Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 11-01-2023
Exécuté par Gooch (13-01-2023 23:05:09)
Exécuté depuis C:\Users\Gooch\Downloads
Microsoft Windows 10 Professionnel Version 22H2 19045.2364 (X64) (2022-12-26 13:14:08)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================


(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

Administrateur (S-1-5-21-3498185377-1489503037-3460070662-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3498185377-1489503037-3460070662-503 - Limited - Disabled)
Gooch (S-1-5-21-3498185377-1489503037-3460070662-1001 - Administrator - Enabled) => C:\Users\Gooch
Invité (S-1-5-21-3498185377-1489503037-3460070662-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3498185377-1489503037-3460070662-504 - Limited - Disabled)

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Security (Enabled - Up to date) {76C0BF9F-9FD3-D249-DE2F-7A33A59B9258}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

Avira Fallback Updater (HKLM-x32\...\Avira Fallback Updater) (Version: - ) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.41.1.25731 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.81.10 - Avira Operations GmbH) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.22.0.12 - Avira Operations GmbH) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.07 - Piriform)
CORSAIR iCUE 4 Software (HKLM\...\{86C13C65-A4F5-4ADD-B288-7725D2359512}) (Version: 4.31.168 - Corsair)
Discord (HKU\S-1-5-21-3498185377-1489503037-3460070662-1001\...\Discord) (Version: 1.0.9008 - Discord Inc.)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.12.8.3315 - Steinberg Media Technologies GmbH)
Endpoint Protection SDK (HKLM\...\{68E1CCB4-4965-4713-BDEB-77F6D6C9BF9D}_is1) (Version: 1.0.2212.316 - Avira Operations GmbH & Co. KG) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.75 - Google LLC)
Guitar Pro 7 - Soundbanks (HKLM-x32\...\com.arobas-music.guitarpro7-soundbanks_is1) (Version: 1.1.123 - Arobas Music)
League of Legends (HKU\S-1-5-21-3498185377-1489503037-3460070662-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Malwarebytes version 4.5.19.229 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.19.229 - Malwarebytes)
Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.15928.20216 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.76 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.76 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{6BBE9278-659F-FA16-E4B8-C2D60DE0DCC7}) (Version: 10.1.22621.1863 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.248.1127.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30139 (HKLM-x32\...\{8d5fdf81-7022-423f-bd8b-b513a1050ae1}) (Version: 14.29.30139.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30139 (HKLM-x32\...\{1AEA8854-7597-4CD3-948F-8DE364D94E07}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30139 (HKLM-x32\...\{1679EF65-55F3-4248-B91E-6B3BE1A69CDF}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.160 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.160 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation)
NVIDIA Pilote graphique 527.56 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 527.56 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15928.20198 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.7.1209.121307 - Razer Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries GG 30.0.0 (HKLM\...\SteelSeries GG) (Version: 30.0.0 - SteelSeries ApS)
Steinberg Activation Manager (HKLM\...\{0224CA8C-FD43-4397-94CE-319B9471016A}) (Version: 1.4.11 - Steinberg Media Technologies GmbH)
Steinberg Cubase LE AI Elements 10 (HKLM\...\{4CEE80AB-3E5E-43AF-85AA-7EB1FB8590C3}) (Version: 10.0.40 - Steinberg Media Technologies GmbH)
Steinberg Cubase LE AI Elements 11 (HKLM\...\{3A87AFFA-4B3E-408C-9B24-E843DBF6D0FF}) (Version: 11.0.40 - Steinberg Media Technologies GmbH)
Steinberg Download Assistant (HKLM-x32\...\Steinberg Download Assistant) (Version: 1.33.2 - Steinberg Media Technologies GmbH)
Steinberg Generic Lower Latency ASIO Driver 64bit (HKLM\...\{16D5A798-10BE-4FF3-BB71-54C012CD0D7D}) (Version: 1.0.12 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 5 (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 5.1.11 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 3 Component (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 3.5.10 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Standalone (HKLM\...\{2D64E1A0-02C7-4AED-BCC6-3A5E5C91D6E2}) (Version: 3.5.10 - Steinberg Media Technologies GmbH)
Steinberg Install Assistant (HKLM\...\{2E7DF371-6034-4FC7-AE30-100AC21A1003}) (Version: 1.2.0 - Steinberg Media Technologies GmbH)
Steinberg Library Manager (HKLM\...\{AA78592A-F13C-4C8E-B849-7A398001FA7F}) (Version: 3.2.20 - Steinberg Media Technologies GmbH)
Steinberg SpectraLayers 8 (HKLM\...\424abc1e-aca9-452c-9b47-4klc6gh53b42_is1) (Version: 8.0.20.281 - Steinberg)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Voicemod (HKLM\...\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1) (Version: 2.37.2.0 - Voicemod S.L.)

