Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 15.03.2024 Exécuté par sebfr (17-03-2024 09:32:35) Exécuté depuis C:\Users\sebfr\Desktop Microsoft Windows 11 Famille Version 23H2 22631.3296 (X64) (2022-09-21 19:19:23) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-3341794427-3370885200-1749406869-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3341794427-3370885200-1749406869-503 - Limited - Disabled) Invité (S-1-5-21-3341794427-3370885200-1749406869-501 - Limited - Disabled) sebfr (S-1-5-21-3341794427-3370885200-1749406869-1001 - Administrator - Enabled) => C:\Users\sebfr WDAGUtilityAccount (S-1-5-21-3341794427-3370885200-1749406869-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - ) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated) ARMOURY CRATE Service (HKLM\...\{01378DC3-088F-4F55-AAFA-DC6A9CCA292A}) (Version: 5.8.6 - ASUS) ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.5.35.0 - ASUSTek COMPUTER INC.) Hidden ASUS Aac_NBDT HAL (HKLM-x32\...\{236a3e3a-452e-47ca-a3fd-9d1159af9112}) (Version: 2.5.35.0 - ASUSTek COMPUTER INC.) Hidden ASUS Ambient HAL (HKLM\...\{B69DED8D-1F21-42CA-BE12-077775174BCA}) (Version: 2.0.0.0 - ASUSTeK COMPUTER INC.) Hidden ASUS Ambient HAL (HKLM-x32\...\{6cc83116-aa3d-4133-89a2-e03381858f40}) (Version: 2.0.0.0 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.23 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA Display Component (HKLM-x32\...\{b8af8e27-5c72-412c-bab7-dc6430e70f1b}) (Version: 1.1.23 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.2.4 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Headset Component (HKLM-x32\...\{7f23d3ea-a821-4293-b7f7-34383bf06437}) (Version: 1.2.4 - ASUSTek COMPUTER INC.) Hidden ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.39 - ASUSTek COMPUTER INC.) Hidden ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 4.1.0.13 - ASUSTeK Computer Inc.) ASUS HID Control Service (HKLM\...\{0F2EECD1-9CCE-4907-8D9A-11629B0608CE}) (Version: 1.2.0 - ASUS) ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.36 - ASUSTek COMPUTER INC.) Hidden ASUS Keyboard HAL (HKLM-x32\...\{3ee3abea-aaa5-4bdb-a8a3-cbbbed892bb1}) (Version: 1.0.36 - ASUSTek COMPUTER INC.) Hidden ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.30 - ASUSTeK Computer Inc.) Hidden ASUS MB Peripheral Products (HKLM-x32\...\{a3a1beb0-9f5b-4b4e-8cfa-ef25842faf55}) (Version: 1.0.30 - ASUSTeK Computer Inc.) Hidden ASUS Mouse HAL (HKLM\...\{B10F0624-60C6-4527-9CD8-C677A7B3A545}) (Version: 1.2.0.84 - ASUSTek COMPUTER INC.) Hidden ASUS Mouse HAL (HKLM-x32\...\{7e046d7d-3f14-423f-b793-0cbc7def52ef}) (Version: 1.2.0.84 - ASUSTek COMPUTER INC.) Hidden ASUS MultiAntenna Service (HKLM\...\{D90BF0DC-36BD-438F-A7CC-2C63C0A3A3FA}) (Version: 2.0.4 - ASUSTeK COMPUTER INC.) ASUS Promotion (HKLM\...\{10FE8E2F-7BDD-4430-8D63-3D3BA3F708D9}) (Version: 1.0.0 - ASUSTeK COMPUTER INC.) ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.111 - ASUSTeK Computer Inc.) Hidden ASUS_FRQ_Control (HKLM-x32\...\{8714A8D1-0F08-4681-9DF6-A8C4607A58B4}) (Version: 1.1.0 - ASUSTek COMPUTER INC.) AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.43 - ASUSTek COMPUTER INC.) AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.43 - ASUSTek COMPUTER INC.) AURA Service (HKLM-x32\...\{2fe6fa78-9db0-4f8a-ba67-c4296acd94dc}) (Version: 3.07.42 - ASUSTeK Computer Inc.) AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.07.42 - ASUSTeK Computer Inc.) Hidden CyberGhost 8 (HKLM\...\CyberGhost 8) (Version: 8.4.4.13312 - CyberGhost S.A.) CyberGhost TUN (HKLM\...\{677232D6-72D6-4821-8CB5-47969B15D4DF}) (Version: 1.0 - CyberGhost S.R.L.) Hidden darktable (HKLM\...\darktable) (Version: 4.0.0 - the darktable project) Désinstallation de l'imprimante EPSON XP-243 245 247 Series (HKLM\...\EPSON XP-243 245 247 Series) (Version: - Seiko Epson Corporation) Discord (HKU\S-1-5-21-3341794427-3370885200-1749406869-1001\...\Discord) (Version: 1.0.9008 - Discord Inc.) Epic Games Launcher (HKLM-x32\...\{C83D4B4A-C7D0-4C01-995E-17081DAE5CEF}) (Version: 1.2.17.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 - Epic Games, Inc.) Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation) Epson Software Updater (HKLM-x32\...\{711E8536-AB71-4455-A6C4-357FDBBEBF91}) (Version: 4.6.7 - Seiko Epson Corporation) eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.31.0.0 - COGNOSPHERE PTE. LTD.) GIMP 2.10.20 (HKLM\...\GIMP-2_is1) (Version: 2.10.20 - The GIMP Team) GlideX Service Installer (HKLM\...\{A06BDD76-D95C-4AC7-A0DA-73971F366D9B}) (Version: 2.3.4.0 - ASUSTeK COMPUTER INC.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 122.0.6261.129 - Google LLC) Google Play Jeux bêta (HKLM\...\GooglePlayGames) (Version: 24.2.624.7 - Google LLC) IPTVSmartersPro 1.1.1 (HKU\S-1-5-21-3341794427-3370885200-1749406869-1001\...\f6c4a7ae-abcb-5b7e-ac53-6c20f026dd0e) (Version: 1.1.1 - WHMCS Smarters) JBL QuantumENGINE (HKU\S-1-5-21-3341794427-3370885200-1749406869-1001\...\{2c432a4d-4001-4fdf-8778-402e3cd369e5}) (Version: 1.18.0.1985 - JBL) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Logitech SetPoint 6.69 (HKLM\...\sp6) (Version: 6.69.123 - Logitech) Malwarebytes version 5.1.0.102 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.0.102 - Malwarebytes) Manuels EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation) MediaInfo 21.09 (HKLM\...\MediaInfo) (Version: 21.09 - MediaArea.net) Microsoft .NET Host - 5.0.14 (x64) (HKLM\...\{61A6E3A7-F406-418A-B2A6-0606DB55B325}) (Version: 40.56.30907 - Microsoft Corporation) Hidden Microsoft .NET Host - 6.0.16 (x64) (HKLM\...