Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Exécuté par theoc (16-08-2018 12:03:52)
Exécuté depuis C:\Users\theoc\Desktop
Windows 10 Home Version 1803 17134.228 (X64) (2018-05-19 21:41:43)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-2589188454-1577206507-1414055909-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2589188454-1577206507-1414055909-503 - Limited - Disabled)
Invité (S-1-5-21-2589188454-1577206507-1414055909-501 - Limited - Disabled)
theoc (S-1-5-21-2589188454-1577206507-1414055909-1001 - Administrator - Enabled) => C:\Users\theoc
WDAGUtilityAccount (S-1-5-21-2589188454-1577206507-1414055909-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_0_0) (Version: 15.0.0 - Adobe Systems Incorporated)
Adobe Audition CC 2018 (HKLM-x32\...\AUDT_11_1) (Version: 11.1.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.6.0.384 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_0_0) (Version: 22.0.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0_1) (Version: 19.0.1 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_1_2) (Version: 11.1.2 - Adobe Systems Incorporated)
Application Blizzard (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Backup and Sync from Google (HKLM\...\{AEFBDB5B-899F-4AE6-B789-BA56A652A476}) (Version: 3.42.9858.3671 - Google, Inc.)
Blender (HKLM\...\{6B32721F-EA02-40BB-B781-92404BA3485C}) (Version: 2.79.1 - Blender Foundation)
Cinema 4D 19.024 (HKLM\...\MAXONB1A7BB62) (Version: 19.024 - MAXON Computer GmbH)
Discord (HKU\S-1-5-21-2589188454-1577206507-1414055909-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
EduPython 2.3 (HKLM-x32\...\EduPython_2.3_is1) (Version: 2.3 - V. MAILLE)
Epic Games Launcher (HKLM-x32\...\{904D135E-2B44-4B46-A4B4-78A5FCE8F27C}) (Version: 1.1.129.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Pen version v3.6.0.0 (HKLM-x32\...\Epic Pen_is1) (Version: v3.6.0.0 - TANK Studios)
EPSON XP-312 313 315 Series Printer Uninstall (HKLM\...\EPSON XP-312 313 315 Series) (Version: - SEIKO EPSON Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 8.0.1.300 - Huawei Technologies Co.,Ltd)
Hotspot Shield 7.6.5 (HKLM-x32\...\{107bec2f-7507-4df6-98a6-a8bfea0d5655}) (Version: 7.6.5.10927 - AnchorFree Inc.)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation)
iPrint (HKLM-x32\...\iPrint_is1) (Version: 6.0 - Inzone Software Limited)
iSkysoft Helper Compact 2.5.2 (HKLM-x32\...\{9BF12010-8799-41A5-A671-E9CFDE9E79F3}_is1) (Version: 2.5.2 - iSkysoft)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.7.208 - McAfee, Inc.)
Microsoft Office Professionnel Plus 2016 - fr-fr (HKLM\...\ProplusRetail - fr-fr) (Version: 16.0.10325.20082 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2589188454-1577206507-1414055909-1001\...\OneDriveSetup.exe) (Version: 18.070.0405.0002 - Microsoft Corporation)
Microsoft Project Professionnel 2016 - fr-fr (HKLM\...\ProjectProRetail - fr-fr) (Version: 16.0.10325.20082 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM\...\{EA457B21-F73E-494C-ACAB-524FDE069978}_is1) (Version: 1.16.1 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 59.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.3 (x64 en-US)) (Version: 59.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Node.js (HKLM\...\{F69C1A4C-0402-462C-B95D-6BEAED881FA1}) (Version: 8.11.1 - Node.js Foundation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.5 - Notepad++ Team)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.0.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7796 - Realtek Semiconductor Corp.)
SmartControl version 1.4.0.7 (HKLM\...\SmartControl_is1) (Version: 1.4.0.7 - MMD)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-2589188454-1577206507-1414055909-1001\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.5287 - TeamViewer)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-2589188454-1577206507-1414055909-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-5D28F422C1A9}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2589188454-1577206507-1414055909-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-21] (AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-02-27] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-21] (AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-05-30] (Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-21] (AVAST Software)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-05-30] (Google)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-21] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {10441961-F894-49A1-A5E7-705A184E1B77} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-theochirat@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {1499EB1B-BB6C-4F4F-B169-45EE507F67E0} - System32\Tasks\EPSON XP-312 313 315 Series Update {F34EF773-0B30-4817-9D16-CC17581084FD} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2014-12-03] (SEIKO EPSON CORPORATION)
Task: {241CE8E9-4C40-48E1-83F1-8A747728E015} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-01] (Google Inc.)
Task: {255FAB4E-75EA-4C29-97FB-80D15622473A} - System32\Tasks\Opera scheduled Autoupdate 1506864628 => C:\Users\theoc\AppData\Local\Programs\Opera\launcher.exe
Task: {2D39E918-197E-4C2A-B9ED-BEE917FB891C} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-theochirat@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {2D931A05-07CA-4147-A59D-73429DC6DC9D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-06-13] (AVAST Software)
Task: {35DEB450-4336-409F-8B11-A90681E898D5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-22] (Microsoft Corporation)
Task: {37EB6787-A830-4641-891F-F2C81C16FDAE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-16] (Microsoft Corporation)
Task: {3B057557-F87C-4050-8715-678C9D3C67B0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-07-24] (Microsoft Corporation)
Task: {41CE2203-DE1F-46B1-8025-DB9DF4909638} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-24] (Microsoft Corporation)
Task: {49C37659-FD16-42F2-BAE5-21C6B6ED3E11} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-07-24] (Microsoft Corporation)
Task: {4CF97EC9-828F-4C1E-B041-19B1E0A75F2A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-13] (Adobe Systems Incorporated)
Task: {4EE07A93-23CD-4195-8877-6A3C88C65E89} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-16] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {73802320-0429-4295-A527-E1C4DE2A52E5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-01] (Google Inc.)