Packages:
=========
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.19.5101.0_x64__8wekyb3d8bbwe [2023-01-01] (Microsoft Studios)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.28.0_x64__8wekyb3d8bbwe [2023-01-01] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-12-26] (NVIDIA Corp.)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.0.32791.0_x64__8wekyb3d8bbwe [2022-12-26] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.29.256.0_x64__dt26b99r8h8gj [2022-12-26] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-28] (Microsoft Studios) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2252.7.0_x64__cv1g1gvanyjgm [2023-01-07] (WhatsApp Inc.) [Startup Task]

==================== Personnalisé CLSID (Avec liste blanche): ==============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-3498185377-1489503037-3460070662-1001_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2023-01-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2023-01-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2023-01-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2023-01-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2023-01-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2023-01-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2023-01-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2023-01-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2023-01-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2023-01-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2023-01-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2023-01-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2023-01-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2023-01-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2023-01-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-11-11] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2023-01-05] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2023-01-05] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-01-11] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2023-01-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-11-11] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2023-01-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\nvshext.dll [2022-12-06] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-11-11] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-01-11] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Avec liste blanche) ====================

==================== Raccourcis & WMI ========================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

ShortcutWithArgument: C:\Users\Gooch\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Anto (Antoni) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Modules chargés (Avec liste blanche) =============

2023-01-07 18:07 - 2023-01-07 18:07 - 101966336 _____ () [Fichier non signé] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2252.7.0_x64__cv1g1gvanyjgm\WhatsApp.dll
2023-01-07 18:07 - 2023-01-07 18:07 - 008573952 _____ () [Fichier non signé] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2252.7.0_x64__cv1g1gvanyjgm\WhatsAppNative.dll
2022-12-26 15:35 - 2022-11-10 07:19 - 134859776 _____ () [Fichier non signé] G:\steam\bin\cef\cef.win7x64\libcef.dll
2022-12-26 15:35 - 2022-11-07 11:17 - 000387072 _____ () [Fichier non signé] G:\steam\bin\cef\cef.win7x64\libegl.dll
2022-12-26 15:35 - 2022-11-07 11:17 - 008052736 _____ () [Fichier non signé] G:\steam\bin\cef\cef.win7x64\libglesv2.dll
2022-08-17 23:06 - 2022-08-17 23:06 - 002146304 _____ (Holtek Semiconductor Inc.) [Fichier non signé] C:\Program Files\SteelSeries\GG\apps\engine\HIDDLL.dll
2022-08-17 23:06 - 2022-08-17 23:06 - 002284032 _____ (Holtek) [Fichier non signé] C:\Program Files\SteelSeries\GG\apps\engine\ISPDLL.dll
2022-10-26 14:13 - 2022-10-26 14:13 - 000090112 _____ (Silicon Laboratories, Inc.) [Fichier non signé] C:\Program Files\Corsair\CORSAIR iCUE 4 Software\SiUSBXp.dll
2022-12-26 15:35 - 2022-11-07 11:17 - 000992256 _____ (The Chromium Authors) [Fichier non signé] G:\steam\bin\cef\cef.win7x64\chrome_elf.dll

==================== Alternate Data Streams (Avec liste blanche) ========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)

AlternateDataStreams: C:\Users\Gooch\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Gooch\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]

==================== Mode sans échec (Avec liste blanche) ==================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Avec liste blanche) =================

==================== Internet Explorer (Avec liste blanche) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-12-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-13] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts contenu: =========================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Autres zones ===========================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-3498185377-1489503037-3460070662-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Gooch\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\518925.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

HKU\S-1-5-21-3498185377-1489503037-3460070662-1001\...\StartupApproved\Run: => "Voicemod"
HKU\S-1-5-21-3498185377-1489503037-3460070662-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3498185377-1489503037-3460070662-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_E76E5949112B63E0CF5FAE27240438B5"
HKU\S-1-5-21-3498185377-1489503037-3460070662-1001\...\StartupApproved\Run: => "OneDrive"

