Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Exécuté par thiba (05-01-2022 12:44:38)
Exécuté depuis C:\Users\thiba\Desktop
Microsoft Windows 10 Professionnel Version 20H2 19042.1415 (X64) (2020-12-05 13:48:25)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================


(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

Administrateur (S-1-5-21-756262882-3244545598-4113336910-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-756262882-3244545598-4113336910-503 - Limited - Disabled)
Invité (S-1-5-21-756262882-3244545598-4113336910-501 - Limited - Disabled)
thiba (S-1-5-21-756262882-3244545598-4113336910-1001 - Administrator - Enabled) => C:\Users\thiba
WDAGUtilityAccount (S-1-5-21-756262882-3244545598-4113336910-504 - Limited - Disabled)

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

µTorrent (HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\uTorrent) (Version: 3.5.5.46096 - BitTorrent Inc.)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_0) (Version: 17.0 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.4.5.550 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Illustrator 2021 (HKLM-x32\...\ILST_25_0) (Version: 25.0 - Adobe Inc.)
Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_3_1) (Version: 14.3.1 - Adobe Inc.)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_0) (Version: 22.0.0.35 - Adobe Inc.)
Adobe Premiere Pro 2021 (HKLM-x32\...\PPRO_15_0) (Version: 15.0 - Adobe Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2020.0821.1329.24282 - Advanced Micro Devices, Inc.)
Antidote - Connectix 10 (HKLM-x32\...\{134E0741-C569-4E8C-A7FC-7F95B14CAAB4}) (Version: 10.4.2157 - Druide informatique inc.)
Antidote 10 - English module (HKLM-x32\...\{134E0741-C569-4E8C-A7FC-7F95B14CAAB3}) (Version: 10.4.2157 - Druide informatique inc.)
Antidote 10 - Module français (HKLM-x32\...\{134E0741-C569-4E8C-A7FC-7F95B14CAAB2}) (Version: 10.4.2157 - Druide informatique inc.)
Antidote 10 (HKLM-x32\...\{134E0741-C569-4E8C-A7FC-7F95B14CAAB1}) (Version: 10.4.2157 - Druide informatique inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Assistant de téléchargement (HKLM-x32\...\{93154A3C-9BB7-49D7-A571-4EB6373FA601}) (Version: 6.70.0 - Druide informatique inc.)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 96.1.33.106 - Auteurs de Brave)
CCleaner (HKLM\...\CCleaner) (Version: 5.87 - Piriform)
Cisco Webex Meetings (HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\ActiveTouchMeetingClient) (Version: 40.12.4 - Cisco Webex LLC)
Contrôle d’intégrité du PC Windows (HKLM\...\{0150BDB3-AFFD-47A1-ADB8-DE06658EB3B2}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Core Epic Installer (HKLM-x32\...\{22bb3982-45d5-4389-9a00-eb921dcfcb1f}) (Version: 1.3.0.0 - Manticore Games) Hidden
DigitizerPanel (HKLM-x32\...\{22A04BFF-1550-4269-987C-4B44117855C4}) (Version: 2.0.0.0 - 0)
Discord (HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
DMG Extractor (HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\DMG Extractor) (Version: 1.3.16.0 - Reincubate Ltd)
DroidCam Client (HKLM-x32\...\DroidCam) (Version: 6.3.3 - Dev47apps)
Edirol HQ Orchestral VSTi v1.03 (HKLM-x32\...\Edirol HQ Orchestral VSTi v1.03) (Version: - )
Epic Games Launcher (HKLM-x32\...\{BE9FFAD2-2901-4F9B-8A0C-59EA51773212}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Firestorm Launcher version 2.0 (HKLM-x32\...\{F4B56459-9812-461D-A6C7-5A1CF7CF5609}_is1) (Version: 2.0 - Firestorm)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hearthstone Deck Tracker (HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\HearthstoneDeckTracker) (Version: 1.13.25 - HearthSim)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Kingdom Hearts III and Re Mind (HKLM-x32\...\Kingdom Hearts III and Re Mind_is1) (Version: - )
