cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 03-08-2016
Exécuté par rapha (2018-11-02 18:54:47)
Exécuté depuis C:\Users\rapha\Downloads
Windows 10 Home Version 1803 (X64) (2018-10-28 12:36:22)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================

Administrateur (S-1-5-21-2279163811-486590336-219774335-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2279163811-486590336-219774335-503 - Limited - Disabled)
Invité (S-1-5-21-2279163811-486590336-219774335-501 - Limited - Disabled)
rapha (S-1-5-21-2279163811-486590336-219774335-1001 - Administrator - Enabled) => C:\Users\rapha
WDAGUtilityAccount (S-1-5-21-2279163811-486590336-219774335-504 - Limited - Disabled)

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Kaspersky Free (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Free (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

AdGuard (HKLM-x32\...\{61fb8e5f-dbdc-4481-bdee-fc580ad25a97}) (Version: 6.4.1814.4903 - Adguard Software Ltd)
AdGuard (x32 Version: 6.4.1814.4903 - Adguard Software Ltd) Hidden
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
IObit Malware Fighter 6 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 6.3 - IObit)
Kaspersky Free (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Free (x32 Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-2279163811-486590336-219774335-1001\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Mozilla Firefox 63.0 (x64 en-US) (HKLM\...\Mozilla Firefox 63.0 (x64 en-US)) (Version: 63.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0 - Mozilla)
Panneau de configuration NVIDIA 382.05 (Version: 382.05 - NVIDIA Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7954 - Realtek Semiconductor Corp.)
SpyShelter Premium 11.2 (HKLM\...\Spyshelter_is1) (Version: 11.2 - Datpol)

==================== Personnalisé CLSID (Avec liste blanche): ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-2279163811-486590336-219774335-1001_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\localserver32 -> C:\Users\rapha\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2279163811-486590336-219774335-1001_Classes\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\localserver32 -> C:\Users\rapha\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2279163811-486590336-219774335-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\rapha\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2279163811-486590336-219774335-1001_Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\localserver32 -> C:\Users\rapha\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2279163811-486590336-219774335-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\rapha\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2279163811-486590336-219774335-1001_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\localserver32 -> C:\Users\rapha\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation)

==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0D2CC257-CC56-41EC-B8A0-325430593755} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications
Task: {11FD2C46-7924-42FF-BECB-17055F1908A6} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {15B4E460-A99D-4330-9028-D94CF984A483} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
Task: {1F1FA02E-D4EE-4092-856A-58868BA04565} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {29C83479-B886-41D8-817C-9D4345D587E8} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {29ED27F7-B35A-42C5-A162-3EEF65754B3C} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Task: {36C18466-7B24-47F5-BFF6-195B9750ABC9} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [2018-07-15] (Microsoft Corporation)
Task: {3ADEFDD9-3F34-42CF-B640-F7636158157D} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {46BE6519-C277-4618-A822-37EDC90389FC} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {5FA55072-C996-44DE-9638-2C81D1D68B4F} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)
Task: {6259EBD3-3F2D-4CC9-A603-7BC81E75844E} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {63A76B8C-9378-4B97-BA46-4CC38BBF82AA} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {68CD8004-BAAA-460D-A5D4-98982F560CCF} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-07-11] (Microsoft Corporation)
Task: {69091829-AA18-4B3D-ADFD-D1F6CB2B1B09} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask
Task: {7243DED8-4CF7-4006-B348-C3D45A761ACB} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task
Task: {72A52543-6161-4346-9C79-C2A152618FC8} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {7FB3A1EF-0959-4955-8C28-8BE82B412822} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {81AC25FA-8421-4FB4-9A0D-509A37412F0C} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration
Task: {8940D615-30C9-418E-A2CF-2A5A5218C552} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {8CD22648-1DA3-4B41-8B64-4E45C6876F51} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {8D196D40-C5B5-4715-AFBA-C9D16A940AD2} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2018-04-12] (Microsoft Corporation)
Task: {914E69FD-8803-468D-9D2F-257E7B0B526A} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [2018-04-12] (Microsoft Corporation)
Task: {9A905A74-63E4-4E95-BD43-CC2D857187E8} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {9F577F45-5B71-44E2-A79C-FA87AD514DC3} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2279163811-486590336-219774335-1001 => C:\Users\rapha\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [2018-10-28] (Microsoft Corporation)
Task: {A3579EEF-A93F-4159-A6AC-7AF944B4AC5B} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\Windows\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation)
Task: {A4A63700-B186-4EDD-B6EF-ACC335B4187A} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {A5B57F43-D47A-4691-B80F-44381EF0041A} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2018-04-12] (Microsoft Corporation)
Task: {AA0E91B6-BCDE-415D-836F-9641E149EB30} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {AB53A075-EF06-404B-AB89-E49E7416D077} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {AFA4E362-9BC9-4516-B08D-4C6D8CAFE435} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {B2CC5144-AB88-4FD7-B232-63DA1872FA1E} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [2018-04-12] (Microsoft Corporation)
Task: {BEFD4011-9E84-4514-9E58-8DF23CE28CAA} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {C2973923-B5ED-43DC-A26A-A92211B2515C} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {C61688A0-6F8B-4604-AECD-553955DCA0CE} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
Task: {CD59335B-148D-4F71-9E20-8F74A7BB9B8D} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task
Task: {CDB1234B-893A-475D-938C-AC66FF201EF9} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login
Task: {D7A36CB1-BF64-4528-A502-A2808705FDEE} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {D88CC3B1-8023-4AEE-9E82-8B277210418F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged
Task: {DC9E6E0E-E540-4DD4-B34D-5D7E0500ADBE} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {E0191166-497C-4E80-8BB8-DA7A0FE4E870} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh
Task: {E09E5F85-F4DE-4583-9F7F-C120AAA0C759} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [2018-07-11] (Microsoft Corporation)
Task: {E419CBCC-E76A-42C2-B3B2-6C2C31190301} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {E97E3BF9-8396-498B-8AEB-699643A46A6A} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh
Task: {EDA5CF63-3B89-4721-A4AC-26A2B6EFCD18} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {EFAA6A76-A304-4882-B964-6A553F9E62D6} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2018-04-12] (Microsoft Corporation)
Task: {FBB68133-D062-4F7B-A8DE-CD762AD9B54B} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-07-11] (Microsoft Corporation)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Raccourcis =============================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

