Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 31-03-2021 Exécuté par Covfefe (03-04-2021 08:24:13) Exécuté depuis C:\Users\Covfefe\Desktop Windows 10 Pro Version 20H2 19042.867 (X64) (2021-01-29 13:04:20) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-2824928115-1810197505-3969028243-500 - Administrator - Disabled) Covfefe (S-1-5-21-2824928115-1810197505-3969028243-1001 - Administrator - Enabled) => C:\Users\Covfefe DefaultAccount (S-1-5-21-2824928115-1810197505-3969028243-503 - Limited - Disabled) Invité (S-1-5-21-2824928115-1810197505-3969028243-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2824928115-1810197505-3969028243-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318} FW: Bitdefender Pare-feu (Disabled) {362C5A58-E860-6396-9204-BEEEF20CA463} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) A Way Out (HKLM-x32\...\{E8D752CF-2FCC-470D-B0C5-4BFC6F42ACCE}) (Version: 1.0.62.0 - Electronic Arts, Inc.) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.009.20074 - Adobe Systems Incorporated) Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_6) (Version: 17.6 - Adobe Inc.) Adobe Audition 2020 (HKLM-x32\...\AUDT_13_0_13) (Version: 13.0.13 - Adobe Inc.) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.4.1.534 - Adobe Inc.) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe) Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_8) (Version: 14.8 - Adobe Inc.) Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_1_1) (Version: 22.1.1.138 - Adobe Inc.) Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_8) (Version: 14.8 - Adobe Inc.) Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment) Assistant Mise à jour de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23258 - Microsoft Corporation) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 24.0.1.143 - Bitdefender) Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 24.0.14.85 - Bitdefender) Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 25.0.1.25 - Bitdefender) BitTorrent Web (HKU\S-1-5-21-2824928115-1810197505-3969028243-1001\...\btweb) (Version: 1.1.3 - BitTorrent, Inc.) Bureau à distance (HKLM\...\{93C47426-5761-427E-81E7-57EF451F2937}) (Version: 1.2.1844.0 - Microsoft Corporation) CCleaner (HKLM\...\CCleaner) (Version: 5.78 - Piriform) Disco Elysium (HKLM-x32\...\1771589310_is1) (Version: 8487d973 - GOG.com) Discord (HKU\S-1-5-21-2824928115-1810197505-3969028243-1001\...\Discord) (Version: 0.0.309 - Discord Inc.) EA Desktop (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.65.4872 - Electronic Arts) Hidden Elgato Control Center (HKLM\...\{CB72964D-4492-48D9-86A1-39FDC4800A5A}) (Version: 1.1.4.792 - Elgato Systems) Elgato Stream Deck (HKLM\...\{F95DF976-D830-4C45-9F5E-7CA319D38C64}) (Version: 4.9.3.13222 - Elgato Systems GmbH) Epic Games Launcher (HKLM-x32\...\{6653362F-9365-4A3C-9BF8-71494529DE06}) (Version: 1.1.236.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden FIFA 21 (HKLM-x32\...\{A918ACE7-A83B-41F4-8746-AEF8DC821879}) (Version: 1.0.68.41322 - Electronic Arts) GameInput Redistributable (HKLM-x32\...\{7E52156F-18FE-B953-BEA9-6BE6A77AFDFF}) (Version: 10.1.19041.3906 - Microsoft Corporation) Geeks3D FurMark 1.20.0.1 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D) GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.114 - Google LLC) HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - ) Hitman 3 Deluxe Edition MULTi5 - ElAmigos version 3.10.0 (HKLM-x32\...\{ACDD4FD4-3914-40AF-A104-3747954F7F57}_is1) (Version: 3.10.0 - IO Interactive) iCloud Outlook (HKLM\...\{BC06C9EA-78BE-4B52-BA89-E6FAAFBF3CB0}) (Version: 12.2.0.10 - Apple Inc.) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) It Takes Two (HKLM-x32\...\{10AD7848-62A0-425D-9E7C-A14E6EBB46BA}) (Version: 1.0.0.1 - Electronic Arts, Inc.) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKU\S-1-5-21-2824928115-1810197505-3969028243-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) Logiciel pour périphérique à chipset Intel® (HKLM-x32\...\{ffddf9dd-c47f-453a-92f5-ac6c98af8b5b}) (Version: 10.1.17968.8131 - Intel(R) Corporation) Logitech Capture (HKLM\...\Capture) (Version: 2.02.155 - Logitech) Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes) Mass Effect™ : Andromeda (HKLM-x32\...\{72BBCA87-9350-48BC-9E2F-6DBC1E80C993}) (Version: 1.0.0.10 - Electronic Arts) Maxon Cinema 4D 22 (HKLM\...