Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Exécuté par trinhvth (10-04-2018 13:51:33)
Exécuté depuis C:\Users\trinhvth\Desktop
Windows 10 Pro Version 1607 14393.2125 (X64) (2017-03-23 10:13:22)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-147330156-4086310523-3781542659-500 - Administrator - Enabled) => C:\Users\Administrateur.DESKTOP-1KMCCFB
Admin_SBI (S-1-5-21-147330156-4086310523-3781542659-1001 - Administrator - Enabled) => C:\Users\Admin_SBI
DefaultAccount (S-1-5-21-147330156-4086310523-3781542659-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-147330156-4086310523-3781542659-1000 - Limited - Disabled) => C:\Users\defaultuser0
Invité (S-1-5-21-147330156-4086310523-3781542659-501 - Limited - Disabled)
sbiadmin (S-1-5-21-147330156-4086310523-3781542659-1002 - Administrator - Enabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.8.198 - Adobe Systems, Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
ComicRack v0.9.178 (HKLM\...\ComicRack) (Version: v0.9.178 - cYo Soft)
Cyberduck (HKLM-x32\...\{848701D2-5DBB-4DF7-B0BD-50E165F453B4}) (Version: 6.0.0.24625 - iterate GmbH) Hidden
Cyberduck (HKLM-x32\...\{92f5b442-088a-44ab-9006-b862277d8e47}) (Version: 6.0.0.24625 - iterate GmbH)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.5.6909 - CyberLink Corp.)
CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.2.3309 - CyberLink Corp.)
DbVisualizer (HKLM\...\8973-4025-0853-7287) (Version: 9.1.13 - DbVis Software AB)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Dropbox (HKLM-x32\...\Dropbox) (Version: 46.4.65 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
ELAN Touchpad 15.2.12.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.2.12.3 - ELAN Microelectronic Corp.)
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Evernote v. 6.7.5 (HKLM-x32\...\{65B334F4-9E45-11E7-A6A5-005056951CAD}) (Version: 6.7.5.5825 - Evernote Corp.)
FileZilla Client 3.25.1 (HKLM-x32\...\FileZilla Client) (Version: 3.25.1 - Tim Kosse)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Google Chrome (HKLM\...\{A967B385-DA3A-32DD-B6F3-D169E888E661}) (Version: 65.0.3325.181 - Google, Inc.)
Google Drive (HKLM-x32\...\{9BC95947-92FD-438B-A168-C01F9A5B7292}) (Version: 2.34.7529.6838 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Greenshot 1.2.9.129 (HKLM\...\Greenshot_is1) (Version: 1.2.9.129 - Greenshot)
HealthCenter (HKLM-x32\...\{6722AA99-3BCD-4E77-8607-823EB999210A}) (Version: 10.4.0026.0049 - MicroStrategy Incorporated)
HP 3D DriveGuard (HKLM-x32\...\{8F183B2E-D21D-4070-8132-DD39C3CBFA5C}) (Version: 6.0.41.1 - HP)
HP Audio Switch (HKLM-x32\...\{0C5D69BD-B518-46DB-8471-506CD27F9478}) (Version: 1.0.138.0 - HP Inc.)
HP CoolSense (HKLM-x32\...\{0C723C74-62DF-4B35-9490-A207546D866D}) (Version: 2.21.4 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{5b1a1d22-bd59-44e0-a954-e2f18ec43a23}) (Version: 5.2.20454 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{9B252E0D-7B31-48A6-B01E-B5CCBA286E8E}) (Version: 1.1.0.168 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{B90CB0DE-2E60-41C4-9857-466EB98192BF}) (Version: 1.1.158.0 - HP Inc.)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8357.5639 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{56D27851-B9A6-430F-875A-E2D7A3802C7B}) (Version: 8.5.37.19 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{93A048EC-70FB-4BB2-8335-00654AC8E4C1}) (Version: 12.8.47.1 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.27 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Wireless Button Driver (HKLM-x32\...\{099DAD2B-56C5-4919-9F82-418C2A018CAE}) (Version: 1.1.18.1 - HP)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11003.3588 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4639 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1643.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.1.22 - Intel Corporation)
Intel® Integrated Sensor Solution (HKLM-x32\...\{dd334b4b-1f2c-4218-b16c-ad011caa7fe1}) (Version: 3.0.30.1111 - Intel Corporation)
ISS_Drivers_x64 (HKLM\...\{E9D9CF4A-A8B8-4566-86D5-CD3F13624E65}) (Version: 3.0.30.1111 - Intel Corporation) Hidden
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java SE Development Kit 8 Update 131 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180131}) (Version: 8.0.1310.11 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Logiciel pour périphérique à chipset Intel® (HKLM-x32\...\{aaa7f0fb-02dc-4576-beef-7d24842c5fbe}) (Version: 10.1.1.32 - Intel(R) Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft MPI (7.0.12437.8) (HKLM\...\{8499ACD3-C1E3-45AB-BF96-DA491727EBE1}) (Version: 7.0.12437.8 - Microsoft Corporation)
Microsoft Office Professionnel Plus 2016 - fr-fr (HKLM\...\ProPlusRetail - fr-fr) (Version: 16.0.9126.2116 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2877026338-1627563275-2490810601-1150\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60825 - Microsoft Corporation)