\{1D0AC7F1-2B34-44AF-91F6-88757D768DA7}) (Version: 48.67.58427 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 5.0.14 (x64) (HKLM\...\{8D88F0E2-CE9B-4A6D-8309-FDC562195F5B}) (Version: 40.56.30907 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 5.0.14 (x64) (HKLM\...\{B810ACDF-1C0C-4108-9B92-12F1674FA444}) (Version: 40.56.30907 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.16 (x64) (HKLM-x32\...\{2a8d0f2b-911b-4b58-8252-46b29e7a4590}) (Version: 6.0.16.32323 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.92 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.92 - Microsoft Corporation) Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 5.0.14 (x64) (HKLM\...\{4CD6FFC6-FA14-4016-A7A6-B7E3D6286331}) (Version: 40.56.30911 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 5.0.14 (x64) (HKLM-x32\...\{d21a4f20-968a-4b0c-bf04-a38da5f06e41}) (Version: 5.0.14.30911 - Microsoft Corporation) NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation) NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation) NVIDIA Pilote graphique 546.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 546.65 - NVIDIA Corporation) NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice 4.1.7 (HKLM-x32\...\{A9222889-1CDA-42BD-B11B-113E7C91C1C7}) (Version: 4.17.9800 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 10.5.122.52971 - Electronic Arts, Inc.) QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) RefreshRateService (HKLM-x32\...\{7E5E84CB-B190-4658-A4DC-166779C329D1}) (Version: 2.1.0 - ASUSTeK COMPUTER INC.) Roblox Player (HKLM-x32\...\roblox-player-admin) (Version: - Roblox Corporation) Roblox Player for sebfr (HKU\S-1-5-21-3341794427-3370885200-1749406869-1001\...\roblox-player) (Version: - Roblox Corporation) Roblox Studio (HKLM-x32\...\roblox-studio-admin) (Version: - Roblox Corporation) Roblox Studio for sebfr (HKU\S-1-5-21-3341794427-3370885200-1749406869-1001\...\roblox-studio) (Version: - Roblox Corporation) ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 2.3.13.0 - ASUSTek COMPUTER INC.) ROG STRIX CARRY (HKLM-x32\...\{a6b33523-0b43-486c-8f0c-8c72292430b6}) (Version: 4.01.03 - ASUSTek Computer Inc.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.23.0 - Samsung Electronics Co., Ltd.) Spotify (HKU\S-1-5-21-3341794427-3370885200-1749406869-1001\...\Spotify) (Version: 1.2.10.760.g52970952 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN) Voicemod (HKLM\...\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1) (Version: 2.45.1.0 - Voicemod S.L.) WD Desktop App 2.1.0.335 (HKLM-x32\...\{fdd55732-32b6-4783-9b31-db9ad9f96792}) (Version: 2.1.0.335 - Western Digital Corporation) Hidden WD Desktop App 2.1.0.335 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.335 - Western Digital Corporation) Hidden WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 4.4.407 - Western Digital Technologies, Inc.) WD Security (HKLM-x32\...\{1588d284-2478-4ba1-bb8c-4ac2b98cdf19}) (Version: 2.1.0.130 - Western Digital Technologies, Inc.) WD Security (HKLM-x32\...\{6B2D691D-BA5D-4D1F-B032-A862F875B3C8}) (Version: 2.1.0.130 - Western Digital Technologies, Inc.) Hidden WD SES Driver Setup (HKLM-x32\...\{D9ABF771-729C-471F-A6DF-1010527DB376}) (Version: 2.1.0 - Western Digital) Hidden WinDirStat 1.1.2 (HKU\S-1-5-21-3341794427-3370885200-1749406869-1001\...\WinDirStat) (Version: - ) Chrome apps: ============ Caisse d'Epargne (HKU\S-1-5-21-3341794427-3370885200-1749406869-1001\...\edb01185af8df36e5cc4646e66cfa720) (Version: 1.0 - Google\Chrome) Packages: ========= Armoury Crate -> C:\Program Files\ASUS\AacAmbientHal [2023-12-30] (Sparse Package) ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.8.6.0_x64__qmba6cd70vzyy [2024-02-24] (ASUSTeK COMPUTER INC.) Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-08-08] (Microsoft Corporation) GlideX -> C:\Program Files\WindowsApps\B9ECED6F.Glidex_3.1.16.0_x64__qmba6cd70vzyy [2024-03-16] (ASUSTeK COMPUTER INC.) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6 [2024-03-08] (HP Inc.) Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2023-03-28] (INTEL CORP) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-10-25] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-10-25] (Microsoft Corporation) [MS Ad] Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-14] (Microsoft Corp.) Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-03-13] (Microsoft Corporation) MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24012.117.0_x64__cw5n1h2txyewy [2024-03-14] (Microsoft Windows) [Startup Task] MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.6.0_x64__qmba6cd70vzyy [2024-02-06] (ASUSTeK COMPUTER INC.) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-06-14] (NVIDIA Corp.) Power Automate -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1100.416.0_x64__8wekyb3d8bbwe [2024-02-24] (Microsoft Corporation) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.215.0_x64__dt26b99r8h8gj [2023-03-28] (Realtek Semiconductor Corp) Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2020-08-08] (Samsung Electronics Co. Ltd.) Sonic Studio 3 -> C:\Program Files\WindowsApps\A-Volute.SonicStudio3_3.16.21.0_x64__w2gh52qy24etm [2024-01-24] (A-Volute) Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-03-13] (Microsoft Corporation) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-3341794427-3370885200-1749406869-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\sebfr\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64\FileSyncShell64.