\Maxon Cinema 4D S22) (Version: S22 - Maxon) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 89.0.774.63 - Microsoft Corporation) Microsoft Office Professionnel Plus 2019 - fr-fr (HKLM\...\ProPlus2019Retail - fr-fr) (Version: 16.0.13801.20360 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2824928115-1810197505-3969028243-1001\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-2824928115-1810197505-3969028243-1001\...\Teams) (Version: 1.4.00.7174 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 3.1.8 (x64) (HKLM-x32\...\{3e04c2ef-ccc7-4fe6-a32f-f36572af0f42}) (Version: 3.1.8.29220 - Microsoft Corporation) Mozilla Firefox 87.0 (x64 fr) (HKLM\...\Mozilla Firefox 87.0 (x64 fr)) (Version: 87.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.2 - Mozilla) NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation) NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation) NVIDIA Pilote graphique 461.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.72 - NVIDIA Corporation) NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20360 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden Package de pilotes Windows - Sony Computer Entertainment Inc. Wireless controller for PLAYSTATION(R)3 Driver Package (01/20/2012 1.4.0.0) (HKLM\...\D5410AE5FA467EF0F19558D5F60C991A79E11B51) (Version: 01/20/2012 1.4.0.0 - Sony Computer Entertainment Inc.) STAR WARS Jedi - Fallen Order™ (HKLM-x32\...\{D00A89F1-2D8C-4589-B1D1-73A6544E3B1F}) (Version: 1.0.9.0 - Electronic Arts, Inc.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries Engine 3.19.2 (HKLM\...\SteelSeries Engine 3) (Version: 3.19.2 - SteelSeries ApS) StreamLabels 0.4.2 (HKU\S-1-5-21-2824928115-1810197505-3969028243-1001\...\{8000d50a-fcb7-5b38-8a3b-a02a0ec79daa}) (Version: 0.4.2 - Streamlabs) Streamlabs OBS 0.18.5 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.18.5 - General Workings, Inc.) The Elder Scrolls IV: Oblivion (HKLM-x32\...\1458058109_is1) (Version: 1.2.0416 CS - GOG.com) The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 2.6.3.0 - Zenimax Online Studios) The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: - ) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 115.2.10179 - Ubisoft) Universe (HKLM\...\Universe v3.3.1) (Version: - Red Giant LLC) ViGEm Bus Driver (HKLM\...\{4030BA52-E312-462E-B020-CCB5A2AC5497}) (Version: 1.16.116 - Nefarius Software Solutions e.U.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN) Voicemod (HKLM\...\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1) (Version: 2.9.0.0 - Voicemod S.L.) WinDirStat 1.1.2 (HKU\S-1-5-21-2824928115-1810197505-3969028243-1001\...\WinDirStat) (Version: - ) WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) Packages: ========= Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-11-13] (Adobe Systems Incorporated) Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-29] (Adobe Systems Incorporated) Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-31] (Microsoft Corporation) Dishonored 2 -> C:\Program Files\WindowsApps\BethesdaSoftworks.Dishonored2-PC_1.0.9.0_x64__3275kfvn8vcwc [2021-03-31] (Bethesda Softworks) Empire of Sin PC -> C:\Program Files\WindowsApps\ParadoxInteractive.ProjectRenegadePC_1.4.41148.2_x64__zfnrdv2de78ny [2021-03-20] (Paradox Interactive) Genesis Noir for Windows -> C:\Program Files\WindowsApps\SurpriseAttackPtyLtd.GenesisNoirforWindows_1.0.20.0_x64__8k24hnfn3vvj0 [2021-03-31] (Surprise Attack Pty Ltd) iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_12.2.10.0_x86__nzyj5cx40ttqa [2021-03-15] (Apple Inc.) [Startup Task] Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_950.7.118.0_x64__8xx8rvfyw5nnt [2021-03-20] (Facebook Inc) [Startup Task] Narita Boy -> C:\Program Files\WindowsApps\Team17DigitalLimited.NartiaBoyWin10_1.0.72.0_x64__j5x4vj4y67jhc [2021-04-01] (Team17 Digital Limited) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-02-28] (NVIDIA Corp.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.14.225.0_x64__dt26b99r8h8gj [2021-03-30] (Realtek Semiconductor Corp) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-2824928115-1810197505-3969028243-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-CDE87D669D0D} -> [Creative Cloud Files] => P:\Covfefe\Creative Cloud Files [2021-02-06 15:31] CustomCLSID: HKU\S-1-5-21-2824928115-1810197505-3969028243-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Covfefe\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20339.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2824928115-1810197505-3969028243-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) CustomCLSID: HKU\S-1-5-21-2824928115-1810197505-3969028243-1001_Classes\CLSID\{8EB533DB-55C5-4ACB-B563-4980125971D7} -> [iCloud Drive] => C:\Users\Covfefe\iCloudDrive [2021-03-15 07:29] CustomCLSID: HKU\S-1-5-21-2824928115-1810197505-3969028243-1001_Classes\CLSID\{e13cc75c-3ffc-4561-9482-33bbaa8b710c}\localserver32 -> C:\Program Files\Elgato\ControlCenter\ControlCenter.exe (Corsair Memory, Inc. -> Elgato Systems) CustomCLSID: HKU\S-1-5-21-2824928115-1810197505-3969028243-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Pas de fichier ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Pas de fichier ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Pas de fichier ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-03-25] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-03-25] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-03-25] (Adobe Inc. -> ) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-03-25] (Adobe Inc. -> ) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-03] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-30] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\nvshext.dll [2021-02-24] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-03-25] (Adobe Inc. -> ) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-03] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-30] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== ==================== Modules chargés (Avec liste blanche) ============= 2020-07-25 08:04 - 2019-05-03 10:41 - 001750016 _____ () [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files\Voicemod Desktop\CefSharp.Core.dll 2015-03-17 01:34 - 2015-03-17 01:34 - 000010240 _____ () [Fichier non signé] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\fr_fr\AcroTray.fra 2020-11-06 12:53 - 2020-11-06 12:53 - 001044480 _____ () [Fichier non signé] C:\Program Files\Elgato\ControlCenter\e_sqlite3.DLL 2020-07-25 08:04 - 2019-04-25 09:23 - 109914112 _____ () [Fichier non signé] C:\Program Files\Voicemod Desktop\libcef.dll 2019-12-03 00:29 - 2019-12-03 00:29 - 000021504 _____ (Adobe Systems Inc.) [Fichier non signé] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\fr_fr\Acrobat Elements\ContextMenuShim64.fra 2021-03-11 10:54 - 2021-03-11 10:54 - 002253824 _____ (deniszykov) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\deniszykov.615d72e4#\7433c63ff0ee4f15c7a35205538f2abb\deniszykov.WebSocketListener.ni.dll 2020-06-10 22:44 - 2020-06-10 22:44 - 002146304 _____ (Holtek Semiconductor Inc.) [Fichier non signé] C:\Program Files\SteelSeries\SteelSeries Engine 3\HIDDLL.dll 2020-06-10 22:44 - 2020-06-10 22:44 - 002284032 _____ (Holtek) [Fichier non signé] C:\Program Files\SteelSeries\SteelSeries Engine 3\ISPDLL.dll 2021-03-11 10:54 - 2021-03-11 10:54 - 000559104 _____ (Krueger Systems, Inc.) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SQLite-net\6e599214d0e15b0d063fcd4f6758f86a\SQLite-net.ni.dll 2021-03-11 10:55 - 2021-03-11 10:55 - 002888192 _____ (Newtonsoft) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\f9d38060a1b6ce64c276969cc7d214d9\Newtonsoft.Json.ni.dll 2020-07-25 08:04 - 2019-06-08 15:53 - 001625088 _____ (Robert Simpson, et al.) [Fichier non signé] C:\Program Files\Voicemod Desktop\SQLite.Interop.dll 2020-07-25 08:04 - 2019-04-25 09:22 - 000799744 _____ (The Chromium Authors) [Fichier non signé] C:\Program Files\Voicemod Desktop\chrome_elf.dll 2020-06-28 20:38 - 2020-09-28 12:37 - 002080256 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files\Red Giant\Services\LIBEAY32.dll 2021-04-02 07:38 - 2021-04-02 07:38 - 002815488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] J:\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll 2021-04-02 07:38 - 2021-04-02 07:38 - 000678400 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] J:\EA Desktop\EA Desktop\libssl-1_1-x64.dll 2021-04-02 07:38 - 2021-04-02 07:38 - 000046592 _____ (The Qt Company Ltd.) [Fichier non signé] J:\EA Desktop\EA Desktop\bearer\qgenericbearer.dll 2021-04-02 07:38 - 2021-04-02 07:38 - 006270976 _____ (The Qt Company Ltd.) [Fichier non signé] J:\EA Desktop\EA Desktop\Qt5Core.dll 2021-04-02 07:38 - 2021-04-02 07:38 - 001389568 _____ (The Qt Company Ltd.) [Fichier non signé] J:\EA Desktop\EA Desktop\Qt5Network.dll 2021-04-02 07:38 - 2021-04-02 07:38 - 000157184 _____ (The Qt Company Ltd.) [Fichier non signé] J:\EA Desktop\EA Desktop\Qt5WebSockets.dll 2021-04-02 07:38 - 2021-04-02 07:38 - 000210432 _____ (The Qt Company Ltd.) [Fichier non signé] J:\EA Desktop\EA Desktop\Qt5Xml.dll 2021-03-11 10:55 - 2021-03-11 10:55 - 000228864 _____ (Zumero, LLC) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SQLitePCLRa2ebdfdd6#\2193aa942f13e5c4c1aad10f1f5a5700\SQLitePCLRaw.provider.e_sqlite3.ni.dll 2021-03-11 10:55 - 2021-03-11 10:55 - 000010752 _____ (Zumero, LLC) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SQLitePCLRaf488fa76#\1b18e18778fee1623eec0238b86b5e88\SQLitePCLRaw.batteries_v2.ni.dll 2021-03-11 10:55 - 2021-03-11 10:55 - 000185856 _____ (Zumero, LLC) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SQLitePCLRaw.core\85a0b125b63aa83836f994cc122b1ef8\SQLitePCLRaw.core.ni.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2021-02-03] (Bitdefender SRL -> Bitdefender) BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2021-02-03] (Bitdefender SRL -> Bitdefender) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-10-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-10-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [2021-02-03] (Bitdefender SRL -> Bitdefender) BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2021-02-03] (Bitdefender SRL -> Bitdefender) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Pas de nom -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> Pas de fichier BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-10-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-10-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-10-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2021-02-03] (Bitdefender SRL -> Bitdefender) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-10-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2021-02-03] (Bitdefender SRL -> Bitdefender) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\S-1-5-21-2824928115-1810197505-3969028243-1001\...\localhost -> localhost ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2019-03-19 06:49 - 2021-04-03 07:25 - 000001902 _____ C:\WINDOWS\system32\drivers\etc\hosts 109.94.209.70 fitgirlrepacks.co # Fake FitGirl site 109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site 109.94.209.70 fitgirl-repack.com # Fake FitGirl site 109.94.209.70 fitgirl-repacks.website # Fake FitGirl site 109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site 109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site 109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site 109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site 109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site 109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site 109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site 109.94.209.70 fitgirl-repack.net # Fake FitGirl site 109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site 109.94.209.70 fitgirlpack.site # Fake FitGirl site 109.94.209.70 www.fitgirlpack.site # Fake FitGirl site ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-2824928115-1810197505-3969028243-1001\Control Panel\Desktop\\Wallpaper -> M:\Téléchargement\980830.png DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKLM\...\StartupApproved\Run: => "Stream Deck" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess" HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run32: => "SecurityHealth" HKU\S-1-5-21-2824928115-1810197505-3969028243-1001\...\StartupApproved\Run: => "CCXProcess" HKU\S-1-5-21-2824928115-1810197505-3969028243-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-2824928115-1810197505-3969028243-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-2824928115-1810197505-3969028243-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer" HKU\S-1-5-21-2824928115-1810197505-3969028243-1001\...\StartupApproved\Run: => "Overwolf" HKU\S-1-5-21-2824928115-1810197505-3969028243-1001\...\StartupApproved\Run: => "btweb" HKU\S-1-5-21-2824928115-1810197505-3969028243-1001\...