==================== RèglesPare-feu (Avec liste blanche) ================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [{C40962CE-7FF9-4963-BCC6-98EAD4CD2B9E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{2D24FD80-A517-4C94-B7B0-23F544EF4180}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{71C569BD-401A-493C-876E-06583D094359}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{F000DFC6-BEC7-4CA7-8C70-75632C07D348}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{BA3A0755-FB91-40D6-8DD1-5D01115D39E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{D344423E-F828-4E4C-BCCC-218249EE73FB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{35E93E11-0A24-48EC-8965-A3F8E4FFF13C}] => (Allow) G:\steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{95F4AEEC-DA87-4FA8-8990-ADE056C45C92}] => (Allow) G:\steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9A02CB95-0220-4AB4-B5AD-618891DB7EEE}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [{3E7ECEBA-A9FF-4A59-839C-EB440CAD540F}] => (Allow) G:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AD8BEE5B-28AC-4857-A28E-BF496EC68EDD}] => (Allow) G:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3BB76F07-22DA-42B0-B2C6-E8000361B1DA}] => (Allow) G:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{49EA8383-FFEF-4C74-957D-055E0FA69B1B}] => (Allow) G:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{3B1147A2-EDDF-4C7D-881B-E736E13E9785}] => (Allow) G:\steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> KRAFTON, Inc.)
FirewallRules: [{396FE4DD-53AE-4FEA-8821-CC66D7A4E46F}] => (Allow) G:\steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> KRAFTON, Inc.)
FirewallRules: [{96F3C279-DA0C-4111-8E5A-0E8FC386A8FD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{602D727F-4AF1-4F57-BF87-6A1888B0E2AD}G:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> KRAFTON, Inc.)
FirewallRules: [UDP Query User{FC16CD49-DC2F-417D-98B0-5A42CD91B88A}G:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> KRAFTON, Inc.)
FirewallRules: [TCP Query User{0F944721-A04B-44FF-B6CA-8E8A796A9A5F}C:\users\gooch\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\gooch\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{462C8C08-EF60-421B-839B-F445E5B3735F}C:\users\gooch\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\gooch\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{B949FA18-4B5A-41CD-B4FC-563504FA2FEC}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.76\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2503DBAB-4EA8-47DC-B704-17415CA83BDB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F8DEC19A-7FDB-47AC-B324-0E5A4950AA42}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{59D9AE14-B118-4EE6-BD61-659D16C33542}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7AF0FADA-4445-4D97-A88A-4A3EA57E91A4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5CE5C7C0-BE1D-4A57-90E2-B27A2581BEDE}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Points de restauration =========================

08-01-2023 21:01:40 Point de contrôle planifié
13-01-2023 21:38:44 Programme d’installation pour les modules Windows

==================== Éléments en erreur du Gestionnaire de périphériques ============

Name: Périphérique système de base
Description: Périphérique système de base
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Erreurs du Journal des événements: ========================

Erreurs Application:
==================
Error: (01/13/2023 09:11:40 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: AUTORITE NT)
Description: Windows ne peut pas charger la DLL de compteur extensible « C:\Windows\system32\sysmain.dll » (code d'erreur Win32 126).

Error: (01/12/2023 08:38:18 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: AUTORITE NT)
Description: Windows ne peut pas charger la DLL de compteur extensible « C:\Windows\system32\sysmain.dll » (code d'erreur Win32 126).

Error: (01/11/2023 11:25:39 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours.
]

Error: (01/11/2023 09:59:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante csgo.exe, version : 0.0.0.0, horodatage : 0x62745503
Nom du module défaillant : tier0.dll, version : 0.0.0.0, horodatage : 0x627454ef
Code d’exception : 0xc0000409
Décalage d’erreur : 0x00029314
ID du processus défaillant : 0x1f70
Heure de début de l’application défaillante : 0x01d925fe98ef72dc
Chemin d’accès de l’application défaillante : G:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Chemin d’accès du module défaillant: G:\steam\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll
ID de rapport : 60d53c83-ea17-445f-af5e-04d35cd56f8e
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (01/11/2023 08:35:11 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: L’optimiseur de stockage n’a pas pu terminer réoptimisation sur Nouvelle tchoin (D:) car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A)

Error: (01/11/2023 07:48:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: wuaueng.dll (6708,R,98) SUS20ClientDataStore: L’erreur -1811 (0xfffff8ed) s’est produite lors de l’ouverture d’un fichier journal C:\Windows\SoftwareDistribution\DataStore\Logs\edb0005F.log.

