Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 11-12-2021
Exécuté par pyerc (25-12-2021 20:04:33)
Exécuté depuis C:\Users\pyerc\Downloads
Microsoft Windows 10 Famille Version 20H2 19042.1415 (X64) (2021-12-12 18:10:16)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
Administrateur (S-1-5-21-343876638-1196774082-2273979638-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-343876638-1196774082-2273979638-503 - Limited - Disabled)
Invité (S-1-5-21-343876638-1196774082-2273979638-501 - Limited - Disabled)
pyerc (S-1-5-21-343876638-1196774082-2273979638-1001 - Administrator - Enabled) => C:\Users\pyerc
WDAGUtilityAccount (S-1-5-21-343876638-1196774082-2273979638-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: Pare-feu McAfee (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.6.0.788.2 - Adobe Inc.)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_0_1) (Version: 23.0.1.68 - Adobe Inc.)
Ankama Launcher 3.5.10 (HKLM\...\{410fcd79-1be8-5bf1-986e-ea09c55f7edf}) (Version: 3.5.10 - Ankama)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1189.1 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.88 - Piriform)
Contrôle d’intégrité du PC Windows (HKLM\...\{0150BDB3-AFFD-47A1-ADB8-DE06658EB3B2}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Discord (HKU\S-1-5-21-343876638-1196774082-2273979638-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.110 - Google LLC)
League of Legends (HKU\S-1-5-21-343876638-1196774082-2273979638-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.10.26.0 - Lenovo Group Ltd.)
Malwarebytes version 4.5.0.152 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.0.152 - Malwarebytes)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R40 - McAfee, LLC)
Microsoft .NET Runtime - 5.0.12 (x64) (HKLM-x32\...\{5bd6ae15-bcab-4509-86af-c5dfc54b60d7}) (Version: 5.0.12.30622 - Microsoft Corporation)
Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.14701.20262 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-343876638-1196774082-2273979638-1001\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.9 (x64) (HKLM-x32\...\{70502eec-6d06-46ce-8acb-84c9d5248a12}) (Version: 5.0.9.30315 - Microsoft Corporation)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.20.0221 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Pilote graphique 466.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.92 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.14701.20248 - Microsoft Corporation) Hidden
Opera GX Stable 82.0.4227.50 (HKU\S-1-5-21-343876638-1196774082-2273979638-1001\...\Opera GX 82.0.4227.50) (Version: 82.0.4227.50 - Opera Software)
Resanance (HKLM\...\{63FAC2F3-0664-412F-A9C3-28883FD743E7}) (Version: 2.7.1 - WasntAFairFight)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software)
WebAdvisor par McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.659 - McAfee, LLC)
WinDirStat 1.1.2 (HKU\S-1-5-21-343876638-1196774082-2273979638-1001\...\WinDirStat) (Version: - )
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-343876638-1196774082-2273979638-1001\...\ZoomUMX) (Version: 5.8.7 (2058) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2021-12-12] (Adobe Systems Incorporated)
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.50017.0_x64__0a9344xs7nr4m [2021-12-13] (Advanced Micro Devices Inc.) [Startup Task]
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.41601.0_x64__8wekyb3d8bbwe [2021-12-15] (Microsoft Corporation)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.22.2.0_x64__6rarf9sa4v8jt [2021-12-16] (Disney)
Extension vidéo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-12-15] (Microsoft Corporation)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.15.0_x64__5grkq8ppsgwt4 [2021-12-16] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2112.10.0_x64__k1h2ywk1493x8 [2021-12-23] (LENOVO INC.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12030.0_x64__8wekyb3d8bbwe [2021-12-15] (Microsoft Studios) [MS Ad]
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.8.13.0_x64__w2gh52qy24etm [2021-12-25] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-12-15] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.22.240.0_x64__dt26b99r8h8gj [2021-12-12] (Realtek Semiconductor Corp)
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-343876638-1196774082-2273979638-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-1EBCAFA6133D} -> [Creative Cloud Files] => C:\Users\pyerc\Creative Cloud Files [2021-12-12 21:55]
CustomCLSID: HKU\S-1-5-21-343876638-1196774082-2273979638-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-343876638-1196774082-2273979638-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\pyerc\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
CustomCLSID: HKU\S-1-5-21-343876638-1196774082-2273979638-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-10-22] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-12-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2021-08-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_600ce8aef81e1f18\nvshext.dll [2021-07-28] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-12-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-10-22] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Avec liste blanche) ====================
==================== Raccourcis & WMI ========================
==================== Modules chargés (Avec liste blanche) =============
2021-12-23 22:41 - 2021-12-13 02:26 - 000675328 _____ () [Fichier non signé] [Fichier en cours d'utilisation] C:\ProgramData\Lenovo\iMController\Plugins\LenovoVisionProtectionPlugin\x64\PlatformInterface.dll
2021-12-12 19:39 - 2021-10-06 02:30 - 126961152 _____ () [Fichier non signé] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2021-12-12 19:39 - 2021-10-06 02:30 - 000384000 _____ () [Fichier non signé] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2021-12-12 19:39 - 2021-10-06 02:30 - 008006656 _____ () [Fichier non signé] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2021-12-15 18:09 - 2021-12-15 18:11 - 020160512 _____ () [Fichier non signé] C:\Program Files\WindowsApps\A-Volute.Nahimic_1.8.13.0_x64__w2gh52qy24etm\Nahimic3.dll