\StartupApproved\Run: => "GogGalaxy" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{55256321-6435-4E97-8C31-8E96F673EE69}] => (Allow) A:\Steam\steamapps\common\Hades\x86\Hades.exe () [Fichier non signé] FirewallRules: [{3ACD6B50-DFD1-47C3-8D19-68A27DAFB4A8}] => (Allow) A:\Steam\steamapps\common\Hades\x86\Hades.exe () [Fichier non signé] FirewallRules: [{3456434D-7ABE-4815-89ED-142EC842B79D}] => (Allow) A:\Steam\steamapps\common\Hades\x64Vk\Hades.exe () [Fichier non signé] FirewallRules: [{FD994B6F-07B3-4B98-A38D-9B73D37AFBF9}] => (Allow) A:\Steam\steamapps\common\Hades\x64Vk\Hades.exe () [Fichier non signé] FirewallRules: [{1850688F-93A2-471B-965F-BD79A5FB542C}] => (Allow) A:\Steam\steamapps\common\Hades\x64\Hades.exe () [Fichier non signé] FirewallRules: [{6A628AAF-3FB2-47D8-9D7A-6E13FA63A5C5}] => (Allow) A:\Steam\steamapps\common\Hades\x64\Hades.exe () [Fichier non signé] FirewallRules: [UDP Query User{2EF3A693-AC7B-4175-87EB-DD68CA8A392B}C:\users\covfefe\appdata\roaming\bittorrent web\btweb.exe] => (Block) C:\users\covfefe\appdata\roaming\bittorrent web\btweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [Fichier non signé] FirewallRules: [TCP Query User{30CEB116-A667-49BB-8FA1-B0031ED7D67C}C:\users\covfefe\appdata\roaming\bittorrent web\btweb.exe] => (Block) C:\users\covfefe\appdata\roaming\bittorrent web\btweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [Fichier non signé] FirewallRules: [{D2750095-085A-4EE3-8320-6314E0399938}] => (Allow) C:\Users\Covfefe\AppData\Roaming\BitTorrent Web\btweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [Fichier non signé] FirewallRules: [{9CC2FBEA-9DEE-4113-9B52-6DEFE7D44369}] => (Allow) C:\Users\Covfefe\AppData\Roaming\BitTorrent Web\btweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [Fichier non signé] FirewallRules: [{99589FA6-B21F-4C13-AB8D-719E0514BF11}] => (Allow) A:\Steam\steamapps\common\The Secret of Monkey Island Special Edition\MISE.exe () [Fichier non signé] FirewallRules: [{B827BDAD-A22B-49C2-BFFD-6B52B4DD3518}] => (Allow) A:\Steam\steamapps\common\The Secret of Monkey Island Special Edition\MISE.exe () [Fichier non signé] FirewallRules: [{F083822B-0919-4314-9643-4CB3FDA53C94}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{19190015-0C34-4CB2-BB9E-07F857D42550}] => (Allow) A:\Steam\steamapps\common\Among Us\Among Us.exe () [Fichier non signé] FirewallRules: [{8ACFB977-7C92-4EAB-B05C-1FD11F86BFB1}] => (Allow) A:\Steam\steamapps\common\Among Us\Among Us.exe () [Fichier non signé] FirewallRules: [{1DD77548-B745-4AD7-B98C-36CB28F50B44}] => (Allow) A:\Steam\steamapps\common\Baba Is You\Baba Is You.exe (None) [Fichier non signé] FirewallRules: [{589887DD-9CC6-4991-AD5A-A602B19F0683}] => (Allow) A:\Steam\steamapps\common\Baba Is You\Baba Is You.exe (None) [Fichier non signé] FirewallRules: [UDP Query User{F54537EC-DBDD-491B-A051-0FC61D4395B3}C:\users\covfefe\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\covfefe\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{AD359376-0730-4BF0-919A-EB01886EE724}C:\users\covfefe\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\covfefe\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A552D143-E2AB-44EC-A5CB-10EC6156FBF4}] => (Block) C:\Program Files\Red Giant\Red Giant App\Red Giant Application Manager.exe (Red Giant LLC) [Fichier non signé] FirewallRules: [{6BD300A0-EB6F-4640-BCA7-302C51BD5033}] => (Allow) A:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{8F9A5738-B011-4DCF-BA1B-4C94FD418863}] => (Allow) A:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [UDP Query User{B0DFE964-ECCE-421E-A7B9-23FF18390A6B}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{4D6786F1-6AAB-424D-9278-5C86CA3A45D9}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{F69A87E1-2293-4E1D-9799-1BEE44911B78}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F251BDE2-B7E9-477E-86BF-6703BA8AEA28}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{BF6B7BFB-1DB6-4A84-AD67-34A2174C0901}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{3C2F3ED4-FBB0-4942-87CB-6C66956EBDB3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5F4C9E84-DDF3-40EA-BC09-B264ACBF6776}] => (Allow) A:\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{B42ECDD1-B3B4-4593-A762-1AB35AB9E7B5}] => (Allow) A:\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{79999FC9-1675-4E4A-9109-685F030EAE11}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{7EE15256-9F9A-4BB2-9631-FE2AAE9610CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{EA859250-3D17-43F1-92E6-709AA4F69C9C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{914345E3-7B7B-4E9B-9B48-8AB6B666FFEF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{F7AD1D38-4D7E-4BD2-B246-66219E365238}B:\sims 4\the sims 4\game\bin\ts4_x64.exe] => (Allow) B:\sims 