Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Exécuté par mrtho (05-08-2018 21:09:37)
Exécuté depuis C:\Users\mrtho\Downloads
Windows 10 Home Version 1709 16299.371 (X64) (2017-12-06 19:24:09)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-3728115668-3251098077-3353745527-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3728115668-3251098077-3353745527-503 - Limited - Disabled)
Invité (S-1-5-21-3728115668-3251098077-3353745527-501 - Limited - Disabled)
mrtho (S-1-5-21-3728115668-3251098077-3353745527-1001 - Administrator - Enabled) => C:\Users\mrtho
WDAGUtilityAccount (S-1-5-21-3728115668-3251098077-3353745527-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Aria Maestosa 1.4.13 (HKLM-x32\...\Aria Maestosa_is1) (Version: - )
Audacity 2.2.0 (HKLM-x32\...\Audacity_is1) (Version: 2.2.0 - Audacity Team)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.55.31997 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Capstan 1.3.0 (x64) (HKLM\...\{F8273C2C-7F9E-4551-B327-A50CC2FCFEB7}) (Version: 01.03.0004 - Celemony Software GmbH)
Dashlane (HKU\S-1-5-21-3728115668-3251098077-3353745527-1001\...\Dashlane) (Version: 6.0.2.11187 - Dashlane, Inc.)
Discord (HKU\S-1-5-21-3728115668-3251098077-3353745527-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.1.0 - IObit)
Epic Games Launcher (HKLM-x32\...\{CB32E1D1-1875-4374-AE66-4785FDE247CA}) (Version: 1.1.134.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FileZilla Client 3.34.0 (HKLM-x32\...\FileZilla Client) (Version: 3.34.0 - Tim Kosse)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Java 8 Update 161 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418071F0}) (Version: 8.0.710.15 - Oracle Corporation)
K-Lite Codec Pack 13.6.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.6.5 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\{892DB406-ADF8-4C30-9840-8438AF5B8763}) (Version: 2.2.0.607 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.607 - LogMeIn, Inc.)
LoopBe30 Trial - Internal MIDI Ports (HKLM-x32\...\LoopBe30 Trial) (Version: - )
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.7.208 - McAfee, Inc.)
Microsoft Office Standard 2016 (HKLM\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3728115668-3251098077-3353745527-1001\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MorphVOX Pro (HKLM-x32\...\{DE289787-7ECA-4BED-9D8C-99FAC407E3D6}) (Version: 4.3.13 - Screaming Bee)
Mozilla Firefox 61.0.1 (x64 fr) (HKLM\...\Mozilla Firefox 61.0.1 (x64 fr)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
Mumble 1.2.19 (HKLM-x32\...\{9BCF5203-72BB-4425-A391-83BF298EF376}) (Version: 1.2.19 - Thorvald Natvig)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.1.3 - OBS Project)
OpenIV (HKU\S-1-5-21-3728115668-3251098077-3353745527-1001\...\OpenIV) (Version: 2.9.2.932 - .black/OpenIV Team)
OpenOffice 4.1.4 (HKLM-x32\...\{DAEDCAF7-E42C-41E1-822C-33658A2C6EAD}) (Version: 4.14.9788 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.24.5022 - Electronic Arts, Inc.)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Panneau de configuration NVIDIA 397.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 397.64 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8372 - Realtek Semiconductor Corp.)
ROCCAT Swarm (HKLM-x32\...\{32C24F2E-923F-49C1-8E60-2B3DC5482255}) (Version: 1.93.000 - ROCCAT GmbH) Hidden
ROCCAT Swarm (HKLM-x32\...\InstallShield_{32C24F2E-923F-49C1-8E60-2B3DC5482255}) (Version: 1.93.000 - ROCCAT GmbH)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.8 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.9.3 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.9.3 - General Workings, Inc.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.10 - TeamSpeak Systems GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{479E8CC7-CD68-4EB4-BB04-34A5C2C74102}) (Version: 2.46.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-3728115668-3251098077-3353745527-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-146438554A07}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-3728115668-3251098077-3353745527-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-12-05] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-05-07] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0BF235D4-0E20-413D-9A8D-533EBA754625} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {3E7951B6-59CA-45D9-81D9-76CCCA63C550} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-11-09] ()
Task: {596F422F-49F1-4E9A-8CD9-271FCD2A698E} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\5.1.0\Scheduler.exe [2017-10-24] (IObit)
Task: {5E19BF44-B05F-4691-913E-069C5778F376} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe
Task: {78A961A3-BE4A-4F9F-ACC6-5911F142C232} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-06] (Google Inc.)
Task: {7E278416-A725-4517-9B99-EBA3B574BD2A} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-mrthoms007@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {8CB4734F-2D1D-4412-8E6D-0A7585FC4E74} - System32\Tasks\Driver Booster SkipUAC (mrtho) => C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DriverBooster.exe [2017-11-16] (IObit)
Task: {955C21CF-66C9-49DF-85E6-748837D19B42} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {9B1F74DC-3318-4CBB-ADEC-7914208D517E} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-mrthoms007@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {9EDEE1A8-2871-4035-A7DD-12A26F46AF95} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {AE40F72F-A47A-41C9-BBDB-2E34B1C45719} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
Task: {C6CB0DA0-8448-4A1D-8B4E-CB162191190B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {D826E30D-2E05-42DD-AFCB-B31B3C74588D} - System32\Tasks\S-1-5-21-3728115668-3251098077-3353745527-1001\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation)
Task: {F6BE4C57-16F7-42C7-9219-AAE39A745BBB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-06] (Google Inc.)