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-3341794427-3370885200-1749406869-1001_Classes\CLSID\{5405618e-4c42-4fb9-a80a-d24d89911296}\localserver32 -> C:\Users\sebfr\AppData\Local\NhNotifSys\sonicstudio\asusns.exe (A-Volute SAS -> A-Volute) CustomCLSID: HKU\S-1-5-21-3341794427-3370885200-1749406869-1001_Classes\CLSID\{6282d2e9-5906-bbf9-4b71-0c2869c6a835}\localserver32 -> C:\Program Files\Google\Play Games\current\service\Service.exe (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-3341794427-3370885200-1749406869-1001_Classes\CLSID\{6a27a1a9-7be8-1491-04ca-ee68a211c258}\localserver32 -> C:\Program Files\Google\Play Games\current\service\Service.exe (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-3341794427-3370885200-1749406869-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\sebfr\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64\FileSyncShell64.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-3341794427-3370885200-1749406869-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\sebfr\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64\FileSyncShell64.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-3341794427-3370885200-1749406869-1001_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod) CustomCLSID: HKU\S-1-5-21-3341794427-3370885200-1749406869-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\sebfr\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\FileCoAuth.exe => Pas de fichier SSODL: WDFSMountNotificator-wdfsconnect2017 - {2AA887AE-A626-4609-97DE-A6E938F2D964} - C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [Fichier non signé] SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {2AA887AE-A626-4609-97DE-A6E938F2D964} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [Fichier non signé] ShellServiceObjects: Virtual Storage Mount Notification -> {2AA887AE-A626-4609-97DE-A6E938F2D964} => C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [Fichier non signé] ShellServiceObjects-x32: Virtual Storage Mount Notification -> {2AA887AE-A626-4609-97DE-A6E938F2D964} => C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [Fichier non signé] ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-29] (Western Digital Technologies, Inc. -> Western Digital Corporation) ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-29] (Western Digital Technologies, Inc. -> Western Digital Corporation) ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-29] (Western Digital Technologies, Inc. -> Western Digital Corporation) ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-29] (Western Digital Technologies, Inc. -> Western Digital Corporation) ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-29] (Western Digital Technologies, Inc. -> Western Digital Corporation) ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-29] (Western Digital Technologies, Inc. -> Western Digital Corporation) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers1: [EncryptoShellExt] -> {3AFE7597-9014-4D74-9A45-B76165818F98} => C:\Program Files\Encrypto\Encrypto.ShellExt.dll -> Pas de fichier ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll -> Pas de fichier ContextMenuHandlers1: [WDDesktopContextMenu] -> {f97d48aa-d72e-39ad-bf37-0b90de70ca2a} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-29] (Western Digital Technologies, Inc. -> Western Digital Corporation) ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Pas de fichier ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Pas de fichier ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-03-12] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers4: [EncryptoShellExt] -> {3AFE7597-9014-4D74-9A45-B76165818F98} => C:\Program Files\Encrypto\Encrypto.ShellExt.dll -> Pas de fichier ContextMenuHandlers4: [WDDesktopContextMenu] -> {f97d48aa-d72e-39ad-bf37-0b90de70ca2a} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-29] (Western Digital Technologies, Inc. -> Western Digital Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_a6d6fa9a1893c472\nvshext.dll [2024-01-13] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-03-12] (Malwarebytes Inc. -> Malwarebytes) ==================== Codecs (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Drivers32-x32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll HKLM\...\Drivers32-x32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ShortcutWithArgument: C:\Users\sebfr\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_emphfgooendbcghopccopjffdmbnmeeg\Caisse d'Epargne.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=emphfgooendbcghopccopjffdmbnmeeg ShortcutWithArgument: C:\Users\sebfr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Caisse d'Epargne.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=emphfgooendbcghopccopjffdmbnmeeg ShortcutWithArgument: C:\Users\sebfr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Disney+.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=epelagobabnloojonbknkbpajkfkcckm ShortcutWithArgument: C:\Users\sebfr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Caisse d'Epargne.