Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 05-06-2021 01 Exécuté par Sacha (05-06-2021 15:29:59) Exécuté depuis C:\Users\Sacha\Downloads Windows 10 Pro Version 20H2 19042.985 (X64) (2021-03-14 02:10:17) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= Administrateur (S-1-5-21-3148067771-3152446861-2863593748-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3148067771-3152446861-2863593748-503 - Limited - Disabled) Invité (S-1-5-21-3148067771-3152446861-2863593748-501 - Limited - Disabled) Sacha (S-1-5-21-3148067771-3152446861-2863593748-1002 - Administrator - Enabled) => C:\Users\Sacha WDAGUtilityAccount (S-1-5-21-3148067771-3152446861-2863593748-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky Total Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} FW: Kaspersky Total Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) µTorrent (HKU\S-1-5-21-3148067771-3152446861-2863593748-1002\...\uTorrent) (Version: 3.5.5.46010 - BitTorrent Inc.) Adobe Illustrator 2021 (HKLM-x32\...\ILST_25_0) (Version: 25.0 - Adobe Inc.) Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_5) (Version: 14.5 - Adobe Inc.) AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.10.13.408 - Advanced Micro Devices, Inc.) AMD_Chipset_Drivers (HKLM-x32\...\{4fedae1b-6980-4848-9ba0-229c946a3dac}) (Version: 2.10.13.408 - Advanced Micro Devices, Inc.) Hidden BakkesMod version 3.0 (HKLM\...\{BF029534-4334-4CFC-B771-50B7EE54346F}_is1) (Version: 3.0 - BakkesMod) Balsamiq Wireframes (HKU\S-1-5-21-3148067771-3152446861-2863593748-1002\...\{2CC1ECA6-BAE1-41EB-A139-E019A408F5A4}_is1) (Version: 4.1.10 - Balsamiq) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Burning Crusade Classic (HKLM-x32\...\Burning Crusade Classic) (Version: - Blizzard Entertainment) Core (HKLM\...\{C8B82193-C53B-4856-A7F4-D21BA0436B63}) (Version: 1.3.0.0 - Manticore Games.) Core Installer (HKLM-x32\...\{ed8b1658-cff8-4532-ac35-3835037ad253}) (Version: 1.3.0.0 - Manticore Games) Hidden CPUID CPU-Z 1.95 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.95 - CPUID, Inc.) CurseForge (HKU\S-1-5-21-3148067771-3152446861-2863593748-1002\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.173.1.8 - Overwolf app) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.14.0.1567 - Disc Soft Ltd) Discord (HKU\S-1-5-21-3148067771-3152446861-2863593748-1002\...\Discord) (Version: 0.0.309 - Discord Inc.) Epic Games Launcher (HKLM-x32\...\{5C415481-ECCD-4875-AF77-A97B79825F2C}) (Version: 1.1.298.0 - Epic Games, Inc.) ExpressVPN (HKLM-x32\...\{5d3e027b-a5ec-4990-a6a7-1930b77bfd6f}) (Version: 10.2.4.11 - ExpressVPN) ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B876EDB83C}) (Version: 10.2.4.11 - ExpressVPN) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.77 - Google LLC) Kaspersky Total Security (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden Kaspersky Total Security (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Kaspersky VPN (HKLM-x32\...\{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) Hidden Kaspersky VPN (HKLM-x32\...\InstallWIX_{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKU\S-1-5-21-3148067771-3152446861-2863593748-1002\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) Microsoft Access 2019 - fr-fr (HKLM\...\Access2019Volume - fr-fr) (Version: 16.0.14026.20246 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.41 - Microsoft Corporation) Microsoft Excel 2019 - fr-fr (HKLM\...\Excel2019Volume - fr-fr) (Version: 16.0.14026.20246 - Microsoft Corporation) Microsoft Office Professionnel Plus 2019 - fr-fr (HKLM\...\ProPlus2019Retail - fr-fr) (Version: 16.0.14026.20246 - Microsoft Corporation) Microsoft Office Standard 2019 - fr-fr (HKLM\...\Standard2019Volume - fr-fr) (Version: 16.0.14026.20246 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3148067771-3152446861-2863593748-1002\...\OneDriveSetup.exe) (Version: 21.083.0425.0003 - Microsoft Corporation) Microsoft PowerPoint 2019 - fr-fr (HKLM\...\PowerPoint2019Volume - fr-fr) (Version: 16.0.14026.20246 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Word 2019 - fr-fr (HKLM\...\Word2019Volume - fr-fr) (Version: 16.0.14026.20246 - Microsoft Corporation) Minecraft Launcher (HKLM-x32\...\{911FBC64-4C64-4B8F-A637-B34832638C86}) (Version: 1.0.0.0 - Mojang) MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD) NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation) NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation) NVIDIA GeForce NOW 2.0.25.124 (HKU\S-1-5-21-3148067771-3152446861-2863593748-1002\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.25.124 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation) NVIDIA Pilote graphique 466.