Krita (x64) 4.4.8 (HKLM\...\Krita_x64) (Version: 4.4.8.0 - Krita Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Legends of Runeterra (HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\Riot Game bacon.live) (Version: - Riot Games, Inc)
Maxon Cinema 4D 22 (HKLM\...\Maxon Cinema 4D S22) (Version: S22 - Maxon)
Maxon Cinema 4D R21 (HKLM\...\Maxon Cinema 4D R21) (Version: R21 - Maxon)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 87.0 (x64 fr) (HKLM\...\Mozilla Firefox 87.0 (x64 fr)) (Version: 87.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 87.0 - Mozilla)
Native Instruments Amati Viola (HKLM-x32\...\Native Instruments Amati Viola) (Version: 1.0.0.7 - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.12.1.129 - Native Instruments)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.38.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.94 - NVIDIA Corporation)
NVIDIA Pilote graphique 496.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 496.76 - NVIDIA Corporation)
OpenOffice 4.1.8 (HKLM-x32\...\{FDE124E1-6198-42CB-8A93-B383D9B9FD25}) (Version: 4.18.9803 - Apache Software Foundation)
Opera Stable 82.0.4227.43 (HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\Opera 82.0.4227.43) (Version: 82.0.4227.43 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.103.48818 - Electronic Arts, Inc.)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 6.2.1.17 - Popcorn Time) <==== ATTENTION
Prism - Convertisseur de fichiers vidéo (HKLM-x32\...\Prism) (Version: 7.24 - NCH Software)
Pulse 40.0.14 (HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\a8c3b778-232c-5931-894e-06d03a0f1292) (Version: 40.0.14 - Pulse)
REDlauncher (HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
SAntivirus Realtime Protection Lite (HKLM-x32\...\SAntivirus) (Version: 1.0.22.22 - Corp DCom) <==== ATTENTION
SlimDX Runtime .NET 4.0 x64 (January 2012) (HKLM\...\{A2199A06-89C4-4187-AA4A-3A9676FB799D}) (Version: 2.0.13.43 - SlimDX Group)
Snaz version 1.12.7.0 (HKLM-x32\...\{70A76031-FDC6-4F9B-BB5C-33776703F45A}_is1) (Version: 1.12.7.0 - JimsApps)
Spellcaster University (HKLM-x32\...\Spellcaster University_is1) (Version: - )
Spitfire Audio (HKLM-x32\...\{ABC5F486-25BD-4BAA-9FA1-A84152CBB563}_is1) (Version: 3.2.17 - Spitfire Audio Holdings Ltd)
SSOption (HKLM-x32\...\Useful Caloti) (Version: 2.8.8.8 - Useful Caloti) <==== ATTENTION
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.26.0 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.26.0 - General Workings, Inc.)
Tails of Iron (HKLM-x32\...\Tails of Iron_is1) (Version: - )
Timberborn (HKLM-x32\...\1711765822_is1) (Version: v20210913-21b9be6-win64 - GOG.com)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 38.2 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
Ut version 1.5.5.8 (HKLM-x32\...\Ut_is1) (Version: 1.5.5.8 - )
VEGAS Pro 18.0 (HKLM\...\{75111FE1-CE55-11EA-8B12-00155D43CFCE}) (Version: 18.0.284 - VEGAS)
Visuel intégré (HKLM-x32\...\{D6A48C7F-A0F8-46A5-A1ED-F45A62FE93BF}) (Version: 1.0.0006 - Druide informatique inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Voicemod (HKLM\...\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1) (Version: 1.1.3.1 - Voicemod S.L.)
Walliant version 1.0.0.1 (HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\{E72E2194-F430-4F4A-A262-1C8FF081B3A5}_is1) (Version: 1.0.0.1 - Walliant)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\ZoomUMX) (Version: 5.8.1 (1435) - Zoom Video Communications, Inc.)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2021-03-05] (Adobe Systems Incorporated)
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-11-22] (Microsoft Corporation)
Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-04-14] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-11-17] (NVIDIA Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0 [2021-12-13] (Spotify AB) [Startup Task]