4\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [Fichier non signé] FirewallRules: [UDP Query User{349B4E8D-C7DE-4F4B-AAAD-376EE319F529}B:\sims 4\the sims 4\game\bin\ts4_x64.exe] => (Allow) B:\sims 4\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [Fichier non signé] FirewallRules: [{9D77C22A-C994-4B89-8CC7-B586E787BF2C}] => (Allow) A:\Steam\steamapps\common\Valheim\valheim.exe () [Fichier non signé] FirewallRules: [{6DFEDCA2-A6EB-4A53-88D8-E87DBF80728B}] => (Allow) A:\Steam\steamapps\common\Valheim\valheim.exe () [Fichier non signé] FirewallRules: [{D4ECDDAA-18DF-4F3F-9BE1-4D590B97F794}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{C6D03F1B-5BEF-42F2-BB09-4DDA62F5518C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{0E305CE1-1D1E-4131-9D2E-9EEBDAEA1046}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{932F7EF1-7BBD-43C6-9CA9-FC674F3A0557}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{25E27B92-634B-4DD8-8670-FA4B7C934B12}J:8\doometernalx64vk.exe] => (Allow) J:8\doometernalx64vk.exe => Pas de fichier FirewallRules: [UDP Query User{80EA44F2-31BF-48D8-AE79-63B7C3855A02}J:8\doometernalx64vk.exe] => (Allow) J:8\doometernalx64vk.exe => Pas de fichier FirewallRules: [{5757D86D-5559-44C8-A980-D7692D4FC056}] => (Allow) C:\Program Files\Elgato\ControlCenter\ControlCenter.exe (Corsair Memory, Inc. -> Elgato Systems) FirewallRules: [{5E61735F-A3AF-4338-86F8-DEE962E159DA}] => (Allow) C:\Program Files\Elgato\StreamDeck\StreamDeck.exe (Corsair Memory, Inc. -> Corsair Memory, Inc) FirewallRules: [{AF74D325-EB9E-48D3-B546-DFD4A0176748}] => (Allow) A:\Steam\steamapps\common\The Witness\witness_d3d11.exe () [Fichier non signé] FirewallRules: [{496BAF02-A91C-4396-9B91-F2915B9D0DBE}] => (Allow) A:\Steam\steamapps\common\The Witness\witness_d3d11.exe () [Fichier non signé] FirewallRules: [{104F4BFD-3438-43AB-BAAA-B5CD94CCD596}] => (Allow) A:\FIFA 21\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{F8619975-8CAD-486F-9D8D-B1C0EE06F728}] => (Allow) A:\FIFA 21\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [TCP Query User{B3981D76-6338-41CF-9107-FF9C4AFA9F94}A:\fifa 21\fifa21_trial.exe] => (Allow) A:\fifa 21\fifa21_trial.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [UDP Query User{7B2775C9-A1EF-48FB-AAEC-8B4D18CB7CCC}A:\fifa 21\fifa21_trial.exe] => (Allow) A:\fifa 21\fifa21_trial.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{3DADF3A6-2A55-4D32-AA49-CBF4511DA566}] => (Allow) A:\AWayOut\Haze1\Binaries\Win64\AWayOut.exe (Hazelight Studios AB -> Hazelight Studios AB) FirewallRules: [{81AFE7A7-5325-4D63-AE31-9208C0DD13F1}] => (Allow) A:\AWayOut\Haze1\Binaries\Win64\AWayOut.exe (Hazelight Studios AB -> Hazelight Studios AB) FirewallRules: [{7A793EB7-2A9C-45D1-989D-684F9238C4B4}] => (Allow) A:\AWayOut\Haze1\Binaries\Win64\AWayOut_friend.exe (Hazelight Studios AB -> Hazelight Studios AB) FirewallRules: [{F874D7AE-E4DA-4F30-A2EB-9481D100EE8A}] => (Allow) A:\AWayOut\Haze1\Binaries\Win64\AWayOut_friend.exe (Hazelight Studios AB -> Hazelight Studios AB) FirewallRules: [{E8726E51-8A6D-4919-B2EE-4C6C38282548}] => (Allow) A:\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe (Electronic Arts, Inc. -> Respawn Entertainment) FirewallRules: [{85986AA8-AEB4-424F-B1B5-0695D3BFECC2}] => (Allow) A:\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe (Electronic Arts, Inc. -> Respawn Entertainment) FirewallRules: [{E72C1BC1-0235-4678-977F-6877F0F9FC09}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\89.0.774.63\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{A2CCAC1D-6842-4427-82F3-6EBAC94ACFF3}J:\ea desktop\ea desktop\qtwebengineprocess.exe] => (Allow) J:\ea desktop\ea desktop\qtwebengineprocess.exe (Electronic Arts, Inc. -> The Qt Company Ltd.) FirewallRules: [UDP Query User{E1EDA610-4674-4303-8B85-B84627DDFFD2}J:\ea desktop\ea desktop\qtwebengineprocess.exe] => (Allow) J:\ea desktop\ea desktop\qtwebengineprocess.exe (Electronic Arts, Inc. -> The Qt Company Ltd.) FirewallRules: [{0428CC42-1E66-4C7E-B149-B8AC56C22523}] => (Allow) A:\ItTakesTwo\Nuts\Binaries\Win64\ItTakesTwo.exe (Hazelight Studios AB -> Hazelight Studios) FirewallRules: [{9BC7EECC-CDCA-4A73-A35C-7F83325AF82C}] => (Allow) A:\ItTakesTwo\Nuts\Binaries\Win64\ItTakesTwo.exe (Hazelight Studios AB -> Hazelight Studios) FirewallRules: [{833915A1-E735-4225-ACE4-8B5E2DD36D60}] => (Allow) A:\ItTakesTwo\Nuts\Binaries\Win64\ItTakesTwo_Trial.exe (Hazelight