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.63 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.5.100.48178 - Electronic Arts, Inc.) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.170.48.15 - Overwolf Ltd.) Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden RaiderIO 2.1.1 (HKLM\...\ea53c16d-4ef5-533f-83dc-5b0c5bb40cb2) (Version: 2.1.1 - jah@raider.io) Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 3.20.3 - Razer Inc.) Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.6.0515.051215 - Razer Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.45.928.2020 - Realtek) REDlauncher (HKU\S-1-5-21-3148067771-3152446861-2863593748-1002\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com) RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder) RS Somnífero (HKLM-x32\...\RS Somnífero) (Version: 2.7.2005.4163 - Rico Software) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Sublime Text 3 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.18.5 - TeamViewer) Tukui Client (HKLM\...\{8ED42F67-EEEA-402D-ABCF-83BA85F55FFA}) (Version: 3.2.8 - Tukui) Twitch (HKU\S-1-5-21-3148067771-3152446861-2863593748-1002\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.) UE4 Prerequisites (x64) (HKLM\...\{C720C7E8-9B93-4886-AB28-A158BDA9EBF3}) (Version: 1.2.0.0 - Epic Games, Inc.) Hidden VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software) VLC media player (HKLM\...\VLC media player) (Version: 3.0.14 - VideoLAN) Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version: - VB-Audio Software) Warcraft Logs Uploader 5.5.1 (HKU\S-1-5-21-3148067771-3152446861-2863593748-1002\...\bcc11bd8-bf2f-5f00-925b-921594bc2ca4) (Version: 5.5.1 - warcraftlogs) WeakAuras Companion 3.1.1 (HKU\S-1-5-21-3148067771-3152446861-2863593748-1002\...\574e4d1e-05f6-5376-9898-b829d00eef2e) (Version: 3.1.1 - Buds) WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment) Zoom (HKU\S-1-5-21-3148067771-3152446861-2863593748-1002\...\ZoomUMX) (Version: 5.4.9 (59931.0110) - Zoom Video Communications, Inc.) Packages: ========= Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [2021-06-04] (Microsoft Studios) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-29] (NVIDIA Corp.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.11.217.0_x64__dt26b99r8h8gj [2021-03-14] (Realtek Semiconductor Corp) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0 [2021-05-30] (Spotify AB) [Startup Task] ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2021-06-04] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-11-23] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2021-06-04] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-11-23] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2021-06-04] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_7fe82d451e6cd40f\nvshext.dll [2021-05-31] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2021-06-04] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Fichier non signé] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Fichier non signé] ==================== Raccourcis & WMI ======================== ==================== Modules chargés (Avec liste blanche) ============= 2021-05-26 22:33 - 2021-05-26 22:33 - 104869376 _____ () [Fichier non signé] C:\Program Files (x86)\Battle.net\Battle.net.beta.12919\libcef.dll 2021-05-26 22:33 - 2021-05-26 22:33 - 000112128 _____ () [Fichier non signé] C:\Program Files (x86)\Battle.net\Battle.net.beta.12919\libegl.dll 2021-05-26 22:33 - 2021-05-26 22:33 - 006227456 _____ () [Fichier non signé] C:\Program Files (x86)\Battle.net\Battle.net.beta.12919\libglesv2.dll 2021-03-12 05:28 - 2021-03-12 05:28 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [Fichier non signé] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoFoundation.dll 2021-03-12 05:28 - 2021-03-12 05:28 - 000207872 _____ (Applied Informatics Software Engineering GmbH) [Fichier non signé] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoJSON.dll 2021-03-12 05:28 - 2021-03-12 05:28 - 000810496 _____ (Applied Informatics Software Engineering GmbH) [Fichier non signé] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNet.dll 2021-03-12 05:28 - 2021-03-12 05:28 - 000238592 _____ (Applied Informatics Software Engineering GmbH) [Fichier non signé] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNetSSLWin.dll 2021-03-12 05:28 - 2021-03-12 05:28 - 000335360 _____ (Applied Informatics Software Engineering GmbH) [Fichier non signé] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoUtil.dll 2021-03-12 05:28 - 2021-03-12 05:28 - 000455168 _____ (Applied Informatics Software Engineering GmbH) [Fichier non signé] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoXML.dll 2021-05-26 22:33 - 2021-05-26 22:33 - 000810496 _____ (The Chromium Authors) [Fichier non signé] C:\Program Files (x86)\Battle.net\Battle.net.beta.12919\chrome_elf.dll 2020-11-22 14:51 - 2020-11-22 14:51 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\Origin\LIBEAY32.dll 2020-11-22 14:51 - 2020-11-22 14:51 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\Origin\ssleay32.dll 2020-11-22 14:51 - 2020-11-22 14:51 - 001611264 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2021-06-02 20:13 - 2020-11-22 14:51 - 005487104 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Core.dll 2021-06-02 20:13 - 2020-11-22 14:51 - 005841920 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Gui.dll 2021-06-02 20:13 - 2020-11-22 14:51 - 001179136 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Network.dll 2021-06-02 20:13 - 2020-11-22 14:51 - 000146432 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5WebSockets.dll 2021-06-02 20:13 - 2020-11-22 14:51 - 005089792 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2021-06-02 20:13 - 2020-11-22 14:51 - 000184832 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Xml.dll 2021-05-26 22:33 - 2021-05-26 22:33 - 000026112 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\Battle.net\Battle.net.beta.12919\imageformats\qgif.dll 2021-05-26 22:33 - 2021-05-26 22:33 - 000027136 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\Battle.net\Battle.net.beta.12919\imageformats\qico.dll 2021-05-26 22:33 - 2021-05-26 22:33 - 000243712 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\Battle.net\Battle.net.beta.12919\imageformats\qjpeg.dll 2021-05-26 22:33 - 2021-05-26 22:33 - 000223744 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\Battle.net\Battle.net.beta.12919\imageformats\qmng.dll 2021-05-26 22:33 - 2021-05-26 22:33 - 000020992 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\Battle.net\Battle.net.beta.12919\imageformats\qsvg.dll 2021-05-26 22:33 - 2021-05-26 22:33 - 000332288 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\Battle.net\Battle.net.beta.12919\imageformats\qtiff.dll 2021-05-26 22:34 - 2021-05-26 22:34 - 001140224 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\Battle.net\Battle.net.beta.12919\platforms\qwindows.dll 2021-05-26 22:34 - 2021-05-26 22:34 - 004943360 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\Battle.net\Battle.net.beta.12919\Qt5Core.dll 2021-05-26 22:34 - 2021-05-26 22:34 - 005022208 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\Battle.net\Battle.net.beta.12919\Qt5Gui.dll 2021-05-26 22:34 - 2021-05-26 22:34 - 000626176 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\Battle.net\Battle.net.beta.12919\Qt5Multimedia.dll 2021-05-26 22:34 - 2021-05-26 22:34 - 000877056 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\Battle.net\Battle.net.beta.12919\Qt5Network.dll 2021-05-26 22:34 - 2021-05-26 22:34 - 002908672 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\Battle.net\Battle.net.beta.12919\Qt5Qml.dll 2021-05-26 22:34 - 2021-05-26 22:34 - 003078656 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\Battle.net\Battle.net.beta.12919\Qt5Quick.dll 2021-05-26 22:34 - 2021-05-26 22:34 - 000259072 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\Battle.net\Battle.net.beta.12919\Qt5Svg.dll 2021-05-26 22:34 - 2021-05-26 22:34 - 004718080 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\Battle.net\Battle.net.beta.12919\Qt5Widgets.dll 2021-05-26 22:34 - 2021-05-26 22:34 - 000439296 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\Battle.net\Battle.net.beta.12919\Qt5WinExtras.dll 2021-05-26 22:34 - 2021-05-26 22:34 - 000159232 _____ (The Qt Company Ltd.) [Fichier non signé] C:\Program Files (x86)\Battle.net\Battle.net.beta.12919\Qt5Xml.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\S-1-5-21-3148067771-3152446861-2863593748-1002\...\localhost -> localhost ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2019-03-19 06:49 - 2021-05-28 13:35 - 000000878 _____ C:\WINDOWS\system32\drivers\etc\hosts 0.0.0.0 serius.mwbsys.com 0.0.0.0 keystone.mwbsys.com ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Users\Sacha\AppData\Local\Microsoft\WindowsApps;;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-3148067771-3152446861-2863593748-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{CC7B5504-5B88-4286-8350-4D71BA8EB1C5}] => (Allow) D:\SteamLibrary\steamapps\common\Valheim\valheim.exe () [Fichier non signé] FirewallRules: [{761C880A-01B1-45E2-9A40-5B759CC39279}] => (Allow) D:\SteamLibrary\steamapps\common\Valheim\valheim.exe () [Fichier non signé] FirewallRules: [{79A6F525-0871-482C-80F2-182C17BD6E6C}] => (Allow) D:\SteamLibrary\steamapps\common\Wreckfest\Wreckfest.exe () [Fichier