Task: {7A07F2B9-7073-4390-94F5-ABDA3BB93272} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-22] (Microsoft Corporation)
Task: {7B3F536A-02A1-4734-84D5-8E82E5DB3474} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\osfinstaller.exe [2018-07-24] (Microsoft Corporation)
Task: {7CE97375-ED17-4014-99F5-261BB046BE65} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {F34EF773-0B30-4817-9D16-CC17581084FD} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2014-12-03] (SEIKO EPSON CORPORATION)
Task: {7CEEDDF5-E4DD-4A99-8EF2-E21A45BCB32F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-16] (Microsoft Corporation)
Task: {911382CB-A0E1-45F3-911A-1883BA7A1E69} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-06-21] (AVAST Software)
Task: {A4BE82A3-1F0B-4FED-8F18-A6A5B854E7B7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-24] (Microsoft Corporation)
Task: {EC503AE3-D902-40D5-83B3-A33FF261CBE4} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {EC666506-1DDC-43AB-8589-7BB12E5D722A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-16] (Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Invitation {F34EF773-0B30-4817-9D16-CC17581084FD}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Update {F34EF773-0B30-4817-9D16-CC17581084FD}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE:/EXE:{F34EF773-0B30-4817-9D16-CC17581084FD} /F:UpdateWORKGROUP\DESKTOP-U7IT8MO$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
ShortcutWithArgument: C:\Users\theoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Floating for YouTube™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=jjphmlaoffndcnecccgemfdaaoighkel
ShortcutWithArgument: C:\Users\theoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
==================== Modules chargés (Avec liste blanche) ==============
2018-04-20 08:28 - 2018-04-20 08:28 - 000190784 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-02-27 20:08 - 2018-02-27 20:08 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-02-27 22:54 - 2018-02-27 22:54 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2018-08-14 20:40 - 2018-08-03 05:09 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-20 11:21 - 2018-07-20 11:27 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-20 11:21 - 2018-07-20 11:27 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-20 11:21 - 2018-07-20 11:29 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-20 11:21 - 2018-07-20 11:27 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-07-20 11:21 - 2018-07-20 11:24 - 000653824 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-08-11 09:26 - 2018-08-11 09:27 - 035124224 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-08-11 09:26 - 2018-08-11 09:27 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-08-11 09:26 - 2018-08-11 09:27 - 006417408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-10-01 16:07 - 2017-10-01 16:08 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-08-11 09:26 - 2018-08-11 09:27 - 009010176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-07-27 10:23 - 2018-07-27 10:25 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-07-27 10:23 - 2018-07-27 10:25 - 068154880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-04 13:36 - 2017-10-04 15:32 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-07-20 11:12 - 2018-07-20 11:24 - 004139008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-07-20 11:12 - 2018-07-20 11:29 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-05-04 17:08 - 2018-05-04 17:10 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-07-20 11:12 - 2018-07-20 11:31 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-03-29 20:17 - 2018-03-29 20:21 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-07-27 10:23 - 2018-07-27 10:25 - 014919168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-07-20 11:12 - 2018-07-20 11:24 - 003982848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-07-27 10:23 - 2018-07-27 10:24 - 002938880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-05-30 10:18 - 2018-05-30 10:20 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-20 11:12 - 2018-07-20 11:30 - 001396224 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-07-27 10:23 - 2018-07-27 10:25 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-27 10:23 - 2018-07-27 10:25 - 000162816 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\SKU.dll
2018-08-10 10:20 - 2018-08-08 02:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-10 10:20 - 2018-08-08 02:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll
2018-05-01 19:14 - 2018-04-30 23:01 - 001891672 _____ () C:\Users\theoc\AppData\Local\Discord\app-0.0.301\ffmpeg.dll
2018-03-02 14:12 - 2018-03-02 14:12 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-06-21 10:29 - 2018-06-21 10:29 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-06-21 10:29 - 2018-06-21 10:29 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2018-05-01 19:14 - 2018-04-30 23:01 - 001937752 _____ () C:\Users\theoc\AppData\Local\Discord\app-0.0.301\libglesv2.dll
2018-05-01 19:14 - 2018-04-30 23:01 - 000095576 _____ () C:\Users\theoc\AppData\Local\Discord\app-0.0.301\libegl.dll
2018-05-02 13:41 - 2018-08-03 10:04 - 011303256 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_voice\discord_voice.node
2018-05-02 13:41 - 2018-07-20 11:00 - 001635160 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_utils\discord_utils.node
2018-05-02 13:41 - 2018-05-02 13:41 - 000512856 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_erlpack\discord_erlpack.node
2018-05-02 13:41 - 2018-08-11 09:23 - 001641304 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_game_utils\discord_game_utils.node
2018-05-02 13:41 - 2018-08-09 10:29 - 001739608 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_overlay2\discord_overlay2.node
2018-05-02 13:41 - 2018-05-02 13:41 - 002722648 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_rpc\discord_rpc.node
2018-05-02 13:41 - 2018-05-02 13:41 - 001910104 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\cld\build\Release\cld.node
2018-05-02 13:41 - 2018-05-02 13:41 - 000422744 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\spellchecker\build\Release\spellchecker.node
2018-05-02 13:41 - 2018-05-02 13:41 - 000145240 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2018-08-11 09:23 - 2018-08-11 09:23 - 001247576 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_modules\discord_modules.node
2018-08-11 09:23 - 2018-08-16 09:34 - 020796760 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_dispatch\discord_dispatch.node
2018-05-02 13:41 - 2018-05-02 13:41 - 002760536 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_contact_import\discord_contact_import.node
2018-05-02 13:41 - 2018-05-02 13:41 - 001249112 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_vigilante\discord_vigilante.node
2018-05-02 13:41 - 2018-08-15 23:42 - 001657176 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_hook\discord_hook.node
2018-04-12 21:33 - 2018-04-12 21:33 - 000142376 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\fs-ext\build\Release\fs-ext.node
2018-04-12 21:33 - 2018-04-12 21:33 - 000271400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2018-04-12 21:33 - 2018-04-12 21:33 - 000141864 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\ref\build\Release\binding.node
2018-04-12 21:33 - 2018-04-12 21:33 - 000150568 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\ffi\build\Release\ffi_bindings.node
2018-04-12 21:33 - 2018-04-12 21:33 - 000097832 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2018-04-12 21:33 - 2018-04-12 21:33 - 000110120 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\idle-gc\build\Release\idle-gc.node
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\Users\Public\AppData:CSM [472]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [484]