Studios AB -> Hazelight Studios) FirewallRules: [{57496DB5-B030-4EE5-9327-E10C136F0E32}] => (Allow) A:\ItTakesTwo\Nuts\Binaries\Win64\ItTakesTwo_Trial.exe (Hazelight Studios AB -> Hazelight Studios) FirewallRules: [{54631E21-2551-4F0C-A057-9D62EEC2BF48}] => (Allow) B:\Mass Effect Andromeda\MassEffectAndromedaTrial.exe (Electronic Arts - BioWare) [Fichier non signé] FirewallRules: [{3000DAAA-575A-4E19-99C1-3BE1570402E1}] => (Allow) B:\Mass Effect Andromeda\MassEffectAndromedaTrial.exe (Electronic Arts - BioWare) [Fichier non signé] FirewallRules: [{83D85C6F-1027-4EF0-81D9-44F6F1BDCA63}] => (Allow) B:\Mass Effect Andromeda\MassEffectAndromeda.exe (Electronic Arts -> Electronic Arts - BioWare) FirewallRules: [{7F3B3978-142B-402A-AC49-37E658B89B36}] => (Allow) B:\Mass Effect Andromeda\MassEffectAndromeda.exe (Electronic Arts -> Electronic Arts - BioWare) FirewallRules: [{35E767F2-8512-4D68-82DB-8CB63B17020D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Points de restauration ========================= ATTENTION: La Restauration système est désactivée (Total:97.03 GB) (Free:14.24 GB) (15%) ==================== Éléments en erreur du Gestionnaire de périphériques ============ Name: Périphérique USB inconnu (échec de demande de descripteur de périphérique) Description: Périphérique USB inconnu (échec de demande de descripteur de périphérique) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Contrôleur hôte USB standard) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (03/31/2021 08:30:08 AM) (Source: MsiInstaller) (EventID: 1021) (User: AUTORITE NT) Description: Produit : Adobe Acrobat DC - La mise à jour ‘Adobe Acrobat DC (20.009.20074)’ n’a pas pu être supprimée. Code d’erreur 1646. Windows Installer peut créer des journaux pour faciliter la résolution des éventuelles erreurs d’installation des packages logiciels. Utilisez le lien suivant pour afficher des instructions concernant l’activation des journaux : http://go.microsoft.com/fwlink/?LinkId=23127 Error: (03/31/2021 08:30:08 AM) (Source: MsiInstaller) (EventID: 1021) (User: AUTORITE NT) Description: Produit : Adobe Acrobat DC - La mise à jour ‘Adobe Acrobat DC (20.009.20065)’ n’a pas pu être supprimée. Code d’erreur 1646. Windows Installer peut créer des journaux pour faciliter la résolution des éventuelles erreurs d’installation des packages logiciels. Utilisez le lien suivant pour afficher des instructions concernant l’activation des journaux : http://go.microsoft.com/fwlink/?LinkId=23127 Error: (03/31/2021 08:30:08 AM) (Source: MsiInstaller) (EventID: 1024) (User: AUTORITE NT) Description: Produit : Adobe Acrobat DC - La mise à jour ‘{AC76BA86-A440-FFFF-A440-0C15014EB100}’ n’a pas pu être installée. Code d’erreur 1646. Windows Installer peut créer des journaux pour faciliter la résolution des éventuelles erreurs d’installation des packages logiciels. Utilisez le lien suivant pour afficher des instructions concernant l’activation des journaux : http://go.microsoft.com/fwlink/?LinkId=23127 Error: (03/31/2021 08:30:08 AM) (Source: MsiInstaller) (EventID: 1021) (User: AUTORITE NT) Description: Produit : Adobe Acrobat DC - La mise à jour ‘Adobe Acrobat DC (20.009.20067)’ n’a pas pu être supprimée. Code d’erreur 1646. Windows Installer peut créer des journaux pour faciliter la résolution des éventuelles erreurs d’installation des packages logiciels. Utilisez le lien suivant pour afficher des instructions concernant l’activation des journaux : http://go.microsoft.com/fwlink/?LinkId=23127 Error: (03/31/2021 08:30:03 AM) (Source: MsiInstaller) (EventID: 1021) (User: COVFEFE) Description: Produit : Adobe Acrobat DC - La mise à jour ‘Adobe Acrobat DC (20.009.20074)’ n’a pas pu être supprimée. Code d’erreur 1646. Windows Installer peut créer des journaux pour faciliter la résolution des éventuelles erreurs d’installation des packages logiciels. Utilisez le lien suivant pour afficher des instructions concernant l’activation des journaux : http://go.microsoft.com/fwlink/?LinkId=23127 Error: (03/31/2021 08:30:03 AM) (Source: MsiInstaller) (EventID: 1021) (User: COVFEFE) Description: Produit : Adobe Acrobat DC - La mise à jour ‘Adobe Acrobat DC (20.009.20065)’ n’a pas pu être supprimée. Code d’erreur 1646. Windows Installer peut créer des journaux pour faciliter la résolution des éventuelles erreurs d’installation des packages logiciels. Utilisez le lien suivant pour afficher des instructions