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=emphfgooendbcghopccopjffdmbnmeeg ==================== Modules chargés (Avec liste blanche) ============= 2023-09-03 14:55 - 2023-12-07 16:52 - 000400896 _____ () [Fichier non signé] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ac_node_addon\build\Release\ac_node_addon.node 2023-09-03 14:55 - 2023-09-15 17:21 - 000175104 _____ () [Fichier non signé] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ffi-napi\build\Release\ffi_bindings.node 2023-09-03 14:55 - 2023-04-14 14:18 - 000159744 _____ () [Fichier non signé] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ref-napi\prebuilds\win32-ia32\electron.napi.node 2023-09-03 14:55 - 2023-04-14 14:18 - 000319488 _____ () [Fichier non signé] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\sharp\build\Release\sharp-win32-ia32.node 2020-11-06 14:58 - 2020-12-16 19:11 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\Origin\LIBEAY32.dll 2020-11-06 14:58 - 2020-12-16 19:11 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\Origin\ssleay32.dll 2020-11-06 14:58 - 2020-12-16 19:11 - 001611264 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2023-03-15 12:59 - 2020-12-16 19:11 - 005487104 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Core.dll 2023-03-15 12:59 - 2020-12-16 19:11 - 005841920 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Gui.dll 2023-03-15 12:59 - 2020-12-16 19:11 - 001179136 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Network.dll 2023-03-15 12:59 - 2020-12-16 19:11 - 000146432 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5WebSockets.dll 2023-03-15 12:59 - 2020-12-16 19:11 - 005089792 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2023-03-15 12:59 - 2020-12-16 19:11 - 000184832 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Xml.dll 2019-06-07 01:57 - 2019-06-07 01:57 - 000427520 _____ (TODO: ) [Fichier non signé] C:\Program Files\ASUS\Aac_Keyboard\AacKbHal_x86.dll ==================== Alternate Data Streams (Avec liste blanche) ======== (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\eSupport:err [1190] AlternateDataStreams: C:\ProgramData\DisplaySessionContainer1.log:F107EE40EF [3442] AlternateDataStreams: C:\ProgramData\DisplaySessionContainer1.log_backup1:2DD1EC5C91 [3442] AlternateDataStreams: C:\ProgramData\DisplaySessionContainer10.log:CCC93B07B0 [3442] AlternateDataStreams: C:\ProgramData\DisplaySessionContainer10.log_backup1:AD433BF298 [3442] AlternateDataStreams: C:\ProgramData\DisplaySessionContainer11.log:72C8986B20 [3442] AlternateDataStreams: C:\ProgramData\DisplaySessionContainer11.log_backup1:97A90964FA [3442] AlternateDataStreams: C:\ProgramData\DisplaySessionContainer12.log:C40F6B9209 [3442] AlternateDataStreams: C:\ProgramData\DisplaySessionContainer12.log_backup1:7CC29836A6 [3442] AlternateDataStreams: C:\ProgramData\DisplaySessionContainer13.log:AE3C879266 [3442] AlternateDataStreams: C:\ProgramData\DisplaySessionContainer13.log_backup1:AF8AA3CDC1 [3442] AlternateDataStreams: C:\ProgramData\DisplaySessionContainer14.log:DE1448F4D7 [3442] AlternateDataStreams: C:\ProgramData\DisplaySessionContainer14.log_backup1:D61270D3FD [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.6 64-bit.lnk:DA0DFD6EE5 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.20.lnk:517F953EB5 [3442] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [10732] AlternateDataStreams: C:\Users\sebfr\Desktop\FRST64.exe:MBAM.Zone.Identifier [193] ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== HKU\S-1-5-21-3341794427-3370885200-1749406869-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE BHO: Pas de nom -> {2AA887AE-A626-4609-97DE-A6E938F2D964}' -> Pas de fichier BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2019-01-30] (Logitech Inc -> Logitech, Inc.) BHO-x32: Pas de nom -> {2AA887AE-A626-4609-97DE-A6E938F2D964}' -> Pas de fichier BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2019-01-30] (Logitech Inc -> Logitech, Inc.) (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\S-1-5-21-3341794427-3370885200-1749406869-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-3341794427-3370885200-1749406869-1001\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-3341794427-3370885200-1749406869-1001\Control Panel\Desktop\\Wallpaper -> d:\downloads\fettness-–-post-681.jpg DNS Servers: 10.0.0.243 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKLM\...\StartupApproved\Run: => "Riot Vanguard" HKLM\...\StartupApproved\Run32: => "WDDiscovery" HKU\S-1-5-21-3341794427-3370885200-1749406869-1001\...\StartupApproved\Run: => "Discord" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{FAE1C317-0AEA-4E63-BE2F-FA9F69EB776D}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. -> ) FirewallRules: [{97117DA7-2A4D-4A90-9C96-41EE18EF090D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stumble Guys\Stumble Guys.exe () [Fichier non signé] FirewallRules: [{25CACA3E-EFAF-4311-B44A-4F4442E791ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stumble Guys\Stumble Guys.exe () [Fichier non signé] FirewallRules: [{71F3C1D3-EF28-44A5-BC40-EEBF79F68769}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{E8ADE77C-8495-47EA-B2EF-C9A4E1B47777}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{63C76AC9-42DF-464F-8B89-8B54E538E70A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{D1A28807-4886-47EE-A3ED-760DB6DB9F6C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{92AC4305-4C63-4CBD-9F96-6A063F221C12}] => (Block) C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{18AE5A0C-B174-4E27-A4F8-63B9BC5A55DA}] => (Block) C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{5FAA9D15-C844-441E-8062-608C275859B0}C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{D2221057-D8B9-4D78-8EDB-0E0180D826D2}C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{ABF9C275-02E7-45CF-A6B1-0767B72C9645}] => (Block) C:\users\sebfr\appdata\local\vysor\app-4.1.77\vysor.exe => Pas de fichier