Task: {F90A2FFA-CA69-42AE-934C-85D4B113D67B} - System32\Tasks\ROCCAT DEVICE SERVICE => C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_dev_service.exe [2018-02-12] (ROCCAT)
Task: {FFEE269C-9C90-4EBA-AADC-EBB4A96FF9E4} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2018-07-16] (Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
==================== Modules chargés (Avec liste blanche) ==============
2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\Windows\SYSTEM32\inputhost.dll
2018-05-29 17:42 - 2018-05-29 17:42 - 000076152 _____ () C:\Windows\system32\PnkBstrA.exe
2017-09-26 03:52 - 2017-09-26 03:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-03-14 13:44 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-14 13:44 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-29 08:23 - 2018-07-29 08:24 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-29 08:23 - 2018-07-29 08:24 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-29 08:23 - 2018-07-29 08:25 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-29 08:23 - 2018-07-29 08:24 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-07-29 08:23 - 2018-07-29 08:24 - 000653824 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-05-08 14:18 - 2018-07-19 08:59 - 000021824 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
2018-06-26 16:57 - 2018-06-22 21:15 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libglesv2.dll
2018-06-26 16:57 - 2018-06-22 21:15 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libegl.dll
2018-08-05 18:47 - 2018-08-05 18:45 - 003157376 _____ () C:\Users\mrtho\AppData\Roaming\ZHP\ZHPDiag3.exe
2017-09-29 15:41 - 2017-09-29 15:41 - 000030208 _____ () C:\Windows\system32\Windows.WARP.JITService.exe
2017-12-06 22:58 - 2018-07-21 23:07 - 000854304 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-12-06 22:58 - 2018-08-02 01:37 - 002644768 _____ () C:\Program Files (x86)\Steam\video.dll
2017-12-06 22:58 - 2016-09-01 03:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-12-14 16:22 - 2017-12-20 03:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-14 16:22 - 2017-12-20 03:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2017-12-14 16:22 - 2017-12-20 03:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-14 16:22 - 2017-12-20 03:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2017-12-14 16:22 - 2017-12-20 03:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2017-12-06 22:58 - 2016-09-01 03:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-12-06 22:58 - 2016-09-01 03:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-12-06 22:58 - 2018-08-02 01:37 - 001015072 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-12-06 22:58 - 2016-07-05 00:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2018-01-24 09:39 - 2018-06-19 11:02 - 000015360 _____ () C:\Program Files (x86)\Origin\libEGL.DLL
2018-01-24 09:39 - 2018-06-19 11:02 - 003090944 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2017-12-06 23:02 - 2018-07-21 23:07 - 000854304 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-12-06 23:02 - 2018-07-21 00:24 - 083524896 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-12-06 23:02 - 2018-07-21 00:24 - 002253600 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libglesv2.dll
2017-12-06 23:02 - 2018-07-21 00:24 - 000109856 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libegl.dll
2017-12-06 22:58 - 2018-07-03 23:58 - 000137504 _____ () C:\Program Files (x86)\Steam\winh264.dll
2016-12-14 17:47 - 2018-01-07 10:13 - 068505088 _____ () C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libcef.dll
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\Users\Public\AppData:CSM [484]
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
==================== Hosts contenu: ===============================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2017-09-29 15:46 - 2018-08-05 19:12 - 000002109 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-3728115668-3251098077-3353745527-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mrtho\Desktop\fond.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
HKLM\...\StartupApproved\StartupFolder: => "ROCCAT Swarm Monitor.lnk"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-3728115668-3251098077-3353745527-1001\...\StartupApproved\Run: => "Dashlane"
HKU\S-1-5-21-3728115668-3251098077-3353745527-1001\...\StartupApproved\Run: => "DashlanePlugin"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{5B5B851A-C2F5-4424-A29B-0339AC2105B4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DriverBooster.exe
FirewallRules: [{04A9792E-1180-4C9E-8B4A-AD37D8DF3D72}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DriverBooster.exe
FirewallRules: [{EAE910CD-EE51-474D-965F-7BCEC88F1DB7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DBDownloader.exe
FirewallRules: [{2C079478-570A-4804-96F7-CDEACB980282}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DBDownloader.exe
FirewallRules: [{172EAB25-50CD-4371-870D-7FE09A5964DF}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\AutoUpdate.exe
FirewallRules: [{1B92AA2D-A5D7-43A0-BA54-67142A2C5A3B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\AutoUpdate.exe
FirewallRules: [{ED5C8804-12C3-49CC-939E-9663D1AE5840}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{651F665C-F131-4B79-852D-C090279E3656}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E76797E9-1C59-4B64-8C05-8977E6714279}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5D7B62D2-35DD-4C22-8663-8D70FD03DB9B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A8F31A00-21DF-4974-99F8-25DE65379036}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{DEE1C60F-F231-4D99-BD5A-173C37738B8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{182B1D92-0559-4BC6-94EA-D213FC850880}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{106849C5-0647-4D3D-8987-07E56ABA1B9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2C6BA98D-78BA-45A0-9856-7D2041AC758A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{71066CFD-B9A3-4193-A71B-84BD6005BD41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [TCP Query User{0C94ABEF-3734-4B40-8763-4F9D676BBCA1}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{0B585A7F-A00B-4C0B-AEE2-3586414907C8}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{8D5882B9-9823-4CED-88BB-BDC1BF748CF5}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{6E2709BA-F4C8-4931-B29D-911365015FC8}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{AF797722-A79C-4914-8BDC-BC9BD06F771F}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{0B3D0B02-A701-47AD-96AE-E145DFF07330}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{F3715A40-AD80-4809-874B-A991654A06D6}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Allow) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe
FirewallRules: [UDP Query User{DC5DD3D5-ED15-43C4-BA90-20B63839F065}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Allow) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe
FirewallRules: [{78C58A50-06CB-497E-9F1F-2AD75407D26D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{957127AC-AB71-4F39-BF42-BA1B83D7BFE4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{D4F8DB9D-B70D-452A-8901-5E209ED892D5}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{722A2483-1C39-4C1C-9EBD-29A95C2F531D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{9A0AE5F1-7038-476A-9BB9-0B749CB61748}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{7477DD29-73FE-48EC-A752-9E51A9413D15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [TCP Query User{54FA4C2A-3069-4919-AFA1-B4A19F2B7361}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{4FC7B66C-5859-4ED8-BF73-0DBC732BA6BB}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{B37A6BCC-8347-4935-8063-175F9CF6D5C6}C:\programdata\oracle\java\javapath_target_4230093\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_4230093\java.exe
FirewallRules: [UDP Query User{70CC2B64-3F74-4AC8-A775-4DE0FB2AA398}C:\programdata\oracle\java\javapath_target_4230093\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_4230093\java.exe
FirewallRules: [{7CA400CD-8213-48A3-92C6-70F2B5187043}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{9169267F-DAB7-47AA-8412-C5D920717F9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{D7C44DBC-2F84-44AF-9DD4-E15D5490A965}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{49C74E26-D61B-4FE6-86A4-C8F922032F6F}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{E0CB8A56-0528-4B42-B68B-3E3EF4071245}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{6AC6F8E2-08D9-4152-B67C-DB4178AFF03A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{337E7CB3-EC0A-4DCD-A731-50CC0FEE391F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{E7D5C625-0EEF-40E5-94B6-F9B62EECF5D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{8751CCE2-6470-49B8-91F0-62D1D97D7F71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{BB8CEC1B-80B4-4D21-A32C-5CED937184B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [TCP Query User{24F01073-DAEA-4C09-8EF2-1DCE9CF0ED52}C:\users\mrtho\appdata\local\fivem\fivem.exe] => (Allow) C:\users\mrtho\appdata\local\fivem\fivem.exe
FirewallRules: [UDP Query User{A522CFB0-7099-42BC-B713-3C4121EB047F}C:\users\mrtho\appdata\local\fivem\fivem.exe] => (Allow) C:\users\mrtho\appdata\local\fivem\fivem.exe
