GmbH, Bonn) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.77 - Google LLC) GService (HKLM-x32\...\{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Version: 1.16.1202.1 - GIGABYTE) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2020.14.0.1600 - Intel Corporation) Intel(R) Network Connections 26.2.0.1 (HKLM\...\PROSetDX) (Version: 26.2.0.1 - Intel) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.58.48.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2391a86e-5ab5-40d2-a274-1867cd576686}) (Version: 1.58.48.0 - Intel Corporation) Hidden LuaCreator version 0.91 beta (HKU\S-1-5-21-2034503659-2028986574-3912516512-1001\...\{730E6521-8780-4C1D-91E4-ABD5E134CBD4}_is1) (Version: 0.91 beta - Holland Hiking) MacroWorks 3.1 (HKLM-x32\...\{DF6AE5A8-26A1-4766-A058-62B55A4CB55A}) (Version: 1.1.2.11 - PI Engineering) Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes) Microsoft .NET Core SDK 3.1.410 (x64) (HKLM-x32\...\{4fc8f115-2f25-4d9f-9b3b-f4416cc5542d}) (Version: 3.1.410.15736 - Microsoft Corporation) Microsoft ASP.NET Core 3.1.13 - Shared Framework (HKLM-x32\...\{b4d6080b-bc15-4468-a050-6537583a3625}) (Version: 3.1.13.21117 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.41 - Microsoft Corporation) Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.083.0425.0003 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3994d355-238a-4612-af93-26d13deddef1}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 (HKLM-x32\...\{35b83883-40fa-423c-ae73-2aff7e1ea820}) (Version: 12.0.40649.5 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 3.1.10 (x64) (HKLM-x32\...\{db36836f-11c3-4087-8f9c-daa0086ac619}) (Version: 3.1.10.29419 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) Newcastle to Edinburgh (HKLM-x32\...\{C4129CBE-E486-4C5A-AE90-1F4A09696926}) (Version: 1.00.000 - Just Trains) Newcastle to Edinburgh Scenario Pack 2 (HKLM-x32\...\{6FE98CC9-950F-4C20-BDEA-9785332F99C6}) (Version: 1.00.000 - Just Trains) Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc) NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation) NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation) NVIDIA Pilote graphique 466.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.63 - NVIDIA Corporation) NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation) ON_OFF Charge 2 B18.1203.1 (HKLM-x32\...\{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.18.1203.1 - GIGABYTE) Hidden ON_OFF Charge 2 B18.1203.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.18.1203.1 - GIGABYTE) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Orange Inside (HKU\S-1-5-21-2034503659-2028986574-3912516512-1001\...\Orange Inside) (Version: 3.4.0.0 - Orange) PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.) Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.00.04 - Patriot Memory) Hidden Patriot Viper M2 SSD RGB (HKLM-x32\...\{ebb7013c-0b03-497c-bed1-1e48e806a593}) (Version: 1.00.04 - Patriot Memory) Powerhouse (HKLM-x32\...\Powerhouse) (Version: 1.0.0.23 - Armstrong Powerhouse) RailDriver for Train Simulator 2019 (HKLM\...\{B85CAF26-9A21-4C25-8947-590A3CFFEF0B}) (Version: 1.0.0.5 - PI Engineering) Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9126.1 - Realtek Semiconductor Corp.) RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.21.0420.1 - GIGABYTE) SIV (HKLM-x32\...\{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.21.0426.1 - GIGABYTE) Hidden SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.21.0426.1 - GIGABYTE) Smart Backup (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 3.21.0326.1 - GIGABYTE) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TSW 2 Mod Manager 2.0.2 (HKU\S-1-5-21-2034503659-2028986574-3912516512-1001\...\d13e87dd-87a1-547e-affe-9774c7bb7db4) (Version: 2.0.2 - Bendix Tonn) vaporesso (HKLM-x32\...\{9BA3ACFF-723E-4148-89AF-28E254906A6D}) (Version: 2.1.2 - xzt-tyz) Voyager Advanced 2019 (HKLM-x32\...\{07D64AD9-44C5-438F-9195-73F31169EA1E}) (Version: 1.5 - Just Trains) Wargaming.net Game Center (HKU\S-1-5-21-2034503659-2028986574-3912516512-1001\...\Wargaming.net Game Center) (Version: 21.1.1.4281 - Wargaming.net) WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs) Packages: ========= Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-16] (Microsoft Corporation) Deezer Music -> C:\Program Files\WindowsApps\Deezer.62021768415AF_5.20.0.0_x86__q7m17pa7q8kj0 [2021-06-09] (Deezer SA) Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-16] (Microsoft Corporation) Jeuxvideo.com - PC et Consoles -> C:\Program Files\WindowsApps\6029EE55.Jeuxvideo.com-PCetConsoles_1.0.32.0_x64__h088yf7n8m98c [2021-05-14] (Webedia) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-16] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-16] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [2021-06-07] (Microsoft Studios) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-06-04] (NVIDIA Corp.) Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-03-26] (Adobe Systems Incorporated) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.11.217.0_x64__dt26b99r8h8gj [2021-03-16] (Realtek Semiconductor Corp) VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2021-05-22] (VideoLAN) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-2034503659-2028986574-3912516512-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\titof\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-2034503659-2028986574-3912516512-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\titof\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [Fichier non signé] CustomCLSID: HKU\S-1-5-21-2034503659-2028986574-3912516512-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\titof\Dropbox [2021-03-28 15:43] CustomCLSID: HKU\S-1-5-21-2034503659-2028986574-3912516512-1001_Classes\CLSID\{FD848478-65F5-4F01-ACD9-69195EC3631F}\localserver32 -> C:\Program Files\cFosSpeed\cfosspeed.exe (cFos Software GmbH -> cFos Software GmbH) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.083.0425.0003\amd64\FileSyncShell64.dll [2021-06-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.083.0425.0003\amd64\FileSyncShell64.dll [2021-06-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.083.0425.0003\amd64\FileSyncShell64.dll [2021-06-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.083.0425.0003\amd64\FileSyncShell64.dll [2021-06-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.083.0425.0003\amd64\FileSyncShell64.dll [2021-06-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.083.0425.0003\amd64\FileSyncShell64.dll [2021-06-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.083.0425.0003\amd64\FileSyncShell64.dll [2021-06-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.083.0425.0003\amd64\FileSyncShell64.dll [2021-06-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.083.0425.0003\amd64\FileSyncShell64.dll [2021-06-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.083.0425.0003\amd64\FileSyncShell64.dll [2021-06-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.083.0425.0003\amd64\FileSyncShell64.dll [2021-06-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.083.0425.0003\amd64\FileSyncShell64.dll [2021-06-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.083.0425.0003\amd64\FileSyncShell64.dll [2021-06-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.083.0425.0003\amd64\FileSyncShell64.dll [2021-06-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.083.0425.0003\amd64\FileSyncShell64.dll [2021-06-03] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [Fichier non signé] ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [Fichier non signé] ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-11-18] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.083.0425.0003\amd64\FileSyncShell64.dll [2021-06-03] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.083.0425.0003\amd64\FileSyncShell64.dll [2021-06-03] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1108979a670abe46\nvshext.dll [2021-05-31] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-11-18] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [Fichier non signé] ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ShortcutWithArgument: C:\Users\titof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\amv.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=badcgbchfndalppdlkoflgmkifbonnei ShortcutWithArgument: C:\Users\titof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml ==================== Modules chargés (Avec liste blanche) ============= 2020-09-16 13:50 - 2009-02-27 16:38 - 000139264 ____R () [Fichier non signé] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2020-09-16 13:50 - 2017-11-07 20:55 - 000137728 _____ () [Fichier non signé] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll 2020-09-16 13:50 - 2017-08-18 12:23 - 000087552 _____ () [Fichier non signé] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll 2020-09-16 13:50 - 2017-08-18 12:23 - 017974784 _____ () [Fichier non signé] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll 2020-09-16 13:50 - 2017-11-07 21:04 - 000096256 _____ () [Fichier non signé] C:\Program Files (x86)\ControlCenter4\BrCcLFre.dll 2020-11-04 10:38 - 2017-11-07 20:55 - 000440832 _____ () [Fichier non signé] C:\Program Files (x86)\ControlCenter4\Track.dll 2021-04-22 15:48 - 2021-04-22 15:48 - 001867264 _____ () [Fichier non signé] C:\Program Files (x86)\GIGABYTE\AppCenter\BDR_info.dll 2020-09-16 13:50 - 2005-04-22 06:36 - 000143360 _____ () [Fichier non signé] C:\WINDOWS\system32\BrSNMP64.dll 2020-09-16 13:50 - 2012-04-23 15:03 - 000380928 ____N (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\BrMonitor.dll 2020-09-16 13:50 - 2010-09-29 17:07 - 000180224 ____N (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\BroSNMP.dll 2020-09-16 13:50 - 2011-02-28 11:32 - 000208896 ____N (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll 2020-09-16 13:50 - 2012-01-11 14:39 - 000626688 ____N (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll 2021-05-06 11:14 - 2012-07-27 07:07 - 000087040 _____ (Brother Industries, Ltd.) [Fichier non signé] C:\WINDOWS\system32\BrNetSti.dll 2021-03-09 14:00 - 2021-03-09 14:00 - 000205824 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\AppCenter\yccV3.dll 2021-05-26 14:45 - 2021-05-26 14:45 - 000205824 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\yccV3.dll 2019-04-15 16:24 - 2019-04-15 16:24 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\RGBFusion\yccV2.dll 2021-03-09 14:00 - 2021-03-09 14:00 - 000205824 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\RGBFusion\yccV3.DLL 2021-06-10 03:52 - 2013-03-08 11:28 - 000187392 _____ (Gigabyte Technology CO., LTD.) [Fichier non signé] C:\Program Files\Gigabyte\Smart Backup\RescuePlan.dll 2021-06-10 03:52 - 2018-10-19 10:44 - 000751616 _____ (Gigabyte Technology CO., LTD.) [Fichier non signé] C:\Program Files\Gigabyte\Smart Backup\srpCore.dll 2021-06-10 03:52 - 2018-01-03 18:32 - 000390656 _____ (Gigabyte Technology CO., LTD.) [Fichier non signé] C:\Program Files\Gigabyte\Smart Backup\srpVss.dll 2021-03-24 10:46 - 2021-03-24 10:46 - 000475648 _____ (GIGABYTE Technology Co.,Ltd.) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\RGBFusion\GVDisplay.dll 2020-11-05 14:16 - 2020-11-05 14:16 - 000268800 _____ (GIGABYTE Technology Co.,Ltd.) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvIllumLib.dll 2021-03-12 11:18 - 2021-03-12 11:18 - 001989120 _____ (GIGABYTE) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\RGBFusion\AACPCIeSSD_Lib.dll 2021-03-12 11:17 - 2021-03-12 11:17 - 001983488 _____ (GIGABYTE) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\RGBFusion\AACSSD_Lib.dll 2020-08-12 23:15 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [Fichier non signé] C:\Program Files\7-Zip\7-zip.dll 2018-08-30 16:26 - 2018-08-30 16:26 - 000053760 _____ (MS) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\RGBFusion\MsIo32_Galax.dll 2017-02-12 02:28 - 2015-09-28 20:08 - 000255488 _____ (Sysprogs OU) [Fichier non signé] C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll 2015-10-14 01:15 - 2015-10-14 01:15 - 002042368 _____ (TODO: ) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\AppCenter\osvi.dll 2021-04-07 17:31 - 2021-04-07 17:31 - 002045440 _____ (TODO: ) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\AppCenter\SetBiosLang.dll 2020-12-16 10:08 - 2020-12-16 10:08 - 002001920 _____ (TODO: ) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GbtNvGpuLib.dll 2017-10-05 15:26 - 2017-10-05 15:26 - 002247168 _____ (TODO: ) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\RGBFusion\CRtive.dll 2018-12-08 08:22 - 2018-12-08 08:22 - 002059264 _____ (TODO: ) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\RGBFusion\GHidApi.dll 2021-04-09 16:43 - 2021-04-09 16:43 - 000372736 _____ (TODO: ) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvLedLib.dll 2021-04-08 10:09 - 2021-04-08 10:09 - 002109952 _____ (TODO: ) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\RGBFusion\SMBCtrl.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== HKU\S-1-5-21-2034503659-2028986574-3912516512-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://r.orange.fr/r/Oodc_oi_promoHP SearchScopes: HKU\S-1-5-21-2034503659-2028986574-3912516512-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\WINDOWS\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) [Fichier non signé] Toolbar: HKLM - Smart Backup - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\WINDOWS\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2019-03-19 06:49 - 2020-11-18 22:46 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 2021-02-22 23:13 - 2021-02-23 00:09 - 000000439 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 192.168.1.20 titof70110.mshome.net # 2026 2 6 21 22 9 38 476 ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-2034503659-2028986574-3912516512-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\titof\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Le Pare-feu est activé. Network Binding: ============= Ethernet: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled) Wi-Fi: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled) ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKLM\...