concernant l’activation des journaux : http://go.microsoft.com/fwlink/?LinkId=23127 Error: (03/31/2021 08:30:03 AM) (Source: MsiInstaller) (EventID: 1024) (User: COVFEFE) Description: Produit : Adobe Acrobat DC - La mise à jour ‘{AC76BA86-A440-FFFF-A440-0C15014EB100}’ n’a pas pu être installée. Code d’erreur 1646. Windows Installer peut créer des journaux pour faciliter la résolution des éventuelles erreurs d’installation des packages logiciels. Utilisez le lien suivant pour afficher des instructions concernant l’activation des journaux : http://go.microsoft.com/fwlink/?LinkId=23127 Error: (03/31/2021 08:30:03 AM) (Source: MsiInstaller) (EventID: 1021) (User: COVFEFE) Description: Produit : Adobe Acrobat DC - La mise à jour ‘Adobe Acrobat DC (20.009.20067)’ n’a pas pu être supprimée. Code d’erreur 1646. Windows Installer peut créer des journaux pour faciliter la résolution des éventuelles erreurs d’installation des packages logiciels. Utilisez le lien suivant pour afficher des instructions concernant l’activation des journaux : http://go.microsoft.com/fwlink/?LinkId=23127 Erreurs système: ============= Error: (04/03/2021 07:27:21 AM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: Le serveur {4991D34B-80A1-4291-83B6-3328366B9097} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (04/03/2021 07:25:26 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Le service Service de transfert intelligent en arrière-plan s’est arrêté avec l’erreur spécifique au service suivante : La classe est configurée pour être exécutée comme un ID de sécurité différent de celui de l’appelant Error: (04/03/2021 07:25:26 AM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: AUTORITE NT) Description: Échec du démarrage du service BITS. Erreur 2147500053. Error: (04/02/2021 07:37:46 PM) (Source: DCOM) (EventID: 10010) (User: COVFEFE) Description: Le serveur {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (04/02/2021 06:33:35 PM) (Source: DCOM) (EventID: 10010) (User: COVFEFE) Description: Le serveur windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (04/02/2021 01:12:53 AM) (Source: DCOM) (EventID: 10010) (User: COVFEFE) Description: Le serveur {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (04/01/2021 09:41:01 PM) (Source: DCOM) (EventID: 10010) (User: COVFEFE) Description: Le serveur {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (04/01/2021 07:01:53 AM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT) Description: Le serveur {4991D34B-80A1-4291-83B6-3328366B9097} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. CodeIntegrity: =============== Date: 2021-03-30 12:43:21 Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume8\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. 1.50 02/21/2019 Carte mère: Micro-Star International Co., Ltd. MPG Z390 GAMING PLUS (MS-7B51) Processeur: Intel(R) Core(TM) i9-9900K CPU @ 3.60GHz Pourcentage de mémoire utilisée: 24% Mémoire physique - RAM - totale: 32702.23 MB Mémoire physique - RAM - disponible: 24678.25 MB Mémoire virtuelle totale: 37566.23 MB Mémoire virtuelle disponible: 27337.27 MB ==================== Lecteurs ================================ Drive a: (JEUX) (Fixed) (Total:368.1 GB) (Free:24.5 GB) NTFS Drive b: (PROD) (Fixed) (Total:368.09 GB) (Free:187.45 GB) NTFS Drive c: (SYSTEM) (Fixed) (Total:97.03 GB) (Free:14.24 GB) NTFS Drive j: (JEUX PAS SSD) (Fixed) (Total:976.56 GB) (Free:591.83 GB) NTFS Drive m: (MERDES) (Fixed) (Total:642.3 GB) (Free:508.99 GB) NTFS Drive p: (Prod pas SSD) (Fixed) (Total:244.14 GB) (Free:243.91 GB) NTFS Drive x: (SUPPORT) (Fixed) (Total:48.83 GB) (Free:48.69 GB) NTFS Drive z: (PRÉVISUALISATION) (Fixed) (Total:48.83 GB) (Free:48.16 GB) NTFS \\?\Volume{34fe7a2d-b685-48bc-9196-eae5fffe1370}\ () (Fixed) (Total:0.52 GB) (Free:0.05 GB) NTFS \\?\Volume{b96d501b-7d61-784d-4646-4f7d5c18db16}\ () (Fixed) (Total:3.13 GB) (Free:0 GB) NTFS \\?\Volume{096da351-2f6d-7942-5107-31114209c06e}\ () (Fixed) (Total:57.66 GB) (Free:0 GB) NTFS \\?\Volume{822c411d-46b0-6d73-4005-bb973b2e9866}\ () (Fixed) (Total:1.95 GB) (Free:0 GB) NTFS \\?\Volume{401d6f0b-4696-4ce6-ba75-1165a2a5e85f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 2 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 3. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 4. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 5. ==================== Fin de Addition.txt =======================