FirewallRules: [{8FB4B9A8-1E14-4184-AE3F-00F22E743409}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{AF2B6263-9A5F-452D-B321-9C4FA41699E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{1CF62482-13E9-4500-AEDC-D34A60D1B9E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E7073B37-37AA-48A9-8B60-CBE0FE35B8F9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{33D5291A-7A7B-4965-9ED1-12B5ED15CE5C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{15D1D6C8-BADE-43CE-894A-BD7734608C32}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E8F6ABA4-E47A-4A18-99BC-558B1ECDA18C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{307B8D1C-E006-4475-A135-51E7CC809FEB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8EF77FA2-B639-454A-836C-E1F6DF59B503}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{495BC2D7-2C11-4FC0-AF7F-7D27F5E2FC51}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{74279C37-8EB3-4E0C-8923-E3BE7DE45DB9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{C854FF35-0B02-425D-A460-B7B5159CB5A5}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{8C08C024-41C2-49AF-BB05-F941A549E10E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\SCPSL.exe
FirewallRules: [{FFD97FA4-4A7D-436B-AED5-218969545AA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\SCPSL.exe
FirewallRules: [{D8EB0929-ADD5-419D-B5CA-B70085BDE1E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\LocalAdmin.exe
FirewallRules: [{0966121A-1619-42A2-9FF5-2B7758CCCBD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\LocalAdmin.exe
FirewallRules: [{71EB7399-DE5B-4FA1-B03B-DA1B39BDA409}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe
FirewallRules: [{644E6A78-4525-46F4-A4FD-29EC107AEB73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe
FirewallRules: [{55D26FFC-A1B8-44AB-9331-51FB68A7C9D5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FF882D0C-7243-494B-A39F-2EDD231CA578}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DDEE73A0-FE5D-4B80-8DA3-2EB20E4E72AB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A6A28078-7CEB-4189-8B39-F8F4FDD3BBC8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0A8C752E-F660-4206-A3AD-0C0EBBE2C00B}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{A099E9CF-16F5-4C09-B3E9-2E10D61D9EFC}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{038DC11C-B400-4E62-9666-CCC86B81B785}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{583A578A-46E2-40D3-81A8-C678882B8FA1}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{0F51D4AC-4E3A-4A9D-98C8-4D308B2CD59F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{F9FA6F79-E29F-412E-AD04-532976911896}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [TCP Query User{095B0CD6-8F63-43AD-84D5-4AEA43388D28}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{51D17B37-B834-425C-B8C4-42B6A9FA1154}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{997C4A7E-7561-4EE3-BD1A-046716C2A945}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{24FC0710-3C05-471E-AE91-EB64B6C18926}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{0C76A5F1-5E1F-4ECC-AAC8-4592FE8F930E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{AE64774B-4B97-4605-91A5-B8A5BE33BB1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{248E0694-B4CC-4A12-AE4E-056BF6E40436}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe
FirewallRules: [{76707EDA-B39D-4383-94E4-CB0DDBC039B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe
FirewallRules: [{4DB4CB1D-FA5C-4549-AD68-A97815ACFFBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{7A971BC5-26A2-493E-AAE9-B255E4CFB8E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{B482DE12-D595-4254-BD22-03443560C0B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{C4845A4B-561C-43B9-A655-C20618939E0E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [TCP Query User{6A26CEE7-D08D-44CB-8D6A-6ED32ED16A06}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Block) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe
FirewallRules: [UDP Query User{212F1013-49E2-4F51-AB93-3BD4990A79EC}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Block) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe
FirewallRules: [TCP Query User{8B299C1B-CF80-4B60-A206-3BEE0E05BC23}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{9803D688-E882-4F07-96C2-83B88931A590}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{B29CA197-E0DB-4282-9F8F-AFAF04E9065F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{799EE586-23B8-47D5-8198-7101B3899DE8}C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [UDP Query User{9AAEEBE9-0C90-4CCA-B629-279DE24704B2}C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [TCP Query User{AA16CAD6-9B1D-4011-82F4-651DC522A250}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{6BC12089-AC3E-4BAB-BF7F-0814AD121993}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{58A5B4AE-6480-4F9B-B451-2FC3E3C7FDF6}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{3BD6B112-D9B3-4627-8CC1-CD582A5A88EA}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{1F863989-49FD-46B5-BCCC-9050B29C2E19}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{D131D6C3-3242-4F42-AC44-B682C1DCEE27}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [TCP Query User{23BCB885-E83B-4141-B63C-A5C4F8CB7E21}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{58B2E24E-6832-4855-81DC-9616AFF546AF}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [{0E2755B0-5AB6-4F77-977B-60C878A8FA88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dayofinfamy\dayofinfamy_BE.exe
FirewallRules: [{B989A859-C0B7-4761-865A-DB9141A61233}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dayofinfamy\dayofinfamy_BE.exe
FirewallRules: [TCP Query User{5E679E0F-7861-40E6-8704-90B0BEE51D10}C:\program files (x86)\steam\steamapps\common\dayofinfamy\dayofinfamy_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayofinfamy\dayofinfamy_x64.exe
FirewallRules: [UDP Query User{2A89834D-AC1D-499B-A4D1-72EEAD32B117}C:\program files (x86)\steam\steamapps\common\dayofinfamy\dayofinfamy_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayofinfamy\dayofinfamy_x64.exe
FirewallRules: [{FE8ACE04-5113-4875-9CF5-83BDD66917D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jurassic World Evolution\JWE.exe
FirewallRules: [{CF0D16CD-06F8-4E3D-9623-E001B45A5581}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jurassic World Evolution\JWE.exe
FirewallRules: [{C7C8AC5D-3C4E-4322-8CB6-3068D8DDBBE2}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{7B874651-F498-4F1A-869B-C77EAE165005}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
==================== Points de restauration =========================
==================== Éléments en erreur du Gestionnaire de périphériques =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Display
Description: Display
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (08/05/2018 09:00:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Audacity\audacity.exe ». Erreur dans le fichier de manifeste ou de stratégie « » à la ligne .
Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.371_none_15c7d1789365a290.manifest.
Composant 2 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.371_none_5d75084fa7e1cb96.manifest.
Error: (08/05/2018 08:52:13 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x8007232B
Arguments de la ligne de commande :
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (08/05/2018 08:52:10 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x8007232B
Arguments de la ligne de commande :
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (08/05/2018 08:46:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, Descripteur non valide
.
Opération :
Opération asynchrone en cours d’exécution
Contexte :
État actuel: DoSnapshotSet
Error: (08/05/2018 08:44:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddCorePnPFiles : Enumerating driver store published INFs failed.
System Error:
Le Registre de configuration est endommagé.
.
Error: (08/05/2018 07:17:45 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x8007232B
Arguments de la ligne de commande :
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (08/05/2018 07:17:43 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x8007232B
Arguments de la ligne de commande :
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (08/05/2018 06:19:55 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x8007232B
Arguments de la ligne de commande :
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Erreurs système:
=============
Error: (08/05/2018 09:01:47 PM) (Source: DCOM) (EventID: 10016) (User: THOMAS)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID THOMAS\mrtho de l’utilisateur (S-1-5-21-3728115668-3251098077-3353745527-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (08/05/2018 08:52:35 PM) (Source: DCOM) (EventID: 10016) (User: THOMAS)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID THOMAS\mrtho de l’utilisateur (S-1-5-21-3728115668-3251098077-3353745527-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (08/05/2018 08:52:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Origin Web Helper Service n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (08/05/2018 08:52:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Origin Web Helper Service.
Error: (08/05/2018 08:51:24 PM) (Source: DCOM) (EventID: 10016) (User: THOMAS)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID THOMAS\mrtho de l’utilisateur (S-1-5-21-3728115668-3251098077-3353745527-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (08/05/2018 08:50:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Origin Web Helper Service n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (08/05/2018 08:50:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Origin Web Helper Service.