AlternateDataStreams: C:\Users\theoc\OneDrive\Documents\League of Legends:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
==================== Hosts contenu: ==========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2017-03-18 23:03 - 2018-08-08 09:22 - 000002103 _____ C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-2589188454-1577206507-1414055909-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\theoc\Desktop\FondDecran\fond écran.png
DNS Servers: 212.27.40.240 - 212.27.40.241
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu is disabled.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "iSkysoft Helper Compact.exe"
HKU\S-1-5-21-2589188454-1577206507-1414055909-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2589188454-1577206507-1414055909-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-2589188454-1577206507-1414055909-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2589188454-1577206507-1414055909-1001\...\StartupApproved\Run: => "GoogleDriveSync"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [UDP Query User{A7F13DEB-6474-4DCC-82C2-8F79C17C7865}C:\users\theoc\appdata\local\temp\rar$exa11320.18014\ragextrem3\ragesimulator3\binaries\win64\ragesimulator3-win64-shipping.exe] => (Allow) C:\users\theoc\appdata\local\temp\rar$exa11320.18014\ragextrem3\ragesimulator3\binaries\win64\ragesimulator3-win64-shipping.exe
FirewallRules: [TCP Query User{D6AB1E45-63D8-497E-9339-2EF2987FC95A}C:\users\theoc\appdata\local\temp\rar$exa11320.18014\ragextrem3\ragesimulator3\binaries\win64\ragesimulator3-win64-shipping.exe] => (Allow) C:\users\theoc\appdata\local\temp\rar$exa11320.18014\ragextrem3\ragesimulator3\binaries\win64\ragesimulator3-win64-shipping.exe
FirewallRules: [UDP Query User{23D758BF-401B-4619-B0DA-722677301DF3}C:\users\theoc\appdata\local\temp\rar$exa8248.1451\ragextrem3\ragesimulator3\binaries\win64\ragesimulator3-win64-shipping.exe] => (Allow) C:\users\theoc\appdata\local\temp\rar$exa8248.1451\ragextrem3\ragesimulator3\binaries\win64\ragesimulator3-win64-shipping.exe
FirewallRules: [TCP Query User{F279A82E-A1EC-4C29-8B65-36D2EFB3BAA2}C:\users\theoc\appdata\local\temp\rar$exa8248.1451\ragextrem3\ragesimulator3\binaries\win64\ragesimulator3-win64-shipping.exe] => (Allow) C:\users\theoc\appdata\local\temp\rar$exa8248.1451\ragextrem3\ragesimulator3\binaries\win64\ragesimulator3-win64-shipping.exe
FirewallRules: [UDP Query User{7EB485A1-D7A1-4137-8E7B-8715F058C0D0}C:\users\theoc\appdata\local\temp\rar$exa3480.15262\ragextrem3\ragesimulator3\binaries\win64\ragesimulator3-win64-shipping.exe] => (Allow) C:\users\theoc\appdata\local\temp\rar$exa3480.15262\ragextrem3\ragesimulator3\binaries\win64\ragesimulator3-win64-shipping.exe
FirewallRules: [TCP Query User{414BA13F-AB9A-4266-8AA8-323B5C7B3271}C:\users\theoc\appdata\local\temp\rar$exa3480.15262\ragextrem3\ragesimulator3\binaries\win64\ragesimulator3-win64-shipping.exe] => (Allow) C:\users\theoc\appdata\local\temp\rar$exa3480.15262\ragextrem3\ragesimulator3\binaries\win64\ragesimulator3-win64-shipping.exe
FirewallRules: [UDP Query User{B49ADD65-2B19-43A4-BBD8-922F6042DE62}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
FirewallRules: [TCP Query User{81E1EE6E-A29C-4123-B456-E47F15F7E6A7}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
FirewallRules: [UDP Query User{D9AA2065-AE05-4F8A-80AA-F84FACD8A078}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
FirewallRules: [TCP Query User{EB6AAE21-D9B9-4C2E-881F-3362FE293413}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
FirewallRules: [{5A49469D-63B2-47D4-84A6-14AD57C8DDCA}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe
FirewallRules: [{64A48C9A-07C9-4DF1-84E5-7305761EB714}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe
FirewallRules: [{CE468174-A86B-4074-8491-14E6C7F8BFB6}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe
FirewallRules: [{9BBCF6FD-5540-4DB8-97AC-3D0BC9468597}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B253C878-3898-4BBE-8629-1A13E8AF9493}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6CC974DD-FDF2-4479-A052-867DAB545354}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DD1523DF-6925-4A8B-A068-23968A0BF693}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{085DBB8E-1C48-4316-9A4E-D5A7AAC409A2}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{D94B02DA-2B6B-46FA-BC7D-128B5FD966F9}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{CE1A51A9-4191-4C7C-BA1C-F5C78C08FC9C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BF0E7179-5A2C-4C0C-B030-5A72F25FCE5B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{027B3929-CF12-4440-8EF7-B93968F89D8C}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{584C6B9B-C87E-467E-8CE3-E9E8CC8E9247}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{F740E7D6-5EF8-49EC-84C5-C3CA51F5E6F4}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{55859058-07F6-4BE5-8682-3672F24EFC24}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{424AB528-A902-420F-892A-761EF99258FC}C:\program files\java\jre1.8.0_131\bin\java.exe] => (Block) C:\program files\java\jre1.8.0_131\bin\java.exe
FirewallRules: [UDP Query User{A3B5C0A8-A12A-4EE8-AEBA-7B7BE736A043}C:\program files\java\jre1.8.0_131\bin\java.exe] => (Block) C:\program files\java\jre1.8.0_131\bin\java.exe
FirewallRules: [TCP Query User{40D9E923-531B-4602-AA29-7F6973C605C5}C:\program files\java\jre1.8.0_131\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_131\bin\java.exe
FirewallRules: [UDP Query User{A5CFFF75-E00A-4458-9E1A-868BF8F34BB6}C:\program files\java\jre1.8.0_131\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_131\bin\java.exe
FirewallRules: [TCP Query User{56DA6A46-5980-4093-B6EF-34571E71D765}C:\edupython\app\python.exe] => (Allow) C:\edupython\app\python.exe
FirewallRules: [UDP Query User{C2D7D53D-21C5-4832-98C3-85C400DE6963}C:\edupython\app\python.exe] => (Allow) C:\edupython\app\python.exe
FirewallRules: [TCP Query User{7368A634-8485-4E76-942D-77CF5D579276}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{B32E10BD-0D90-4478-8621-6F87C86CD29C}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{5B46668D-CC88-4DC1-A62A-734EEEEB425D}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{E04D8D8B-04C9-46E5-B216-2DB36D6B3AE1}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{3F1383AB-B57D-4BA1-B381-D450CD326E10}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{E5BE7B5C-7C33-46FA-859A-5A8E93726EA1}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{3DB723AA-480A-423F-8C49-4A535075A5F7}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{219A519E-2208-434B-BCAD-3D057FCB945E}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{B7711E7E-D15C-4705-986A-B5DCA188ADE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm Royale\Binaries\Win64\RealmEAC.exe
FirewallRules: [{A96EC045-85D6-4EBB-A403-F1F891601D09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm Royale\Binaries\Win64\RealmEAC.exe
FirewallRules: [TCP Query User{4BA2CF79-4945-4529-9C9A-9353A046EEC6}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe
FirewallRules: [UDP Query User{F39E0654-0472-4BEF-B2DC-6C3C83234F9C}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe
FirewallRules: [{4F883396-9B21-4ED3-8618-21134E105762}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{0CA4D405-2423-4AF6-8967-74E16022656E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{812DFAF9-C43B-4F8B-BEA5-0B5D2D700D6A}] => (Allow) D:\STEAM\steamapps\common\Portal\hl2.exe
FirewallRules: [{A2A2AFBD-C44D-4E1D-8925-4067821F836B}] => (Allow) D:\STEAM\steamapps\common\Portal\hl2.exe
FirewallRules: [{687632F1-796E-4731-87E0-1C98A0CD6A01}] => (Allow) D:\STEAM\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{BD90E4EB-BF1C-45C1-A335-682A8202FF17}] => (Allow) D:\STEAM\steamapps\common\Portal 2\portal2.exe