FirewallRules: [{60676FEB-3067-4D30-AF0F-A20AF6B8646D}] => (Block) C:\users\sebfr\appdata\local\vysor\app-4.1.77\vysor.exe => Pas de fichier FirewallRules: [UDP Query User{143A5C72-0348-4415-A4D2-ED66576EDF70}C:\users\sebfr\appdata\local\vysor\app-4.1.77\vysor.exe] => (Allow) C:\users\sebfr\appdata\local\vysor\app-4.1.77\vysor.exe => Pas de fichier FirewallRules: [TCP Query User{DFE3EEAF-29E9-44BA-A875-4DDC8269B35D}C:\users\sebfr\appdata\local\vysor\app-4.1.77\vysor.exe] => (Allow) C:\users\sebfr\appdata\local\vysor\app-4.1.77\vysor.exe => Pas de fichier FirewallRules: [{CBBA9371-7DC3-464B-A144-A8D446D934CE}] => (Allow) C:\Program Files (x86)\iMobie\DroidKit\xldownload\download\MiniThunderPlatform.exe => Pas de fichier FirewallRules: [{6ED87878-80B1-432C-A2CD-516AD6803744}] => (Allow) C:\Program Files (x86)\iMobie\DroidKit\xldownload\download\MiniThunderPlatform.exe => Pas de fichier FirewallRules: [UDP Query User{22BF7634-0A7B-4215-8308-90870A7C7664}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{B73D4A7F-24F2-4149-A342-E1A6A7C5AF48}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{949E8EBB-55B0-4856-B0F3-FEF30E9B933B}] => (Allow) C:\Users\sebfr\AppData\Roaming\uTorrent\uTorrent.exe => Pas de fichier FirewallRules: [{EABFB392-45EC-4AC1-BF2A-486EAA7D3661}] => (Allow) C:\Users\sebfr\AppData\Roaming\uTorrent\uTorrent.exe => Pas de fichier FirewallRules: [{CAD5F97B-F23B-4B99-A008-A8B13AA0577C}] => (Allow) C:\Users\sebfr\AppData\Roaming\uTorrent\uTorrent.exe => Pas de fichier FirewallRules: [{FAAD984E-B160-487B-9D61-91DF4E9F0B7E}] => (Allow) C:\Users\sebfr\AppData\Roaming\uTorrent\uTorrent.exe => Pas de fichier FirewallRules: [{FC7B320A-13C0-4F9E-92E4-2597A4D9782B}] => (Allow) C:\Users\sebfr\AppData\Roaming\uTorrent\uTorrent.exe => Pas de fichier FirewallRules: [{2E6267DE-A9AB-43C2-8FDE-89601D6BB463}] => (Allow) C:\Users\sebfr\AppData\Roaming\uTorrent\uTorrent.exe => Pas de fichier FirewallRules: [{35A83543-AB16-4199-A0FD-55BD4D0F11F8}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_cdacbd58a24d27d4\ASUSLinkRemote\LinktoMyASUS_Agent-remote.exe => Pas de fichier FirewallRules: [{35B865DA-62D4-4AF9-A6F9-787289F66C0C}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_cdacbd58a24d27d4\ASUSLinkRemote\LinktoMyASUS_Agent-remote.exe => Pas de fichier FirewallRules: [{5B1B5F63-7C91-469D-BF9A-5AFFCF1DF52E}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => Pas de fichier FirewallRules: [{E0B7F414-EA51-46A6-B621-69B3D7C9790F}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => Pas de fichier FirewallRules: [{718BE6FD-BD4E-4E54-82EC-E59FEAE72233}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{099585B7-636D-4011-8F93-1F9A0B322063}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{39C68AED-C58C-4283-8995-5C782BCD792B}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.) FirewallRules: [{ED7F8C12-EF81-41CA-8B96-827AF71DC575}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.) FirewallRules: [TCP Query User{38E8564E-6FD5-4638-ADBD-014B6391E411}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{3C68BEF5-DC4F-4AD9-954F-709ED072076F}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{22A2D54E-EDD4-42B0-AD61-D647687673FB}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{F4D4229B-D5A9-44EB-998D-1DF0FE205369}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [TCP Query User{A13C30D1-7F00-4024-8B3A-5FA1CBE8D70E}C:\program files\epic games\fallguys\fallguys_client_game.exe] => (Block) C:\program files\epic games\fallguys\fallguys_client_game.exe () [Fichier non signé] FirewallRules: [UDP Query User{568C8450-AA50-4885-A32E-5D9B034D7507}C:\program files\epic games\fallguys\fallguys_client_game.exe] => (Block) C:\program files\epic games\fallguys\fallguys_client_game.exe () [Fichier non signé] FirewallRules: [TCP Query User{5ED0CAD1-973C-415C-BFE2-23D54D0DEB1A}C:\users\sebfr\appdata\local\discord\app-1.0.9006\discord.exe] => (Allow) C:\users\sebfr\appdata\local\discord\app-1.0.9006\discord.exe => Pas de fichier FirewallRules: [UDP Query User{591B26A4-EA26-4549-B8AB-4883B718A117}C:\users\sebfr\appdata\local\discord\app-1.0.9006\discord.exe] => (Allow) C:\users\sebfr\appdata\local\discord\app-1.0.9006\discord.exe => Pas de fichier FirewallRules: [{DBB508DB-18F1-48CE-94A9-10A28E32616F}] => (Block) C:\users\sebfr\appdata\local\discord\app-1.0.9006\discord.exe => Pas de fichier FirewallRules: [{38E2E90A-74C3-4FA0-8480-9B2FFE3CE68E}] => (Block) C:\users\sebfr\appdata\local\discord\app-1.0.9006\discord.exe => Pas de fichier FirewallRules: [TCP Query User{E9A6D1CF-407D-4B94-BB80-EC6B9A377C7B}C:\users\sebfr\appdata\local\discord\app-1.0.9008\discord.exe] => (Block) C:\users\sebfr\appdata\local\discord\app-1.0.9008\discord.exe => Pas de fichier FirewallRules: [UDP Query User{D49AE418-9BD0-455A-B424-6D7445B4EC5A}C:\users\sebfr\appdata\local\discord\app-1.0.9008\discord.exe] => (Block) C:\users\sebfr\appdata\local\discord\app-1.0.9008\discord.exe => Pas de fichier FirewallRules: [TCP Query User{30F19A21-06A0-4DE3-A752-67D014B0685F}C:\program files (x86)\steam\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe => Pas de fichier FirewallRules: [UDP Query User{3F6DCDE6-C414-4677-9114-2F1BBE04085B}C:\program files (x86)\steam\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe => Pas de fichier FirewallRules: [{2856D718-8A37-4AA6-95D3-5F3EC49A3843}] => (Block) C:\program files (x86)\steam\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe => Pas de fichier FirewallRules: [{3908BEDD-8E8D-4EBB-9B30-9B08A6BB778A}] => (Block) C:\program