Error: (08/05/2018 08:49:25 PM) (Source: DCOM) (EventID: 10010) (User: THOMAS)
Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Windows Defender:
===================================
Date: 2017-12-06 20:46:17.680
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nom : HackTool:Win32/AutoKMS
ID : 2147685180
Gravité : Moyenne
Catégorie : Outil
Chemin : file:_C:\ProgramData\KMSAutoS\bin\KMSSS.exe;file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe;file:_C:\Windows\System32\Tasks\KMSAutoNet;regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D1142CA-E729-469B-9A47-BCC51C0891FB};regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KMSAutoNet;taskscheduler:_C:\Windows\System32\Tasks\KMSAutoNet
Origine de la détection : Ordinateur local
Type de détection : Chemin rapide
Source de détection : Système
Utilisateur : AUTORITE NT\Système
Nom du processus : Unknown
Version de la signature : AV: 1.251.42.0, AS: 1.251.42.0, NIS: 116.1.0.0
Version du moteur : AM: 1.1.14104.0, NIS: 2.1.13804.0
Date: 2017-12-06 20:44:31.156
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nom : HackTool:Win32/AutoKMS
ID : 2147685180
Gravité : Moyenne
Catégorie : Outil
Chemin : file:_C:\ProgramData\KMSAutoS\bin.dat;file:_C:\ProgramData\KMSAutoS\bin\KMSSS.exe;file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe;file:_C:\ProgramData\KMSAuto\bin.dat;file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe;file:_C:\ProgramData\KMSAuto\KMSAuto Net.exe;file:_D:\Perso\Windows 10 free\KMSAuto Net.exe;process:_pid:3364,ProcessStart:131570629437120347;process:_pid:4372,ProcessStart:131570629412382708;process:_pid:7908,ProcessStart:131570627153934697;process:_pid:8308,ProcessStart:131570629481210433;process:_pid:9424,ProcessStart:131570628499482615
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : DESKTOP-S53LC7A\mrtho
Nom du processus : C:\Windows\System32\conhost.exe
Version de la signature : AV: 1.251.42.0, AS: 1.251.42.0, NIS: 116.1.0.0
Version du moteur : AM: 1.1.14104.0, NIS: 2.1.13804.0
Date: 2017-12-06 20:44:30.917
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nom : HackTool:Win32/AutoKMS
ID : 2147685180
Gravité : Moyenne
Catégorie : Outil
Chemin : file:_C:\ProgramData\KMSAutoS\bin.dat;file:_C:\ProgramData\KMSAutoS\bin\KMSSS.exe;file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe;file:_C:\ProgramData\KMSAuto\bin.dat;file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe;file:_C:\ProgramData\KMSAuto\KMSAuto Net.exe;file:_D:\Perso\Windows 10 free\KMSAuto Net.exe;process:_pid:3364,ProcessStart:131570629437120347;process:_pid:4372,ProcessStart:131570629412382708;process:_pid:7908,ProcessStart:131570627153934697;process:_pid:8308,ProcessStart:131570629481210433;process:_pid:9424,ProcessStart:131570628499482615
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : DESKTOP-S53LC7A\mrtho
Nom du processus : C:\Windows\System32\conhost.exe
Version de la signature : AV: 1.251.42.0, AS: 1.251.42.0, NIS: 116.1.0.0
Version du moteur : AM: 1.1.14104.0, NIS: 2.1.13804.0
Date: 2017-12-06 20:44:30.685
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nom : HackTool:Win32/AutoKMS
ID : 2147685180
Gravité : Moyenne
Catégorie : Outil
Chemin : file:_C:\ProgramData\KMSAutoS\bin.dat;file:_C:\ProgramData\KMSAutoS\bin\KMSSS.exe;file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe;file:_C:\ProgramData\KMSAuto\bin.dat;file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe;file:_C:\ProgramData\KMSAuto\KMSAuto Net.exe;file:_D:\Perso\Windows 10 free\KMSAuto Net.exe;process:_pid:3364,ProcessStart:131570629437120347;process:_pid:4372,ProcessStart:131570629412382708;process:_pid:7908,ProcessStart:131570627153934697;process:_pid:8308,ProcessStart:131570629481210433;process:_pid:9424,ProcessStart:131570628499482615
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : DESKTOP-S53LC7A\mrtho
Nom du processus : C:\Windows\System32\conhost.exe
Version de la signature : AV: 1.251.42.0, AS: 1.251.42.0, NIS: 116.1.0.0
Version du moteur : AM: 1.1.14104.0, NIS: 2.1.13804.0
Date: 2017-12-06 20:44:30.446
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nom : HackTool:Win32/AutoKMS
ID : 2147685180
Gravité : Moyenne
Catégorie : Outil
Chemin : file:_C:\ProgramData\KMSAutoS\bin.dat;file:_C:\ProgramData\KMSAutoS\bin\KMSSS.exe;file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe;file:_C:\ProgramData\KMSAuto\bin.dat;file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe;file:_C:\ProgramData\KMSAuto\KMSAuto Net.exe;file:_D:\Perso\Windows 10 free\KMSAuto Net.exe;process:_pid:3364,ProcessStart:131570629437120347;process:_pid:4372,ProcessStart:131570629412382708;process:_pid:7908,ProcessStart:131570627153934697;process:_pid:8308,ProcessStart:131570629481210433;process:_pid:9424,ProcessStart:131570628499482615
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : DESKTOP-S53LC7A\mrtho
Nom du processus : C:\Windows\System32\conhost.exe
Version de la signature : AV: 1.251.42.0, AS: 1.251.42.0, NIS: 116.1.0.0
Version du moteur : AM: 1.1.14104.0, NIS: 2.1.13804.0
CodeIntegrity:
===================================
Date: 2018-07-02 12:14:00.291
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SoftwareDistribution\Download\e6d6e0b5c0395b10e0b7d0c2e422acce\amd64_Microsoft-Windows-Client-Features-Package~~AMD64~~10.0.17134.1\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_10.0.17134.1_none_ffc0ea0a1b433c2b\wscadminui.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-07-02 12:14:00.276
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SoftwareDistribution\Download\e6d6e0b5c0395b10e0b7d0c2e422acce\amd64_Microsoft-Windows-Client-Features-Package~~AMD64~~10.0.17134.1\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_10.0.17134.1_none_ffc0ea0a1b433c2b\wscadminui.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-07-02 12:12:32.462
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SoftwareDistribution\Download\e6d6e0b5c0395b10e0b7d0c2e422acce\amd64_Microsoft-Windows-Client-Features-Package~~AMD64~~10.0.17134.1\amd64_windows-devices-perception_31bf3856ad364e35_10.0.17134.1_none_aaf6267cfd4620ce\windows.devices.perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-07-02 12:12:32.436
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SoftwareDistribution\Download\e6d6e0b5c0395b10e0b7d0c2e422acce\amd64_Microsoft-Windows-Client-Features-Package~~AMD64~~10.0.17134.1\amd64_windows-devices-perception_31bf3856ad364e35_10.0.17134.1_none_aaf6267cfd4620ce\windows.devices.perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-07-02 12:11:17.526
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SoftwareDistribution\Download\e6d6e0b5c0395b10e0b7d0c2e422acce\amd64_Microsoft-Windows-Client-Features-Package~~AMD64~~10.0.17134.1\amd64_microsoft-windows-utilman_31bf3856ad364e35_10.0.17134.1_none_e82a3c469a67b4bc\utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-07-02 12:11:17.500
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SoftwareDistribution\Download\e6d6e0b5c0395b10e0b7d0c2e422acce\amd64_Microsoft-Windows-Client-Features-Package~~AMD64~~10.0.17134.1\amd64_microsoft-windows-utilman_31bf3856ad364e35_10.0.17134.1_none_e82a3c469a67b4bc\utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-07-02 12:10:29.907
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SoftwareDistribution\Download\e6d6e0b5c0395b10e0b7d0c2e422acce\amd64_Microsoft-Windows-Client-Features-Package~~AMD64~~10.0.17134.1\amd64_microsoft-windows-security-spp-ux-dlg_31bf3856ad364e35_10.0.17134.1_none_83d7cfcf4329e9be\upgraderesultsui.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-07-02 12:10:29.891
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SoftwareDistribution\Download\e6d6e0b5c0395b10e0b7d0c2e422acce\amd64_Microsoft-Windows-Client-Features-Package~~AMD64~~10.0.17134.1\amd64_microsoft-windows-security-spp-ux-dlg_31bf3856ad364e35_10.0.17134.1_none_83d7cfcf4329e9be\upgraderesultsui.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz
Pourcentage de mémoire utilisée: 51%
Mémoire physique - RAM - totale: 8151.96 MB
Mémoire physique - RAM - disponible: 3978.2 MB
Mémoire virtuelle totale: 16087.96 MB
Mémoire virtuelle disponible: 12226.24 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:930.91 GB) (Free:158.52 GB) NTFS
\\?\Volume{0f47b272-8ec3-4da0-bfbd-a7d31b1bdcb9}\ (Récupération) (Fixed) (Total:0.49 GB) (Free:0.12 GB) NTFS
\\?\Volume{769f69ec-8afd-4894-ba30-334fc327cb73}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Fin de Addition.txt ============================
Exécuté par mrtho (05-08-2018 21:09:37)
Exécuté depuis C:\Users\mrtho\Downloads
Windows 10 Home Version 1709 16299.371 (X64) (2017-12-06 19:24:09)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-3728115668-3251098077-3353745527-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3728115668-3251098077-3353745527-503 - Limited - Disabled)
Invité (S-1-5-21-3728115668-3251098077-3353745527-501 - Limited - Disabled)
mrtho (S-1-5-21-3728115668-3251098077-3353745527-1001 - Administrator - Enabled) => C:\Users\mrtho
WDAGUtilityAccount (S-1-5-21-3728115668-3251098077-3353745527-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Aria Maestosa 1.4.13 (HKLM-x32\...\Aria Maestosa_is1) (Version: - )
Audacity 2.2.0 (HKLM-x32\...\Audacity_is1) (Version: 2.2.0 - Audacity Team)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.55.31997 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Capstan 1.3.0 (x64) (HKLM\...\{F8273C2C-7F9E-4551-B327-A50CC2FCFEB7}) (Version: 01.03.0004 - Celemony Software GmbH)
Dashlane (HKU\S-1-5-21-3728115668-3251098077-3353745527-1001\...\Dashlane) (Version: 6.0.2.11187 - Dashlane, Inc.)