==================== Modules chargés (Avec liste blanche) ==============

2018-10-29 17:49 - 2018-10-18 09:44 - 02695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-10-29 17:49 - 2018-10-18 09:44 - 02821952 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 ____N () C:\Windows\System32\InputHost.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 00472064 ____N () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 02759168 ____N () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 ____N () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 ____N () C:\WINDOWS\SYSTEM32\InputHost.dll
2018-10-10 19:09 - 2018-09-20 04:38 - 02185728 ____N () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-28 14:01 - 2018-10-28 14:01 - 00009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-10-28 14:01 - 2018-10-28 14:01 - 00060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-10-28 14:01 - 2018-10-28 14:02 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2018-10-28 14:01 - 2018-10-28 14:01 - 10978304 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2018-10-28 14:01 - 2018-10-28 14:02 - 02810368 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\skypert.dll
2018-10-28 14:01 - 2018-10-28 14:01 - 00685056 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-10-28 14:01 - 2018-10-28 14:02 - 00183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 ____N () C:\WINDOWS\system32\InputHost.dll
2018-10-22 17:06 - 2018-10-22 17:06 - 02115944 _____ () C:\Program Files (x86)\Adguard\AdguardNetApi.DLL
2018-10-22 17:06 - 2018-10-22 17:06 - 00168808 _____ () C:\Program Files (x86)\Adguard\AdguardNetLib.DLL
2017-03-15 18:08 - 2017-03-15 18:08 - 00732672 _____ () C:\Program Files (x86)\Adguard\brolib32.dll
2018-10-28 16:01 - 2018-05-14 15:45 - 00152848 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2018-10-28 16:01 - 2018-01-22 19:00 - 00442128 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2018-10-28 16:01 - 2018-01-22 19:00 - 00210704 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2018-10-28 16:01 - 2018-01-22 19:00 - 00059664 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl

==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)

AlternateDataStreams: C:\Users\rapha\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [118]

==================== Mode sans échec (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"

==================== Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)


==================== Internet Explorer sites de confiance/sensibles ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)


==================== Hosts contenu: ===============================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2018-10-28 13:15 - 2018-10-28 13:13 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-2279163811-486590336-219774335-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

(Actuellement, il n'y a pas de correction automatique pour cette section.)


==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [{A4B4D7A7-43DA-4C89-BE60-0CA66D57120D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{7CB3EA58-EB77-468F-834E-1E763C629B49}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{988F4EBB-30AC-4968-A3FE-26C0BB337D2A}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe

==================== Points de restauration =========================

29-10-2018 06:00:38 Windows Update

==================== Éléments en erreur du Gestionnaire de périphériques =============


==================== Erreurs du Journal des événements: =========================

Erreurs Application:
==================
Error: (10/29/2018 05:57:17 AM) (Source: Adguard) (EventID: 0) (User: )
Description: Switching logger to invalid state because of System.ObjectDisposedException: Impossible d'accéder à un fichier fermé.
Source: mscorlib
Stack trace: à System.IO.__Error.FileNotOpen()
à System.IO.FileStream.get_Length()
à Microsoft.VisualBasic.Logging.FileLogTraceListener.ResourcesAvailable(Int64 newEntrySize)
à Microsoft.VisualBasic.Logging.FileLogTraceListener.WriteLine(String message)
à Adguard.Commons.Utils.Logger.TraceLine(TraceLevel level, String message)

Error: (10/28/2018 06:37:19 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (10/28/2018 06:37:18 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (10/28/2018 02:06:09 PM) (Source: MsiInstaller) (EventID: 1023) (User: AUTORITE NT)
Description: Produit : Kaspersky Free - La mise à jour ‘KIS 2019 MP0 family (Patch c)’ n’a pas pu être installée. Code d’erreur 1603. Des informations supplémentaires sont disponibles dans le fichier journal C:\WINDOWS\TEMP\MSIdc9da.LOG.