files (x86)\steam\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe => Pas de fichier FirewallRules: [{66D2AB3E-8BEF-4C0F-A151-AF423AF59C23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Containment Breach Multiplayer\game.exe () [Fichier non signé] FirewallRules: [{D8EA507A-B8A4-47C5-8838-37D9FC343C29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Containment Breach Multiplayer\game.exe () [Fichier non signé] FirewallRules: [TCP Query User{F27CD8F0-5B0A-4C12-ABC4-FBB325AE7B18}C:\users\sebfr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\sebfr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe => Pas de fichier FirewallRules: [UDP Query User{7722CF8A-F0BC-41B8-BC61-4B2EFC02CFBD}C:\users\sebfr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\sebfr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe => Pas de fichier FirewallRules: [{AFD135CA-F128-4153-9FCD-A4BC1F98DEE3}] => (Block) C:\users\sebfr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe => Pas de fichier FirewallRules: [{C818E1A0-25B3-48C6-9BDA-BE89C28CF823}] => (Block) C:\users\sebfr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe => Pas de fichier FirewallRules: [TCP Query User{C5FDF269-702A-4955-92BC-9E8E0E21E24A}C:\riot games\riot client\riotclientservices.exe] => (Block) C:\riot games\riot client\riotclientservices.exe => Pas de fichier FirewallRules: [UDP Query User{797813CD-8C32-409B-ADDF-CCDC74ACA608}C:\riot games\riot client\riotclientservices.exe] => (Block) C:\riot games\riot client\riotclientservices.exe => Pas de fichier FirewallRules: [TCP Query User{96FB7268-4DE8-4834-950F-DCD0878F837F}C:\users\sebfr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\sebfr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => Pas de fichier FirewallRules: [UDP Query User{79D23E92-AC5B-4C9C-9D0E-E590DFBF5742}C:\users\sebfr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\sebfr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => Pas de fichier FirewallRules: [{17872112-C932-4550-9DB5-9212F40717D0}] => (Block) C:\users\sebfr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => Pas de fichier FirewallRules: [{F6342069-8932-4F8C-9913-F7F6D9216085}] => (Block) C:\users\sebfr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => Pas de fichier FirewallRules: [{E7B8AE2F-E2AE-4DAA-A474-804F029E2E07}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{58BF7650-AC21-4FE0-9315-358A60A3E6BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{9B6EFCA1-0A84-419E-8A60-31DDFBC09ACF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{63F6B042-6A7A-4D91-961A-E3F7D016AFC0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{5BB63753-41BE-4894-8372-282AB5472918}C:\users\sebfr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sebfr\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{3C2919BF-B676-4E64-AF3D-61909BC75A71}C:\users\sebfr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sebfr\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{5DE41B01-90E0-4881-9059-3F5AC9F674ED}] => (Block) C:\users\sebfr\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BAE73E67-945C-494E-9AE2-0642B79B1C9E}] => (Block) C:\users\sebfr\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{0661B2AE-E2B3-45E0-BEC3-64F34FAAEC08}C:\users\sebfr\appdata\local\discord\app-1.0.9013\discord.exe] => (Block) C:\users\sebfr\appdata\local\discord\app-1.0.9013\discord.exe => Pas de fichier FirewallRules: [UDP Query User{64288D35-6E7D-4F4F-B621-7769F96498DE}C:\users\sebfr\appdata\local\discord\app-1.0.9013\discord.exe] => (Block) C:\users\sebfr\appdata\local\discord\app-1.0.9013\discord.exe => Pas de fichier FirewallRules: [TCP Query User{C11DC978-78EE-4927-933A-3AAA550E81DF}C:\users\sebfr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\sebfr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => Pas de fichier FirewallRules: [UDP Query User{6A550E58-9319-466D-9A85-A28AF31EB141}C:\users\sebfr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\sebfr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => Pas de fichier FirewallRules: [{1722FE29-E77B-4B8D-A82D-020126C11882}] => (Block) C:\users\sebfr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => Pas de fichier FirewallRules: [{F727D8A9-5D8E-4493-9773-2918B5486F57}] => (Block) C:\users\sebfr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => Pas de fichier FirewallRules: [{C942B278-4369-48B0-8805-4950C88A664E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\SCPSL.exe (Hubert Moszka Northwood -> ) FirewallRules: [{E60FB917-D13A-4638-B03E-28BD55E50E3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\SCPSL.exe (Hubert Moszka Northwood -> ) FirewallRules: [{8025930E-8664-488A-A920-C116090E89F8}] => (Allow) D:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe => Pas de fichier FirewallRules: [{061D63D9-1F4A-4473-BDEA-B7BD89624901}] => (Allow) D:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe => Pas de fichier FirewallRules: [{EC18AF92-2A33-4536-8E49-6FFD1DC19767}] => (Allow) D:\SteamLibrary\steamapps\common\UpGun\UpGun.exe => Pas de fichier FirewallRules: [{1C116D8E-B657-4A33-BE27-456080245343}] => (Allow) D:\SteamLibrary\steamapps\common\UpGun\UpGun.exe => Pas de fichier FirewallRules: [{3DE4E6A2-3422-4069-B450-FECFD6077C8C}] => (Allow) D:\SteamLibrary\steamapps\common\Muck\Muck.exe => Pas de fichier FirewallRules: [{C6185E15-7496-4895-B757-5DB5AD1BFB91}] => (Allow) D:\SteamLibrary\steamapps\common\Muck\Muck.exe => Pas de fichier FirewallRules: [{4E5C8E86-95F3-4429-9C23-F854576D8F45}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod) FirewallRules: [{B9E7720D-40F9-4B04-8A88-E71301010A39}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod) FirewallRules: [{FB9A6135-F34E-41DC-885D-3FF6EFF0F29B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{A6AE4C95-CCF5-4B4B-98B8-0FB75939F85C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{87AA11CE-A333-424C-A0DF-D4C534249510}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{85C23DB0-234A-4917-972C-366273FDB9C5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5A3421ED-3DC6-48E0-B672-1D7B337F8E8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe (Toby Fox) [Fichier non signé] FirewallRules: [{845F19FA-F36C-443C-A73D-ECEF5A0D157B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe (Toby Fox) [Fichier non signé] FirewallRules: [{4E5C0DA6-0D1C-4D80-9778-1956856C0025}] => (Allow) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe (ASUSTeK COMPUTER INC. -> ) FirewallRules: [{97201102-9DB7-40B4-A379-EEE2276B7198}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) FirewallRules: [{65DE2480-BEE9-4C4C-B9A5-FD5B023F6CB5}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS) FirewallRules: [{0725612A-9F87-4735-BBB5-123EFB764251}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS) FirewallRules: [{E91FC9E3-D152-4377-A875-CD05E6F9C0F2}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSLinkRemote\AsusLinkRemoteAgent.exe => Pas de fichier FirewallRules: [{E1362010-5FFA-4B4E-A8C9-2DB00FC34A29}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSLinkRemote\AsusLinkRemoteAgent.exe => Pas de fichier FirewallRules: [{604B829A-E67F-433E-A146-FF576ECC6659}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.6.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.) FirewallRules: [{A68EC7AE-7A36-4B75-9F8C-25C30F1D64AF}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.6.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.) FirewallRules: [{C2D1C1DB-8D95-4F88-84AB-01431C08836D}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.6.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.) FirewallRules: [{F764480D-15C6-4E19-B648-73DFC8B1E71F}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.6.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.) FirewallRules: [{D7805014-7F21-486A-8708-5D8217DDAF32}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) FirewallRules: [{D44524BB-4460-463C-B56E-737F04851B35}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) FirewallRules: [{34C8D7DB-D4FE-4E4A-8D0A-339072D2783C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24033.1006.2736.8026_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{05FFFF4F-934B-4377-8A5A-8AC3165E65AF}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24033.1006.2736.8026_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F09ED917-36DE-4C1D-B60F-4A210C9483DD}] => (Allow) C:\Program Files\Google\Play Games\current\emulator\crosvm.exe (Google LLC -> ) FirewallRules: [{593A1233-4039-4560-B3E4-E73C053B93F1}] => (Allow) C:\Program Files\Google\Play Games\current\emulator\crosvm.exe (Google LLC -> ) FirewallRules: [{040BA72E-E5E1-45F9-9581-78513E391919}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{63427865-F422-4A96-B3DD-A46F8115C5FC}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{7D886EE1-F670-40B2-B2FF-F783BC65CDA5}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSwitch\AsusSwitchNet.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) FirewallRules: [{75DA3F26-534A-4600-B1B6-3F373C335AF1}] => (Allow) C:\Program Files\ASUS\GlideX\GlideXService.exe (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) FirewallRules: [{6FA73779-C0AF-4C53-A92C-7D3267D04BA7}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSwitch\AsusSwitchNetMDNS.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) FirewallRules: [{BA514107-5A26-48A4-AA9F-A36F2E6E5791}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. -> ) FirewallRules: [{5F2232B1-D2C4-4506-A182-32EC9F369BE2}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. -> ) ==================== Points de restauration ========================= 13-03-2024 09:40:22 Windows Update 16-03-2024 10:35:36 Windows Update ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (03/16/2024 11:32:52 AM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Le service de recherche Windows a été arrêté à cause d’un problème avec l’indexeur : Échec de la phase de récupération. Contexte : Application , Catalogue SystemIndex Détails : 0x%08x (0x80040d23 - Fermeture du rassembleur en cours (HRESULT : 0x80040d23)) Error: (03/16/2024 11:32:52 AM) (Source: Windows Search Service) (EventID: 3602) (User: ) Description: ID d’erreur 1 survenu lors de l’étape de récupération de Windows Search. Redémarrez le service. Si l’erreur persiste, recréez l’index. Contexte : Application , Catalogue SystemIndex Détails : 0x%08x (0x80040d23 - Fermeture du rassembleur en cours (HRESULT : 0x80040d23)) Error: (03/15/2024 11:01:59 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: AUTORITE NT) Description: Windows ne peut pas charger la DLL de compteur extensible « C:\WINDOWS\system32\sysmain.dll » (code d'erreur Win32 126). Error: (03/13/2024 09:52:21 AM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Le service de recherche Windows a été arrêté à cause d’un problème avec l’indexeur : Échec de la phase de récupération. Contexte : Application , Catalogue SystemIndex Détails : 0x%08x (0x80040d23 - Fermeture du rassembleur en cours (HRESULT : 0x80040d23)) Error: (03/13/2024 09:52:21 AM) (Source: Windows Search Service) (EventID: 3602) (User: ) Description: ID d’erreur 1 survenu lors de l’étape de récupération de Windows Search. Redémarrez le service. Si l’erreur persiste, recréez l’index. Contexte : Application , Catalogue SystemIndex Détails : 0x%08x (0x80040d23 - Fermeture du rassembleur en cours (HRESULT : 0x80040d23)) Error: (03/13/2024 09:25:31 AM) (Source: VSS) (EventID: 13) (User: ) Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours.] Error: (03/13/2024 09:25:30 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours.. Error: (03/13/2024 09:25:30 AM) (Source: VSS) (EventID: 13) (User: ) Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours.] Erreurs système: ============= Error: (03/17/2024 09:01:26 AM) (Source: Tcpip) (EventID: 4207) (User: ) Description: L'interface TCP/IP IPv6 avec l'index 13 a échoué dans la liaison à son fournisseur. Error: (03/17/2024 09:01:11 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service ArmouryCrateService. Error: (03/16/2024 10:24:02 PM) (Source: Tcpip) (EventID: 4207) (User: ) Description: L'interface TCP/IP IPv6 avec l'index 13 a échoué dans la liaison à son fournisseur. Error: (03/16/2024 11:34:44 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-JALJ06ML) Description: Le serveur {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (03/16/2024 11:32:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Windows Search s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service. Error: (03/16/2024 11:32:52 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service Windows Search s’est arrêté avec l’erreur : Une ouverture de session spécifiée n’existe pas. Elle est peut-être déjà terminée. Error: (03/16/2024 11:32:40 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service GameInput Service s’est terminé de façon inattendue pour la 6ème fois. Error: (03/16/2024 11:32:40 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service GameInput Service s’est arrêté avec l’erreur : Le fichier composé GameInput Service a été produit avec une version plus récente de la mémoire. Windows Defender: ================ Date: 2024-03-14 23:53:16 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {5920FAF6-66A1-4B60-B8BD-C311044EE5EE} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2024-03-12 09:10:43 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Keygen&threatid=225063&enterprise=0 Nom : PUA:Win32/Keygen ID : 225063 Gravité : Faible Catégorie : Logiciel potentiellement non désiré Chemin : file:_D:\Application\Adobe Premiere Pro CC 2014(64-bits)+Universal Adobe Patcher 1.1\Universal Adobe Patcher 1.1-PainteR.exe Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : LAPTOP-JALJ06ML\sebfr Nom du processus : C:\Windows\explorer.exe Version de la veille de sécurité : AV: 1.407.245.0, AS: 1.407.245.0, NIS: 1.407.245.0 Version du moteur : AM: 1.1.24020.9, NIS: 1.1.24020.9 Event[0] Date: 2024-03-16 11:32:02 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité et va tenter de rétablir une version précédente. Veille de sécurité tentée : Actuelle Code d’erreur : 0x80501102 Description de l’erreur : Un problème inattendu s’est produit. Installez toutes les mises à jour disponibles, puis essayez de redémarrer le programme. Pour plus d’informations sur l’installation des mises à jour, voir Aide et support. Version de la veille de sécurité : 1.407.454.0;1.407.454.0 Version du moteur : 1.1.24020.9 Date: 2024-03-12 10:38:38 Description: La fonctionnalité de protection en temps réel Antivirus Microsoft Defender a rencontré une erreur et échoué. Fonctionnalité : Sur accès Code d’erreur : 0x8007043c Description de l’erreur : Ce service ne peut pas être démarré en mode sans échec Raison : La veille de sécurité contre les logiciels malveillants a cessé de fonctionner pour une raison inconnue. Dans certains cas, le redémarrage du service peut résoudre le problème. Date: 2024-03-12 10:37:18 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité et va tenter de rétablir une version précédente. Veille de sécurité tentée : Actuelle Code d’erreur : 0x80501102 Description de l’erreur : Un problème inattendu s’est produit. Installez toutes les mises à jour disponibles, puis essayez de redémarrer le programme. Pour plus d’informations sur l’installation des mises à jour, voir Aide et support. Version de la veille de sécurité : 1.407.245.0;1.407.245.0 Version du moteur : 1.1.24020.9 CodeIntegrity: =============== Date: 2024-03-17 09:30:12 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. G731GU.312 02/19/2021 Carte mère: ASUSTeK COMPUTER INC. G731GU Processeur: Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz Pourcentage de mémoire utilisée: 34% Mémoire physique - RAM - totale: 16234.27 MB Mémoire physique - RAM - disponible: 10637.24 MB Mémoire virtuelle totale: 31594.27 MB Mémoire virtuelle disponible: 22558 MB ==================== Lecteurs ================================ Drive c: (OS) (Fixed) (Total:237.51 GB) (Free:61.98 GB) (Model: KINGSTON RBUSNS8154P3256GJ3) NTFS Drive d: (Docs) (Fixed) (Total:931.51 GB) (Free:931.36 GB) (Model: ST1000LX015-1U7172) NTFS \\?\Volume{975ce422-7c1b-43aa-a4d1-022342ec8c89}\ () (Fixed) (Total:0.69 GB) (Free:0.08 GB) NTFS \\?\Volume{ad027833-fc2e-41f7-8c76-2d68d1269ace}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: F360A1CA) Partition: GPT. ========================================================== Disk: 1 (Size: 238.5 GB) (Disk ID: 6D74F7C2) Partition: GPT. ==================== Fin de Addition.txt =======================