Discord (HKU\S-1-5-21-3728115668-3251098077-3353745527-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.1.0 - IObit)
Epic Games Launcher (HKLM-x32\...\{CB32E1D1-1875-4374-AE66-4785FDE247CA}) (Version: 1.1.134.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FileZilla Client 3.34.0 (HKLM-x32\...\FileZilla Client) (Version: 3.34.0 - Tim Kosse)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Java 8 Update 161 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418071F0}) (Version: 8.0.710.15 - Oracle Corporation)
K-Lite Codec Pack 13.6.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.6.5 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\{892DB406-ADF8-4C30-9840-8438AF5B8763}) (Version: 2.2.0.607 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.607 - LogMeIn, Inc.)
LoopBe30 Trial - Internal MIDI Ports (HKLM-x32\...\LoopBe30 Trial) (Version: - )
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.7.208 - McAfee, Inc.)
Microsoft Office Standard 2016 (HKLM\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3728115668-3251098077-3353745527-1001\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MorphVOX Pro (HKLM-x32\...\{DE289787-7ECA-4BED-9D8C-99FAC407E3D6}) (Version: 4.3.13 - Screaming Bee)
Mozilla Firefox 61.0.1 (x64 fr) (HKLM\...\Mozilla Firefox 61.0.1 (x64 fr)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
Mumble 1.2.19 (HKLM-x32\...\{9BCF5203-72BB-4425-A391-83BF298EF376}) (Version: 1.2.19 - Thorvald Natvig)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.1.3 - OBS Project)
OpenIV (HKU\S-1-5-21-3728115668-3251098077-3353745527-1001\...\OpenIV) (Version: 2.9.2.932 - .black/OpenIV Team)
OpenOffice 4.1.4 (HKLM-x32\...\{DAEDCAF7-E42C-41E1-822C-33658A2C6EAD}) (Version: 4.14.9788 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.24.5022 - Electronic Arts, Inc.)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Panneau de configuration NVIDIA 397.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 397.64 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8372 - Realtek Semiconductor Corp.)
ROCCAT Swarm (HKLM-x32\...\{32C24F2E-923F-49C1-8E60-2B3DC5482255}) (Version: 1.93.000 - ROCCAT GmbH) Hidden
ROCCAT Swarm (HKLM-x32\...\InstallShield_{32C24F2E-923F-49C1-8E60-2B3DC5482255}) (Version: 1.93.000 - ROCCAT GmbH)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.8 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.9.3 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.9.3 - General Workings, Inc.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.10 - TeamSpeak Systems GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{479E8CC7-CD68-4EB4-BB04-34A5C2C74102}) (Version: 2.46.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-3728115668-3251098077-3353745527-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-146438554A07}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-3728115668-3251098077-3353745527-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-12-05] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-05-07] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0BF235D4-0E20-413D-9A8D-533EBA754625} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {3E7951B6-59CA-45D9-81D9-76CCCA63C550} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-11-09] ()
Task: {596F422F-49F1-4E9A-8CD9-271FCD2A698E} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\5.1.0\Scheduler.exe [2017-10-24] (IObit)
Task: {5E19BF44-B05F-4691-913E-069C5778F376} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe
Task: {78A961A3-BE4A-4F9F-ACC6-5911F142C232} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-06] (Google Inc.)
Task: {7E278416-A725-4517-9B99-EBA3B574BD2A} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-mrthoms007@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {8CB4734F-2D1D-4412-8E6D-0A7585FC4E74} - System32\Tasks\Driver Booster SkipUAC (mrtho) => C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DriverBooster.exe [2017-11-16] (IObit)
Task: {955C21CF-66C9-49DF-85E6-748837D19B42} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {9B1F74DC-3318-4CBB-ADEC-7914208D517E} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-mrthoms007@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {9EDEE1A8-2871-4035-A7DD-12A26F46AF95} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {AE40F72F-A47A-41C9-BBDB-2E34B1C45719} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
Task: {C6CB0DA0-8448-4A1D-8B4E-CB162191190B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {D826E30D-2E05-42DD-AFCB-B31B3C74588D} - System32\Tasks\S-1-5-21-3728115668-3251098077-3353745527-1001\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation)
Task: {F6BE4C57-16F7-42C7-9219-AAE39A745BBB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-06] (Google Inc.)
Task: {F90A2FFA-CA69-42AE-934C-85D4B113D67B} - System32\Tasks\ROCCAT DEVICE SERVICE => C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_dev_service.exe [2018-02-12] (ROCCAT)
Task: {FFEE269C-9C90-4EBA-AADC-EBB4A96FF9E4} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2018-07-16] (Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
==================== Modules chargés (Avec liste blanche) ==============
2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\Windows\SYSTEM32\inputhost.dll
2018-05-29 17:42 - 2018-05-29 17:42 - 000076152 _____ () C:\Windows\system32\PnkBstrA.exe
2017-09-26 03:52 - 2017-09-26 03:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-03-14 13:44 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-14 13:44 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-29 08:23 - 2018-07-29 08:24 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-29 08:23 - 2018-07-29 08:24 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-29 08:23 - 2018-07-29 08:25 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-29 08:23 - 2018-07-29 08:24 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-07-29 08:23 - 2018-07-29 08:24 - 000653824 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-05-08 14:18 - 2018-07-19 08:59 - 000021824 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
2018-06-26 16:57 - 2018-06-22 21:15 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libglesv2.dll
2018-06-26 16:57 - 2018-06-22 21:15 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libegl.dll
2018-08-05 18:47 - 2018-08-05 18:45 - 003157376 _____ () C:\Users\mrtho\AppData\Roaming\ZHP\ZHPDiag3.exe
2017-09-29 15:41 - 2017-09-29 15:41 - 000030208 _____ () C:\Windows\system32\Windows.WARP.JITService.exe
2017-12-06 22:58 - 2018-07-21 23:07 - 000854304 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-12-06 22:58 - 2018-08-02 01:37 - 002644768 _____ () C:\Program Files (x86)\Steam\video.dll
2017-12-06 22:58 - 2016-09-01 03:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-12-14 16:22 - 2017-12-20 03:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-14 16:22 - 2017-12-20 03:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2017-12-14 16:22 - 2017-12-20 03:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-14 16:22 - 2017-12-20 03:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2017-12-14 16:22 - 2017-12-20 03:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2017-12-06 22:58 - 2016-09-01 03:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-12-06 22:58 - 2016-09-01 03:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-12-06 22:58 - 2018-08-02 01:37 - 001015072 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-12-06 22:58 - 2016-07-05 00:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2018-01-24 09:39 - 2018-06-19 11:02 - 000015360 _____ () C:\Program Files (x86)\Origin\libEGL.DLL
2018-01-24 09:39 - 2018-06-19 11:02 - 003090944 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2017-12-06 23:02 - 2018-07-21 23:07 - 000854304 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-12-06 23:02 - 2018-07-21 00:24 - 083524896 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-12-06 23:02 - 2018-07-21 00:24 - 002253600 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libglesv2.dll
2017-12-06 23:02 - 2018-07-21 00:24 - 000109856 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libegl.dll
2017-12-06 22:58 - 2018-07-03 23:58 - 000137504 _____ () C:\Program Files (x86)\Steam\winh264.dll
2016-12-14 17:47 - 2018-01-07 10:13 - 068505088 _____ () C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libcef.dll
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\Users\Public\AppData:CSM [484]
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
==================== Hosts contenu: ===============================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2017-09-29 15:46 - 2018-08-05 19:12 - 000002109 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-3728115668-3251098077-3353745527-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mrtho\Desktop\fond.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
HKLM\...\StartupApproved\StartupFolder: => "ROCCAT Swarm Monitor.lnk"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-3728115668-3251098077-3353745527-1001\...\StartupApproved\Run: => "Dashlane"
HKU\S-1-5-21-3728115668-3251098077-3353745527-1001\...\StartupApproved\Run: => "DashlanePlugin"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{5B5B851A-C2F5-4424-A29B-0339AC2105B4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DriverBooster.exe
FirewallRules: [{04A9792E-1180-4C9E-8B4A-AD37D8DF3D72}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DriverBooster.exe
FirewallRules: [{EAE910CD-EE51-474D-965F-7BCEC88F1DB7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DBDownloader.exe
FirewallRules: [{2C079478-570A-4804-96F7-CDEACB980282}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DBDownloader.exe
FirewallRules: [{172EAB25-50CD-4371-870D-7FE09A5964DF}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\AutoUpdate.exe
FirewallRules: [{1B92AA2D-A5D7-43A0-BA54-67142A2C5A3B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\AutoUpdate.exe
FirewallRules: [{ED5C8804-12C3-49CC-939E-9663D1AE5840}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{651F665C-F131-4B79-852D-C090279E3656}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E76797E9-1C59-4B64-8C05-8977E6714279}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5D7B62D2-35DD-4C22-8663-8D70FD03DB9B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A8F31A00-21DF-4974-99F8-25DE65379036}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{DEE1C60F-F231-4D99-BD5A-173C37738B8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{182B1D92-0559-4BC6-94EA-D213FC850880}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{106849C5-0647-4D3D-8987-07E56ABA1B9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2C6BA98D-78BA-45A0-9856-7D2041AC758A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{71066CFD-B9A3-4193-A71B-84BD6005BD41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [TCP Query User{0C94ABEF-3734-4B40-8763-4F9D676BBCA1}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{0B585A7F-A00B-4C0B-AEE2-3586414907C8}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{8D5882B9-9823-4CED-88BB-BDC1BF748CF5}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{6E2709BA-F4C8-4931-B29D-911365015FC8}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{AF797722-A79C-4914-8BDC-BC9BD06F771F}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{0B3D0B02-A701-47AD-96AE-E145DFF07330}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{F3715A40-AD80-4809-874B-A991654A06D6}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Allow) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe
FirewallRules: [UDP Query User{DC5DD3D5-ED15-43C4-BA90-20B63839F065}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Allow) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe
FirewallRules: [{78C58A50-06CB-497E-9F1F-2AD75407D26D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{957127AC-AB71-4F39-BF42-BA1B83D7BFE4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{D4F8DB9D-B70D-452A-8901-5E209ED892D5}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{722A2483-1C39-4C1C-9EBD-29A95C2F531D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{9A0AE5F1-7038-476A-9BB9-0B749CB61748}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{7477DD29-73FE-48EC-A752-9E51A9413D15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [TCP Query User{54FA4C2A-3069-4919-AFA1-B4A19F2B7361}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{4FC7B66C-5859-4ED8-BF73-0DBC732BA6BB}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{B37A6BCC-8347-4935-8063-175F9CF6D5C6}C:\programdata\oracle\java\javapath_target_4230093\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_4230093\java.exe
FirewallRules: [UDP Query User{70CC2B64-3F74-4AC8-A775-4DE0FB2AA398}C:\programdata\oracle\java\javapath_target_4230093\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_4230093\java.exe
FirewallRules: [{7CA400CD-8213-48A3-92C6-70F2B5187043}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{9169267F-DAB7-47AA-8412-C5D920717F9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{D7C44DBC-2F84-44AF-9DD4-E15D5490A965}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{49C74E26-D61B-4FE6-86A4-C8F922032F6F}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{E0CB8A56-0528-4B42-B68B-3E3EF4071245}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{6AC6F8E2-08D9-4152-B67C-DB4178AFF03A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{337E7CB3-EC0A-4DCD-A731-50CC0FEE391F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{E7D5C625-0EEF-40E5-94B6-F9B62EECF5D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{8751CCE2-6470-49B8-91F0-62D1D97D7F71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{BB8CEC1B-80B4-4D21-A32C-5CED937184B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [TCP Query User{24F01073-DAEA-4C09-8EF2-1DCE9CF0ED52}C:\users\mrtho\appdata\local\fivem\fivem.exe] => (Allow) C:\users\mrtho\appdata\local\fivem\fivem.exe
FirewallRules: [UDP Query User{A522CFB0-7099-42BC-B713-3C4121EB047F}C:\users\mrtho\appdata\local\fivem\fivem.exe] => (Allow) C:\users\mrtho\appdata\local\fivem\fivem.exe