Microsoft Visual Studio 2015 Shell (Isolated) (HKLM-x32\...\{d2981c27-a434-4c9a-96c7-0209e97c4eac}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{ab213ab7-4792-4c6f-a3fa-8485d06c3475}) (Version: 14.0.23829 - Microsoft Corporation)
MicroStrategy Desktop (HKLM-x32\...\{61103EF9-50B5-4A3F-8208-245065A31D59}) (Version: 10.8.0042.0045 - MicroStrategy Incorporated)
MicroStrategy Hotfix 1 (HKLM-x32\...\{2CFFA6D2-052C-474D-8C4A-F96DC6B310FE}) (Version: 10.4.0 - MicroStrategy Incorporated)
MicroStrategy Office (HKLM-x32\...\{71E56631-121F-42DE-8371-0706F40360EA}) (Version: 10.4.0026.0049 - MicroStrategy Incorporated)
MicroStrategy Secure Enterprise (HKLM-x32\...\{8CCF3F6C-55B7-4A27-8C68-ADF21D0585A2}) (Version: 10.4.0 - MicroStrategy Incorporated)
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.60825 - Microsoft Corporation)
Mozilla Firefox 56.0 (x86 fr) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 fr)) (Version: 56.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
mRemoteNG (HKLM-x32\...\{A7703C62-3795-4262-BF05-50DC8F955168}) (Version: 1.75.7000.19194 - Next Generation Software)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Office Timeline (HKLM-x32\...\{FBBBEDE5-4139-4976-9916-D40DA8436482}) (Version: 3.15.1 - Office Timeline)
OpenOffice 4.1.3 (HKLM-x32\...\{3E1679DA-5081-44AA-B4C2-BF8EE7E107E0}) (Version: 4.13.9783 - Apache Software Foundation)
OpenVPN 2.3.11-I601 (HKLM\...\OpenVPN) (Version: 2.3.11-I601 - )
Oracle VM VirtualBox 5.1.30 (HKLM\...\{2F7790B1-72FA-426F-91B3-EBEAA30B1ABA}) (Version: 5.1.30 - Oracle Corporation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.2 - pdfforge GmbH)
PuTTY release 0.68 (HKLM-x32\...\PuTTY_is1) (Version: 0.68 - Simon Tatham)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.54 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21296 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8023 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.75 - REALTEK Semiconductor Corp.)
Slack (HKU\S-1-5-21-2877026338-1627563275-2490810601-1150\...\slack) (Version: 3.1.1 - Slack Technologies)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TreeSize Free V4.1.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.1.2 - JAM Software)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{61702639-6539-473A-8FE5-618E194C0069}) (Version: 2.7.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
WildTangent Games App pour HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.1.1.14 - WildTangent)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-2877026338-1627563275-2490810601-1150\...\ZoomUMX) (Version: 4.0 - Zoom Video Communications, Inc.)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-03-08] ()
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\windows\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\System32\DriverStore\FileRepository\ki124128.inf_amd64_a53720acf0e8395d\igfxDTCM.dll [2017-08-30] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {014150C2-D553-4F5A-9BA2-A85A71152332} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [2016-01-21] (HP Development Company, L.P.)
Task: {0AE7FD3E-0ABD-425B-B51C-BDE8EBB7F9F4} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [2016-10-04] (HP Inc.)
Task: {182BED3C-0552-45DE-BDD0-F3D1AF04CFB6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-12] (Microsoft Corporation)
Task: {18C42383-DC52-4C49-99EE-B3EF46E20937} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-05-19] (Piriform Ltd)
Task: {1A3EDC5C-A853-467F-8C02-4575D2D75627} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {2B79BAC3-B00C-424E-A9A3-163DB293AC4C} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202}
Task: {2C2058C8-CEAF-455C-9515-D6D635DF63AF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {2DEA31F9-B024-42B6-A2EF-2A8D024E8975} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {3DB1C628-80BA-47F5-8490-2585FCA6AD80} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-30] (Microsoft Corporation)
Task: {419CC795-0422-4012-958A-69E864891448} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {4A03DFF8-FE7C-4948-9575-7854B361C15D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-03-30] (Microsoft Corporation)
Task: {5339CE76-8926-48C4-8A81-CD72C91B7236} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant printer driver installation => C:\windows\TEMP\sp80926.exe <==== ATTENTION
Task: {562967D9-417C-418F-AF24-6AE481A86AAE} - System32\Tasks\HPCeeScheduleFortrinhvth => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {5B668FB6-E535-4D84-A657-55BFF61182BB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-30] (Microsoft Corporation)
Task: {687AB177-10AC-43F5-9B5F-FBCCD4F0A443} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-24] (Google Inc.)