non signé] FirewallRules: [{7D8107AB-F436-4949-B556-93CE6919F724}] => (Allow) D:\SteamLibrary\steamapps\common\Wreckfest\Wreckfest.exe () [Fichier non signé] FirewallRules: [{BE51D92D-2EB9-4597-A978-F7B48C154581}] => (Allow) D:\SteamLibrary\steamapps\common\Wreckfest\Wreckfest_x64.exe () [Fichier non signé] FirewallRules: [{D627D425-9E9E-4382-854F-D8640AFC1C76}] => (Allow) D:\SteamLibrary\steamapps\common\Wreckfest\Wreckfest_x64.exe () [Fichier non signé] FirewallRules: [UDP Query User{D94E5969-9D02-4E86-A277-93DDE3867F54}C:\programdata\manticore games\core\platform\binaries\win64\platform-win64-shipping.exe] => (Allow) C:\programdata\manticore games\core\platform\binaries\win64\platform-win64-shipping.exe (Manticore Games, Inc.) [Fichier non signé] FirewallRules: [TCP Query User{D89CC7CC-62E4-4C8D-9D05-BEE90A5FB505}C:\programdata\manticore games\core\platform\binaries\win64\platform-win64-shipping.exe] => (Allow) C:\programdata\manticore games\core\platform\binaries\win64\platform-win64-shipping.exe (Manticore Games, Inc.) [Fichier non signé] FirewallRules: [{F3E51C81-9F60-40DA-9774-7E4CA2665F77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> ) FirewallRules: [{5AF4642E-7C83-4FE2-B9BF-33AC8A43D886}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> ) FirewallRules: [UDP Query User{5BE17600-8995-4D03-801E-65D1B4DA6717}D:\rocketleague\binaries\win64\rocketleague.exe] => (Allow) D:\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC) FirewallRules: [TCP Query User{8FAA031B-47B8-4238-BAC1-A318EA84AAC2}D:\rocketleague\binaries\win64\rocketleague.exe] => (Allow) D:\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC) FirewallRules: [UDP Query User{8BE1DF7F-B28F-4AFC-939B-A7002A6EFCB3}C:\program files (x86)\steam\steamapps\common\total war three kingdoms\three_kingdoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war three kingdoms\three_kingdoms.exe (The Creative Assembly Limited -> The Creative Assembly Ltd) FirewallRules: [TCP Query User{F84AD6DD-333C-4F42-9A93-9FF3A0F1B614}C:\program files (x86)\steam\steamapps\common\total war three kingdoms\three_kingdoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war three kingdoms\three_kingdoms.exe (The Creative Assembly Limited -> The Creative Assembly Ltd) FirewallRules: [{7A963FB9-D6A4-4057-8FED-788208C64FB9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{1098A3A1-F981-4AE7-86AD-440ABC418467}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{DDCA340A-9EE2-482C-AFD1-1A971F6460AD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{47C36613-9798-4414-AB52-886FC2E9C084}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [UDP Query User{24158A5F-7927-4373-A3F5-9DF91EAB9888}D:\cod\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\cod\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [TCP Query User{703C5625-C608-4829-9294-72AC0BC43298}D:\cod\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\cod\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [{B54A9207-C7E9-4720-BBA2-DC8BE6ED67A6}] => (Allow) C:\Users\Sacha\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [UDP Query User{22FB4845-4377-4D73-ABAB-D8C5207D4C88}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win64\rocketleague.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC) [Fichier non signé] FirewallRules: [TCP Query User{119492F3-AFC9-4FCC-97EE-8403C46A9911}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win64\rocketleague.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC) [Fichier non signé] FirewallRules: [UDP Query User{F1122E63-ED95-49B6-B92C-3185BDBDA344}D:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.) FirewallRules: [TCP Query User{DDCB3476-1A9F-4C9B-AFB6-960A39C0354B}D:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.) FirewallRules: [UDP Query User{B94CD4A7-A0C1-47C8-A97C-994750961554}D:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.) FirewallRules: [TCP Query User{E1F9CF24-39DD-4956-BCB7-3B1CB1ADB400}D:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.) FirewallRules: [{4138FD2B-C27A-4C1C-9655-4D2B065AD5FF}] => (Allow) D:\SteamLibrary\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com) FirewallRules: [{D0DC2A09-7197-4D4A-8F95-050D2CD97D5B}] => (Allow) D:\SteamLibrary\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com) FirewallRules: [{07F41E71-924E-467D-86A1-D50C1A04A94B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{92FFA2AE-F07A-4E63-AEC6-623416F1C8A5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{1C6730E6-004B-4991-9B73-E0CE43CD63FB}] => (Allow) D:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Fichier non signé] FirewallRules: [{1459D2D3-F97F-4A04-9308-5F4BD81E552A}] => (Allow) D:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Fichier