==================== Personnalisé CLSID (Avec liste blanche): ==============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-756262882-3244545598-4113336910-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-596BA9E1E1B6} -> [Creative Cloud Files] => C:\Users\thiba\Creative Cloud Files [2021-03-05 11:55]
CustomCLSID: HKU\S-1-5-21-756262882-3244545598-4113336910-1001_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\thiba\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-756262882-3244545598-4113336910-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-756262882-3244545598-4113336910-1001_Classes\CLSID\{38626B40-64E1-4F8C-AEDA-CFF32F38602E}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 10\Application\Bin64\AgentAntidote.exe (Druide informatique inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-756262882-3244545598-4113336910-1001_Classes\CLSID\{5563940C-ABF0-47B4-BB0E-B5D8680B570A}\localserver32 -> C:\Program Files (x86)\Druide\Connectix 10\Application\Bin64\MoteurIntegration.exe (Druide informatique inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-756262882-3244545598-4113336910-1001_Classes\CLSID\{5563940D-49FD-4F1A-96AA-147B474290EE}\localserver32 -> C:\Program Files (x86)\Druide\Connectix 10\Application\Bin64\MoteurIntegration.exe (Druide informatique inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-756262882-3244545598-4113336910-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8E}\localserver32 -> C:\Program Files (x86)\Druide\Connectix 10\Application\Bin64\AgentConnectix.exe (Druide informatique inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-756262882-3244545598-4113336910-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8F}\localserver32 -> C:\Program Files (x86)\Druide\Connectix 10\Application\Bin64\AgentConnectix.exe (Druide informatique inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-756262882-3244545598-4113336910-1001_Classes\CLSID\{AD630E0F-BF29-4791-AD3B-A289E884E37D}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 10\Application\Bin64\Antidote.exe (Druide informatique inc. -> Druide informatique inc.) [Fichier non signé]
CustomCLSID: HKU\S-1-5-21-756262882-3244545598-4113336910-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\thiba\AppData\Local\MEGAsync\ShellExtX64.dll [2021-07-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\thiba\AppData\Local\MEGAsync\ShellExtX64.dll [2021-07-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\thiba\AppData\Local\MEGAsync\ShellExtX64.dll [2021-07-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-03] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-03] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-03] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-03] (Adobe Inc. -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\thiba\AppData\Local\MEGAsync\ShellExtX64.dll [2021-07-05] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\thiba\AppData\Local\MEGAsync\ShellExtX64.dll [2021-07-05] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\thiba\AppData\Local\MEGAsync\ShellExtX64.dll [2021-07-05] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\thiba\AppData\Local\MEGAsync\ShellExtX64.dll [2021-07-05] (Mega Limited -> )
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\nvshext.dll [2021-11-11] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-03] (Adobe Inc. -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Avec liste blanche) ====================

==================== Raccourcis & WMI ========================

==================== Modules chargés (Avec liste blanche) =============

2020-07-14 17:32 - 2020-07-14 17:32 - 000017920 _____ () [Fichier non signé] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 003567616 _____ () [Fichier non signé] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2021-01-07 19:04 - 2020-08-19 14:16 - 015286032 _____ () [Fichier non signé] C:\Users\thiba\AppData\Local\Programs\Walliant\sdk.dll
2020-12-08 15:46 - 2015-04-30 15:28 - 002175488 _____ (0) [Fichier non signé] C:\Windows\system32\wintab32.dll
2021-01-07 19:04 - 2020-05-14 01:17 - 000112640 _____ (Countly) [Fichier non signé] [Fichier en cours d'utilisation] C:\Users\thiba\AppData\Local\Programs\Walliant\Countly.dll
2021-01-07 19:04 - 2018-01-10 14:34 - 000024064 _____ (Daniel Grunwald, Omer Mor, Alex Davies, jnm2) [Fichier non signé] [Fichier en cours d'utilisation] C:\Users\thiba\AppData\Local\Programs\Walliant\AsyncBridge.Net35.dll
2021-01-07 19:04 - 2018-05-11 09:52 - 000074240 _____ (Sentry) [Fichier non signé] [Fichier en cours d'utilisation] C:\Users\thiba\AppData\Local\Programs\Walliant\SharpRaven.dll
2021-01-16 19:41 - 2021-01-16 19:41 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-01-16 19:41 - 2021-01-16 19:41 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\Origin\ssleay32.dll
2021-01-16 19:41 - 2021-01-16 19:41 - 001611264 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-09-01 23:07 - 2021-01-16 19:41 - 005487104 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Core.dll
2021-09-01 23:07 - 2021-01-16 19:41 - 005841920 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Gui.dll
2021-09-01 23:07 - 2021-01-16 19:41 - 001179136 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Network.dll
2021-09-01 23:07 - 2021-01-16 19:41 - 000146432 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-09-01 23:07 - 2021-01-16 19:41 - 005089792 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-09-01 23:07 - 2021-01-16 19:41 - 000184832 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Xml.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000031744 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000039424 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000031744 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000413696 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000025088 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000025088 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000023552 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000519168 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 001431040 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 001180672 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000135680 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-08-21 13:28 - 2020-08-21 13:28 - 006010880 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 006345216 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 001078272 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000313856 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 004000256 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 003802624 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000171008 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 001083904 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000205312 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000329728 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000113152 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000376320 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 092323328 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 005560832 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000463360 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000188416 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 002888704 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000053760 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000059392 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000017408 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000287232 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000329216 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000136192 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000089088 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000312320 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-07-14 17:32 - 2020-07-14 17:32 - 000017920 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-08-21 13:28 - 2020-08-21 13:28 - 000085504 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Avec liste blanche) ========

==================== Mode sans échec (Avec liste blanche) ==================

==================== Association (Avec liste blanche) =================

==================== Internet Explorer (Avec liste blanche) ==========


==================== Hosts contenu: =========================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Autres zones ===========================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-756262882-3244545598-4113336910-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\thiba\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

HKLM\...\StartupApproved\Run: => "WebDiscoverBrowser"
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "YixSpeedup"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\StartupApproved\Run: => "CiscoMeetingDaemon"
HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\StartupApproved\Run: => "Voicemod"
HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\StartupApproved\Run: => "Freedom"
HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\StartupApproved\Run: => "ut"
HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\StartupApproved\Run: => "Battle.net"

==================== RèglesPare-feu (Avec liste blanche) ================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [TCP Query User{098454D8-6BE4-4C26-944C-0444B1F8075D}C:\users\thiba\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\thiba\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{F828FC66-9E9D-4134-A27C-AA41AD2AA3E8}C:\users\thiba\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\thiba\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{E9CFDB3D-AA8E-4215-9092-85160DB688C1}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{FA02BE0D-EEAE-46C1-B462-16C0EC3F909B}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{123862B9-80A0-487F-B3D0-5B91DCE4ABF8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0C9E5032-C114-4137-810F-8F4C0D6340BD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{5147AFAA-2781-4CA7-A8AF-24931ABB4912}C:\program files (x86)\popcorn time\nodejs\node.exe] => (Block) C:\program files (x86)\popcorn time\nodejs\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [UDP Query User{63B83010-926F-481E-9D51-E80D338C9BE9}C:\program files (x86)\popcorn time\nodejs\node.exe] => (Block) C:\program files (x86)\popcorn time\nodejs\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [TCP Query User{3E8E719D-496A-4C2C-9E7C-37358D14DCE7}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{FDDDFC22-9B69-42C9-B6DB-0E5E27F67FEB}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{F6187763-8C9F-494B-A5BD-0CEE29A4161B}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [UDP Query User{D39D638E-09CD-475D-BB47-FE18090850FE}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [{1A795E7C-27A7-4E93-941D-5F5EACB33F46}] => (Allow) C:\Users\thiba\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{542630B3-10CF-427F-B48C-1B5FE34DD455}] => (Allow) C:\Users\thiba\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{6D931ADC-C076-461F-B314-CC3F6ACB4E03}] => (Allow) C:\Users\thiba\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1E2F09D7-D25D-4C16-85E4-AA83399BC968}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{0F944AA3-B9B0-41D6-8E93-1445249FDC84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [TCP Query User{1BE8C03F-EA1E-4B11-881A-ABD96D611126}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{A525AD14-E122-4AAD-B134-172471479162}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{3E174C52-D814-40DF-90C1-BE40DBE5DA74}C:\users\thiba\desktop\despots.game.dystopian.army.builder.v0.14.0.2\despots.game.dystopian.army.builder.v0.14.0.2\despot's game.exe] => (Allow) C:\users\thiba\desktop\despots.game.dystopian.army.builder.v0.14.0.2\despots.game.dystopian.army.builder.v0.14.0.2\despot's game.exe () [Fichier non signé]
FirewallRules: [UDP Query User{6A2A3DC1-3617-47BD-B3C9-5BF9BACCCDC3}C:\users\thiba\desktop\despots.game.dystopian.army.builder.v0.14.0.2\despots.game.dystopian.army.builder.v0.14.0.2\despot's game.exe] => (Allow) C:\users\thiba\desktop\despots.game.dystopian.army.builder.v0.14.0.2\despots.game.dystopian.army.builder.v0.14.0.2\despot's game.exe () [Fichier non signé]
FirewallRules: [TCP Query User{BA1AB656-8D01-4426-8B07-F65F0F63496D}C:\users\thiba\desktop\foundation.v1.8.0.4\foundation.v1.8.0.4\foundation.exe] => (Allow) C:\users\thiba\desktop\foundation.v1.8.0.4\foundation.v1.8.0.4\foundation.exe (Polymorph Games) [Fichier non signé]
FirewallRules: [UDP Query User{83E37E0F-102C-4006-A180-E03DFEE1FF33}C:\users\thiba\desktop\foundation.v1.8.0.4\foundation.v1.8.0.4\foundation.exe] => (Allow) C:\users\thiba\desktop\foundation.v1.8.0.4\foundation.v1.8.0.4\foundation.exe (Polymorph Games) [Fichier non signé]
FirewallRules: [{5CB20964-5B98-45F7-A3A7-738A5684674A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{814B2687-4DC2-4297-A3F5-3D0D79249705}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{75393BB3-4BA6-4691-A4A8-4D0CB4603F59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [Fichier non signé]
FirewallRules: [{3FDEEE87-F7BB-4AFE-AEF4-906CB6796A51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [Fichier non signé]
FirewallRules: [TCP Query User{FE349F47-B901-40FE-B58F-0A2DD2BFADAB}C:\users\thiba\desktop\final fantasy v\final fantasy v.exe] => (Allow) C:\users\thiba\desktop\final fantasy v\final fantasy v.exe (SQUARE ENIX CO., LTD. -> )
FirewallRules: [UDP Query User{343D096F-069E-4A0A-B7EC-5B3C7B621BA7}C:\users\thiba\desktop\final fantasy v\final fantasy v.exe] => (Allow) C:\users\thiba\desktop\final fantasy v\final fantasy v.exe (SQUARE ENIX CO., LTD. -> )
FirewallRules: [{EFB7453C-BB49-46E1-9D78-9A148B89785C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CraftTheWorld\CraftWorld.exe () [Fichier non signé]
FirewallRules: [{45A945C2-3398-4CD0-96B9-5E9244C62299}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CraftTheWorld\CraftWorld.exe () [Fichier non signé]
FirewallRules: [{326D5370-8248-42CB-AAAA-C0CB95AF5AAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CraftTheWorld\Editor.exe () [Fichier non signé]
FirewallRules: [{28C8DEA1-0E22-42AC-820E-388573DECF3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CraftTheWorld\Editor.exe () [Fichier non signé]
FirewallRules: [{85A4A973-182F-4EA9-91C5-F4BEB6EC7B20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Legend of Keepers\LegendOfKeepers.exe () [Fichier non signé]
FirewallRules: [{6574ACC0-0AD1-4EFE-B8ED-79C0ED24AD01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Legend of Keepers\LegendOfKeepers.exe () [Fichier non signé]
FirewallRules: [{437354A5-B3A7-4486-A74C-05F6A2084308}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4035C824-529B-43F9-A9BC-36AF15B5AC44}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8B276451-BF26-4621-B08F-944E88FE886A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CA703D05-C9D9-465F-B6D2-4EF0416ED9C9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B1C152D0-6E9F-4D7F-9FBC-196CC9D437D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CE90FA6D-48A1-47C4-AAF4-51DB89F587F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7FD8FAC7-8002-4869-9406-06CD728E72CE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5CF4ACAB-515D-4B14-B4AD-EDF577A3E51B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CC87A8FE-5063-41FE-BD0C-BD9CC2B49FC5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1F0AE93B-7863-41C5-A03B-46690F9141CC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8F6697B5-5F7B-4D2B-9389-A62866CF1639}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EC248941-30DE-403B-92C3-B6FEA26FE3CF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{742FE6B1-AA9E-4A51-B3E1-5B55B725BD80}D:\riot games\riot client\riotclientservices.exe] => (Allow) D:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{407DA5B6-7082-4D41-98A7-1483281B27CD}D:\riot games\riot client\riotclientservices.exe] => (Allow) D:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{841A82B9-201B-4D59-86E6-C9722EA9AD7C}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{002D3F93-5B2A-4BBB-ACE0-879E1D70F71B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darksburg\Darksburg.exe () [Fichier non signé]
FirewallRules: [{F9155515-BBF6-4C2C-B0FD-E50DAF9A1147}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darksburg\Darksburg.exe () [Fichier non signé]
FirewallRules: [{A769D71B-896A-4027-B43A-655D89267340}] => (Allow) D:\SteamLibrary\steamapps\common\Deep Rock Galactic\FSD.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [{C3B70407-9466-4B1D-A601-1ECFA4B29A78}] => (Allow) D:\SteamLibrary\steamapps\common\Deep Rock Galactic\FSD.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [{93A2E0A8-B5BA-44E0-A3F0-423007D8976B}] => (Allow) C:\Users\thiba\AppData\Local\Programs\Opera\82.0.4227.33\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{871E3493-5374-45F1-9D34-3D368B802933}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B1DB995F-45B8-4614-87B0-8978D7A35088}] => (Allow) D:\SteamLibrary\steamapps\common\Assassins Creed Odyssey\ACOdyssey.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{CC688350-474F-4B0B-94DC-F85AFB19AB95}] => (Allow) D:\SteamLibrary\steamapps\common\Assassins Creed Odyssey\ACOdyssey.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{79558A92-CDFE-430C-A068-7015A1845672}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{2DE85A8D-3081-47CC-962A-051F0E1CF3AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{8DAB7162-6ABE-4380-B756-D751FEADCF1A}] => (Allow) D:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [Fichier non signé]
FirewallRules: [{A188C3B7-E5C1-47FB-86CB-A5F02B86E508}] => (Allow) D:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [Fichier non signé]
FirewallRules: [{49F4D8B3-121B-4EB0-9E9D-64CDCA0E20EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WitchIt\WitchIt\Binaries\Win64\PropWitchHuntModule-Win64-Shipping.exe (G=Barrel Roll Games) [Fichier non signé]
FirewallRules: [{CEE2E6AE-4C57-417E-A13D-7C627A323922}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WitchIt\WitchIt\Binaries\Win64\PropWitchHuntModule-Win64-Shipping.exe (G=Barrel Roll Games) [Fichier non signé]
FirewallRules: [{7B8AEAF8-082F-469F-89BE-2255B49DEC67}] => (Allow) C:\Users\thiba\AppData\Local\Programs\Opera\82.0.4227.43\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{786E39D2-A0B3-4CD9-94BA-0CEE0A570925}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [Fichier non signé]
FirewallRules: [{52B55B0E-D6B5-4518-ACDF-E6279FD604EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [Fichier non signé]
FirewallRules: [{BF1CEAA8-CFED-4252-9F73-46541160DBFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [Fichier non signé]
FirewallRules: [{C4DC2F3B-BADA-4896-99F2-FC8E706491F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [Fichier non signé]
FirewallRules: [{235A9C44-A4F0-485D-931B-062F1B69BFE9}] => (Allow) D:\SteamLibrary\steamapps\common\Mini Motorways\Mini Motorways.exe () [Fichier non signé]
FirewallRules: [{627ED9EE-02DC-42A4-B818-C231FE118BBE}] => (Allow) D:\SteamLibrary\steamapps\common\Mini Motorways\Mini Motorways.exe () [Fichier non signé]

==================== Points de restauration =========================

26-12-2021 16:50:00 Point de contrôle planifié
05-01-2022 02:52:17 Opération de restauration

==================== Éléments en erreur du Gestionnaire de périphériques ============

Name: AMD Radeon(TM) Vega 8 Graphics
Description: AMD Radeon(TM) Vega 8 Graphics
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices, Inc.
Service: amdkmdag
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Erreurs du Journal des événements: ========================

Erreurs Application:
==================
Error: (01/05/2022 12:16:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme cmd.exe version 10.0.19041.746 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance.

ID de processus : 2648

Heure de début : 01d802259941bccf

Heure d'arrêt : 4294967295

Chemin d'accès à l'application : C:\Windows\System32\cmd.exe

ID de rapport : 2d2983c8-d5e4-41d1-83d9-8b8661445cd6

Nom complet du package défectueux :

ID de l'application relative à un package défectueux :

Type de blocage : Top level window is idle

Error: (01/05/2022 11:36:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme powershell.exe version 10.0.19041.546 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance.

ID de processus : 1efc

Heure de début : 01d8022002c741d8

Heure d'arrêt : 4294967295

Chemin d'accès à l'application : C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

ID de rapport : ac23bceb-dc54-45cf-877b-924066be62a5

Nom complet du package défectueux :

ID de l'application relative à un package défectueux :

Type de blocage : Top level window is idle

Error: (01/05/2022 03:00:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante CCleaner64.exe, version : 5.87.0.9306, horodatage : 0x618e5dad
Nom du module défaillant : CCleaner64.exe, version : 5.87.0.9306, horodatage : 0x618e5dad
Code d’exception : 0xc0000409
Décalage d’erreur : 0x0000000000c4adb5
ID du processus défaillant : 0xe24
Heure de début de l’application défaillante : 0x01d801d7fed1862e
Chemin d’accès de l’application défaillante : C:\Program Files\CCleaner\CCleaner64.exe
Chemin d’accès du module défaillant: C:\Program Files\CCleaner\CCleaner64.exe
ID de rapport : b0d1346e-cb60-4182-9863-f45026485e1e
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (01/05/2022 02:58:52 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Une erreur non spécifiée s’est produite au cours de la restauration du système : (Point de contrôle planifié). Informations supplémentaires : 0x80070005.

Error: (01/05/2022 02:58:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante AGSService.exe, version : 7.4.0.34, horodatage : 0x60ee520e
Nom du module défaillant : ntdll.dll, version : 10.0.19041.1288, horodatage : 0x027db076
Code d’exception : 0xc0000374
Décalage d’erreur : 0x000e6c43
ID du processus défaillant : 0xf34
Heure de début de l’application défaillante : 0x01d801d7b887a540
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
Chemin d’accès du module défaillant: C:\Windows\SYSTEM32\ntdll.dll
ID de rapport : 5fad3885-c322-47ce-b03c-c9236121bd47
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (01/05/2022 01:46:16 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme cmd.exe version 10.0.19041.746 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance.

ID de processus : 58c

Heure de début : 01d801cd976d5def

Heure d'arrêt : 4294967295

Chemin d'accès à l'application : C:\Windows\System32\cmd.exe

ID de rapport : 013db475-9509-480d-b3d9-70892c4bd731

Nom complet du package défectueux :

ID de l'application relative à un package défectueux :

Type de blocage : Top level window is idle

Error: (01/05/2022 01:45:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante AGSService.exe, version : 7.4.0.34, horodatage : 0x60ee520e
Nom du module défaillant : ntdll.dll, version : 10.0.19041.1288, horodatage : 0x027db076
Code d’exception : 0xc0000374
Décalage d’erreur : 0x000e6c43
ID du processus défaillant : 0x1190
Heure de début de l’application défaillante : 0x01d801cd8bdf5cec
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
Chemin d’accès du module défaillant: C:\Windows\SYSTEM32\ntdll.dll
ID de rapport : 959e847e-6c60-4c13-9738-168ba76e70c8
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (01/05/2022 01:44:55 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours.
]


Erreurs système:
=============
Error: (01/05/2022 02:58:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Adobe Genuine Software Integrity Service s’est terminé de façon inattendue pour la 1ème fois.

Error: (01/05/2022 01:45:49 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Adobe Genuine Software Integrity Service s’est terminé de façon inattendue pour la 1ème fois.

Error: (01/05/2022 12:58:17 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-HS94SLB)
Description: Impossible de démarrer un serveur DCOM : {0358B920-0AC7-461F-98F4-58E32CD89148}. L’erreur
« 2147942767 »
s’est produite lors du démarrage de la commande :
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (01/05/2022 12:55:55 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: L’ordinateur a redémarré après une vérification d’erreur. La vérification d’erreur était : 0x000000ef (0xffffd80a69b16080, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000). Un vidage a été enregistré dans : C:\Windows\MEMORY.DMP. ID de rapport : ea73f612-814e-4743-b824-9e2999bdd7ca.

Error: (01/05/2022 12:55:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Adobe Genuine Software Integrity Service s’est terminé de façon inattendue pour la 1ème fois.

Error: (01/05/2022 12:55:19 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 00:32:24 le ‎05/‎01/‎2022 n’était pas prévu.

Error: (01/05/2022 12:54:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Serveur Gestionnaire de licences Windows s’est terminé de façon inattendue pour la 1ème fois.

Error: (01/05/2022 12:54:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Service AVCTP s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 100 millisecondes : Redémarrer le service.


Windows Defender:
================
Date: 2022-01-05 00:39:28
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/DefenderTamperingRestore&threatid=2147741622&enterprise=0
Nom : VirTool:Win32/DefenderTamperingRestore
ID : 2147741622
Gravité : Grave
Catégorie : Outil
Chemin : regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware
Origine de la détection : Inconnu
Type de détection : Concret
Source de détection : Utilisateur
Utilisateur : DESKTOP-HS94SLB\thiba
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.355.1393.0, AS: 1.355.1393.0, NIS: 1.355.1393.0
Version du moteur : AM: 1.1.18800.4, NIS: 1.1.18800.4

Date: 2022-01-04 22:55:13
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {61401F4B-54A3-4B76-8C2F-22549E854CF0}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2022-01-04 17:12:13
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/DefenderTamperingRestore&threatid=2147741622&enterprise=0
Nom : VirTool:Win32/DefenderTamperingRestore
ID : 2147741622
Gravité : Grave
Catégorie : Outil
Chemin : regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware
Origine de la détection : Inconnu
Type de détection : Concret
Source de détection : Système
Utilisateur : AUTORITE NT\Système
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.355.1393.0, AS: 1.355.1393.0, NIS: 1.355.1393.0
Version du moteur : AM: 1.1.18800.4, NIS: 1.1.18800.4

Date: 2022-01-03 11:19:08
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/DefenderTamperingRestore&threatid=2147741622&enterprise=0
Nom : VirTool:Win32/DefenderTamperingRestore
ID : 2147741622
Gravité : Grave
Catégorie : Outil
Chemin : regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware
Origine de la détection : Inconnu
Type de détection : Concret
Source de détection : Système
Utilisateur : AUTORITE NT\Système
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.355.1272.0, AS: 1.355.1272.0, NIS: 1.355.1272.0
Version du moteur : AM: 1.1.18800.4, NIS: 1.1.18800.4

Date: 2022-01-02 12:09:28
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/DefenderTamperingRestore&threatid=2147741622&enterprise=0
Nom : VirTool:Win32/DefenderTamperingRestore
ID : 2147741622
Gravité : Grave
Catégorie : Outil
Chemin : regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware
Origine de la détection : Inconnu
Type de détection : Concret
Source de détection : Système
Utilisateur : AUTORITE NT\Système
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.355.1272.0, AS: 1.355.1272.0, NIS: 1.355.1272.0
Version du moteur : AM: 1.1.18800.4, NIS: 1.1.18800.4

CodeIntegrity:
===============
Date: 2021-06-02 09:44:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.170.0.13\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2021-06-02 09:40:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Users\thiba\AppData\Local\Discord\app-1.0.9002\Discord.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.170.0.13\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2021-05-29 21:03:23
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.170.0.13\OWExplorer.dll that did not meet the Microsoft signing level requirements.


==================== Infos Mémoire ===========================

BIOS: American Megatrends Inc. 2.B0 04/03/2018
Carte mère: Micro-Star International Co., Ltd. A320M PRO-VD/S (MS-7A36)
Processeur: AMD Ryzen 3 2200G with Radeon Vega Graphics
Pourcentage de mémoire utilisée: 26%
Mémoire physique - RAM - totale: 16074.87 MB
Mémoire physique - RAM - disponible: 11757.54 MB
Mémoire virtuelle totale: 20426.87 MB
Mémoire virtuelle disponible: 14353.39 MB

==================== Lecteurs ================================

Drive c: () (Fixed) (Total:930.9 GB) (Free:344.38 GB) NTFS
Drive d: () (Fixed) (Total:930.47 GB) (Free:608.19 GB) NTFS

\\?\Volume{076485ef-e3dd-4a3d-9010-d029df38baaf}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{6580ba74-0f8d-4195-a704-a4b3efa1d5cf}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Table des partitions ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F9D545F6)
Partition 1: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 15C67ECC)

Partition: GPT.

==================== Fin de Addition.txt =======================