\StartupApproved\StartupFolder: => "MacroWorks 3 Runtime.lnk" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{AC81D6AD-7E23-44F5-9F7D-6F59B2982A02}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation) FirewallRules: [{CBB7468E-DFFC-41E3-9EAD-CDA28AB03B62}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation) FirewallRules: [{FBBA0CA9-4288-43B8-9F78-FBDB09D2812A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{B0DE03A2-9E63-44E2-BDFC-EA3982912DE3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User{1644E945-8E2E-4069-A47B-4AFEAE5DCD2A}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [UDP Query User{DE7B2EBE-4902-488F-8776-637371250104}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{3075F9E0-0EF1-4E7C-BAC8-79438AEC79D0}] => (Allow) I:\Program Files (x86)\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{5DE76F3D-A83C-4572-9414-BA96A75C003E}] => (Allow) I:\Program Files (x86)\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{4F8BF221-3773-4900-B5D3-DBFCD78A7853}] => (Allow) D:\Program Files (x86)\steamapps\common\Train Sim World 2\WindowsNoEditor\TS2Prototype.exe (Epic Games, Inc.) [Fichier non signé] FirewallRules: [{5D410AC6-9869-402C-B4B5-353D430F419D}] => (Allow) D:\Program Files (x86)\steamapps\common\Train Sim World 2\WindowsNoEditor\TS2Prototype.exe (Epic Games, Inc.) [Fichier non signé] FirewallRules: [TCP Query User{64E9DC74-9F80-465A-9046-DED10620384A}D:\program files (x86)\steamapps\common\train sim world 2\windowsnoeditor\ts2prototype\binaries\win64\ts2prototype-win64-shipping.exe] => (Allow) D:\program files (x86)\steamapps\common\train sim world 2\windowsnoeditor\ts2prototype\binaries\win64\ts2prototype-win64-shipping.exe (Dovetail Games) [Fichier non signé] FirewallRules: [UDP Query User{7DC05FC1-23B1-445C-81C1-33469369968D}D:\program files (x86)\steamapps\common\train sim world 2\windowsnoeditor\ts2prototype\binaries\win64\ts2prototype-win64-shipping.exe] => (Allow) D:\program files (x86)\steamapps\common\train sim world 2\windowsnoeditor\ts2prototype\binaries\win64\ts2prototype-win64-shipping.exe (Dovetail Games) [Fichier non signé] FirewallRules: [{C5E44EFE-230D-487A-A0A6-037B68DD1232}] => (Allow) I:\Program Files (x86)\steamapps\common\RailWorks\RailWorks.exe () [Fichier non signé] FirewallRules: [{F4A7CA03-2401-43BC-B4B4-907636E925F6}] => (Allow) I:\Program Files (x86)\steamapps\common\RailWorks\RailWorks.exe () [Fichier non signé] FirewallRules: [{9DBFAD46-6F39-4EC7-9F10-123BFDFD0128}] => (Allow) I:\Program Files (x86)\steamapps\common\RailWorks\RailWorks64.exe () [Fichier non signé] FirewallRules: [{075007D1-DE94-4404-8363-B67072347DCE}] => (Allow) I:\Program Files (x86)\steamapps\common\RailWorks\RailWorks64.exe () [Fichier non signé] FirewallRules: [TCP Query User{C636F115-F9C6-4F6F-A8C7-3755A7500DA1}C:\users\titof\appdata\roaming\bittorrent\btfs\btfs.exe] => (Allow) C:\users\titof\appdata\roaming\bittorrent\btfs\btfs.exe (Bittorrent, Inc. -> BitTorrent, Inc) FirewallRules: [UDP Query User{A33C99BB-5BB5-4AE3-BA30-A5E15F91EFBB}C:\users\titof\appdata\roaming\bittorrent\btfs\btfs.exe] => (Allow) C:\users\titof\appdata\roaming\bittorrent\btfs\btfs.exe (Bittorrent, Inc. -> BitTorrent, Inc) FirewallRules: [{2892E7DA-7153-4316-AB08-9585D8B4D4F9}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [{502E308F-09FE-4590-ACAC-F6740E8BF7CA}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [TCP Query User{FB0BE311-E145-453E-893B-DBA05C8D18E1}D:\program files (x86)\steamapps\common\train sim world 2\windowsnoeditor\ts2prototype\binaries\win64\ts2prototype-win64-shipping.exe] => (Allow) D:\program files (x86)\steamapps\common\train sim world 2\windowsnoeditor\ts2prototype\binaries\win64\ts2prototype-win64-shipping.exe (Dovetail Games) [Fichier non signé] FirewallRules: [UDP Query User{CEA52EB9-6BA0-4A36-B3FC-DA965D6EF250}D:\program files (x86)\steamapps\common\train sim world 2\windowsnoeditor\ts2prototype\binaries\win64\ts2prototype-win64-shipping.exe] => (Allow) D:\program files (x86)\steamapps\common\train sim world 2\windowsnoeditor\ts2prototype\binaries\win64\ts2prototype-win64-shipping.exe (Dovetail Games) [Fichier non signé] FirewallRules: [{FDBF1EC1-7F9E-4CB7-B8F1-23888582A7FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{F2C4736A-D0B2-468F-85C1-DF460EE067C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{51BEECD1-B8FA-43E4-BEED-521B5F5490F7}] => (Allow) C:\Program Files (x86)\Brother\Brmfl12b\FAXRX.exe (Brother Industries, Ltd.) [Fichier non signé] FirewallRules: [{F2553EBE-9593-403B-AF53-A790BC96970D}] => (Allow) C:\Program Files (x86)\Brother\Brmfl12b\FAXRX.exe (Brother Industries, Ltd.) [Fichier non signé] FirewallRules: [{3EA48A9A-3FAD-4B10-A30F-21083A74AF6C}] => (Allow) LPort=54925 FirewallRules: [{8FEED373-2443-45E8-8831-1044FA074A4F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{41BF9567-0448-4593-A4DE-9E5868217CBF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{F90DDBB1-60FA-4D3B-9890-0AA99D1842EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{D1FA670C-7FE7-4B53-A372-2344C4ED6374}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{AB6A070F-30EA-4876-9044-10DC69A2BEE2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{A17506CC-7DF9-483C-A8AF-6D8D57A37FDC}] => (Allow) C:\Users\titof\AppData\Roaming\uTorrent\uTorrent.exe => Pas de fichier FirewallRules: [{BBEAD90D-D716-4C6B-B3B9-78A8D5941940}] => (Allow) C:\Users\titof\AppData\Roaming\uTorrent\uTorrent.exe => Pas de fichier FirewallRules: [{6AED3392-0B0A-4C32-A849-02BC23C4FF7F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{A260C721-EFFD-4EF7-A932-E7F87E4052E4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{1667DB9C-2328-4A8A-8F05-A74DCBA643FE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2789FD34-3FC8-4954-8906-8412B5CB5D37}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{9439AFE2-57BA-4015-8952-532840745BFF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E9B7D0D8-0D70-44CB-8929-AA7B4441F882}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{7456031F-621D-4C4F-9BA7-D64D7E9D8FBF}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{A07C9133-5280-4E2B-A011-FB40C8FFBCD4}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{4BF2D2B9-1033-4988-B036-F2427F680C21}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{D521D5A7-026C-4234-A3C1-F124AB55CFF2}] => (Allow) LPort=9009 FirewallRules: [{DB7F38AC-0680-484A-8C60-BDBAE94346B8}] => (Allow) LPort=9009 FirewallRules: [{68039CEE-B617-4CF2-BF7D-D48A470457A4}] => (Allow) LPort=9009 FirewallRules: [{A0185D3D-077C-479D-9C99-D196754C70D6}] => (Allow) LPort=9009 FirewallRules: [{E60169F4-545E-4E36-85B5-F0B8A8C24311}] => (Allow) LPort=9009 FirewallRules: [{845CB190-B9F4-4D23-B47E-DCA4BB929B3A}] => (Allow) LPort=9009 FirewallRules: [{843EB14F-4A5F-4E14-9441-277BEBF6C529}] => (Allow) LPort=9009 FirewallRules: [{16B89E63-B2FB-470D-93B4-009D34C41113}] => (Allow) LPort=9009 FirewallRules: [{A3A63075-9221-40E4-AFCB-EDE89542967C}] => (Allow) LPort=9009 ==================== Points de restauration ========================= 05-06-2021 23:34:05 Point de contrôle planifié 10-06-2021 02:46:45 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 10-06-2021 02:46:53 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 10-06-2021 02:47:09 Installed GService. 10-06-2021 02:59:06 Programme d’installation pour les modules Windows 10-06-2021 02:59:29 Programme d’installation pour les modules Windows 10-06-2021 02:59:56 Programme d’installation pour les modules Windows 10-06-2021 04:41:14 Sauvegarde Windows ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (06/10/2021 03:31:56 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme FRST64.exe version 9.6.2021.0 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 2c90 Heure de début : 01d75dfceb4ec916 Heure d'arrêt : 3 Chemin d'accès à l'application : C:\Users\titof\OneDrive\Desktop\FRST64.exe ID de rapport : d50f509c-3c75-4145-abae-118cff0e96d9 Nom complet du package défectueux : ID de l'application relative à un package défectueux : Type de blocage : Unknown Error: (06/10/2021 06:35:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante TSW2LM.exe, version : 1.0.0.0, horodatage : 0x5ee99cfc Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1023, horodatage : 0x924f9cdb Code d’exception : 0xe0434352 Décalage d’erreur : 0x0000000000034b89 ID du processus défaillant : 0x3374 Heure de début de l’application défaillante : 0x01d75dac72a059f6 Chemin d’accès de l’application défaillante : F:\BACKUP\Outils TSW2\SW2LM-v0.3.0\TSW2LM.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 4137d470-623e-4922-86d2-8137a7c9c065 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (06/10/2021 06:35:43 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: TSW2LM.exe CoreCLR Version: 4.700.21.26205 .NET Core Version: 3.1.16 Description: The process was terminated due to an unhandled exception. Exception Info: System.ArgumentException: Empty path name is not legal. (Parameter 'path') at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize) at System.IO.File.ReadAllBytes(String path) at TSW2_Livery_Manager.MainWindow.LoadGameLiveries() at TSW2_Livery_Manager.MainWindow.btnGameDir_Click(Object sender, RoutedEventArgs e) at System.Windows.EventRoute.InvokeHandlersImpl(Object source, RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.RaiseEventImpl(DependencyObject sender, RoutedEventArgs args) at System.Windows.Controls.Primitives.ButtonBase.OnClick() at System.Windows.Controls.Button.OnClick() at System.Windows.Controls.Primitives.ButtonBase.OnMouseLeftButtonUp(MouseButtonEventArgs e) at System.Windows.UIElement.OnMouseLeftButtonUpThunk(Object sender, MouseButtonEventArgs e) at System.Windows.RoutedEventArgs.InvokeHandler(Delegate handler, Object target) at System.Windows.EventRoute.InvokeHandlersImpl(Object source, RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.ReRaiseEventAs(DependencyObject sender, RoutedEventArgs args, RoutedEvent newEvent) at System.Windows.UIElement.OnMouseUpThunk(Object sender, MouseButtonEventArgs e) at System.Windows.RoutedEventArgs.InvokeHandler(Delegate handler, Object target) at