FirewallRules: [TCP Query User{FE7F5C7B-40C2-4854-AC5E-38CFF2809F81}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{0250B57A-3FC4-454C-9B0D-1988BFEC7871}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [{286C067A-6FB2-4086-96E3-69FC48B91584}] => (Allow) D:\STEAM\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{E263A7FB-5F71-41A2-B7D6-FC39BCD1C8A2}] => (Allow) D:\STEAM\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{E720DDD1-024D-4C54-B001-452B8CFB6742}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{6E3CBF8B-7904-4BDC-99F9-0281743BAA42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{29FD2243-7001-47E2-A93F-D0B8CC856CBF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9435AA5F-7960-4B99-B9D8-0C0F0D5CCB7D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BADD4B6B-136C-4415-B258-D25B4AF15BD8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CB0B2518-FEA1-4DD7-9D72-A9B77F172672}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BDFC4300-A3B8-4B56-BEC2-67E30D6B76A7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{1CA932CB-1908-4E86-A7DC-33AFE59198E2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [TCP Query User{6517F40D-7878-4FC5-AB94-12531BF2CA3E}C:\program files\maxon\cinema 4d r19\cinema 4d.exe] => (Block) C:\program files\maxon\cinema 4d r19\cinema 4d.exe
FirewallRules: [UDP Query User{BE0F6602-BE32-4FB0-A6DD-E8E09E3FF42B}C:\program files\maxon\cinema 4d r19\cinema 4d.exe] => (Block) C:\program files\maxon\cinema 4d r19\cinema 4d.exe
FirewallRules: [{F697F881-CFEA-4BEB-891D-7893BA97D954}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Points de restauration =========================
ATTENTION: La Restauration système est désactivée
==================== Éléments en erreur du Gestionnaire de périphériques =============
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (08/16/2018 11:09:16 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-U7IT8MO)
Description: httphttp-2147467263
Error: (08/16/2018 11:08:28 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-U7IT8MO)
Description: httphttp-2147467263
Error: (08/16/2018 10:35:05 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-U7IT8MO)
Description: httphttp-2147467263
Error: (08/16/2018 10:20:19 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-U7IT8MO)
Description: httphttp-2147467263
Error: (08/16/2018 10:12:10 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-U7IT8MO)
Description: httphttp-2147467263
Error: (08/16/2018 10:07:42 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-U7IT8MO)
Description: httphttp-2147467263
Error: (08/16/2018 10:07:29 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Users\theoc\AppData\Local\chromium\Application\chrome.exe ».
Assembly dépendant 58.0.3014.0,language="*",type="win32",version="58.0.3014.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (08/16/2018 10:04:41 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-U7IT8MO)
Description: httphttp-2147467263
Erreurs système:
=============
Error: (08/16/2018 12:00:58 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-U7IT8MO)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-U7IT8MO\theoc de l’utilisateur (S-1-5-21-2589188454-1577206507-1414055909-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (08/16/2018 10:35:41 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-U7IT8MO)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-U7IT8MO\theoc de l’utilisateur (S-1-5-21-2589188454-1577206507-1414055909-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (08/16/2018 10:20:05 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-U7IT8MO)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-U7IT8MO\theoc de l’utilisateur (S-1-5-21-2589188454-1577206507-1414055909-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (08/16/2018 10:07:21 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-U7IT8MO)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-U7IT8MO\theoc de l’utilisateur (S-1-5-21-2589188454-1577206507-1414055909-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (08/16/2018 10:07:07 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (08/16/2018 10:07:07 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (08/16/2018 10:07:04 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Exécution pour l’application serveur COM avec le CLSID
Windows.SecurityCenter.WscDataProtection
et l’APPID
Non disponible
au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (08/16/2018 10:06:59 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: AUTORITE NT)
Description: Le module d’extensibilité WLAN n’a pas pu démarrer.
Chemin d’accès du module : C:\WINDOWS\system32\Rtlihvs.dll
Code d’erreur : 126
Windows Defender:
===================================
Date: 2018-08-16 09:46:03.082
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nom : HackTool:Win32/AutoKMS
ID : 2147685180
Gravité : Élevée
Catégorie : Outil
Chemin : file:_C:\Users\theoc\Downloads\noopi.CRACK OFFICE 2016\Family-Games Office 2016 Setup + Crack\Office 2016 Setup + Crack\O16Setup.exe
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : DESKTOP-U7IT8MO\theoc
Nom du processus : C:\Users\theoc\AppData\Roaming\ZHP\ZHPCleaner.exe
Version de la signature : AV: 1.273.1482.0, AS: 1.273.1482.0, NIS: 1.273.1482.0
Version du moteur : AM: 1.1.15100.1, NIS: 1.1.15100.1
CodeIntegrity:
===================================
Date: 2018-08-15 19:56:20.422
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-08-15 19:56:20.421
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-08-15 18:32:51.002
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-08-15 18:32:51.001
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-08-15 09:28:45.041
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-08-15 09:28:45.038
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-08-14 21:31:51.979
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-08-14 21:31:51.977
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Infos Mémoire ===========================
Processeur: AMD A10-8750 Radeon R7, 12 Compute Cores 4C+8G
Pourcentage de mémoire utilisée: 44%
Mémoire physique - RAM - totale: 7113.29 MB
Mémoire physique - RAM - disponible: 3982.86 MB
Mémoire virtuelle totale: 10057.29 MB
Mémoire virtuelle disponible: 6300.38 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:117.81 GB) (Free:4.16 GB) NTFS
Drive d: () (Fixed) (Total:1862.89 GB) (Free:1352.01 GB) NTFS
\\?\Volume{9e6842ed-1091-4105-9f98-92716324ef65}\ () (Fixed) (Total:0.96 GB) (Free:0.57 GB) NTFS
\\?\Volume{101b4b18-ddb3-4df5-82da-2392ac9140cf}\ () (Fixed) (Total:0.35 GB) (Free:0.32 GB) FAT32
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (Protective MBR) (Size: 119.2 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Fin de Addition.txt ============================
Exécuté par theoc (16-08-2018 12:03:52)
Exécuté depuis C:\Users\theoc\Desktop
Windows 10 Home Version 1803 17134.228 (X64) (2018-05-19 21:41:43)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-2589188454-1577206507-1414055909-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2589188454-1577206507-1414055909-503 - Limited - Disabled)
Invité (S-1-5-21-2589188454-1577206507-1414055909-501 - Limited - Disabled)
theoc (S-1-5-21-2589188454-1577206507-1414055909-1001 - Administrator - Enabled) => C:\Users\theoc
WDAGUtilityAccount (S-1-5-21-2589188454-1577206507-1414055909-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_0_0) (Version: 15.0.0 - Adobe Systems Incorporated)
Adobe Audition CC 2018 (HKLM-x32\...\AUDT_11_1) (Version: 11.1.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.6.0.384 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_0_0) (Version: 22.0.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0_1) (Version: 19.0.1 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_1_2) (Version: 11.1.2 - Adobe Systems Incorporated)
Application Blizzard (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Backup and Sync from Google (HKLM\...\{AEFBDB5B-899F-4AE6-B789-BA56A652A476}) (Version: 3.42.9858.3671 - Google, Inc.)