Task: {68CA852B-7739-4612-ACF0-C3A26BF70366} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}
Task: {6A2374FC-2B6E-4B24-9696-F1C4455CAE57} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {70AA1136-2608-417A-BDC1-FE43520F1963} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-12] (Microsoft Corporation)
Task: {71C0B87D-C1D1-4D6A-BF32-8F768DC3403F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-02-07] (HP Inc.)
Task: {773AA802-C3AD-4A30-960A-5B4FFEB7B9D5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-02-07] (HP Inc.)
Task: {7F114BBA-0BCF-43E4-859B-2BF6175FF0E3} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-10-11] (Intel(R) Corporation)
Task: {88E79D77-6DDD-41BD-BAF3-D56A1F7125EB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {8A4985ED-8246-41FC-A145-7FEE24206BCE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-24] (Microsoft Corporation)
Task: {8AB686C5-DB77-48B0-97E1-785CA7C92B6B} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe [2016-08-05] ()
Task: {90DD8B0F-8506-4B3D-8026-B6EA3E4A4FF4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-24] (Microsoft Corporation)
Task: {97CB2A13-0465-44AF-B678-4077AA868DFB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-03-30] (Microsoft Corporation)
Task: {9ADEEA70-0B55-4A25-910D-989256821307} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-17] ()
Task: {9D320B80-A8B6-4599-B2C9-ADB786A85AD4} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-23] (Dropbox, Inc.)
Task: {A5751655-3238-4592-A69F-38FF18A7C97C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-12] (Microsoft Corporation)
Task: {ABCC122D-8D0E-493D-B7E8-0F12F9E4D21B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {B8352A03-2394-4ADB-B989-B1CE95059987} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-23] (Dropbox, Inc.)
Task: {E5BF1209-B097-4C6B-B233-B9B812042491} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-24] (Google Inc.)
Task: {EF384727-1BFB-4818-AE12-36B5890A9398} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-03-07] (HP Inc.)
Task: {F1D591BF-2CEE-477C-8499-2DD4F69F682E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-12] (Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleFortrinhvth.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
==================== Modules chargés (Avec liste blanche) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\windows\SYSTEM32\ism32k.dll
2018-03-14 14:02 - 2018-03-02 11:05 - 002681712 _____ () C:\windows\system32\CoreUIComponents.dll
2017-03-20 17:44 - 2017-03-20 17:44 - 000052392 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2017-03-08 04:42 - 2017-03-08 04:42 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-10-19 15:39 - 2016-10-19 15:39 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-28 11:40 - 2017-03-04 08:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2018-04-05 10:50 - 2018-04-05 10:50 - 001951800 _____ () C:\Users\trinhvth\AppData\Local\slack\app-3.1.1\ffmpeg.dll
2018-04-05 10:50 - 2018-04-05 10:50 - 000117304 _____ () \\?\C:\Users\trinhvth\AppData\Local\slack\app-3.1.1\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2018-04-05 10:50 - 2018-04-05 10:50 - 003430968 _____ () C:\Users\trinhvth\AppData\Local\slack\app-3.1.1\libglesv2.dll
2018-04-05 10:50 - 2018-04-05 10:50 - 000024632 _____ () C:\Users\trinhvth\AppData\Local\slack\app-3.1.1\libegl.dll
2018-04-05 10:50 - 2018-04-05 10:50 - 000408632 _____ () \\?\C:\Users\trinhvth\AppData\Local\slack\app-3.1.1\resources\app.asar.unpacked\node_modules\@slack\slack-calls-prebuilt\modules\@slack\slack-calls\build\Release\slack-calls.node
2018-04-05 10:50 - 2018-04-05 10:50 - 007595576 _____ () \\?\C:\Users\trinhvth\AppData\Local\slack\app-3.1.1\resources\app.asar.unpacked\node_modules\@slack\slack-calls-prebuilt\modules\@slack\slack-calls\build\Release\CallsCore.dll
2018-04-05 10:50 - 2018-04-05 10:50 - 001491512 _____ () \\?\C:\Users\trinhvth\AppData\Local\slack\app-3.1.1\resources\app.asar.unpacked\node_modules\@slack\slack-calls-prebuilt\modules\@slack\slack-calls\build\Release\boringssl.dll
2018-04-05 10:50 - 2018-04-05 10:50 - 000230968 _____ () \\?\C:\Users\trinhvth\AppData\Local\slack\app-3.1.1\resources\app.asar.unpacked\node_modules\@slack\slack-calls-prebuilt\modules\@slack\slack-calls\build\Release\protobuf_lite.dll
2018-04-05 10:50 - 2018-04-05 10:50 - 000164408 _____ () \\?\C:\Users\trinhvth\AppData\Local\slack\app-3.1.1\resources\app.asar.unpacked\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2018-04-05 10:50 - 2018-04-05 10:50 - 000490040 _____ () \\?\C:\Users\trinhvth\AppData\Local\slack\app-3.1.1\resources\app.asar.unpacked\node_modules\@paulcbetts\spellchecker\build\Release\spellchecker.node
2018-04-05 10:50 - 2018-04-05 10:50 - 000096312 _____ () \\?\C:\Users\trinhvth\AppData\Local\slack\app-3.1.1\resources\app.asar.unpacked\node_modules\@paulcbetts\system-idle-time\build\Release\system_idle_time.node
2018-04-04 09:39 - 2018-04-04 09:40 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-04-04 09:39 - 2018-04-04 09:40 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-04-04 09:39 - 2018-04-04 09:40 - 022050304 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-04-04 09:39 - 2018-04-04 09:40 - 002584576 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\skypert.dll
2018-03-23 10:55 - 2018-03-20 08:00 - 004435288 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libglesv2.dll
2018-03-23 10:55 - 2018-03-20 08:00 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libegl.dll
2018-03-28 11:11 - 2018-03-28 11:15 - 003041664 _____ () C:\Users\trinhvth\AppData\Roaming\ZHP\ZHPDiag3.exe
2017-05-23 14:52 - 2017-05-23 14:52 - 003918848 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1705.1301.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-03-16 12:12 - 2018-03-16 12:12 - 025843200 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Music.UI.exe