System.Windows.EventRoute.InvokeHandlersImpl(Object source, RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.RaiseEventImpl(DependencyObject sender, RoutedEventArgs args) at System.Windows.UIElement.RaiseTrustedEvent(RoutedEventArgs args) at System.Windows.Input.InputManager.ProcessStagingArea() at System.Windows.Input.InputProviderSite.ReportInput(InputReport inputReport) at System.Windows.Interop.HwndMouseInputProvider.ReportInput(IntPtr hwnd, InputMode mode, Int32 timestamp, RawMouseActions actions, Int32 x, Int32 y, Int32 wheel) at System.Windows.Interop.HwndMouseInputProvider.FilterMessage(IntPtr hwnd, WindowMessage msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at System.Windows.Interop.HwndSource.InputFilterMessage(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at MS.Win32.HwndWrapper.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object o) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object source, Delegate callback, Object args, Int32 numArgs, Delegate catchHandler) at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(DispatcherPriority priority, TimeSpan timeout, Delegate method, Object args, Int32 numArgs) at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam) at MS.Win32.UnsafeNativeMethods.DispatchMessage(MSG& msg) at System.Windows.Threading.Dispatcher.PushFrameImpl(DispatcherFrame frame) at System.Windows.Threading.Dispatcher.PushFrame(DispatcherFrame frame) at System.Windows.Threading.Dispatcher.Run() at System.Windows.Application.RunDispatcher(Object ignore) at System.Windows.Application.RunInternal(Window window) at System.Windows.Application.Run() at TSW2LM.App.Main() Error: (06/10/2021 05:54:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante TSW2LM.exe, version : 1.0.0.0, horodatage : 0x5ee99cfc Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1023, horodatage : 0x924f9cdb Code d’exception : 0xe0434352 Décalage d’erreur : 0x0000000000034b89 ID du processus défaillant : 0x28c0 Heure de début de l’application défaillante : 0x01d75dabee49e5cf Chemin d’accès de l’application défaillante : F:\BACKUP\Outils TSW2\SW2LM-v0.3.0\TSW2LM.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : c7a5b7ab-3c94-4b29-ab2e-d6f63b728fac Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (06/10/2021 05:54:43 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: TSW2LM.exe CoreCLR Version: 4.700.21.26205 .NET Core Version: 3.1.16 Description: The process was terminated due to an unhandled exception. Exception Info: System.ArgumentException: Empty path name is not legal. (Parameter 'path') at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize) at System.IO.File.ReadAllBytes(String path) at TSW2_Livery_Manager.MainWindow.LoadGameLiveries() at TSW2_Livery_Manager.MainWindow.btnGameDir_Click(Object sender, RoutedEventArgs e) at System.Windows.EventRoute.InvokeHandlersImpl(Object source, RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.RaiseEventImpl(DependencyObject sender, RoutedEventArgs args) at System.Windows.Controls.Primitives.ButtonBase.OnClick() at System.Windows.Controls.Button.OnClick() at System.Windows.Controls.Primitives.ButtonBase.OnMouseLeftButtonUp(MouseButtonEventArgs e) at System.Windows.UIElement.OnMouseLeftButtonUpThunk(Object sender, MouseButtonEventArgs e) at System.Windows.RoutedEventArgs.InvokeHandler(Delegate handler, Object target) at System.Windows.EventRoute.InvokeHandlersImpl(Object source, RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.ReRaiseEventAs(DependencyObject sender, RoutedEventArgs args, RoutedEvent newEvent) at System.Windows.UIElement.OnMouseUpThunk(Object sender, MouseButtonEventArgs e) at System.Windows.RoutedEventArgs.InvokeHandler(Delegate handler, Object target) at System.Windows.EventRoute.InvokeHandlersImpl(Object source, RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.RaiseEventImpl(DependencyObject sender, RoutedEventArgs args) at System.Windows.UIElement.RaiseTrustedEvent(RoutedEventArgs args) at System.Windows.Input.InputManager.ProcessStagingArea() at System.Windows.Input.InputProviderSite.ReportInput(InputReport inputReport) at System.Windows.Interop.HwndMouseInputProvider.ReportInput(IntPtr hwnd, InputMode mode, Int32 timestamp, RawMouseActions actions, Int32 x, Int32 y, Int32 wheel) at System.Windows.Interop.HwndMouseInputProvider.FilterMessage(IntPtr hwnd, WindowMessage msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at System.Windows.Interop.HwndSource.InputFilterMessage(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at MS.Win32.HwndWrapper.