Blender (HKLM\...\{6B32721F-EA02-40BB-B781-92404BA3485C}) (Version: 2.79.1 - Blender Foundation)
Cinema 4D 19.024 (HKLM\...\MAXONB1A7BB62) (Version: 19.024 - MAXON Computer GmbH)
Discord (HKU\S-1-5-21-2589188454-1577206507-1414055909-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
EduPython 2.3 (HKLM-x32\...\EduPython_2.3_is1) (Version: 2.3 - V. MAILLE)
Epic Games Launcher (HKLM-x32\...\{904D135E-2B44-4B46-A4B4-78A5FCE8F27C}) (Version: 1.1.129.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Pen version v3.6.0.0 (HKLM-x32\...\Epic Pen_is1) (Version: v3.6.0.0 - TANK Studios)
EPSON XP-312 313 315 Series Printer Uninstall (HKLM\...\EPSON XP-312 313 315 Series) (Version: - SEIKO EPSON Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 8.0.1.300 - Huawei Technologies Co.,Ltd)
Hotspot Shield 7.6.5 (HKLM-x32\...\{107bec2f-7507-4df6-98a6-a8bfea0d5655}) (Version: 7.6.5.10927 - AnchorFree Inc.)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation)
iPrint (HKLM-x32\...\iPrint_is1) (Version: 6.0 - Inzone Software Limited)
iSkysoft Helper Compact 2.5.2 (HKLM-x32\...\{9BF12010-8799-41A5-A671-E9CFDE9E79F3}_is1) (Version: 2.5.2 - iSkysoft)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.7.208 - McAfee, Inc.)
Microsoft Office Professionnel Plus 2016 - fr-fr (HKLM\...\ProplusRetail - fr-fr) (Version: 16.0.10325.20082 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2589188454-1577206507-1414055909-1001\...\OneDriveSetup.exe) (Version: 18.070.0405.0002 - Microsoft Corporation)
Microsoft Project Professionnel 2016 - fr-fr (HKLM\...\ProjectProRetail - fr-fr) (Version: 16.0.10325.20082 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM\...\{EA457B21-F73E-494C-ACAB-524FDE069978}_is1) (Version: 1.16.1 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 59.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.3 (x64 en-US)) (Version: 59.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Node.js (HKLM\...\{F69C1A4C-0402-462C-B95D-6BEAED881FA1}) (Version: 8.11.1 - Node.js Foundation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.5 - Notepad++ Team)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.0.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7796 - Realtek Semiconductor Corp.)
SmartControl version 1.4.0.7 (HKLM\...\SmartControl_is1) (Version: 1.4.0.7 - MMD)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-2589188454-1577206507-1414055909-1001\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.5287 - TeamViewer)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-2589188454-1577206507-1414055909-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-5D28F422C1A9}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2589188454-1577206507-1414055909-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-21] (AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-02-27] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-21] (AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-05-30] (Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-21] (AVAST Software)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-05-30] (Google)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-21] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {10441961-F894-49A1-A5E7-705A184E1B77} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-theochirat@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {1499EB1B-BB6C-4F4F-B169-45EE507F67E0} - System32\Tasks\EPSON XP-312 313 315 Series Update {F34EF773-0B30-4817-9D16-CC17581084FD} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2014-12-03] (SEIKO EPSON CORPORATION)
Task: {241CE8E9-4C40-48E1-83F1-8A747728E015} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-01] (Google Inc.)
Task: {255FAB4E-75EA-4C29-97FB-80D15622473A} - System32\Tasks\Opera scheduled Autoupdate 1506864628 => C:\Users\theoc\AppData\Local\Programs\Opera\launcher.exe
Task: {2D39E918-197E-4C2A-B9ED-BEE917FB891C} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-theochirat@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {2D931A05-07CA-4147-A59D-73429DC6DC9D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-06-13] (AVAST Software)
Task: {35DEB450-4336-409F-8B11-A90681E898D5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-22] (Microsoft Corporation)
Task: {37EB6787-A830-4641-891F-F2C81C16FDAE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-16] (Microsoft Corporation)
Task: {3B057557-F87C-4050-8715-678C9D3C67B0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-07-24] (Microsoft Corporation)
Task: {41CE2203-DE1F-46B1-8025-DB9DF4909638} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-24] (Microsoft Corporation)
Task: {49C37659-FD16-42F2-BAE5-21C6B6ED3E11} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-07-24] (Microsoft Corporation)
Task: {4CF97EC9-828F-4C1E-B041-19B1E0A75F2A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-13] (Adobe Systems Incorporated)
Task: {4EE07A93-23CD-4195-8877-6A3C88C65E89} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-16] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {73802320-0429-4295-A527-E1C4DE2A52E5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-01] (Google Inc.)
Task: {7A07F2B9-7073-4390-94F5-ABDA3BB93272} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-22] (Microsoft Corporation)
Task: {7B3F536A-02A1-4734-84D5-8E82E5DB3474} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\osfinstaller.exe [2018-07-24] (Microsoft Corporation)
Task: {7CE97375-ED17-4014-99F5-261BB046BE65} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {F34EF773-0B30-4817-9D16-CC17581084FD} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2014-12-03] (SEIKO EPSON CORPORATION)
Task: {7CEEDDF5-E4DD-4A99-8EF2-E21A45BCB32F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-16] (Microsoft Corporation)
Task: {911382CB-A0E1-45F3-911A-1883BA7A1E69} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-06-21] (AVAST Software)
Task: {A4BE82A3-1F0B-4FED-8F18-A6A5B854E7B7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-24] (Microsoft Corporation)
Task: {EC503AE3-D902-40D5-83B3-A33FF261CBE4} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {EC666506-1DDC-43AB-8589-7BB12E5D722A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-16] (Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Invitation {F34EF773-0B30-4817-9D16-CC17581084FD}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Update {F34EF773-0B30-4817-9D16-CC17581084FD}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE:/EXE:{F34EF773-0B30-4817-9D16-CC17581084FD} /F:UpdateWORKGROUP\DESKTOP-U7IT8MO$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
ShortcutWithArgument: C:\Users\theoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Floating for YouTube™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=jjphmlaoffndcnecccgemfdaaoighkel
ShortcutWithArgument: C:\Users\theoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
==================== Modules chargés (Avec liste blanche) ==============
2018-04-20 08:28 - 2018-04-20 08:28 - 000190784 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-02-27 20:08 - 2018-02-27 20:08 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-02-27 22:54 - 2018-02-27 22:54 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2018-08-14 20:40 - 2018-08-03 05:09 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-20 11:21 - 2018-07-20 11:27 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-20 11:21 - 2018-07-20 11:27 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-20 11:21 - 2018-07-20 11:29 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-20 11:21 - 2018-07-20 11:27 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-07-20 11:21 - 2018-07-20 11:24 - 000653824 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-08-11 09:26 - 2018-08-11 09:27 - 035124224 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-08-11 09:26 - 2018-08-11 09:27 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-08-11 09:26 - 2018-08-11 09:27 - 006417408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-10-01 16:07 - 2017-10-01 16:08 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-08-11 09:26 - 2018-08-11 09:27 - 009010176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-07-27 10:23 - 2018-07-27 10:25 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-07-27 10:23 - 2018-07-27 10:25 - 068154880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-04 13:36 - 2017-10-04 15:32 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-07-20 11:12 - 2018-07-20 11:24 - 004139008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-07-20 11:12 - 2018-07-20 11:29 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-05-04 17:08 - 2018-05-04 17:10 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-07-20 11:12 - 2018-07-20 11:31 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-03-29 20:17 - 2018-03-29 20:21 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-07-27 10:23 - 2018-07-27 10:25 - 014919168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-07-20 11:12 - 2018-07-20 11:24 - 003982848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-07-27 10:23 - 2018-07-27 10:24 - 002938880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-05-30 10:18 - 2018-05-30 10:20 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-20 11:12 - 2018-07-20 11:30 - 001396224 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-07-27 10:23 - 2018-07-27 10:25 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-27 10:23 - 2018-07-27 10:25 - 000162816 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\SKU.dll
2018-08-10 10:20 - 2018-08-08 02:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-10 10:20 - 2018-08-08 02:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll
2018-05-01 19:14 - 2018-04-30 23:01 - 001891672 _____ () C:\Users\theoc\AppData\Local\Discord\app-0.0.301\ffmpeg.dll
2018-03-02 14:12 - 2018-03-02 14:12 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-06-21 10:29 - 2018-06-21 10:29 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-06-21 10:29 - 2018-06-21 10:29 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2018-05-01 19:14 - 2018-04-30 23:01 - 001937752 _____ () C:\Users\theoc\AppData\Local\Discord\app-0.0.301\libglesv2.dll
2018-05-01 19:14 - 2018-04-30 23:01 - 000095576 _____ () C:\Users\theoc\AppData\Local\Discord\app-0.0.301\libegl.dll
2018-05-02 13:41 - 2018-08-03 10:04 - 011303256 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_voice\discord_voice.node
2018-05-02 13:41 - 2018-07-20 11:00 - 001635160 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_utils\discord_utils.node
2018-05-02 13:41 - 2018-05-02 13:41 - 000512856 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_erlpack\discord_erlpack.node
2018-05-02 13:41 - 2018-08-11 09:23 - 001641304 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_game_utils\discord_game_utils.node
2018-05-02 13:41 - 2018-08-09 10:29 - 001739608 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_overlay2\discord_overlay2.node
2018-05-02 13:41 - 2018-05-02 13:41 - 002722648 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_rpc\discord_rpc.node
2018-05-02 13:41 - 2018-05-02 13:41 - 001910104 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\cld\build\Release\cld.node
2018-05-02 13:41 - 2018-05-02 13:41 - 000422744 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\spellchecker\build\Release\spellchecker.node
2018-05-02 13:41 - 2018-05-02 13:41 - 000145240 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2018-08-11 09:23 - 2018-08-11 09:23 - 001247576 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_modules\discord_modules.node
2018-08-11 09:23 - 2018-08-16 09:34 - 020796760 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_dispatch\discord_dispatch.node
2018-05-02 13:41 - 2018-05-02 13:41 - 002760536 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_contact_import\discord_contact_import.node
2018-05-02 13:41 - 2018-05-02 13:41 - 001249112 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_vigilante\discord_vigilante.node
2018-05-02 13:41 - 2018-08-15 23:42 - 001657176 _____ () \\?\C:\Users\theoc\AppData\Roaming\discord\0.0.301\modules\discord_hook\discord_hook.node
2018-04-12 21:33 - 2018-04-12 21:33 - 000142376 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\fs-ext\build\Release\fs-ext.node
2018-04-12 21:33 - 2018-04-12 21:33 - 000271400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2018-04-12 21:33 - 2018-04-12 21:33 - 000141864 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\ref\build\Release\binding.node
2018-04-12 21:33 - 2018-04-12 21:33 - 000150568 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\ffi\build\Release\ffi_bindings.node