FirewallRules: [{8FB4B9A8-1E14-4184-AE3F-00F22E743409}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{AF2B6263-9A5F-452D-B321-9C4FA41699E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{1CF62482-13E9-4500-AEDC-D34A60D1B9E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E7073B37-37AA-48A9-8B60-CBE0FE35B8F9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{33D5291A-7A7B-4965-9ED1-12B5ED15CE5C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{15D1D6C8-BADE-43CE-894A-BD7734608C32}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E8F6ABA4-E47A-4A18-99BC-558B1ECDA18C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{307B8D1C-E006-4475-A135-51E7CC809FEB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8EF77FA2-B639-454A-836C-E1F6DF59B503}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{495BC2D7-2C11-4FC0-AF7F-7D27F5E2FC51}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{74279C37-8EB3-4E0C-8923-E3BE7DE45DB9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{C854FF35-0B02-425D-A460-B7B5159CB5A5}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{8C08C024-41C2-49AF-BB05-F941A549E10E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\SCPSL.exe
FirewallRules: [{FFD97FA4-4A7D-436B-AED5-218969545AA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\SCPSL.exe
FirewallRules: [{D8EB0929-ADD5-419D-B5CA-B70085BDE1E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\LocalAdmin.exe
FirewallRules: [{0966121A-1619-42A2-9FF5-2B7758CCCBD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\LocalAdmin.exe
FirewallRules: [{71EB7399-DE5B-4FA1-B03B-DA1B39BDA409}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe
FirewallRules: [{644E6A78-4525-46F4-A4FD-29EC107AEB73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe
FirewallRules: [{55D26FFC-A1B8-44AB-9331-51FB68A7C9D5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FF882D0C-7243-494B-A39F-2EDD231CA578}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DDEE73A0-FE5D-4B80-8DA3-2EB20E4E72AB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A6A28078-7CEB-4189-8B39-F8F4FDD3BBC8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0A8C752E-F660-4206-A3AD-0C0EBBE2C00B}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{A099E9CF-16F5-4C09-B3E9-2E10D61D9EFC}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{038DC11C-B400-4E62-9666-CCC86B81B785}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{583A578A-46E2-40D3-81A8-C678882B8FA1}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{0F51D4AC-4E3A-4A9D-98C8-4D308B2CD59F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{F9FA6F79-E29F-412E-AD04-532976911896}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [TCP Query User{095B0CD6-8F63-43AD-84D5-4AEA43388D28}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{51D17B37-B834-425C-B8C4-42B6A9FA1154}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{997C4A7E-7561-4EE3-BD1A-046716C2A945}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{24FC0710-3C05-471E-AE91-EB64B6C18926}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{0C76A5F1-5E1F-4ECC-AAC8-4592FE8F930E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{AE64774B-4B97-4605-91A5-B8A5BE33BB1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{248E0694-B4CC-4A12-AE4E-056BF6E40436}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe
FirewallRules: [{76707EDA-B39D-4383-94E4-CB0DDBC039B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe
FirewallRules: [{4DB4CB1D-FA5C-4549-AD68-A97815ACFFBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{7A971BC5-26A2-493E-AAE9-B255E4CFB8E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{B482DE12-D595-4254-BD22-03443560C0B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{C4845A4B-561C-43B9-A655-C20618939E0E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [TCP Query User{6A26CEE7-D08D-44CB-8D6A-6ED32ED16A06}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Block) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe
FirewallRules: [UDP Query User{212F1013-49E2-4F51-AB93-3BD4990A79EC}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Block) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe
FirewallRules: [TCP Query User{8B299C1B-CF80-4B60-A206-3BEE0E05BC23}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{9803D688-E882-4F07-96C2-83B88931A590}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{B29CA197-E0DB-4282-9F8F-AFAF04E9065F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{799EE586-23B8-47D5-8198-7101B3899DE8}C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [UDP Query User{9AAEEBE9-0C90-4CCA-B629-279DE24704B2}C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [TCP Query User{AA16CAD6-9B1D-4011-82F4-651DC522A250}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{6BC12089-AC3E-4BAB-BF7F-0814AD121993}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{58A5B4AE-6480-4F9B-B451-2FC3E3C7FDF6}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{3BD6B112-D9B3-4627-8CC1-CD582A5A88EA}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{1F863989-49FD-46B5-BCCC-9050B29C2E19}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{D131D6C3-3242-4F42-AC44-B682C1DCEE27}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [TCP Query User{23BCB885-E83B-4141-B63C-A5C4F8CB7E21}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{58B2E24E-6832-4855-81DC-9616AFF546AF}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [{0E2755B0-5AB6-4F77-977B-60C878A8FA88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dayofinfamy\dayofinfamy_BE.exe
FirewallRules: [{B989A859-C0B7-4761-865A-DB9141A61233}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dayofinfamy\dayofinfamy_BE.exe
FirewallRules: [TCP Query User{5E679E0F-7861-40E6-8704-90B0BEE51D10}C:\program files (x86)\steam\steamapps\common\dayofinfamy\dayofinfamy_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayofinfamy\dayofinfamy_x64.exe
FirewallRules: [UDP Query User{2A89834D-AC1D-499B-A4D1-72EEAD32B117}C:\program files (x86)\steam\steamapps\common\dayofinfamy\dayofinfamy_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayofinfamy\dayofinfamy_x64.exe
FirewallRules: [{FE8ACE04-5113-4875-9CF5-83BDD66917D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jurassic World Evolution\JWE.exe
FirewallRules: [{CF0D16CD-06F8-4E3D-9623-E001B45A5581}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jurassic World Evolution\JWE.exe
FirewallRules: [{C7C8AC5D-3C4E-4322-8CB6-3068D8DDBBE2}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{7B874651-F498-4F1A-869B-C77EAE165005}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
==================== Points de restauration =========================
==================== Éléments en erreur du Gestionnaire de périphériques =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Display
Description: Display
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (08/05/2018 09:00:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Audacity\audacity.exe ». Erreur dans le fichier de manifeste ou de stratégie « » à la ligne .
Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.371_none_15c7d1789365a290.manifest.
Composant 2 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.371_none_5d75084fa7e1cb96.manifest.
Error: (08/05/2018 08:52:13 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x8007232B
Arguments de la ligne de commande :
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (08/05/2018 08:52:10 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x8007232B
Arguments de la ligne de commande :
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (08/05/2018 08:46:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, Descripteur non valide
.
Opération :
Opération asynchrone en cours d’exécution
Contexte :
État actuel: DoSnapshotSet
Error: (08/05/2018 08:44:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddCorePnPFiles : Enumerating driver store published INFs failed.
System Error:
Le Registre de configuration est endommagé.
.
Error: (08/05/2018 07:17:45 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x8007232B
Arguments de la ligne de commande :
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (08/05/2018 07:17:43 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x8007232B
Arguments de la ligne de commande :
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (08/05/2018 06:19:55 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x8007232B
Arguments de la ligne de commande :
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Erreurs système:
=============
Error: (08/05/2018 09:01:47 PM) (Source: DCOM) (EventID: 10016) (User: THOMAS)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID THOMAS\mrtho de l’utilisateur (S-1-5-21-3728115668-3251098077-3353745527-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (08/05/2018 08:52:35 PM) (Source: DCOM) (EventID: 10016) (User: THOMAS)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID THOMAS\mrtho de l’utilisateur (S-1-5-21-3728115668-3251098077-3353745527-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (08/05/2018 08:52:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Origin Web Helper Service n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (08/05/2018 08:52:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Origin Web Helper Service.
Error: (08/05/2018 08:51:24 PM) (Source: DCOM) (EventID: 10016) (User: THOMAS)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID THOMAS\mrtho de l’utilisateur (S-1-5-21-3728115668-3251098077-3353745527-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (08/05/2018 08:50:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Origin Web Helper Service n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (08/05/2018 08:50:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Origin Web Helper Service.