2021-12-15 20:40 - 2020-05-30 09:04 - 001638912 _____ (Robert Simpson, et al.) [Fichier non signé] C:\ProgramData\Lenovo\Vantage\Addins\GenericTelemetryAddin\1.0.0.34\x64\SQLite.Interop.dll
2021-12-12 19:39 - 2021-10-06 02:30 - 000983552 _____ (The Chromium Authors) [Fichier non signé] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
==================== Alternate Data Streams (Avec liste blanche) ========
==================== Mode sans échec (Avec liste blanche) ==================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Association (Avec liste blanche) =================
==================== Internet Explorer (Avec liste blanche) ==========
HKU\S-1-5-21-343876638-1196774082-2273979638-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-343876638-1196774082-2273979638-1001 -> DefaultScope {AB65BB67-BCAB-4437-B75E-7980E0403337} URL =
SearchScopes: HKU\S-1-5-21-343876638-1196774082-2273979638-1001 -> {AB65BB67-BCAB-4437-B75E-7980E0403337} URL =
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-12-20] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-12-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-12-20] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-18] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2021-10-22] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2021-10-22] (McAfee, LLC -> McAfee, LLC)
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-343876638-1196774082-2273979638-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pyerc\OneDrive\Images\Image cool\wallhaven-eo73pl.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-343876638-1196774082-2273979638-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-343876638-1196774082-2273979638-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-343876638-1196774082-2273979638-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{813C1398-34B5-4D1D-8D47-6CB804AD2DDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{98D97FDA-635B-4344-AF49-D860A7C26E82}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C8D52920-5C3F-4A32-B341-647B06855A52}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C7348D65-DE67-433B-98F0-0B6864526A8C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{69F05BDE-2376-41D7-90DF-C1531CE71207}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2ED5BB6A-F8EC-4360-9B30-DEF780C07BB5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{62471EC1-3322-44B3-B8A5-97E63ADAAF59}] => (Allow) C:\Program Files (x86)\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{43A3EBC8-4333-46D8-8A75-7351E6A3B8A7}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{E7D666BF-94DD-491C-831B-687BBC087236}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => Pas de fichier
FirewallRules: [{7B87F3E0-98B5-49FD-A838-319B717AB39C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{42C00103-6A65-4A3F-B0DF-4F5FFA4BD2F2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7EF4FEA7-38FC-493B-8CE9-1DECB5020908}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1E61D47C-E062-4490-B48A-1F932A3B7B10}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{58E8E1DA-A58C-4A4C-A060-8D7D2CF78DB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{86247DFF-52B7-4B27-8730-440D7430A30C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{093E4133-654A-4E52-97B1-E6355FEEF1FC}] => (Allow) C:\Users\pyerc\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B2C49C5F-81CE-4672-A2E6-98C1D06C34E6}] => (Allow) C:\Users\pyerc\AppData\Roaming\Zoom\bin\airhost.exe => Pas de fichier
FirewallRules: [{B134216F-5FEE-4CB2-8F6B-F40E04593D01}] => (Allow) C:\Users\pyerc\AppData\Roaming\Zoom\bin\airhost.exe => Pas de fichier
FirewallRules: [{336CE591-A75F-4B70-A027-2102A334FCB7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C1BD5220-B70E-490B-B201-00FDCE4AA0B2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3C28CFE1-97EF-46B1-A6E2-99C8DF3AFB14}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1C477A99-E410-4993-8583-7A883065965D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4637D08C-1BAC-47AC-975C-04B019F36F65}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0E03484E-1C8C-4C13-9A09-A379DF65E6AC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A5DD81C8-B6C4-4BD9-928C-EC4A44089903}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FCC6F3F7-6C4C-4ECF-8B51-21606AA8210C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [{9774B716-F518-4AB6-85FB-59C7C9AB31ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [{D32964BC-84E0-4BE6-BE74-BDB8C5607E79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monster Hunter World\MonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{D7338C06-B3FE-4BFC-B0B6-197E3444AEF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monster Hunter World\MonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
==================== Points de restauration =========================
==================== Éléments en erreur du Gestionnaire de périphériques ============
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (12/25/2021 07:59:14 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\LAPTOP-OJGOLB9M$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep :
GetCACaps
Méthode : GET(15ms)
Étape : GetCACaps
L’adresse ou le nom de serveur n’a pas pu être résolu 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Error: (12/25/2021 07:55:54 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\LAPTOP-OJGOLB9M$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep :
GetCACaps
Méthode : GET(125ms)
Étape : GetCACaps
L’adresse ou le nom de serveur n’a pas pu être résolu 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Error: (12/25/2021 07:55:16 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours.