2018-03-16 12:12 - 2018-03-16 12:12 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-03-16 12:12 - 2018-03-16 12:12 - 006748672 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-12-01 14:47 - 2017-12-01 14:47 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2017-09-26 09:48 - 2017-09-26 09:49 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-03-16 12:12 - 2018-03-16 12:12 - 005527040 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Music.Visuals.dll
2018-03-14 14:01 - 2018-03-02 10:17 - 009761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-14 14:02 - 2018-03-02 10:11 - 001402368 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-03-14 14:02 - 2018-03-02 10:10 - 000757760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2018-03-14 14:01 - 2018-03-02 10:10 - 002424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2018-03-14 14:01 - 2018-03-02 10:13 - 004854272 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-04-24 16:44 - 2016-06-21 05:26 - 000061440 _____ () C:\Program Files (x86)\Common Files\MicroStrategy\HealthCenter\jars\zlib1.dll
2018-03-19 11:19 - 2018-03-19 11:19 - 000134656 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\91b2353b59715c500bc41d3f85386650\BRIDGECommon.ni.dll
2018-03-19 11:19 - 2018-03-19 11:19 - 000112128 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\BridgeExtension\fdeda1cadd429f2bf535ce25372b7ff0\BridgeExtension.ni.dll
2018-03-19 11:19 - 2018-03-19 11:19 - 000068608 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\NativeInterop\900ffcddfce4798a4dc8db345fc130ed\NativeInterop.ni.dll
2017-11-09 01:44 - 2017-11-09 01:44 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-04-10 10:55 - 2018-04-10 10:55 - 000098816 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\win32api.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000110080 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\pywintypes27.dll
2018-04-10 10:55 - 2018-04-10 10:55 - 000364544 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\pythoncom27.dll
2018-04-10 10:55 - 2018-04-10 10:55 - 000320512 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\win32com.shell.shell.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000914432 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\_hashlib.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 001176576 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\wx._core_.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000806400 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\wx._gdi_.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000816128 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\wx._windows_.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 001067008 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\wx._controls_.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000733184 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\wx._misc_.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000682496 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\pysqlite2._sqlite.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000088064 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\_ctypes.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000686080 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\unicodedata.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000119808 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\win32file.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000108544 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\win32security.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000007168 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\hashobjs_ext.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000017920 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\thumbnails_ext.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000088064 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\usb_ext.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000012800 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\common.time34.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000018432 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\win32event.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000167936 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\win32gui.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000046080 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\_socket.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 001303552 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\_ssl.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000128512 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\_elementtree.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000127488 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\pyexpat.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000038912 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\win32inet.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000036864 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\_psutil_windows.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000525208 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\windows._lib_cacheinvalidation.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000011264 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\win32crypt.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000123392 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\wx._wizard.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000077312 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\wx._html2.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000027648 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\_multiprocessing.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000020480 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\_yappi.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000035840 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\win32process.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000078848 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\wx._animate.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000024064 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\win32pipe.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000010240 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\select.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000025600 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\win32pdh.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000017408 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\win32profile.pyd