Error: (01/11/2023 07:29:55 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: AUTORITE NT)
Description: Windows ne peut pas charger la DLL de compteur extensible « C:\Windows\system32\sysmain.dll » (code d'erreur Win32 126).

Error: (01/09/2023 07:13:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante javaw.exe, version : 17.0.3.0, horodatage : 0x82c09a73
Nom du module défaillant : lwjgl.dll, version : 0.0.0.0, horodatage : 0x62139987
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00000000000010c5
ID du processus défaillant : 0x31c4
Heure de début de l’application défaillante : 0x01d924561699ca78
Chemin d’accès de l’application défaillante : C:\Users\Gooch\AppData\Local\Packages\Microsoft.4297127D64EC6_8wekyb3d8bbwe\LocalCache\Local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
Chemin d’accès du module défaillant: C:\Users\Gooch\AppData\Local\Temp\lwjglGooch\3.3.1-build-7\lwjgl.dll
ID de rapport : 55ba779a-1c56-4366-bc94-73757e613894
Nom complet du package défaillant :
ID de l’application relative au package défaillant :


Erreurs système:
=============
Error: (01/13/2023 09:08:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (45000 millisecondes) a été atteint lors de l’attente de la connexion du service AviraPhantomVPN.

Error: (01/13/2023 09:07:27 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 22:03:36 le ‎12/‎01/‎2023 n’était pas prévu.

Error: (01/13/2023 09:06:56 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: AUTORITE NT)
Description: 3221225684Une erreur irrécupérable s’est produite pendant le traitement des données de restauration.

Error: (01/12/2023 03:26:13 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service Razer Synapse Service.

Error: (01/12/2023 03:25:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service Razer Synapse Service.

Error: (01/12/2023 03:25:13 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service Razer Synapse Service.

Error: (01/12/2023 12:19:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service ComboCleaner.Guard s’est terminé de façon inattendue pour la 1ème fois.

Error: (01/12/2023 12:19:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service ComboCleaner.WinService s’est terminé de façon inattendue pour la 1ème fois.


Windows Defender:
================
Date: 2023-01-04 20:09:56
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {BFEA2728-78D6-4EA1-84C8-21B48907D0C5}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2023-01-03 15:35:34
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {15E24358-5C21-48B9-8693-26F0A5FDAE59}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2023-01-01 19:59:21
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {E392B65D-CCDC-4EA6-B765-2C5D5297B260}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2022-12-27 23:08:35
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {73977A83-BF02-45B4-AA1F-DA89000A0088}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

CodeIntegrity:
===============
Date: 2023-01-13 22:59:54
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Infos Mémoire ===========================

BIOS: American Megatrends Inc. 2.40 10/13/2020
Carte mère: Micro-Star International Co., Ltd. Z490-A PRO (MS-7C75)
Processeur: Intel(R) Core(TM) i5-10600KF CPU @ 4.10GHz
Pourcentage de mémoire utilisée: 28%
Mémoire physique - RAM - totale: 32687.64 MB
Mémoire physique - RAM - disponible: 23265.41 MB
Mémoire virtuelle totale: 37551.64 MB
Mémoire virtuelle disponible: 26312.29 MB

==================== Lecteurs ================================

Drive c: (DATA) (Fixed) (Total:930.12 GB) (Free:461.33 GB) (Model: ST1000DX002-2DV162) NTFS
Drive d: (Nouvelle tchoin) (Fixed) (Total:1863.01 GB) (Free:1557.62 GB) (Model: ST2000LX001-1RG174) NTFS
Drive e: (Réservé au système) (Fixed) (Total:0.57 GB) (Free:0.53 GB) (Model: PNY CS3030 250GB SSD) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
Drive g: () (Fixed) (Total:231.78 GB) (Free:140.21 GB) (Model: PNY CS3030 250GB SSD) NTFS

\\?\Volume{e6bbbea0-e9eb-4e2a-826e-fea2fae20f83}\ () (Fixed) (Total:0.84 GB) (Free:0.39 GB) NTFS
\\?\Volume{fef0e807-0000-0000-0000-f0153a000000}\ () (Fixed) (Total:0.54 GB) (Free:0.04 GB) NTFS
\\?\Volume{332a9be0-1a16-45c3-ac4c-a29a246b9c82}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Table des partitions ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 6B771856)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: FEF0E807)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=554 MB) - (Type=27)

==================== Fin de Addition.txt =======================