non signé] FirewallRules: [UDP Query User{EC4089EB-89BF-476E-9653-B5424420D90A}D:\steamlibrary\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) D:\steamlibrary\steamapps\common\total war warhammer ii\warhammer2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd) FirewallRules: [TCP Query User{8CB1D27C-3292-4223-8DB1-D9A5620E4E36}D:\steamlibrary\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) D:\steamlibrary\steamapps\common\total war warhammer ii\warhammer2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd) FirewallRules: [{1A50ECE9-60CD-4DF6-8606-A5F8EA8C50EB}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [{DDE4D5C9-15EC-400D-A725-C8C0A18A8E79}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [{70C40A68-118F-4571-89BB-29E84D763363}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monster Hunter World\MonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.) FirewallRules: [{EB8618EA-F17E-4885-8D78-5C047BDD74E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monster Hunter World\MonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.) FirewallRules: [{14A61815-038A-4E8A-9E3C-9D29326A047B}] => (Allow) C:\Users\Sacha\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{D324B364-56F0-4185-A5DF-5F083FE2A60D}] => (Allow) C:\Users\Sacha\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{C47E2C23-55A1-4B04-A270-C009E6BADB31}] => (Allow) C:\Users\Sacha\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{92360362-BE0E-4282-8F81-ED9742F0108A}] => (Allow) C:\Users\Sacha\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{AE2981AB-1C31-432B-A13C-43E0935301F8}] => (Allow) C:\Users\Sacha\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{9DE3222A-40D0-4A9D-981A-80039095A600}] => (Allow) C:\Users\Sacha\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{4C3E784B-FDAB-40DA-9752-53B6DD4F96F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{E2E20903-B383-4714-8B0B-EAC2D3ECBDA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{FCDC37B5-A18E-464E-9E19-6B52C1ED145F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> ) FirewallRules: [{FE89D74B-E519-49C0-BF5E-96A2C2BC6CDC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> ) FirewallRules: [{16AB654C-20BE-41DF-888B-607D2E44A1F7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{29D0BB66-C505-4226-88C9-C11135C164B8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{F4AB3BC2-6CA4-40C4-BF96-C5F5210BE434}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{B3D85D9C-EE17-47A8-B232-2EF5CE9602E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{E3F1ABED-4132-4F39-B420-911BC0F25E24}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe FirewallRules: [UDP Query User{A6644A85-8B92-4F83-A7F0-FD6E23E4B11A}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe FirewallRules: [{800EE82E-CD66-4F54-B863-5CDC06AFC4C4}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{A71145C5-5400-461E-9CEF-45A13B31BED8}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{641A2006-F042-4B4A-85A3-5654325AC6A5}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Fichier non signé] FirewallRules: [{1131595E-B30D-4ABB-B29F-A190AD47CFD2}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Fichier non signé] FirewallRules: [{22B6409E-2EAC-4D31-AC9B-5C6D5A648EB4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{4F329759-5C89-47D8-B45C-E59D948258D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{904BE4C2-2788-40A5-96B0-109AF33473BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{24D22722-10EE-472A-AE24-5113EE743152}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{88898A74-B8A4-4BA1-8717-C27D42FB4946}] => (Allow) D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd) FirewallRules: [{C8DF26B4-C2B9-4B50-8699-50D37D4A3D16}] => (Allow) D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd) FirewallRules: [{438EB159-EADC-47B8-848D-5F45DCEE1DD3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6800A2EA-02E1-42F3-8BC2-3EBDDCB8BD11}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{D052F6B7-0ED3-4ABA-82DA-BA4C6CDCA632}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [UDP Query User{AF2C0DF2-E704-40C9-AC66-A74E74DF8426}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [{00A3181F-4EA1-4012-9A64-21137AABD5C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War THREE KINGDOMS\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd) FirewallRules: [{CFA37017-3059-47EA-94AA-DBE38FE28AA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War THREE KINGDOMS\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd) FirewallRules: [{B4702275-4709-4D0B-BFA3-C862F6FAE6F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [Fichier non signé] FirewallRules: [{00D734A0-0FD2-4E5C-B148-19A5FB03DC5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [Fichier non signé] FirewallRules: [TCP Query User{CB849057-F547-4595-A1E1-5CD2C9BA5D2E}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe => Pas de fichier FirewallRules: [UDP Query User{77A148C5-686B-45C8-BD7D-E4672A12C181}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe => Pas de fichier FirewallRules: [{17BA7771-E5F5-4258-BD3C-7FD0B615B6AA}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Pas de fichier FirewallRules: [{C8CE687F-E2E7-41AA-8DC8-0632EE0F1DDB}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Pas de fichier FirewallRules: [{099EDA1F-A410-4C06-AD78-7A1B53D8034A}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Pas de fichier FirewallRules: [{2AD12B98-E8FF-48F8-8E22-32B6757E894B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{9CDBBC17-AD6D-4230-8FBC-30C8A5DFA2F6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{2451B0AF-F72A-498F-BBF7-DE6A8DE85024}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{3D566342-C59F-4B53-9498-FBEDE0DBC6D3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E31BC161-6C1A-4196-8E7E-2A190B1A41CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War THREE KINGDOMS\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd) FirewallRules: [{82909A73-86F8-42D3-8999-811AC09DE125}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War THREE KINGDOMS\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd) FirewallRules: [{77601EE6-D7BB-4F12-8FC5-602171DE2590}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D1647330-EF4B-48AE-A167-257354E334AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{9CF221BC-3E42-4561-901A-EDA5E1E9EA01}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D6434B6C-D1F0-4A5E-A2B8-6B5BB0E3CE68}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{085DBA2D-FD52-4851-A208-D2B647767B30}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D2000AB6-4311-4DF8-ABA6-4922E188A1D8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{EBDE36C6-70EE-4094-A00A-E0B2E7377D95}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{7B596099-2911-44FD-88F2-E7EFFC99C1C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{E703ED19-0ADF-4361-99AD-B208A23C6781}] => (Allow) C:\Program Files (x86)\Overwolf\0.170.48.15\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{48A58523-4FD8-497E-B867-3FC2F11754B1}] => (Allow) C:\Program Files (x86)\Overwolf\0.170.48.15\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{3C8EDD74-AB20-4F6E-BE58-543428CCCC4B}] => (Block) C:\Program Files (x86)\Overwolf\0.170.48.15\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{F56FB95A-B160-44EB-8A85-5B3428ED49CE}] => (Block) C:\Program Files (x86)\Overwolf\0.170.48.15\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{0C5D8380-3CD8-4CC2-8D57-605B3BCDC1D9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{08BA878D-8095-40F8-85E0-8C890F6EC36A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{9D233D28-23F7-4B03-BCAA-41E19461BA88}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{35562702-0A05-4F94-A8ED-4CA2F9847D42}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) ==================== Points de restauration ========================= 04-06-2021 16:18:51 KpRm ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (06/04/2021 04:39:45 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-7M628TV) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Error: (06/04/2021 04:38:31 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme explorer.exe version 10.0.19041.964 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 2030 Heure de début : 01d7592cbb069e12 Heure d'arrêt : 0 Chemin d'accès à l'application : C:\Windows\explorer.exe ID de rapport : 47c6f78b-47f4-4f8e-af71-5a33c8cc80af Nom complet du package défectueux : ID de l'application relative à un package défectueux : Type de blocage : Cross-process Error: (06/04/2021 04:38:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante wallpaper32.exe, version : 1.0.0.0, horodatage : 0x603cf6e5 Nom du module défaillant : d3d11.dll, version : 10.0.19041.746, horodatage : 0x9c73fadc Code d’exception : 0xc0000005 Décalage d’erreur : 0x0011d1e6 ID du processus défaillant : 0x1f84 Heure de début de l’application défaillante : 0x01d7592cbae2307f Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\d3d11.dll ID de rapport : 48e776b2-f2d9-4ce5-b3e2-370792c59a0d Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (06/04/2021 12:28:38 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x8007001f, Un périphérique attaché au système ne fonctionne pas correctement. . Opération : Opération asynchrone en cours d’exécution Contexte : État actuel: DoSnapshotSet Error: (06/04/2021 12:28:29 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005, Accès refusé. . Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur. Opération : Données du rédacteur en cours de collecte Contexte : ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220} Nom du rédacteur: System Writer ID d’instance du rédacteur: {bec914c5-cb07-4304-b9a1-8e6513c99642} Error: (06/04/2021 12:25:25 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x8007001f, Un périphérique attaché au système ne fonctionne pas correctement. . Opération : Opération asynchrone en cours d’exécution Contexte : État actuel: DoSnapshotSet Error: (06/04/2021 12:25:12 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005, Accès refusé. . Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur. Opération : Données du rédacteur en cours de collecte Contexte : ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220} Nom du rédacteur: System Writer ID d’instance du rédacteur: {2f60cdf2-3fd6-48b7-b185-aa0738a54907} Error: (06/04/2021 09:04:27 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-7M628TV) Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. Erreurs système: ============= Error: (06/05/2021 02:08:56 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7M628TV) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (06/05/2021 02:08:56 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7M628TV) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (06/05/2021 02:08:56 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7M628TV) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (06/05/2021 02:08:56 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7M628TV) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (06/05/2021 02:08:56 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7M628TV) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (06/05/2021 02:08:56 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7M628TV) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (06/05/2021 02:08:56 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7M628TV) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Error: (06/05/2021 02:08:56 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7M628TV) Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. Windows Defender: ================ Date: 2021-06-03 21:32:22 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {BC2B9937-B332-4502-B67D-25994F815137} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : DESKTOP-7M628TV\Sacha Date: 2021-06-03 16:30:45 Description: La fonctionnalité de protection en temps réel Antivirus Microsoft Defender a rencontré une erreur et échoué. Fonctionnalité : Sur accès Code d’erreur : 0x8007043c Description de l’erreur : Ce service ne peut pas être démarré en mode sans échec Raison : La veille de sécurité contre les logiciels malveillants a cessé de fonctionner pour une raison inconnue. Dans certains cas, le redémarrage du service peut résoudre le problème. CodeIntegrity: =============== Date: 2021-06-05 15:26:23 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2021-06-04 16:39:46 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Users\Sacha\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.170.48.15\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements. Date: 2021-06-04 12:33:07 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. ==================== Infos Mémoire =========================== BIOS: American Megatrends International, LLC. F13h 04/23/2021 Carte mère: Gigabyte Technology Co., Ltd. B550M AORUS ELITE Processeur: AMD Ryzen 7 3800XT 8-Core Processor Pourcentage de mémoire utilisée: 54% Mémoire physique - RAM - totale: 16328.23 MB Mémoire physique - RAM - disponible: 7427.2 MB Mémoire virtuelle totale: 24008.23 MB Mémoire virtuelle disponible: 7585.78 MB ==================== Lecteurs ================================ Drive c: () (Fixed) (Total:476.31 GB) (Free:182.29 GB) NTFS Drive d: (Disque secondaire) (Fixed) (Total:931.51 GB) (Free:294.34 GB) NTFS Drive e: (Maxtor) (Fixed) (Total:1863.01 GB) (Free:1263.56 GB) NTFS \\?\Volume{9ae5b4a7-f927-4b86-9374-4a30bc77d3ab}\ (Récupération) (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS \\?\Volume{a947075b-dc09-4b6c-9ef3-d278dab7afaf}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 989753B0) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (Size: 476.9 GB) (Disk ID: 562F0A04) Partition: GPT. ========================================================== Disk: 2 (Size: 1863 GB) (Disk ID: 2D4D5FBB) Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS) ==================== Fin de Addition.txt =======================