2018-04-10 10:55 - 2018-04-10 10:55 - 000022528 ____R () C:\Users\trinhvth\AppData\Local\Temp\_MEI56922\win32ts.pyd
2018-03-30 09:09 - 2018-03-28 16:31 - 000746312 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-03-30 09:09 - 2018-03-28 16:31 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-05-10 16:43 - 2018-03-28 16:30 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-05-10 16:43 - 2018-03-28 16:30 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-05-10 16:43 - 2018-03-28 16:33 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-05-10 16:43 - 2018-03-28 16:30 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-05-10 16:43 - 2018-03-28 16:30 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-05-10 16:43 - 2018-03-28 16:30 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 001856864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-03-30 09:09 - 2018-03-28 16:30 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-03-30 09:09 - 2018-03-28 16:31 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-05-10 16:43 - 2018-03-28 16:30 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-05-10 16:43 - 2018-03-28 16:33 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-05-10 16:43 - 2018-03-28 16:30 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-03-30 09:09 - 2018-03-28 16:31 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2018-03-30 09:09 - 2018-03-28 16:30 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-05-10 16:43 - 2018-03-28 16:30 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-05-10 16:43 - 2018-03-28 16:30 - 000114136 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-05-10 16:43 - 2018-03-28 16:33 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-05-10 16:43 - 2018-03-28 16:33 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-05-10 16:43 - 2018-03-28 16:30 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-05-10 16:43 - 2018-03-28 16:30 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-05-10 16:43 - 2018-03-28 16:30 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-05-10 16:43 - 2018-03-28 16:30 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-09-22 10:23 - 2018-03-28 16:30 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2017-05-10 16:43 - 2018-03-28 16:30 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-05-10 16:43 - 2018-03-28 16:30 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-09-09 10:59 - 2018-03-28 16:33 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2017-05-10 16:43 - 2018-03-28 16:33 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 001798464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-05-10 16:43 - 2018-03-28 16:30 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 001959232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 003863880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 000521544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-05-10 16:43 - 2018-03-28 16:33 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-05-10 16:43 - 2018-03-28 16:30 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-05-10 16:43 - 2018-03-28 16:33 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-05-10 16:43 - 2018-03-28 16:30 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-05-10 16:43 - 2018-03-28 16:33 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-05-10 16:43 - 2018-03-28 16:33 - 000087904 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-05-10 16:43 - 2018-03-28 16:30 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-05-10 16:43 - 2018-03-28 16:33 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-05-10 16:43 - 2018-03-28 16:33 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-05-10 16:43 - 2018-03-28 16:33 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-05-10 16:43 - 2018-03-28 16:30 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 000101704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-05-10 16:43 - 2018-03-28 16:33 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-03-30 09:09 - 2018-03-28 16:31 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-03-30 09:09 - 2018-03-28 16:32 - 000032608 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2018-03-30 09:09 - 2018-03-28 16:31 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2018-01-12 10:46 - 2018-03-28 16:33 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-05-10 16:43 - 2018-03-28 16:33 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-03-30 09:09 - 2018-03-28 16:32 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-05-10 16:43 - 2018-03-28 16:33 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 000546632 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 000359744 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2018-03-30 09:09 - 2018-03-28 16:32 - 000038216 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\Users\trinhvth\Downloads\nwcv15.ttf:com.dropbox.attributes [168]
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-2877026338-1627563275-2490810601-1150\...\localhost -> localhost
==================== Hosts contenu: ===============================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2016-07-16 13:47 - 2017-04-24 16:46 - 000000852 _____ C:\windows\system32\Drivers\etc\hosts