Error: (08/05/2018 08:49:25 PM) (Source: DCOM) (EventID: 10010) (User: THOMAS)
Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Windows Defender:
===================================
Date: 2017-12-06 20:46:17.680
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nom : HackTool:Win32/AutoKMS
ID : 2147685180
Gravité : Moyenne
Catégorie : Outil
Chemin : file:_C:\ProgramData\KMSAutoS\bin\KMSSS.exe;file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe;file:_C:\Windows\System32\Tasks\KMSAutoNet;regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D1142CA-E729-469B-9A47-BCC51C0891FB};regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KMSAutoNet;taskscheduler:_C:\Windows\System32\Tasks\KMSAutoNet
Origine de la détection : Ordinateur local
Type de détection : Chemin rapide
Source de détection : Système
Utilisateur : AUTORITE NT\Système
Nom du processus : Unknown
Version de la signature : AV: 1.251.42.0, AS: 1.251.42.0, NIS: 116.1.0.0
Version du moteur : AM: 1.1.14104.0, NIS: 2.1.13804.0
Date: 2017-12-06 20:44:31.156
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nom : HackTool:Win32/AutoKMS
ID : 2147685180
Gravité : Moyenne
Catégorie : Outil
Chemin : file:_C:\ProgramData\KMSAutoS\bin.dat;file:_C:\ProgramData\KMSAutoS\bin\KMSSS.exe;file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe;file:_C:\ProgramData\KMSAuto\bin.dat;file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe;file:_C:\ProgramData\KMSAuto\KMSAuto Net.exe;file:_D:\Perso\Windows 10 free\KMSAuto Net.exe;process:_pid:3364,ProcessStart:131570629437120347;process:_pid:4372,ProcessStart:131570629412382708;process:_pid:7908,ProcessStart:131570627153934697;process:_pid:8308,ProcessStart:131570629481210433;process:_pid:9424,ProcessStart:131570628499482615
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : DESKTOP-S53LC7A\mrtho
Nom du processus : C:\Windows\System32\conhost.exe
Version de la signature : AV: 1.251.42.0, AS: 1.251.42.0, NIS: 116.1.0.0
Version du moteur : AM: 1.1.14104.0, NIS: 2.1.13804.0
Date: 2017-12-06 20:44:30.917
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nom : HackTool:Win32/AutoKMS
ID : 2147685180
Gravité : Moyenne
Catégorie : Outil
Chemin : file:_C:\ProgramData\KMSAutoS\bin.dat;file:_C:\ProgramData\KMSAutoS\bin\KMSSS.exe;file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe;file:_C:\ProgramData\KMSAuto\bin.dat;file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe;file:_C:\ProgramData\KMSAuto\KMSAuto Net.exe;file:_D:\Perso\Windows 10 free\KMSAuto Net.exe;process:_pid:3364,ProcessStart:131570629437120347;process:_pid:4372,ProcessStart:131570629412382708;process:_pid:7908,ProcessStart:131570627153934697;process:_pid:8308,ProcessStart:131570629481210433;process:_pid:9424,ProcessStart:131570628499482615
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : DESKTOP-S53LC7A\mrtho
Nom du processus : C:\Windows\System32\conhost.exe
Version de la signature : AV: 1.251.42.0, AS: 1.251.42.0, NIS: 116.1.0.0
Version du moteur : AM: 1.1.14104.0, NIS: 2.1.13804.0
Date: 2017-12-06 20:44:30.685
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nom : HackTool:Win32/AutoKMS
ID : 2147685180
Gravité : Moyenne
Catégorie : Outil
Chemin : file:_C:\ProgramData\KMSAutoS\bin.dat;file:_C:\ProgramData\KMSAutoS\bin\KMSSS.exe;file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe;file:_C:\ProgramData\KMSAuto\bin.dat;file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe;file:_C:\ProgramData\KMSAuto\KMSAuto Net.exe;file:_D:\Perso\Windows 10 free\KMSAuto Net.exe;process:_pid:3364,ProcessStart:131570629437120347;process:_pid:4372,ProcessStart:131570629412382708;process:_pid:7908,ProcessStart:131570627153934697;process:_pid:8308,ProcessStart:131570629481210433;process:_pid:9424,ProcessStart:131570628499482615
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : DESKTOP-S53LC7A\mrtho
Nom du processus : C:\Windows\System32\conhost.exe
Version de la signature : AV: 1.251.42.0, AS: 1.251.42.0, NIS: 116.1.0.0
Version du moteur : AM: 1.1.14104.0, NIS: 2.1.13804.0
Date: 2017-12-06 20:44:30.446
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nom : HackTool:Win32/AutoKMS
ID : 2147685180
Gravité : Moyenne
Catégorie : Outil
Chemin : file:_C:\ProgramData\KMSAutoS\bin.dat;file:_C:\ProgramData\KMSAutoS\bin\KMSSS.exe;file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe;file:_C:\ProgramData\KMSAuto\bin.dat;file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe;file:_C:\ProgramData\KMSAuto\KMSAuto Net.exe;file:_D:\Perso\Windows 10 free\KMSAuto Net.exe;process:_pid:3364,ProcessStart:131570629437120347;process:_pid:4372,ProcessStart:131570629412382708;process:_pid:7908,ProcessStart:131570627153934697;process:_pid:8308,ProcessStart:131570629481210433;process:_pid:9424,ProcessStart:131570628499482615
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : DESKTOP-S53LC7A\mrtho
Nom du processus : C:\Windows\System32\conhost.exe
Version de la signature : AV: 1.251.42.0, AS: 1.251.42.0, NIS: 116.1.0.0
Version du moteur : AM: 1.1.14104.0, NIS: 2.1.13804.0
CodeIntegrity:
===================================
Date: 2018-07-02 12:14:00.291
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SoftwareDistribution\Download\e6d6e0b5c0395b10e0b7d0c2e422acce\amd64_Microsoft-Windows-Client-Features-Package~~AMD64~~10.0.17134.1\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_10.0.17134.1_none_ffc0ea0a1b433c2b\wscadminui.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-07-02 12:14:00.276
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SoftwareDistribution\Download\e6d6e0b5c0395b10e0b7d0c2e422acce\amd64_Microsoft-Windows-Client-Features-Package~~AMD64~~10.0.17134.1\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_10.0.17134.1_none_ffc0ea0a1b433c2b\wscadminui.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-07-02 12:12:32.462
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SoftwareDistribution\Download\e6d6e0b5c0395b10e0b7d0c2e422acce\amd64_Microsoft-Windows-Client-Features-Package~~AMD64~~10.0.17134.1\amd64_windows-devices-perception_31bf3856ad364e35_10.0.17134.1_none_aaf6267cfd4620ce\windows.devices.perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-07-02 12:12:32.436
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SoftwareDistribution\Download\e6d6e0b5c0395b10e0b7d0c2e422acce\amd64_Microsoft-Windows-Client-Features-Package~~AMD64~~10.0.17134.1\amd64_windows-devices-perception_31bf3856ad364e35_10.0.17134.1_none_aaf6267cfd4620ce\windows.devices.perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-07-02 12:11:17.526
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SoftwareDistribution\Download\e6d6e0b5c0395b10e0b7d0c2e422acce\amd64_Microsoft-Windows-Client-Features-Package~~AMD64~~10.0.17134.1\amd64_microsoft-windows-utilman_31bf3856ad364e35_10.0.17134.1_none_e82a3c469a67b4bc\utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-07-02 12:11:17.500
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SoftwareDistribution\Download\e6d6e0b5c0395b10e0b7d0c2e422acce\amd64_Microsoft-Windows-Client-Features-Package~~AMD64~~10.0.17134.1\amd64_microsoft-windows-utilman_31bf3856ad364e35_10.0.17134.1_none_e82a3c469a67b4bc\utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-07-02 12:10:29.907
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SoftwareDistribution\Download\e6d6e0b5c0395b10e0b7d0c2e422acce\amd64_Microsoft-Windows-Client-Features-Package~~AMD64~~10.0.17134.1\amd64_microsoft-windows-security-spp-ux-dlg_31bf3856ad364e35_10.0.17134.1_none_83d7cfcf4329e9be\upgraderesultsui.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-07-02 12:10:29.891
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SoftwareDistribution\Download\e6d6e0b5c0395b10e0b7d0c2e422acce\amd64_Microsoft-Windows-Client-Features-Package~~AMD64~~10.0.17134.1\amd64_microsoft-windows-security-spp-ux-dlg_31bf3856ad364e35_10.0.17134.1_none_83d7cfcf4329e9be\upgraderesultsui.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz
Pourcentage de mémoire utilisée: 51%
Mémoire physique - RAM - totale: 8151.96 MB
Mémoire physique - RAM - disponible: 3978.2 MB
Mémoire virtuelle totale: 16087.96 MB
Mémoire virtuelle disponible: 12226.24 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:930.91 GB) (Free:158.52 GB) NTFS
\\?\Volume{0f47b272-8ec3-4da0-bfbd-a7d31b1bdcb9}\ (Récupération) (Fixed) (Total:0.49 GB) (Free:0.12 GB) NTFS
\\?\Volume{769f69ec-8afd-4894-ba30-334fc327cb73}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Fin de Addition.txt ============================