Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 19-10-2019 Exécuté par Antoine (19-10-2019 16:26:56) Exécuté depuis C:\Users\Antoine\Desktop Windows 10 Home Version 1903 18362.418 (X64) (2019-08-30 18:45:45) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-3653066292-554342197-3864826861-500 - Administrator - Disabled) Antoine (S-1-5-21-3653066292-554342197-3864826861-1003 - Administrator - Enabled) => C:\Users\Antoine DefaultAccount (S-1-5-21-3653066292-554342197-3864826861-503 - Limited - Disabled) Invité (S-1-5-21-3653066292-554342197-3864826861-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3653066292-554342197-3864826861-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.021.20048 - Adobe Systems Incorporated) Adobe After Effects 2019 (HKLM-x32\...\AEFT_16_1_2) (Version: 16.1.2 - Adobe Systems Incorporated) Adobe Animate 2019 (HKLM-x32\...\FLPR_19_2_1) (Version: 19.2.1 - Adobe Systems Incorporated) Adobe Audition 2019 (HKLM-x32\...\AUDT_12_1_3) (Version: 12.1.3 - Adobe Systems Incorporated) Adobe Bridge 2019 (32 Bit) (HKLM-x32\...\KBRG_9_1_32) (Version: 9.1 - Adobe Systems Incorporated) Adobe Bridge 2019 (HKLM-x32\...\KBRG_9_1) (Version: 9.1 - Adobe Systems Incorporated) Adobe Character Animator 2019 (HKLM-x32\...\CHAR_2_1_1) (Version: 2.1.1 - Adobe Systems Incorporated) Adobe Dimension (HKLM-x32\...\ESHR_2_3_1) (Version: 2.3.1 - Adobe Systems Incorporated) Adobe Dreamweaver 2019 (HKLM-x32\...\DRWV_19_2_1) (Version: 19.2.1 - Adobe Systems Incorporated) Adobe Dreamweaver 2019 (HKLM-x32\...\DRWV_19_2_1_32) (Version: 19.2.1 - Adobe Systems Incorporated) Adobe Illustrator 2019 (32 Bit) (HKLM-x32\...\ILST_23_0_6_32) (Version: 23.0.6 - Adobe Systems Incorporated) Adobe Illustrator 2019 (HKLM-x32\...\ILST_23_0_6) (Version: 23.0.6 - Adobe Systems Incorporated) Adobe InCopy 2019 (32-bit) (HKLM-x32\...\AICY_14_0_2_32) (Version: 14.0.2 - Adobe Systems Incorporated) Adobe InCopy 2019 (HKLM-x32\...\AICY_14_0_2) (Version: 14.0.2 - Adobe Systems Incorporated) Adobe InDesign 2019 (32-bit) (HKLM-x32\...\IDSN_14_0_2_32) (Version: 14.0.2 - Adobe Systems Incorporated) Adobe InDesign 2019 (HKLM-x32\...\IDSN_14_0_2) (Version: 14.0.2 - Adobe Systems Incorporated) Adobe Lightroom Classic (HKLM-x32\...\LTRM_8_4) (Version: 8.4 - Adobe Systems Incorporated) Adobe Media Encoder 2019 (HKLM-x32\...\AME_13_1_3) (Version: 13.1.3 - Adobe Systems Incorporated) Adobe Muse CC 2018 (HKLM-x32\...\MUSE_2018_1_0) (Version: 2018.1.0.266 - Adobe Systems Incorporated) Adobe Photoshop CC 2018 (32 Bit) (HKLM-x32\...\PHSP_19_1_8_32) (Version: 19.1.8 - Adobe Systems Incorporated) Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_6) (Version: 20.0.6 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 5.7.1 (HKLM-x32\...\{956F2B16-DE59-482E-A248-98F63657080B}) (Version: 5.7.1 - Adobe Systems Incorporated) Adobe Prelude 2019 (HKLM-x32\...\PRLD_8_1_1) (Version: 8.1.1 - Adobe Systems Incorporated) Adobe Premiere Pro 2019 (HKLM-x32\...\PPRO_13_1_4) (Version: 13.1.4 - Adobe Systems Incorporated) Adobe Premiere Rush (HKLM-x32\...\RUSH_1_2) (Version: 1.2 - Adobe Systems Incorporated) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.9.2 - Advanced Micro Devices, Inc.) AMD_Chipset_Drivers (HKLM-x32\...\{D8561EEF-2B90-4BDB-B197-16E96924E6AA}) (Version: 1.8.19.0915 - Advanced Micro Devices, Inc.) Hidden AMD_Chipset_Drivers (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 1.8.19.0915 - Advanced Micro Devices, Inc.) Ankama Launcher 2.10.12 (HKU\S-1-5-21-3653066292-554342197-3864826861-1003\...\{410fcd79-1be8-5bf1-986e-ea09c55f7edf}) (Version: 2.10.12 - Ankama) Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team) Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden Broforce (HKLM-x32\...\{4EB1FFC1-A9A8-417B-B867-D83E07A6DFC8}) (Version: - Devolver Digital) CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform) Discord (HKU\S-1-5-21-3653066292-554342197-3864826861-1003\...\Discord) (Version: 0.0.305 - Discord Inc.) Epic Games Launcher (HKLM-x32\...\{C26AA108-615E-4186-A499-9F82FDC21F3A}) (Version: 1.1.229.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.120 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Hyper Light Drifter (HKLM-x32\...\{B515A0C1-B73D-4201-AAE3-1EF8FB1FAF5E}) (Version: - Heart Machine LLC) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc) Logitech - Assistant pour jeux vidéo 9.00 (HKLM\...\Logitech Gaming Software) (Version: 9.00.42 - Logitech Inc.) Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation) Mozilla Firefox 69.0.3 (x64 fr) (HKLM\...\Mozilla Firefox 69.0.3 (x64 fr)) (Version: 69.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.2 - Mozilla) MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.7.1 - Notepad++ Team) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) qBittorrent 4.1.7 (HKLM-x32\...\qBittorrent) (Version: 4.1.7 - The qBittorrent project) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8004 - Realtek Semiconductor Corp.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries Engine 3.16.0 (HKLM\...\SteelSeries Engine 3) (Version: 3.16.0 - SteelSeries ApS) Twitch (HKU\S-1-5-21-3653066292-554342197-3864826861-1003\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN) Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment) Packages: ========= Adobe XD -> C:\Program Files\WindowsApps\Adobe.CC.XD_22.1.12.5_x64__adky2gkssdxte [2019-09-25] (Adobe Systems Incorporated) Courrier et calendrier -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-30] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-30] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x64__8wekyb3d8bbwe [2019-10-06] (Microsoft Studios) [MS Ad] MSN Météo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-12] (Microsoft Corporation) [MS Ad] ==================== Personnalisé CLSID (Avec liste blanche): ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2019-06-17] (Notepad++ -> ) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ==================== Codecs (Avec liste blanche) ================== ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ==================== Modules chargés (Avec liste blanche) ============== 2019-01-08 12:54 - 2019-01-08 12:54 - 000017920 _____ () [Fichier non signé] C:\Program Files\AMD\CNext\CNext\libEGL.dll 2019-01-08 12:54 - 2019-01-08 12:54 - 003598336 _____ () [Fichier non signé] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2019-09-10 17:47 - 2019-09-10 17:47 - 005999104 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll 2019-01-08 12:54 - 2019-01-08 12:54 - 006413824 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll 2019-01-08 12:54 - 2019-01-08 12:54 - 001141760 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll 2019-01-08 12:54 - 2019-01-08 12:54 - 000339968 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll 2019-01-08 12:54 - 2019-01-08 12:54 - 004143104 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll 2019-01-08 12:54 - 2019-01-08 12:54 - 003840000 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll 2019-01-08 12:54 - 2019-01-08 12:54 - 000113152 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll 2019-01-08 12:54 - 2019-01-08 12:54 - 000349184 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll 2019-01-08 12:54 - 2019-01-08 12:54 - 080959488 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll 2019-01-08 12:54 - 2019-01-08 12:54 - 005622272 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll 2019-01-08 12:54 - 2019-01-08 12:54 - 000463360 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll 2019-01-08 12:54 - 2019-01-08 12:54 - 000190464 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll 2019-01-08 12:54 - 2019-01-08 12:54 - 002825216 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll ==================== Alternate Data Streams (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) ==================== Mode sans échec (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.) ==================== Internet Explorer sites de confiance/sensibles =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) ==================== Hosts contenu: =============================== (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Autres zones ============================ (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-3653066292-554342197-3864826861-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Antoine\Pictures\cyberpunk.jpg DNS Servers: 89.2.0.1 - 89.2.0.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé. HKLM\...\StartupApproved\StartupFolder: => "SteelSeries Engine 3.lnk" HKLM\...\StartupApproved\Run: => "Launch LCore" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0" HKU\S-1-5-21-3653066292-554342197-3864826861-1003\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3653066292-554342197-3864826861-1003\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3653066292-554342197-3864826861-1003\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-3653066292-554342197-3864826861-1003\...\StartupApproved\Run: => "AdobeBridge" ==================== RèglesPare-feu (Avec liste blanche) =============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{59F9BE6A-13EE-4649-9BEB-0C94230EFD53}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{4C5BC879-45BB-4347-B3B5-A0A424ED8122}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{CBF4D31C-EC32-4351-B123-A1FCEEFE5897}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{0B1690E5-50F2-4C8B-BA7A-61A8821B41BB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User{C76940EB-2C26-4276-BE37-80F172918A86}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [UDP Query User{8416847D-D7BB-488E-94E8-B3D536E204C6}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [{AADB2E0A-653B-44E0-BD99-1F2E1BC0EC38}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> ) FirewallRules: [{18731274-A02D-4450-A283-B188D88B68F7}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> ) FirewallRules: [{139B2C31-3CA6-4DE0-8776-2C255ED95782}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{0298D9D4-8155-43A3-9027-27DE8A6655EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{D5C0CBAE-4FAC-477A-BD92-DB8DAA0CB751}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios) [Fichier non signé] FirewallRules: [{1EDB0D52-ACEE-448A-B896-7603BD5C40AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios) [Fichier non signé] FirewallRules: [{293D2519-E455-4F67-9BFD-ED101714E0A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [Fichier non signé] FirewallRules: [{6EC2380F-92D5-46B9-9966-65672404245E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [Fichier non signé] FirewallRules: [{064CC07D-58DA-49FD-8606-F2047F668372}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GRIS\GRIS.exe () [Fichier non signé] FirewallRules: [{888BE8B3-5375-4CAA-9FDC-25C70E566FCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GRIS\GRIS.exe () [Fichier non signé] FirewallRules: [{7ABCDE24-F529-4B1D-9509-342EEF63976C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ori DE\oriDE.exe () [Fichier non signé] FirewallRules: [{2A1021FB-7B49-4783-88F7-19E2CF4BA499}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ori DE\oriDE.exe () [Fichier non signé] FirewallRules: [{14BB8C96-43FB-444B-A4F3-3B5829781996}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Furi\Furi.exe () [Fichier non signé] FirewallRules: [{2B39D505-1366-4270-A92A-8C6F520DE442}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Furi\Furi.exe () [Fichier non signé] FirewallRules: [{27DD764C-B7EB-4016-B9DF-CE8FC4F08C58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\METAL GEAR RISING REVENGEANCE\METAL GEAR RISING REVENGEANCE.exe () [Fichier non signé] FirewallRules: [{BC7EB694-47E1-4E47-B264-234E0A436E53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\METAL GEAR RISING REVENGEANCE\METAL GEAR RISING REVENGEANCE.exe () [Fichier non signé] FirewallRules: [{71A802D1-E2BA-4C2A-8618-CE906AF0E8D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{73266C5B-096D-4F4D-B2C0-6E8467022F82}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [TCP Query User{7075E727-4C5D-488C-8F0D-C77258B0AC3A}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> ) FirewallRules: [UDP Query User{60FC4AC5-A761-411E-83D9-B737D7417736}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> ) FirewallRules: [{4B79F3DB-FD23-4DE2-8E20-DD049B84B9BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Enter the Gungeon\EtG.exe () [Fichier non signé] FirewallRules: [{76F5C8B8-701A-4F22-ABAA-BB4CFC2E42FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Enter the Gungeon\EtG.exe () [Fichier non signé] FirewallRules: [{8CC202D2-4DF9-49F0-8F25-20856294B046}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DRAGON BALL FighterZ\DBFighterZ.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{C068CD4F-0C49-4BE2-BB06-8C2885142A12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DRAGON BALL FighterZ\DBFighterZ.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{1C655538-4AD9-480D-8A42-5BA6D0D71308}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [Fichier non signé] FirewallRules: [{D703440F-62C4-4E88-9039-D51E2D2124BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [Fichier non signé] FirewallRules: [{E81AEF15-8AD9-4F9F-9445-A0AA39DE267F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation ) FirewallRules: [{2A678012-EEAA-4B8E-BF04-5216D157E63B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation ) FirewallRules: [{086643E3-337B-4B0E-B78D-6394D5DC0CBC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{32B74DA2-70F2-49D2-A522-12C09104AFD6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User{FB9AD79B-FD76-41FE-AB8C-9F414BE6E5C8}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [UDP Query User{9E6F8BF5-480A-4E0C-BB81-6EB2E596BD10}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [TCP Query User{7EA068D6-16BA-46DB-9216-4561F4D19327}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [UDP Query User{222B3C19-52DF-4C89-9725-18C81B3D9857}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [{F9A1D8F9-5B2C-4733-927E-3F3F03D0D4D4}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [Fichier non signé] FirewallRules: [{ED4F0CD0-0CC7-4B7D-8DD2-9BA692B32063}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [Fichier non signé] FirewallRules: [{BEBC1472-F33E-4C6D-BBDA-C795A6DB93DD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{1E46A2A6-CCD8-4E70-B2AF-4A979E0AD7EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe () [Fichier non signé] FirewallRules: [{F358A419-BB30-4C28-BA25-BF2C7AC4038F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe () [Fichier non signé] ==================== Points de restauration ========================= ==================== Éléments en erreur du Gestionnaire de périphériques ============= ==================== Erreurs du Journal des événements: ========================= Erreurs Application: ================== Error: (10/19/2019 04:18:57 PM) (Source: ESENT) (EventID: 447) (User: ) Description: svchost (3520,D,22) SRUJet: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 16, PgnoRoot: 111) of database C:\WINDOWS\system32\SRU\SRUDB.dat (5545 => 3328, 3329). Tag: BtSplitParentMismatchLast Fatal: 1 Error: (10/19/2019 04:18:56 PM) (Source: ESENT) (EventID: 447) (User: ) Description: svchost (3520,D,22) SRUJet: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 16, PgnoRoot: 111) of database C:\WINDOWS\system32\SRU\SRUDB.dat (5545 => 3328, 3329). Tag: BtSplitParentMismatchLast Fatal: 1 Error: (10/19/2019 04:18:55 PM) (Source: ESENT) (EventID: 447) (User: ) Description: svchost (3520,D,22) SRUJet: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 16, PgnoRoot: 111) of database C:\WINDOWS\system32\SRU\SRUDB.dat (5545 => 3328, 3329). Tag: BtSplitParentMismatchLast Fatal: 1 Error: (10/19/2019 04:18:54 PM) (Source: ESENT) (EventID: 447) (User: ) Description: svchost (3520,D,22) SRUJet: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 16, PgnoRoot: 111) of database C:\WINDOWS\system32\SRU\SRUDB.dat (5545 => 3328, 3329). Tag: BtSplitParentMismatchLast Fatal: 1 Error: (10/19/2019 04:18:53 PM) (Source: ESENT) (EventID: 447) (User: ) Description: svchost (3520,D,22) SRUJet: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 16, PgnoRoot: 111) of database C:\WINDOWS\system32\SRU\SRUDB.dat (5545 => 3328, 3329). Tag: BtSplitParentMismatchLast Fatal: 1 Error: (10/19/2019 04:18:52 PM) (Source: ESENT) (EventID: 447) (User: ) Description: svchost (3520,D,22) SRUJet: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 16, PgnoRoot: 111) of database C:\WINDOWS\system32\SRU\SRUDB.dat (5545 => 3328, 3329). Tag: BtSplitParentMismatchLast Fatal: 1 Error: (10/19/2019 04:18:51 PM) (Source: ESENT) (EventID: 447) (User: ) Description: svchost (3520,D,22) SRUJet: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 16, PgnoRoot: 111) of database C:\WINDOWS\system32\SRU\SRUDB.dat (5545 => 3328, 3329). Tag: BtSplitParentMismatchLast Fatal: 1 Error: (10/19/2019 04:18:50 PM) (Source: ESENT) (EventID: 447) (User: ) Description: svchost (3520,D,22) SRUJet: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 16, PgnoRoot: 111) of database C:\WINDOWS\system32\SRU\SRUDB.dat (5545 => 3328, 3329). Tag: BtSplitParentMismatchLast Fatal: 1 Erreurs système: ============= Error: (10/19/2019 04:25:20 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: L’ordinateur a redémarré après une vérification d’erreur. La vérification d’erreur était : 0x0000000a (0x0000000000060001, 0x0000000000000002, 0x0000000000000000, 0xfffff8037dad93a1). Un vidage a été enregistré dans : C:\WINDOWS\MEMORY.DMP. ID de rapport : 9c706387-18bb-4b21-9c03-006460ccd7db. Error: (10/19/2019 04:20:57 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: AUTORITE NT) Description: C:\Device\HarddiskVolume33 Error: (10/19/2019 04:20:57 PM) (Source: Ntfs) (EventID: 55) (User: AUTORITE NT) Description: Une défaillance a été détectée dans la structure du système de fichiers sur le volume C:. The exact nature of the corruption is unknown. The file system structures need to be scanned and fixed offline. Error: (10/19/2019 04:21:23 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: L’arrêt système précédant à 15:57:13 le ‎19/‎10/‎2019 n’était pas prévu. Error: (10/19/2019 03:26:57 AM) (Source: volsnap) (EventID: 36) (User: ) Description: Les clichés instantanés du volume C: ont été annulés car le stockage du cliché instantané n’a pas pu s’agrandir en raison d’une limite utilisateur. Error: (10/18/2019 10:42:23 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: L’arrêt système précédant à 22:12:15 le ‎18/‎10/‎2019 n’était pas prévu. Error: (10/18/2019 03:45:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Steam Client Service n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (10/18/2019 03:45:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Steam Client Service. CodeIntegrity: =================================== Date: 2019-10-19 16:23:47.302 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2019-10-19 16:23:47.290 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2019-10-19 16:23:47.271 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2019-10-19 16:22:53.334 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2019-10-19 16:22:53.319 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2019-10-19 16:22:53.304 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2019-10-19 16:22:53.289 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2019-10-19 16:22:53.273 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. V10.6 01/08/2016 Motherboard: MSI 970A-G43 (MS-7693) Processeur: AMD FX(tm)-6300 Six-Core Processor Pourcentage de mémoire utilisée: 17% Mémoire physique - RAM - totale: 16332.05 MB Mémoire physique - RAM - disponible: 13467.59 MB Mémoire virtuelle totale: 18764.05 MB Mémoire virtuelle disponible: 13596.96 MB ==================== Lecteurs ================================ Drive c: (Windows) (Fixed) (Total:930.75 GB) (Free:272.92 GB) NTFS \\?\Volume{19665132-f89f-44da-9f79-6626e9aa60d0}\ (Recovery image) (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS \\?\Volume{d4e845da-524b-48be-aa05-636bf4f5b53d}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Table des partitions ================== ======================================================== Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== Fin de Addition.txt ============================