10.12.181.131 SBI-SQL-ETL
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-2877026338-1627563275-2490810601-1150\Control Panel\Desktop\\Wallpaper -> C:\Users\trinhvth\Desktop\20916-assassins-creed-revelations.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2877026338-1627563275-2490810601-1150\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2877026338-1627563275-2490810601-1150\...\StartupApproved\Run: => "Office Timeline Performance Helper"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{936646E9-6798-4422-AF95-A7B5C3D49031}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{9FE58BFE-F084-44E2-9033-A7353A0D0745}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{74BB5860-8F8C-49C5-AAB7-41E55590C8E2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{EFFD418E-C53C-4F47-B921-0D8287FF1F07}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{8BB50B1A-EBC8-4D06-94A2-39BFA992E2FB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{56C39B39-8F62-4428-81AF-A434B30B4C8C}] => (Allow) C:\Program Files\CyberLink\PowerDirector14\PDR10.EXE
FirewallRules: [{FD9CE1D0-4E27-4ACF-93CA-DC7F58A49647}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FBE93C8C-7752-4F9A-BE00-D5531AEE6348}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B56D234A-F623-4529-BDBD-A6D70F47223C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{ECFCC3CF-2D29-4B58-BD74-AADB3D49C4C8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{5462855B-6904-4F29-B93B-B79F4E1517FE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{00187169-A56D-4D07-BFB2-342ADF666179}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7F70F9E2-0A04-4A28-A580-668707BEFC45}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{872CEE01-186A-4506-A07B-DDAB63206356}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{E3DAD95D-A369-40C2-99DB-8DD722BFFA6E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9FE5AE33-514D-4C4D-9BB6-F305A8B6743C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{98754E70-9CD9-49D3-B750-FCB865FE7B28}] => (Allow) C:\Users\trinhvth\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FE670C30-2288-4AA7-A1A6-53EBD8C601F5}] => (Allow) C:\Users\trinhvth\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{3F5AD639-0EC1-4BED-B1EF-6AEE37B037D0}C:\program files\comicrack\comicrack.exe] => (Block) C:\program files\comicrack\comicrack.exe
FirewallRules: [UDP Query User{4B7CA0A8-6F66-4ED7-B15C-3F3446F73667}C:\program files\comicrack\comicrack.exe] => (Block) C:\program files\comicrack\comicrack.exe
FirewallRules: [TCP Query User{CE01F3A8-1BD0-4D6E-8950-F48863ED743D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{FEA2AF47-6492-401B-BEFC-5E26FCDB11A3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{084ACD25-D754-496A-AC42-9EB3784E7C23}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{75529EF7-8F75-4C8E-96C5-7770AF0270E1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{9EE87800-3AE8-49B0-AA6D-6B61376FA67B}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{C29DFE0A-43BD-4298-91D1-33B801B484C4}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [{46A2F456-6B61-4D09-923E-368156F12E9C}] => (Allow) C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe
FirewallRules: [{35F571FF-766A-4A03-9ABC-2CB03E0C37F1}] => (Allow) C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe
FirewallRules: [{C0EFF3B6-D285-49BE-BB56-27C8CEF54065}] => (Allow) C:\Program Files\Microsoft MPI\Bin\mpiexec.exe
FirewallRules: [{128D4907-E3B1-4DB3-9AC3-A6B24EA10E94}] => (Allow) C:\Program Files\Microsoft MPI\Bin\mpiexec.exe
FirewallRules: [{66D514B7-357B-4AE8-9FE9-CF26ECEFC4E5}] => (Allow) C:\Program Files\Microsoft MPI\Bin\smpd.exe
FirewallRules: [{4BA9D19B-FD66-47EB-BA84-C65DAF2EDCF6}] => (Allow) C:\Program Files\Microsoft MPI\Bin\smpd.exe
FirewallRules: [TCP Query User{2346C94B-3EEA-4D52-9441-1C2903BF0892}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [UDP Query User{9F748BEA-A653-4506-90FD-5E55318208C6}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [TCP Query User{25ECB7E3-BBA9-4000-BC01-97D2753F7273}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [UDP Query User{003C25A3-825E-4CC3-99A4-5DA02679BA75}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [{5CADD72E-7E19-4A2B-B240-1151FE7393C2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{557BEEBC-DE6B-401F-8E39-B0B2FBE34255}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe
FirewallRules: [UDP Query User{FED75D7B-39BB-4153-ADD9-D18FDD9A2443}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe
FirewallRules: [{5EF39350-6E3E-4685-BE8A-3A3B8F07C7C5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D4A86926-D3ED-471A-A449-1C8029F54718}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Points de restauration =========================
06-04-2018 17:55:20 Removed Informatica Mapping Template
10-04-2018 11:05:40 20180410 Avant Désinfection
==================== Éléments en erreur du Gestionnaire de périphériques =============
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (04/10/2018 11:05:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft.
System Error:
Accès refusé.
.
Error: (04/10/2018 10:47:42 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.11003.3588) TYPE: ERROR MODULE: DPTF TIME 10381 ms
DPTF Build Version: 8.2.11003.3588
DPTF Build Date: Jan 10 2017 09:52:34
Source File: ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 1002
Executing Function: PolicyBase::takeControlOfOsc
Message: Passive Policy 2: Failed to acquire OSC: Failure during execution of _OSC:
DPTF Build Version: 8.2.11003.3588
DPTF Build Date: Jan 10 2017 09:52:34
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 472
Executing Function: EsifServices::primitiveExecuteSet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Policy: Passive Policy 2 [1]
Error: (04/10/2018 10:43:29 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL » à la ligne 1.
L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé.
La référence est UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
La définition est UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (04/10/2018 10:41:17 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.11003.3588) TYPE: ERROR MODULE: DPTF TIME 10532 ms
DPTF Build Version: 8.2.11003.3588
DPTF Build Date: Jan 10 2017 09:52:34
Source File: ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 1002
Executing Function: PolicyBase::takeControlOfOsc
Message: Passive Policy 2: Failed to acquire OSC: Failure during execution of _OSC:
DPTF Build Version: 8.2.11003.3588
DPTF Build Date: Jan 10 2017 09:52:34
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 472
Executing Function: EsifServices::primitiveExecuteSet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Policy: Passive Policy 2 [1]
Error: (04/10/2018 10:39:49 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Échec de la procédure d’ouverture pour le service « BITS » dans la DLL « C:\Windows\System32\bitsperf.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur.
Error: (04/10/2018 10:37:50 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL » à la ligne 1.
L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé.
La référence est UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
La définition est UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (04/10/2018 10:32:37 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.11003.3588) TYPE: ERROR MODULE: DPTF TIME 10805 ms
DPTF Build Version: 8.2.11003.3588
DPTF Build Date: Jan 10 2017 09:52:34
Source File: ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 1002
Executing Function: PolicyBase::takeControlOfOsc
Message: Passive Policy 2: Failed to acquire OSC: Failure during execution of _OSC:
DPTF Build Version: 8.2.11003.3588
DPTF Build Date: Jan 10 2017 09:52:34
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 472
Executing Function: EsifServices::primitiveExecuteSet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Policy: Passive Policy 2 [1]
Error: (04/10/2018 09:50:50 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.11003.3588) TYPE: ERROR MODULE: DPTF TIME 13350 ms
DPTF Build Version: 8.2.11003.3588
DPTF Build Date: Jan 10 2017 09:52:34
Source File: ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 1002
Executing Function: PolicyBase::takeControlOfOsc
Message: Passive Policy 2: Failed to acquire OSC: Failure during execution of _OSC:
DPTF Build Version: 8.2.11003.3588
DPTF Build Date: Jan 10 2017 09:52:34
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 472
Executing Function: EsifServices::primitiveExecuteSet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Policy: Passive Policy 2 [1]
Erreurs système:
=============
Error: (04/10/2018 01:48:10 PM) (Source: Schannel) (EventID: 4114) (User: S-BI)
Description: Le certificat reçu du serveur distant a été émis par une autorité de certification non approuvée. En conséquence, aucune des données contenues dans le certificat ne peut être validée. Échec de la demande de connexion TLS. Les données associées contiennent le certificat de serveur.
Error: (04/10/2018 01:43:42 PM) (Source: Schannel) (EventID: 4114) (User: S-BI)
Description: Le certificat reçu du serveur distant a été émis par une autorité de certification non approuvée. En conséquence, aucune des données contenues dans le certificat ne peut être validée. Échec de la demande de connexion TLS. Les données associées contiennent le certificat de serveur.
Error: (04/10/2018 01:42:53 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (04/10/2018 01:39:26 PM) (Source: Schannel) (EventID: 4114) (User: S-BI)
Description: Le certificat reçu du serveur distant a été émis par une autorité de certification non approuvée. En conséquence, aucune des données contenues dans le certificat ne peut être validée. Échec de la demande de connexion TLS. Les données associées contiennent le certificat de serveur.
Error: (04/10/2018 01:36:04 PM) (Source: Schannel) (EventID: 4114) (User: S-BI)
Description: Le certificat reçu du serveur distant a été émis par une autorité de certification non approuvée. En conséquence, aucune des données contenues dans le certificat ne peut être validée. Échec de la demande de connexion TLS. Les données associées contiennent le certificat de serveur.
Error: (04/10/2018 01:33:13 PM) (Source: Schannel) (EventID: 4114) (User: S-BI)
Description: Le certificat reçu du serveur distant a été émis par une autorité de certification non approuvée. En conséquence, aucune des données contenues dans le certificat ne peut être validée. Échec de la demande de connexion TLS. Les données associées contiennent le certificat de serveur.
Error: (04/10/2018 01:31:05 PM) (Source: Schannel) (EventID: 4114) (User: S-BI)
Description: Le certificat reçu du serveur distant a été émis par une autorité de certification non approuvée. En conséquence, aucune des données contenues dans le certificat ne peut être validée. Échec de la demande de connexion TLS. Les données associées contiennent le certificat de serveur.
Error: (04/10/2018 01:29:29 PM) (Source: Schannel) (EventID: 4114) (User: S-BI)
Description: Le certificat reçu du serveur distant a été émis par une autorité de certification non approuvée. En conséquence, aucune des données contenues dans le certificat ne peut être validée. Échec de la demande de connexion TLS. Les données associées contiennent le certificat de serveur.