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object o) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object source, Delegate callback, Object args, Int32 numArgs, Delegate catchHandler) at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(DispatcherPriority priority, TimeSpan timeout, Delegate method, Object args, Int32 numArgs) at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam) at MS.Win32.UnsafeNativeMethods.DispatchMessage(MSG& msg) at System.Windows.Threading.Dispatcher.PushFrameImpl(DispatcherFrame frame) at System.Windows.Threading.Dispatcher.PushFrame(DispatcherFrame frame) at System.Windows.Threading.Dispatcher.Run() at System.Windows.Application.RunDispatcher(Object ignore) at System.Windows.Application.RunInternal(Window window) at System.Windows.Application.Run() at TSW2LM.App.Main() Error: (06/10/2021 05:15:09 AM) (Source: EasyTuneEngineService) (EventID: 0) (User: ) Description: Le service ne peut pas être démarré. Le processus de service n’a pas pu se connecter au contrôleur de service Error: (06/10/2021 05:06:04 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante ThermalConsole.exe, version : 8.0.8.22, horodatage : 0x60779fd5 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1023, horodatage : 0xcbf6f7d1 Code d’exception : 0xe0434352 Décalage d’erreur : 0x0012a6f2 ID du processus défaillant : 0x42a0 Heure de début de l’application défaillante : 0x01d75da564adb20f Chemin d’accès de l’application défaillante : C:\Program Files (x86)\GIGABYTE\SIV\ThermalConsole.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 3849cbe1-5ea9-4249-8e59-4a84dcf4e17d Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (06/10/2021 05:06:04 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application : ThermalConsole.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : System.IO.FileNotFoundException à System.IO.__Error.WinIOError(Int32, System.String) à System.IO.Directory.InternalCreateDirectory(System.String, System.String, System.Object, Boolean) à System.IO.Directory.InternalCreateDirectoryHelper(System.String, Boolean) à System.IO.Directory.CreateDirectory(System.String) à ThermalConsole.MetroDialog.SaveProfileCustomDialog..ctor(MahApps.Metro.Controls.MetroWindow, MahApps.Metro.Controls.Dialogs.MetroDialogSettings) à ThermalConsole.Features.SmartFanAdvancedUserControl+d__210.MoveNext() à System.Runtime.CompilerServices.AsyncMethodBuilderCore+<>c.b__6_0(System.Object) à System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) à System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) à System.Windows.Threading.DispatcherOperation.InvokeImpl() à System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object) à MS.Internal.CulturePreservingExecutionContext.CallbackWrapper(System.Object) à System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) à MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object) à System.Windows.Threading.DispatcherOperation.Invoke() à System.Windows.Threading.Dispatcher.ProcessQueue() à System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) à MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) à MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) à System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) à System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) à System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) à MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) à MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef) à System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame) à System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame) à System.Windows.Application.RunDispatcher(System.Object) à System.Windows.Application.RunInternal(System.Windows.Window) à System.Windows.Application.Run(System.Windows.Window) à ThermalConsole.App.Main() Erreurs système: ============= Error: (06/10/2021 03:33:05 PM) (Source: BTHUSB) (EventID: 16) (User: ) Description: L'authentification mutuelle entre la carte locale Bluetooth et un périphérique avec l'adresse de carte Bluetooth (20:82:6a:6e:e0:3c) a échoué. Error: (06/10/2021 03:29:18 PM) (Source: BTHUSB) (EventID: 16) (User: ) Description: L'authentification mutuelle entre la carte locale Bluetooth et un périphérique avec l'adresse de carte Bluetooth (20:82:6a:6e:e0:3c) a échoué. Error: (06/10/2021 03:26:02 PM) (Source: BTHUSB) (EventID: 16) (User: ) Description: L'authentification mutuelle entre la carte locale Bluetooth et un périphérique avec l'adresse de carte Bluetooth (20:82:6a:6e:e0:3c) a échoué. Error: (06/10/2021 03:25:02 PM) (Source: BTHUSB) (EventID: 16) (User: ) Description: L'authentification mutuelle entre la carte locale Bluetooth et un périphérique avec l'adresse de carte Bluetooth (20:82:6a:6e:e0:3c) a échoué. Error: (06/10/2021 07:50:03 AM) (Source: DCOM) (EventID: 10010) (User: TITOF70110) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (06/10/2021 07:50:03 AM) (Source: DCOM) (EventID: 10010) (User: TITOF70110) Description: Le serveur {021E4F06-9DCC-49AD-88CF-ECC2DA314C8A} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (06/10/2021 07:50:03 AM) (Source: DCOM) (EventID: 10010) (User: TITOF70110) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (06/10/2021 07:50:03 AM) (Source: DCOM) (EventID: 10010) (User: TITOF70110) Description: Le serveur {021E4F06-9DCC-49AD-88CF-ECC2DA314C8A} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Windows Defender: ================ Date: 2021-06-10 15:28:40 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!ml&threatid=2147735505&enterprise=0 Nom : Trojan:Win32/Wacatac.B!ml ID : 2147735505 Gravité : Grave Catégorie : Cheval de Troie Chemin : file:_C:\Users\titof\Downloads\FRST.exe; webfile:_C:\Users\titof\Downloads\FRST.exe|https://download.bleepingcomputer.com/dl/ae851040180c733f02dfc3b72c9596b3/60c2132d/windows/security/security-utilities/f/farbar-recovery-scan-tool/FRST.exe|pid:2112,ProcessStart:132678053192863759 Origine de la détection : Internet Type de détection : Chemin rapide Source de détection : Téléchargements et pièces jointes Utilisateur : TITOF70110\titof Nom du processus : Unknown Version de la veille de sécurité : AV: 1.341.419.0, AS: 1.341.419.0, NIS: 1.341.419.0 Version du moteur : AM: 1.1.18200.4, NIS: 1.1.18200.4 Date: 2021-06-10 15:25:24 Description: L'accès contrôlé aux dossiers a empêché C:\Program Files\CCleaner\CCleaner64.exe de modifier la mémoire. Heure de détection : 2021-06-10T13:25:24.186Z Utilisateur : TITOF70110\titof Chemin d'accès : \Device\Harddisk0\DR0 Nom du processus : C:\Program Files\CCleaner\CCleaner64.exe Version de la veille de sécurité : 1.341.419.0 Version du moteur : 1.1.18200.4 Version du produit : 4.18.2105.4 Date: 2021-06-10 15:25:10 Description: L'accès contrôlé aux dossiers a empêché C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusion.exe de modifier la mémoire. Heure de détection : 2021-06-10T13:25:10.208Z Utilisateur : TITOF70110\titof Chemin d'accès : \Device\Harddisk0\DR0 Nom du processus : C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusion.exe Version de la veille de sécurité : 1.341.419.0 Version du moteur : 1.1.18200.4 Version du produit : 4.18.2105.4 Date: 2021-06-10 15:25:10 Description: L'accès contrôlé aux dossiers a empêché C:\Program Files\CCleaner\CCleaner64.exe de modifier la mémoire. Heure de détection : 2021-06-10T13:25:10.207Z Utilisateur : (unknown user) Chemin d'accès : \Device\Harddisk0\DR0 Nom du processus : C:\Program Files\CCleaner\CCleaner64.exe Version de la veille de sécurité : 1.341.419.0 Version du moteur : 1.1.18200.4 Version du produit : 4.18.2105.4 Date: 2021-06-10 07:25:12 Description: L'accès contrôlé aux dossiers a empêché C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusion.exe de modifier la mémoire. Heure de détection : 2021-06-10T05:25:12.171Z Utilisateur : TITOF70110\titof Chemin d'accès : \Device\Harddisk0\DR0 Nom du processus : C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusion.exe Version de la veille de sécurité : 1.341.419.0 Version du moteur : 1.1.18200.4 Version du produit : 4.18.2105.4  CodeIntegrity: =============== Date: 2021-06-10 03:49:12 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\Installer\{AC44C09E-6D45-4F0F-8749-C3DF69A55FDE}\ARPPRODUCTICON.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2021-05-14 16:58:21 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Intel\Wired Networking\NCS2\Agent\Coinstaller.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. F15b 03/23/2021 Carte mère: Gigabyte Technology Co., Ltd. Z370 AORUS ULTRA GAMING 2.0-CF Processeur: Intel(R) Core(TM) i7-8700K CPU @ 3.70GHz Pourcentage de mémoire utilisée: 17% Mémoire physique - RAM - totale: 32704.7 MB Mémoire physique - RAM - disponible: 26953.27 MB Mémoire virtuelle totale: 37568.7 MB Mémoire virtuelle disponible: 29801.4 MB ==================== Lecteurs ================================ Drive c: (WINDOWS 10) (Fixed) (Total:237.84 GB) (Free:157.22 GB) NTFS Drive d: (JEUX) (Fixed) (Total:465.75 GB) (Free:287.18 GB) NTFS Drive e: (UTILITAIRES & GAMES) (Fixed) (Total:491.33 GB) (Free:233.75 GB) NTFS Drive f: (DIVERS & AUTRES) (Fixed) (Total:440.18 GB) (Free:293.83 GB) NTFS Drive i: (SEAGATE EXPANSION DRIVE) (Fixed) (Total:1863.02 GB) (Free:901.87 GB) NTFS Drive j: (RESCUE) (Removable) (Total:29.41 GB) (Free:28.95 GB) FAT32 \\?\Volume{e98ff62e-d314-40aa-8feb-4d951f378764}\ () (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS \\?\Volume{1afa332d-8460-447f-968e-f8cd8c4f71a8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: 9CF922D7) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 7A71739C) Partition 1: (Active) - (Size=491.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=440.2 GB) - (Type=07 NTFS) ========================================================== Disk: 3 (Size: 1863 GB) (Disk ID: 99505598) Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS) ========================================================== Disk: 4 (Size: 29.4 GB) (Disk ID: 0A0DFF65) No partition Table on disk 4. ==================== Fin de Addition.txt =======================