2018-04-12 21:33 - 2018-04-12 21:33 - 000097832 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2018-04-12 21:33 - 2018-04-12 21:33 - 000110120 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\idle-gc\build\Release\idle-gc.node
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\Users\Public\AppData:CSM [472]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [484]
AlternateDataStreams: C:\Users\theoc\OneDrive\Documents\League of Legends:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
==================== Hosts contenu: ==========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2017-03-18 23:03 - 2018-08-08 09:22 - 000002103 _____ C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-2589188454-1577206507-1414055909-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\theoc\Desktop\FondDecran\fond écran.png
DNS Servers: 212.27.40.240 - 212.27.40.241
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu is disabled.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "iSkysoft Helper Compact.exe"
HKU\S-1-5-21-2589188454-1577206507-1414055909-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2589188454-1577206507-1414055909-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-2589188454-1577206507-1414055909-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2589188454-1577206507-1414055909-1001\...\StartupApproved\Run: => "GoogleDriveSync"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [UDP Query User{A7F13DEB-6474-4DCC-82C2-8F79C17C7865}C:\users\theoc\appdata\local\temp\rar$exa11320.18014\ragextrem3\ragesimulator3\binaries\win64\ragesimulator3-win64-shipping.exe] => (Allow) C:\users\theoc\appdata\local\temp\rar$exa11320.18014\ragextrem3\ragesimulator3\binaries\win64\ragesimulator3-win64-shipping.exe
FirewallRules: [TCP Query User{D6AB1E45-63D8-497E-9339-2EF2987FC95A}C:\users\theoc\appdata\local\temp\rar$exa11320.18014\ragextrem3\ragesimulator3\binaries\win64\ragesimulator3-win64-shipping.exe] => (Allow) C:\users\theoc\appdata\local\temp\rar$exa11320.18014\ragextrem3\ragesimulator3\binaries\win64\ragesimulator3-win64-shipping.exe
FirewallRules: [UDP Query User{23D758BF-401B-4619-B0DA-722677301DF3}C:\users\theoc\appdata\local\temp\rar$exa8248.1451\ragextrem3\ragesimulator3\binaries\win64\ragesimulator3-win64-shipping.exe] => (Allow) C:\users\theoc\appdata\local\temp\rar$exa8248.1451\ragextrem3\ragesimulator3\binaries\win64\ragesimulator3-win64-shipping.exe
FirewallRules: [TCP Query User{F279A82E-A1EC-4C29-8B65-36D2EFB3BAA2}C:\users\theoc\appdata\local\temp\rar$exa8248.1451\ragextrem3\ragesimulator3\binaries\win64\ragesimulator3-win64-shipping.exe] => (Allow) C:\users\theoc\appdata\local\temp\rar$exa8248.1451\ragextrem3\ragesimulator3\binaries\win64\ragesimulator3-win64-shipping.exe
FirewallRules: [UDP Query User{7EB485A1-D7A1-4137-8E7B-8715F058C0D0}C:\users\theoc\appdata\local\temp\rar$exa3480.15262\ragextrem3\ragesimulator3\binaries\win64\ragesimulator3-win64-shipping.exe] => (Allow) C:\users\theoc\appdata\local\temp\rar$exa3480.15262\ragextrem3\ragesimulator3\binaries\win64\ragesimulator3-win64-shipping.exe
FirewallRules: [TCP Query User{414BA13F-AB9A-4266-8AA8-323B5C7B3271}C:\users\theoc\appdata\local\temp\rar$exa3480.15262\ragextrem3\ragesimulator3\binaries\win64\ragesimulator3-win64-shipping.exe] => (Allow) C:\users\theoc\appdata\local\temp\rar$exa3480.15262\ragextrem3\ragesimulator3\binaries\win64\ragesimulator3-win64-shipping.exe
FirewallRules: [UDP Query User{B49ADD65-2B19-43A4-BBD8-922F6042DE62}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
FirewallRules: [TCP Query User{81E1EE6E-A29C-4123-B456-E47F15F7E6A7}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
FirewallRules: [UDP Query User{D9AA2065-AE05-4F8A-80AA-F84FACD8A078}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
FirewallRules: [TCP Query User{EB6AAE21-D9B9-4C2E-881F-3362FE293413}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
FirewallRules: [{5A49469D-63B2-47D4-84A6-14AD57C8DDCA}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe
FirewallRules: [{64A48C9A-07C9-4DF1-84E5-7305761EB714}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe
FirewallRules: [{CE468174-A86B-4074-8491-14E6C7F8BFB6}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe
FirewallRules: [{9BBCF6FD-5540-4DB8-97AC-3D0BC9468597}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B253C878-3898-4BBE-8629-1A13E8AF9493}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6CC974DD-FDF2-4479-A052-867DAB545354}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DD1523DF-6925-4A8B-A068-23968A0BF693}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{085DBB8E-1C48-4316-9A4E-D5A7AAC409A2}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{D94B02DA-2B6B-46FA-BC7D-128B5FD966F9}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{CE1A51A9-4191-4C7C-BA1C-F5C78C08FC9C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BF0E7179-5A2C-4C0C-B030-5A72F25FCE5B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{027B3929-CF12-4440-8EF7-B93968F89D8C}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{584C6B9B-C87E-467E-8CE3-E9E8CC8E9247}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{F740E7D6-5EF8-49EC-84C5-C3CA51F5E6F4}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{55859058-07F6-4BE5-8682-3672F24EFC24}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{424AB528-A902-420F-892A-761EF99258FC}C:\program files\java\jre1.8.0_131\bin\java.exe] => (Block) C:\program files\java\jre1.8.0_131\bin\java.exe
FirewallRules: [UDP Query User{A3B5C0A8-A12A-4EE8-AEBA-7B7BE736A043}C:\program files\java\jre1.8.0_131\bin\java.exe] => (Block) C:\program files\java\jre1.8.0_131\bin\java.exe
FirewallRules: [TCP Query User{40D9E923-531B-4602-AA29-7F6973C605C5}C:\program files\java\jre1.8.0_131\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_131\bin\java.exe
FirewallRules: [UDP Query User{A5CFFF75-E00A-4458-9E1A-868BF8F34BB6}C:\program files\java\jre1.8.0_131\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_131\bin\java.exe
FirewallRules: [TCP Query User{56DA6A46-5980-4093-B6EF-34571E71D765}C:\edupython\app\python.exe] => (Allow) C:\edupython\app\python.exe
FirewallRules: [UDP Query User{C2D7D53D-21C5-4832-98C3-85C400DE6963}C:\edupython\app\python.exe] => (Allow) C:\edupython\app\python.exe
FirewallRules: [TCP Query User{7368A634-8485-4E76-942D-77CF5D579276}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{B32E10BD-0D90-4478-8621-6F87C86CD29C}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{5B46668D-CC88-4DC1-A62A-734EEEEB425D}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{E04D8D8B-04C9-46E5-B216-2DB36D6B3AE1}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{3F1383AB-B57D-4BA1-B381-D450CD326E10}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{E5BE7B5C-7C33-46FA-859A-5A8E93726EA1}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{3DB723AA-480A-423F-8C49-4A535075A5F7}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{219A519E-2208-434B-BCAD-3D057FCB945E}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{B7711E7E-D15C-4705-986A-B5DCA188ADE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm Royale\Binaries\Win64\RealmEAC.exe
FirewallRules: [{A96EC045-85D6-4EBB-A403-F1F891601D09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm Royale\Binaries\Win64\RealmEAC.exe
FirewallRules: [TCP Query User{4BA2CF79-4945-4529-9C9A-9353A046EEC6}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe
FirewallRules: [UDP Query User{F39E0654-0472-4BEF-B2DC-6C3C83234F9C}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe
FirewallRules: [{4F883396-9B21-4ED3-8618-21134E105762}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{0CA4D405-2423-4AF6-8967-74E16022656E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{812DFAF9-C43B-4F8B-BEA5-0B5D2D700D6A}] => (Allow) D:\STEAM\steamapps\common\Portal\hl2.exe
FirewallRules: [{A2A2AFBD-C44D-4E1D-8925-4067821F836B}] => (Allow) D:\STEAM\steamapps\common\Portal\hl2.exe
FirewallRules: [{687632F1-796E-4731-87E0-1C98A0CD6A01}] => (Allow) D:\STEAM\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{BD90E4EB-BF1C-45C1-A335-682A8202FF17}] => (Allow) D:\STEAM\steamapps\common\Portal 2\portal2.exe
FirewallRules: [TCP Query User{FE7F5C7B-40C2-4854-AC5E-38CFF2809F81}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{0250B57A-3FC4-454C-9B0D-1988BFEC7871}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [{286C067A-6FB2-4086-96E3-69FC48B91584}] => (Allow) D:\STEAM\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{E263A7FB-5F71-41A2-B7D6-FC39BCD1C8A2}] => (Allow) D:\STEAM\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{E720DDD1-024D-4C54-B001-452B8CFB6742}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{6E3CBF8B-7904-4BDC-99F9-0281743BAA42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{29FD2243-7001-47E2-A93F-D0B8CC856CBF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9435AA5F-7960-4B99-B9D8-0C0F0D5CCB7D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BADD4B6B-136C-4415-B258-D25B4AF15BD8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CB0B2518-FEA1-4DD7-9D72-A9B77F172672}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BDFC4300-A3B8-4B56-BEC2-67E30D6B76A7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{1CA932CB-1908-4E86-A7DC-33AFE59198E2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [TCP Query User{6517F40D-7878-4FC5-AB94-12531BF2CA3E}C:\program files\maxon\cinema 4d r19\cinema 4d.exe] => (Block) C:\program files\maxon\cinema 4d r19\cinema 4d.exe
FirewallRules: [UDP Query User{BE0F6602-BE32-4FB0-A6DD-E8E09E3FF42B}C:\program files\maxon\cinema 4d r19\cinema 4d.exe] => (Block) C:\program files\maxon\cinema 4d r19\cinema 4d.exe
FirewallRules: [{F697F881-CFEA-4BEB-891D-7893BA97D954}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Points de restauration =========================
ATTENTION: La Restauration système est désactivée
==================== Éléments en erreur du Gestionnaire de périphériques =============
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (08/16/2018 11:09:16 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-U7IT8MO)
Description: httphttp-2147467263
Error: (08/16/2018 11:08:28 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-U7IT8MO)
Description: httphttp-2147467263
Error: (08/16/2018 10:35:05 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-U7IT8MO)
Description: httphttp-2147467263
Error: (08/16/2018 10:20:19 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-U7IT8MO)
Description: httphttp-2147467263
Error: (08/16/2018 10:12:10 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-U7IT8MO)
Description: httphttp-2147467263
Error: (08/16/2018 10:07:42 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-U7IT8MO)
Description: httphttp-2147467263
Error: (08/16/2018 10:07:29 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Users\theoc\AppData\Local\chromium\Application\chrome.exe ».
Assembly dépendant 58.0.3014.0,language="*",type="win32",version="58.0.3014.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (08/16/2018 10:04:41 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-U7IT8MO)
Description: httphttp-2147467263
Erreurs système:
=============
Error: (08/16/2018 12:00:58 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-U7IT8MO)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-U7IT8MO\theoc de l’utilisateur (S-1-5-21-2589188454-1577206507-1414055909-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (08/16/2018 10:35:41 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-U7IT8MO)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-U7IT8MO\theoc de l’utilisateur (S-1-5-21-2589188454-1577206507-1414055909-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (08/16/2018 10:20:05 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-U7IT8MO)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-U7IT8MO\theoc de l’utilisateur (S-1-5-21-2589188454-1577206507-1414055909-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (08/16/2018 10:07:21 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-U7IT8MO)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-U7IT8MO\theoc de l’utilisateur (S-1-5-21-2589188454-1577206507-1414055909-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (08/16/2018 10:07:07 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (08/16/2018 10:07:07 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (08/16/2018 10:07:04 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Exécution pour l’application serveur COM avec le CLSID
Windows.SecurityCenter.WscDataProtection
et l’APPID
Non disponible
au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (08/16/2018 10:06:59 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: AUTORITE NT)
Description: Le module d’extensibilité WLAN n’a pas pu démarrer.
Chemin d’accès du module : C:\WINDOWS\system32\Rtlihvs.dll
Code d’erreur : 126
Windows Defender:
===================================
Date: 2018-08-16 09:46:03.082
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nom : HackTool:Win32/AutoKMS
ID : 2147685180
Gravité : Élevée
Catégorie : Outil
Chemin : file:_C:\Users\theoc\Downloads\noopi.CRACK OFFICE 2016\Family-Games Office 2016 Setup + Crack\Office 2016 Setup + Crack\O16Setup.exe
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : DESKTOP-U7IT8MO\theoc
Nom du processus : C:\Users\theoc\AppData\Roaming\ZHP\ZHPCleaner.exe
Version de la signature : AV: 1.273.1482.0, AS: 1.273.1482.0, NIS: 1.273.1482.0
Version du moteur : AM: 1.1.15100.1, NIS: 1.1.15100.1
CodeIntegrity:
===================================
Date: 2018-08-15 19:56:20.422
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-08-15 19:56:20.421
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-08-15 18:32:51.002
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-08-15 18:32:51.001
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-08-15 09:28:45.041
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-08-15 09:28:45.038
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-08-14 21:31:51.979
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-08-14 21:31:51.977
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Infos Mémoire ===========================
Processeur: AMD A10-8750 Radeon R7, 12 Compute Cores 4C+8G
Pourcentage de mémoire utilisée: 44%
Mémoire physique - RAM - totale: 7113.29 MB
Mémoire physique - RAM - disponible: 3982.86 MB
Mémoire virtuelle totale: 10057.29 MB
Mémoire virtuelle disponible: 6300.38 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:117.81 GB) (Free:4.16 GB) NTFS
Drive d: () (Fixed) (Total:1862.89 GB) (Free:1352.01 GB) NTFS
\\?\Volume{9e6842ed-1091-4105-9f98-92716324ef65}\ () (Fixed) (Total:0.96 GB) (Free:0.57 GB) NTFS
\\?\Volume{101b4b18-ddb3-4df5-82da-2392ac9140cf}\ () (Fixed) (Total:0.35 GB) (Free:0.32 GB) FAT32
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (Protective MBR) (Size: 119.2 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Fin de Addition.txt ============================