Windows Defender:
===================================
Date: 2018-04-10 10:55:47.143
Description:
Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/CoinMiner&threatid=2147672528&enterprise=0
Nom : Trojan:Win32/CoinMiner
ID : 2147672528
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_C:\Users\trinhvth\Dropbox\.dropbox.cache\~ee73cd30.tmp
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : S-BI\trinhvth
Nom du processus : C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
Version de la signature : AV: 1.265.352.0, AS: 1.265.352.0, NIS: 119.0.0.0
Version du moteur : AM: 1.1.14700.5, NIS: 2.1.14600.4
Date: 2018-04-10 10:42:16.083
Description:
Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/CoinMiner&threatid=2147672528&enterprise=0
Nom : Trojan:Win32/CoinMiner
ID : 2147672528
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_C:\Users\trinhvth\Dropbox\.dropbox.cache\~ee73cd30.tmp
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : S-BI\trinhvth
Nom du processus : C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
Version de la signature : AV: 1.265.352.0, AS: 1.265.352.0, NIS: 119.0.0.0
Version du moteur : AM: 1.1.14700.5, NIS: 2.1.14600.4
Date: 2018-04-10 10:37:55.430
Description:
Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/CoinMiner&threatid=2147672528&enterprise=0
Nom : Trojan:Win32/CoinMiner
ID : 2147672528
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_C:\Users\trinhvth\Dropbox\.dropbox.cache\~ee73cd30.tmp
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : S-BI\trinhvth
Nom du processus : C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
Version de la signature : AV: 1.265.352.0, AS: 1.265.352.0, NIS: 119.0.0.0
Version du moteur : AM: 1.1.14700.5, NIS: 2.1.14600.4
Date: 2018-04-10 10:32:05.386
Description:
L’analyse Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {38D32FF7-8C2E-41EC-87BD-C0B522028D58}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse complète
Utilisateur : S-BI\trinhvth
Date: 2018-04-10 09:52:08.206
Description:
Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/CoinMiner&threatid=2147672528&enterprise=0
Nom : Trojan:Win32/CoinMiner
ID : 2147672528
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_C:\Users\trinhvth\Dropbox\.dropbox.cache\~ee73cd30.tmp
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : S-BI\trinhvth
Nom du processus : C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
Version de la signature : AV: 1.265.318.0, AS: 1.265.318.0, NIS: 119.0.0.0
Version du moteur : AM: 1.1.14700.5, NIS: 2.1.14600.4
Date: 2018-03-21 11:33:21.569
Description:
Windows Defender a rencontré une erreur lors d la mise à jour des signatures.
Nouvelle version de la signature :
Version précédente de la signature : 1.263.830.0
Source de mise à jour : Serveur Microsoft Update
Type de signature : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.14600.4
Code d’erreur : 0x80240022
Description de l’erreur : Le programme ne peut pas rechercher les mises à jour de définitions.
Date: 2018-03-21 11:33:21.568
Description:
Windows Defender a rencontré une erreur lors d la mise à jour des signatures.
Nouvelle version de la signature :
Version précédente de la signature : 1.263.830.0
Source de mise à jour : Serveur Microsoft Update
Type de signature : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.14600.4
Code d’erreur : 0x80240022
Description de l’erreur : Le programme ne peut pas rechercher les mises à jour de définitions.
CodeIntegrity:
===================================
Date: 2018-03-28 11:10:46.736
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-03-28 11:10:46.735
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-03-20 10:44:56.030
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-03-12 20:10:44.792
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-03-12 20:10:44.789
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-01-21 16:39:02.338
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-01-21 16:39:02.336
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Pourcentage de mémoire utilisée: 58%
Mémoire physique - RAM - totale: 8064.57 MB
Mémoire physique - RAM - disponible: 3326.55 MB
Mémoire virtuelle totale: 13440.57 MB
Mémoire virtuelle disponible: 7641.81 MB
==================== Lecteurs ================================
Drive c: (Windows) (Fixed) (Total:222.04 GB) (Free:26.77 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:15.2 GB) (Free:1.56 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
Drive f: (KINGSTON) (Removable) (Total:7.22 GB) (Free:7.03 GB) NTFS
\\?\Volume{b99c2494-99c8-4bf3-8d61-a3e83d64eece}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.62 GB) NTFS
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: A50E1C7D)
Partition: GPT.
========================================================
Disk: 1 (Size: 7.2 GB) (Disk ID: 15F3682A)
Partition 1: (Not Active) - (Size=7.2 GB) - (Type=07 NTFS)
==================== Fin de Addition.txt ============================