]
Error: (12/25/2021 01:27:04 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\LAPTOP-OJGOLB9M$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep :
GetCACaps
Méthode : GET(31ms)
Étape : GetCACaps
L’adresse ou le nom de serveur n’a pas pu être résolu 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Error: (12/25/2021 01:16:19 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\LAPTOP-OJGOLB9M$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep :
GetCACaps
Méthode : GET(172ms)
Étape : GetCACaps
L’adresse ou le nom de serveur n’a pas pu être résolu 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Error: (12/25/2021 10:31:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante mbamtray.exe, version : 4.0.0.1190, horodatage : 0x61aa6c91
Nom du module défaillant : Qt5Core.dll, version : 5.14.1.0, horodatage : 0x603971ce
Code d’exception : 0xc0000005
Décalage d’erreur : 0x0000000000219dc5
ID du processus défaillant : 0xeb4
Heure de début de l’application défaillante : 0x01d7f97225c4283f
Chemin d’accès de l’application défaillante : C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Chemin d’accès du module défaillant: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
ID de rapport : 50ef457c-2a1b-4a38-bee6-c0263c9b0f96
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (12/25/2021 10:31:10 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center n'a pas pu valider l'appelant. Erreur %1.
Error: (12/25/2021 10:27:04 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\LAPTOP-OJGOLB9M$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep :
GetCACaps
Méthode : GET(16ms)
Étape : GetCACaps
L’adresse ou le nom de serveur n’a pas pu être résolu 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Erreurs système:
=============
Error: (12/25/2021 07:58:32 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-OJGOLB9M)
Description: Le serveur A-Volute.Nahimic_1.8.13.0_x64__w2gh52qy24etm!App ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/25/2021 07:58:25 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-OJGOLB9M)
Description: Le serveur {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/25/2021 07:51:26 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-OJGOLB9M)
Description: Le serveur {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/25/2021 07:45:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service GSpace Discover s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 100 millisecondes : Redémarrer le service.
Error: (12/25/2021 07:45:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service GSpace Discover s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 100 millisecondes : Redémarrer le service.
Error: (12/25/2021 07:45:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service GSpace Discover s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 100 millisecondes : Redémarrer le service.
Error: (12/25/2021 07:40:20 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-OJGOLB9M)
Description: Le serveur {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/25/2021 01:16:09 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 13:14:13 le 25/12/2021 n’était pas prévu.
CodeIntegrity:
===============
Date: 2021-12-25 20:02:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Microsoft signing level requirements.
Date: 2021-12-25 20:01:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee.com\Agent\WSCLLCGlobalSign.exe that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-12-25 20:01:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\McAfee\Platform\Core\vtploader.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Infos Mémoire ===========================
BIOS: LENOVO GKCN46WW 10/01/2021
Carte mère: LENOVO LNVNB161216
Processeur: AMD Ryzen 5 5600H with Radeon Graphics
Pourcentage de mémoire utilisée: 55%
Mémoire physique - RAM - totale: 14188.06 MB
Mémoire physique - RAM - disponible: 6351.55 MB
Mémoire virtuelle totale: 23404.06 MB
Mémoire virtuelle disponible: 13380.73 MB
==================== Lecteurs ================================
Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:167.62 GB) NTFS
\\?\Volume{2da7ca4f-367d-416b-b1db-95b5d8dc375c}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.51 GB) NTFS
\\?\Volume{80888076-8e29-4fa9-8282-fa36cd1aee75}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: F43F1B41)
Partition: GPT.
==================== Fin de Addition.txt =======================