Error: (10/28/2018 01:51:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante SystemSettings.exe, version : 10.0.17134.112, horodatage : 0x2a3c4e62
Nom du module défaillant : Windows.UI.Xaml.dll, version : 10.0.17134.81, horodatage : 0x4f4899f8
Code d’exception : 0xc000027b
Décalage d’erreur : 0x00000000006a4e02
ID du processus défaillant : 0x1bb4
Heure de début de l’application défaillante : 0xSystemSettings.exe0
Chemin d’accès de l’application défaillante : SystemSettings.exe1
Chemin d’accès du module défaillant: SystemSettings.exe2
ID de rapport : SystemSettings.exe3
Nom complet du package défaillant : SystemSettings.exe4
ID de l’application relative au package défaillant : SystemSettings.exe5

Error: (10/28/2018 01:36:49 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erreur lors de la mise à jour du statut Windows Defender vers SECURITY_PRODUCT_STATE_ON.

Error: (10/28/2018 01:36:49 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erreur lors de la mise à jour du statut Windows Defender vers SECURITY_PRODUCT_STATE_ON.


Erreurs système:
=============
Error: (11/02/2018 06:42:55 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: propres à l’applicationLocalExécutionWindows.SecurityCenter.WscBrokerManagerNon disponibleAUTORITE NTSystèmeS-1-5-18LocalHost (avec LRPC)Non disponibleNon disponible

Error: (11/02/2018 06:42:06 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-MBGMAVL)
Description: propres à l’applicationLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}DESKTOP-MBGMAVLraphaS-1-5-21-2279163811-486590336-219774335-1001LocalHost (avec LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (11/01/2018 08:07:53 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT)
Description: {924DC564-16A6-42EB-929A-9A61FA7DA06F}

Error: (11/01/2018 08:07:53 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT)
Description: {924DC564-16A6-42EB-929A-9A61FA7DA06F}

Error: (11/01/2018 11:36:50 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-MBGMAVL)
Description: propres à l’applicationLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}DESKTOP-MBGMAVLraphaS-1-5-21-2279163811-486590336-219774335-1001LocalHost (avec LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (11/01/2018 11:36:45 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-MBGMAVL)
Description: propres à l’applicationLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}DESKTOP-MBGMAVLraphaS-1-5-21-2279163811-486590336-219774335-1001LocalHost (avec LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (11/01/2018 11:36:32 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: propres à l’applicationLocalExécutionWindows.SecurityCenter.WscBrokerManagerNon disponibleAUTORITE NTSystèmeS-1-5-18LocalHost (avec LRPC)Non disponibleNon disponible

Error: (11/01/2018 11:36:27 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-MBGMAVL)
Description: propres à l’applicationLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}DESKTOP-MBGMAVLraphaS-1-5-21-2279163811-486590336-219774335-1001LocalHost (avec LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (11/01/2018 11:36:11 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-MBGMAVL)
Description: propres à l’applicationLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}DESKTOP-MBGMAVLraphaS-1-5-21-2279163811-486590336-219774335-1001LocalHost (avec LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (11/01/2018 11:35:59 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-MBGMAVL)
Description: propres à l’applicationLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}DESKTOP-MBGMAVLraphaS-1-5-21-2279163811-486590336-219774335-1001LocalHost (avec LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723


CodeIntegrity:
===================================
Date: 2018-11-02 18:40:34.400
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\TVMonitor.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-11-01 11:54:33.165
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-11-01 11:54:33.165
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-11-01 11:33:30.471
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\TVMonitor.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-10-31 06:07:43.460
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-10-31 06:07:43.460
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-10-31 06:00:00.527
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\TVMonitor.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-10-30 07:23:37.677
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-10-30 07:23:37.677
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-10-30 07:12:43.902
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\TVMonitor.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Infos Mémoire ===========================

Processeur: Intel(R) Core(TM) i3-7100 CPU @ 3.90GHz
Pourcentage de mémoire utilisée: 39%
Mémoire physique - RAM - totale: 8148.46 MB
Mémoire physique - RAM - disponible: 4915.61 MB
Mémoire virtuelle totale: 10068.46 MB
Mémoire virtuelle disponible: 6379.98 MB

==================== Lecteurs ================================

Drive c: (Acer) (Fixed) (Total:465.2 GB) (Free:294.92 GB) NTFS
Drive d: (DATA) (Fixed) (Total:465.2 GB) (Free:326.69 GB) NTFS

==================== MBR & Table des partitions ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4E131614)

Partition: GPT.

==================== Fin de Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité