Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 28.12.2018 01
Exécuté par 97 (29-12-2018 01:33:53)
Exécuté depuis C:\Users\97\Downloads
Windows 10 Home Version 1803 17134.472 (X64) (2018-05-18 19:16:51)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
97 (S-1-5-21-457500272-3158296748-1728716815-1000 - Administrator - Enabled) => C:\Users\97
Administrateur (S-1-5-21-457500272-3158296748-1728716815-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-457500272-3158296748-1728716815-503 - Limited - Disabled)
Invité (S-1-5-21-457500272-3158296748-1728716815-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-457500272-3158296748-1728716815-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
µTorrent (HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\uTorrent) (Version: 3.5.5.44954 - BitTorrent Inc.)
Acoustica Mixcraft 8 Recording Studio (64-bit) (HKLM-x32\...\Mixcraft 8-64) (Version: 8.0.1.396 - Acoustica)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.5.0.331 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe CS6 Master Collection Patch 64bit (HKLM-x32\...\Adobe CS6 Master Collection Patch 64bit) (Version: - )
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0_1) (Version: 18.0.1 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Autodesk 123D Make 1.6.0 (HKLM-x32\...\{88FF8A21-F198-43DF-A5D9-80009EB620A8}) (Version: 1.60.0000 - Autodesk)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 22.0.10.67 - Bitdefender)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 3.55.70.1783 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Destiny 2 (HKLM-x32\...\Destiny 2) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\Discord) (Version: 0.0.301 - Discord Inc.)
Droid4X (HKLM-x32\...\Droid4X) (Version: 0.10.6 - Haiyu Dongxiang Co.,Ltd.)
Epic Games Launcher (HKLM-x32\...\{D55AA8F9-1DD5-4EFD-BBAA-7879A5C32ACC}) (Version: 1.1.151.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Focusrite USB 4.36.5.0 (HKLM\...\Focusrite USB_is1) (Version: 4.36.5.0 - Focusrite Audio Engineering Ltd.)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: "1.0.0.10" - Rockstar Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{8E0BDF1C-26D9-4579-A677-53A4CC0D3693}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
LibreOffice 5.0.6.3 (HKLM-x32\...\{900D9036-4EDA-45EC-A095-E8AFB25D807A}) (Version: 5.0.6.3 - The Document Foundation)
Microsoft Office Professionnel Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mises à jour NVIDIA 2.13.0.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.13.0.21 - NVIDIA Corporation)
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
MTG Arena (HKLM-x32\...\{B418249C-5F1D-4E3B-8ABC-4081B2B6AFEE}) (Version: 0.1.964.0 - Wizards of the Coast) Hidden
MTG Arena (HKLM-x32\...\MTG Arena 0.1.964.0) (Version: 0.1.964.0 - Wizards of the Coast)
NEF Codec (HKLM-x32\...\{D6506521-0959-4FA3-875F-E2E28830B0D2}) (Version: 1.31.0 - Nikon Corporation)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.3.0 - Nikon Corporation)
Nikon Transfer 2 (HKLM-x32\...\{4D5EE11A-0D0A-4214-ABAC-72419F7BE24D}) (Version: 2.13.1 - Nikon Corporation)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.0.1.0 - Duodian Technology Co. Ltd.)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Pilote 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Pilote du contrôleur 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Pilote graphique 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
Oracle VM VirtualBox 4.3.12_ZZZZ (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Overwatch Test (HKLM-x32\...\Overwatch Test) (Version: - Blizzard Entertainment)
Panneau de configuration NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Picture Control Utility 2 (HKLM\...\{46BEAB85-B86A-4AAB-B085-136ECA032CF4}) (Version: 2.4.1 - Nikon Corporation)
Plex Media Server (HKLM-x32\...\{9E7D781B-A4F6-45B4-A715-8DBD0740B53C}) (Version: 1.0.213 - Plex, Inc.) Hidden
Plex Media Server (HKLM-x32\...\{e948767e-a48f-4fd1-9eb1-1d0f0708d8e3}) (Version: 1.0.0.2261 - Plex, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8010 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\Spotify) (Version: 1.0.94.262.g3d5c231c - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stopping Plex (HKLM-x32\...\{F7BD4113-A39F-4245-85B2-7436A63A7329}) (Version: 1.0.213 - Plex, Inc.) Hidden
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78716 - TeamViewer)
Trove (HKLM-x32\...\Glyph Trove) (Version: - Trion Worlds, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Wondershare Data Recovery(Build 6.5.1.5) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 6.5.1.5 - Wondershare Software Co.,Ltd.)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-457500272-3158296748-1728716815-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-457500272-3158296748-1728716815-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-457500272-3158296748-1728716815-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-457500272-3158296748-1728716815-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-457500272-3158296748-1728716815-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-457500272-3158296748-1728716815-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-457500272-3158296748-1728716815-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-DC1B6B626B73}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-457500272-3158296748-1728716815-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll [2011-09-05] (Adobe Systems Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll [2011-09-05] (Adobe Systems Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0709D007-C22B-4C95-92A4-F8CC9FF3F4F5} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {0C9C6F26-063C-4590-9681-90F9DE9D3D67} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {29B40BF6-170C-47D0-87CC-56E9A0CBB314} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-10] (Microsoft Corporation)
Task: {2C4B895F-8C2D-4563-9311-5BAB5DD3EC73} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [2018-11-16] (BlueStack Systems, Inc.)
Task: {3334C465-8674-4562-93BC-0C7770E46641} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {38EDA466-AAE7-4E24-B779-37AF4A3BA0DF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-10] (Microsoft Corporation)
Task: {3B2ADB07-43A5-45B5-B4A7-A192F3AA1545} - System32\Tasks\AdobeGCInvoker-1.0-97-PC-97 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-12-13] (Adobe Systems, Incorporated)
Task: {4DA4EEBA-FB3A-44BF-8E8C-A70A701AA682} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {59062DB3-8C56-4736-8385-5FBAB09565FB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {5D8F15B1-9987-4718-A2AA-7699244B63A0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {885667ED-A7E1-423D-A28B-CD66E3B4EE02} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {90509804-8D80-4FDF-99F7-CE69A4913955} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2018-11-15] (Bitdefender)
Task: {A9EFDBED-917F-4009-819C-5648AC65A991} - System32\Tasks\AdobeAAMUpdater-1.0-97-PC-97 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-10] (Adobe Systems Incorporated)
Task: {C63FB105-7444-4B6F-9448-F1315ABC8E65} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {CA7F3405-5768-4EC1-AB87-290917746E69} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-10] (Microsoft Corporation)
Task: {D1A709C0-F204-4954-9ABD-2A62287C23DD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-10] (Microsoft Corporation)
Task: {E5763E8C-B12D-4F9E-8C9E-489280C7CC1A} - System32\Tasks\S-1-5-21-457500272-3158296748-1728716815-1000\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-12-08] (Microsoft Corporation)
Task: {FE6E424E-CBEF-4FE5-B19A-3552C81CD2F8} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_pepper.exe [2018-12-05] (Adobe Systems Incorporated)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
ShortcutWithArgument: C:\Users\97\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% --disable-quic
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% --disable-quic
==================== Modules chargés (Avec liste blanche) ==============
2017-07-10 09:43 - 2013-07-04 02:32 - 000936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2017-08-14 09:16 - 2017-08-14 09:16 - 000285616 _____ () C:\Program Files (x86)\Droid4X\Droid4XService.exe
2018-12-28 10:13 - 2018-12-28 10:13 - 001485720 _____ () C:\Program Files\NDhjNGY3N\MmM5NjE.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-02-27 19:08 - 2018-02-27 19:08 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-12 09:36 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-12-29 00:39 - 2018-12-29 01:21 - 000269824 _____ () C:\Program Files\Common Files\UJC7FHQWDM8E\UpdateInstall.exe
2018-12-20 08:38 - 2018-12-14 07:50 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-16 06:01 - 2018-10-16 06:02 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-12-13 21:06 - 2018-12-13 21:06 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-12-13 21:06 - 2018-12-13 21:07 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-07-11 20:58 - 2018-07-11 20:58 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-12-29 01:21 - 2018-12-29 01:21 - 000719360 _____ () C:\Users\97\AppData\Local\Temp\is-QQ2PL.tmp\1gos0uvpq3s.tmp
2018-12-11 11:54 - 2018-12-11 11:55 - 034870272 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-12-11 11:54 - 2018-12-11 11:54 - 000292352 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-01 05:38 - 2017-12-01 05:38 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-28 19:21 - 2018-11-28 19:22 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-12-11 11:54 - 2018-12-11 11:54 - 005967872 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-12-11 11:54 - 2018-12-11 11:54 - 009072128 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\EntPlat.dll
2017-10-09 22:51 - 2017-10-09 22:52 - 098275328 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2017-10-09 22:52 - 2017-10-09 22:52 - 003922432 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2017-10-09 22:52 - 2017-10-09 22:52 - 000092672 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2018-12-29 01:23 - 2018-12-29 01:23 - 000719360 _____ () C:\Users\97\AppData\Local\Temp\is-11POI.tmp\qkxhsg4oody.tmp
2018-12-29 01:23 - 2018-12-29 01:23 - 000719360 _____ () C:\Users\97\AppData\Local\Temp\is-LQQEF.tmp\aywqphjv5pi.tmp
2018-12-29 00:38 - 2018-12-29 00:38 - 000364032 _____ () C:\Program Files\Common Files\UJC7FHQWDM8E\dGk-5dfxK'.exe
2018-12-29 01:23 - 2018-12-29 01:23 - 000719360 _____ () C:\Users\97\AppData\Local\Temp\is-F50DL.tmp\1gos0uvpq3s.tmp
2018-05-04 18:18 - 2018-05-04 18:18 - 035477440 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2018-10-09 14:29 - 2018-10-09 14:29 - 004389888 _____ () C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1809.2571.0_x64__8wekyb3d8bbwe\OneConnect.dll
2017-07-10 09:43 - 2018-12-29 01:19 - 000032552 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2017-07-10 09:43 - 2013-07-04 02:32 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2018-12-29 00:39 - 2018-12-29 00:39 - 000587264 _____ () c:\users\97\appdata\local\maurice\maurice.dll
2018-12-29 00:39 - 2018-12-29 00:39 - 001113600 _____ () C:\WINDOWS\qqheydqasqjgqxr.qqh
2018-12-29 01:21 - 2008-10-15 16:44 - 000205312 _____ () C:\Users\97\AppData\Local\Temp\is-RO7AB.tmp\itdownload.dll
2016-06-07 20:19 - 2015-08-27 01:37 - 000011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-06-23 18:03 - 2016-06-23 18:03 - 000792904 _____ () C:\Program Files (x86)\Plex\Plex Media Server\tag.dll
2016-06-23 18:02 - 2016-06-23 18:02 - 001759560 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_imgproc2411.dll
2016-06-23 18:02 - 2016-06-23 18:02 - 001989960 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_core2411.dll
2016-06-23 18:03 - 2016-06-23 18:03 - 000091464 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
2016-06-23 18:02 - 2016-06-23 18:02 - 000033608 _____ () C:\Program Files (x86)\Plex\Plex Media Server\lyric_lite.dll
2016-06-23 18:02 - 2016-06-23 18:02 - 001092424 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll
2016-06-23 18:03 - 2016-06-23 18:03 - 000068424 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll
2016-06-23 18:02 - 2016-06-23 18:02 - 000123208 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll
2016-06-23 18:02 - 2016-06-23 18:02 - 000211272 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
2018-12-29 01:23 - 2008-10-15 16:44 - 000205312 _____ () C:\Users\97\AppData\Local\Temp\is-3C3P9.tmp\itdownload.dll
2018-12-29 01:23 - 2008-10-15 16:44 - 000205312 _____ () C:\Users\97\AppData\Local\Temp\is-C84CK.tmp\itdownload.dll
2018-12-29 00:39 - 2018-12-29 00:39 - 000016384 _____ () C:\Users\97\AppData\Local\dgcege.dll
2018-12-29 01:23 - 2008-10-15 16:44 - 000205312 _____ () C:\Users\97\AppData\Local\Temp\is-5QSRD.tmp\itdownload.dll
2011-09-05 18:05 - 2011-09-05 18:05 - 000019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\fr_FR\acrotray.fra
2018-04-24 06:51 - 2018-04-24 06:51 - 067115992 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2016-06-23 18:03 - 2016-06-23 18:03 - 000058184 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd
2016-06-23 18:03 - 2016-06-23 18:03 - 000040264 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd
2016-06-23 18:03 - 2016-06-23 18:03 - 000030024 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd
2016-06-23 18:03 - 2016-06-23 18:03 - 000049992 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd
2016-06-23 18:03 - 2016-06-23 18:03 - 000939336 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd
2016-06-23 18:02 - 2016-06-23 18:02 - 000082760 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll
2016-06-23 18:02 - 2016-06-23 18:02 - 000198984 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll
2016-06-23 18:03 - 2016-06-23 18:03 - 000226120 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd
2016-06-23 18:03 - 2016-06-23 18:03 - 000026952 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd
2016-06-23 18:03 - 2016-06-23 18:03 - 000103752 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd
2016-06-23 18:03 - 2016-06-23 18:03 - 000151880 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd
2016-06-23 18:03 - 2016-06-23 18:03 - 000702792 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd
2018-04-12 20:33 - 2018-04-12 20:33 - 000142376 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\fs-ext\build\Release\fs-ext.node
2018-04-12 20:33 - 2018-04-12 20:33 - 000271400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2018-04-12 20:33 - 2018-04-12 20:33 - 000141864 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\ref\build\Release\binding.node
2018-04-12 20:33 - 2018-04-12 20:33 - 000150568 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\ffi\build\Release\ffi_bindings.node
2018-04-12 20:33 - 2018-04-12 20:33 - 000097832 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2018-04-12 20:33 - 2018-04-12 20:33 - 000110120 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\idle-gc\build\Release\idle-gc.node
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\Users\97\AppData\Local\Ci9xMhOo4HmqGCv:C6gbzmdRkt596U77Sw [1774]
AlternateDataStreams: C:\Users\97\AppData\Local\KuBQqS1zHsdJsw:nXQNIlenL1vAQRnOx [1762]
AlternateDataStreams: C:\Users\97\AppData\Local\Temp:$DATA [16]
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
IE trusted site: HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts contenu: ===============================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2009-07-14 03:34 - 2018-12-29 00:38 - 000000834 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-457500272-3158296748-1728716815-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\97\Desktop\gogeta_super_saiyan_blue_by_rmehedi-daowmbn.png
DNS Servers: 208.67.222.222 - 208.67.220.220
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Pas de fichier)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.
HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\StartupApproved\StartupFolder: => "DS4Windows.lnk"
HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\StartupApproved\Run: => "Discord"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{9FA0EA17-C8E9-4EFF-9AC6-691094F12ADB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{B5602C85-23EA-4D0E-8358-FC7CC3C2318B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{C8B3BCB2-46E2-4D4F-AEFE-6BCF0152014F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{27DD0E70-2121-49A9-BA52-BE2C742E3531}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [UDP Query User{32798D84-58F2-455D-BDA7-CAB06D5DDC2C}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe ()
FirewallRules: [TCP Query User{D1781D53-B5CB-4301-8220-F0F68A741539}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe ()
FirewallRules: [UDP Query User{BF5A1187-304A-431E-AFB1-633F6B2D6BE8}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{7300372E-0068-4DE9-8C47-F720B003378D}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{AC89E680-0724-4C2E-8288-C9AD35808171}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{068C586D-2D58-4742-879D-0FED1501EEBA}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [{6C2AC268-DADA-468D-977D-3B1E04C4801D}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe (BlueStack Systems, Inc.)
FirewallRules: [UDP Query User{1E6E62C6-BBC2-4E9E-840D-B56B0CEBB3C8}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{D6508371-960C-48E9-AFA7-613251532907}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{A80B5F4A-BD58-41B6-9C1F-15308C7D0E3F}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN)
FirewallRules: [TCP Query User{E39B2E63-CA39-4270-8F25-0B15262B1121}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN)
FirewallRules: [UDP Query User{8C81D392-B308-441B-A599-643E95378569}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation)
FirewallRules: [TCP Query User{48E573B8-BACC-419A-89B0-8F985C6BC98F}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation)
FirewallRules: [{9AD95DBB-FC0B-4CCB-8C23-36D7F54F41B5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{56188EC6-4886-48EE-96F3-9F5A0295FF55}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{D60C96F7-EFDF-4F84-8450-66C49C6D0E4C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{DEB7EC81-C9D0-41E8-8172-D22CCF748761}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{E537D13B-4DEC-4530-B397-4A1B79AE72C8}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe ()
FirewallRules: [{5F93A0A3-2629-4ACF-BAF7-14DA9F38541F}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe ()
FirewallRules: [{B922FB92-AC60-4C9C-9B70-E433EC7179D1}] => (Allow) LPort=7935
FirewallRules: [UDP Query User{F2F22874-1A01-473D-816D-9A19253F0BCF}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe (Blizzard Entertainment)
FirewallRules: [TCP Query User{219913DB-B4BB-424C-BC10-0246301D3D40}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe (Blizzard Entertainment)
FirewallRules: [{A7B8DB91-761A-47C3-819E-2C4141AE4203}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{E7B95266-8499-462A-85DF-D12F237F7F83}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{7E6B59D7-12F0-4D1E-BDB7-77751B52E031}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{D1AE2A0C-4256-420F-9600-D9D084DEF0C3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{CE6E4BA7-9404-4C07-AA45-76AEBA31ADF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{D1F6393C-7D30-43D9-99E4-6A05BC906399}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{AC28740B-0AE2-41FC-8491-6CD904540A14}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation)
FirewallRules: [{162BC87A-0C52-4D89-B4AE-4FB3F69F76D9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
FirewallRules: [{B6D5BAE2-052F-4C70-BA8B-9FE424A4A23C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
FirewallRules: [TCP Query User{5EB94FD2-A76F-4C8E-B030-FE398DE38F49}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe ()
FirewallRules: [UDP Query User{BDA6B17D-6317-440E-BFEC-6C0C135A0AC6}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe ()
FirewallRules: [TCP Query User{FBAD87D7-D174-42CC-8E2F-F2DE21157DA4}C:\program files (x86)\overwatch\overwatch.exe] => (Block) C:\program files (x86)\overwatch\overwatch.exe (Blizzard Entertainment)
FirewallRules: [UDP Query User{B5D7F673-2429-4DB4-B283-A6548042E879}C:\program files (x86)\overwatch\overwatch.exe] => (Block) C:\program files (x86)\overwatch\overwatch.exe (Blizzard Entertainment)
FirewallRules: [TCP Query User{6D33D177-EA13-40A2-A3F2-4E303345615C}C:\users\97\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\97\appdata\roaming\spotify\spotify.exe (Spotify Ltd)
FirewallRules: [UDP Query User{FBC98B7D-27BD-4B06-B4BF-0FEEAE432C93}C:\users\97\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\97\appdata\roaming\spotify\spotify.exe (Spotify Ltd)
FirewallRules: [{78F733A9-D04B-46C6-A6D8-992531468159}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.)
FirewallRules: [{6488258C-ECDF-4045-B21E-F7A1AA4A37FE}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Python Software Foundation)
FirewallRules: [TCP Query User{C88F110B-BD0B-427B-89E9-A9D23545399C}C:\program files (x86)\plex\plex media server\plex dlna server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex dlna server.exe (Plex, Inc.)
FirewallRules: [UDP Query User{30B53A69-2D3D-4685-9D67-3DEA4F2E9233}C:\program files (x86)\plex\plex media server\plex dlna server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex dlna server.exe (Plex, Inc.)
FirewallRules: [TCP Query User{AF10311E-3AA7-4380-A22C-D940FA231E87}C:\users\97\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\97\appdata\roaming\spotify\spotify.exe (Spotify Ltd)
FirewallRules: [UDP Query User{0D3AFFC1-4CB5-4ABE-88BC-53B6FDB7C802}C:\users\97\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\97\appdata\roaming\spotify\spotify.exe (Spotify Ltd)
FirewallRules: [TCP Query User{079ED09B-3EB7-4DC5-B246-72CE741235F8}C:\program files (x86)\plex\plex media server\plex dlna server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex dlna server.exe (Plex, Inc.)
FirewallRules: [UDP Query User{FAAC49A4-F9C1-4881-A357-DB3BB564C8E0}C:\program files (x86)\plex\plex media server\plex dlna server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex dlna server.exe (Plex, Inc.)
FirewallRules: [{FEC2E13D-8BBD-4244-AE2C-105E232D9AA0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{F1A03B75-D715-48DA-8C87-34E9846B9C8D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{59D3AF68-555E-4402-A068-9CF28465D910}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{49F3CDAE-CE2F-4608-A371-C0D1F5B72454}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [TCP Query User{8BEEEE25-AE3A-4BC3-94F0-1AF999D1D3D9}C:\users\97\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Allow) C:\users\97\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe (深圳市迅雷网络技术有限公司)
FirewallRules: [TCP Query User{A51D81F6-0F57-4A5F-AE40-CBC74BA4FC84}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{5043626B-F78F-42D9-B17C-DB8B2FFC58FF}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{5DCCB3AB-D9CD-4553-BC6E-4FB11538BF70}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{E2DEEB79-30C2-4D7D-A9F1-85FDD2355A72}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [{E82B569C-5ADC-4CC5-826C-11EC262882F3}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe (Duodian Technology Co. Ltd.)
FirewallRules: [{E813F54A-2067-4F68-8CCF-F3CBD7B8CE28}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe ()
FirewallRules: [{0DB88EC2-907A-4C24-97DB-8CEB3A4B7F40}] => (Allow) C:\Program Files (x86)\Droid4X\Droid4X.exe ()
FirewallRules: [{8D3E815A-E277-47FE-926C-91308F13C23A}] => (Allow) C:\Program Files (x86)\Droid4X\download\MiniThunderPlatform.exe (深圳市迅雷网络技术有限公司)
FirewallRules: [{DA18A961-22ED-4D5F-A9AE-CFB02B5AA9E9}] => (Allow) C:\Program Files\Oracle\VirtualBox\vboxheadless.exe ()
FirewallRules: [TCP Query User{5B89FA3D-773D-4F6A-BFC6-A5FB82F0E82A}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{D1874098-A012-48A6-AA3B-A421B01FDEC9}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [{A817ACDF-B8DA-4187-9A8D-DBCD808E3544}] => (Allow) C:\Program Files (x86)\Droid4X\MultiMgr.exe ()
FirewallRules: [TCP Query User{4F83333E-CA16-4A4C-A823-B4213EF028D0}C:\program files (x86)\destiny 2\destiny2.exe] => (Allow) C:\program files (x86)\destiny 2\destiny2.exe (Bungie)
FirewallRules: [UDP Query User{C7B88329-77F3-4513-BE3F-0E7A282895D8}C:\program files (x86)\destiny 2\destiny2.exe] => (Allow) C:\program files (x86)\destiny 2\destiny2.exe (Bungie)
FirewallRules: [{8D9C9EDD-A1F8-4A39-BE63-6FE29C90EADE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{908A5545-9A9E-4CF5-8F02-93B26D7F815E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [TCP Query User{C626CC24-073E-4993-9C97-5EF6A7A3FACE}C:\program files (x86)\destiny 2\destiny2.exe] => (Allow) C:\program files (x86)\destiny 2\destiny2.exe (Bungie)
FirewallRules: [UDP Query User{0CF92E75-5624-4C28-8727-5A8A17542D13}C:\program files (x86)\destiny 2\destiny2.exe] => (Allow) C:\program files (x86)\destiny 2\destiny2.exe (Bungie)
FirewallRules: [TCP Query User{52C7AD06-2EDC-4593-931F-243035DE6072}C:\program files (x86)\overwatch test\overwatch.exe] => (Allow) C:\program files (x86)\overwatch test\overwatch.exe (Blizzard Entertainment)
FirewallRules: [UDP Query User{D6A9A0E0-652E-471E-A117-5061543E4A5B}C:\program files (x86)\overwatch test\overwatch.exe] => (Allow) C:\program files (x86)\overwatch test\overwatch.exe (Blizzard Entertainment)
FirewallRules: [{5D78EF85-465C-47B2-9BAA-352D4AC494CD}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe (Rockstar Games)
FirewallRules: [{EFF26A73-F9BA-4D90-8176-87DDA8195C4B}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe (Rockstar Games)
FirewallRules: [{5FD4E713-BFA4-4E04-9846-78E6B97D323B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MapleStory 2\nxsteam\nxsteam.exe (NEXON)
FirewallRules: [{2431B952-466A-42A6-8765-29CA72D1F990}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MapleStory 2\nxsteam\nxsteam.exe (NEXON)
FirewallRules: [TCP Query User{4980BAFA-6246-4E03-B9A5-F27819597FF9}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe ()
FirewallRules: [UDP Query User{AB66C73B-0CCE-4730-A366-FCDC60DBCEF2}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe ()
FirewallRules: [TCP Query User{A5996A44-3E5D-4C38-A228-C90A6C5E183C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe ()
FirewallRules: [UDP Query User{C9F30D28-6FAC-4347-A864-64DC2415EA44}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe ()
FirewallRules: [TCP Query User{B7704E2D-A85D-4589-AE5F-61449D618518}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe ()
FirewallRules: [UDP Query User{628296E2-F6B2-4C32-A042-494F5FBA300C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe ()
FirewallRules: [{F2A7438A-E7EE-4627-AD11-9E48B631146D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{CF89C4A5-C455-407E-9E58-456171CC1DF5}] => (Allow) C:\Users\97\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{7B23E4B7-59A2-4F57-9C0A-B846CE0E430A}] => (Allow) C:\Users\97\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{9A395950-F580-420A-9ADC-8D0E3601EDF8}] => (Allow) C:\WINDOWS\system32\rundll32.exe (Microsoft Corporation)
==================== Points de restauration =========================
==================== Éléments en erreur du Gestionnaire de périphériques =============
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (12/29/2018 01:34:35 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, Descripteur non valide
.
Opération :
Opération asynchrone en cours d’exécution
Contexte :
État actuel: DoSnapshotSet
Error: (12/29/2018 01:28:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante chrome.exe, version : 71.0.3578.98, horodatage : 0x5c0f4450
Nom du module défaillant : KERNELBASE.dll, version : 10.0.17134.441, horodatage : 0x428de48c
Code d’exception : 0xc06d007e
Décalage d’erreur : 0x000000000003a388
ID du processus défaillant : 0x29ec
Heure de début de l’application défaillante : 0x01d49f0d684ef07b
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll
ID de rapport : f6e12949-bdff-4e8e-bcc9-cece06e52ca7
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (12/29/2018 01:28:28 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, Descripteur non valide
.
Opération :
Opération asynchrone en cours d’exécution
Contexte :
État actuel: DoSnapshotSet
Error: (12/29/2018 01:23:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante MicrosoftEdge.exe, version : 11.0.17134.471, horodatage : 0x5c0b7893
Nom du module défaillant : ntdll.dll, version : 10.0.17134.471, horodatage : 0x7e614c22
Code d’exception : 0xcfffffff
Décalage d’erreur : 0x000000000009aa24
ID du processus défaillant : 0x1c14
Heure de début de l’application défaillante : 0x01d49f0c5ddbea9c
Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll
ID de rapport : fd0a47e2-58f9-4b80-aeba-6d4702136700
Nom complet du package défaillant : Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe
ID de l’application relative au package défaillant : MicrosoftEdge
Error: (12/29/2018 01:18:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante chrome.exe, version : 71.0.3578.98, horodatage : 0x5c0f4450
Nom du module défaillant : KERNELBASE.dll, version : 10.0.17134.441, horodatage : 0x428de48c
Code d’exception : 0xc06d007e
Décalage d’erreur : 0x000000000003a388
ID du processus défaillant : 0x1700
Heure de début de l’application défaillante : 0x01d49f0bff579d0e
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll
ID de rapport : a48c1d7f-534b-4e8a-97ae-032d037f1143
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (12/29/2018 01:18:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante chrome.exe, version : 71.0.3578.98, horodatage : 0x5c0f4450
Nom du module défaillant : KERNELBASE.dll, version : 10.0.17134.441, horodatage : 0x428de48c
Code d’exception : 0xc06d007e
Décalage d’erreur : 0x000000000003a388
ID du processus défaillant : 0x2120
Heure de début de l’application défaillante : 0x01d49f0bf50f3972
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll
ID de rapport : a50b91e1-317a-446d-9378-bca54810cea6
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (12/29/2018 01:17:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante chrome.exe, version : 71.0.3578.98, horodatage : 0x5c0f4450
Nom du module défaillant : KERNELBASE.dll, version : 10.0.17134.441, horodatage : 0x428de48c
Code d’exception : 0xc06d007e
Décalage d’erreur : 0x000000000003a388
ID du processus défaillant : 0x3798
Heure de début de l’application défaillante : 0x01d49f0bdf909ace
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll
ID de rapport : 808cc6c5-3214-4e63-9eec-0aa003faf76c
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (12/29/2018 01:15:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante chrome.exe, version : 71.0.3578.98, horodatage : 0x5c0f4450
Nom du module défaillant : KERNELBASE.dll, version : 10.0.17134.441, horodatage : 0x428de48c
Code d’exception : 0xc06d007e
Décalage d’erreur : 0x000000000003a388
ID du processus défaillant : 0x3758
Heure de début de l’application défaillante : 0x01d49f0b8a48b325
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll
ID de rapport : cd170491-a197-46a1-ae61-b49f1086f45c
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Erreurs système:
=============
Error: (12/29/2018 01:33:02 AM) (Source: DCOM) (EventID: 10010) (User: 97-PC)
Description: Le serveur {9E175B6D-F52A-11D8-B9A5-505054503030} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/29/2018 01:31:02 AM) (Source: DCOM) (EventID: 10010) (User: 97-PC)
Description: Le serveur {9E175B6D-F52A-11D8-B9A5-505054503030} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/29/2018 01:29:02 AM) (Source: DCOM) (EventID: 10010) (User: 97-PC)
Description: Le serveur {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/29/2018 01:28:42 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Exécution pour l’application serveur COM avec le CLSID
Windows.SecurityCenter.WscBrokerManager
et l’APPID
Non disponible
au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (12/29/2018 01:27:02 AM) (Source: DCOM) (EventID: 10010) (User: 97-PC)
Description: Le serveur {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/29/2018 01:26:41 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Le service Gestionnaire des cartes téléchargées est en attente de démarrage.
Error: (12/29/2018 01:25:02 AM) (Source: DCOM) (EventID: 10010) (User: 97-PC)
Description: Le serveur {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/29/2018 01:24:40 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Le service Optimisation de livraison est en attente de démarrage.
Windows Defender:
===================================
Date: 2018-12-29 01:04:40.321
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Cloxer.D!cl&threatid=2147726003&enterprise=0
Nom : Trojan:Win32/Cloxer.D!cl
ID : 2147726003
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_C:\Users\97\AppData\Local\Temp\RarSFX0\LogicHandler.exe
Origine de la détection : Ordinateur local
Type de détection : Chemin rapide
Source de détection : Protection en temps réel
Utilisateur : 97-PC\97
Nom du processus : C:\Program Files\CCleaner\CCleaner64.exe
Version de la signature : AV: 1.283.1707.0, AS: 1.283.1707.0, NIS: 1.283.1707.0
Version du moteur : AM: 1.1.15500.2, NIS: 1.1.15500.2
Date: 2018-12-29 01:04:37.572
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Nom : Trojan:Win32/Occamy.C
ID : 2147726780
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_C:\Users\97\AppData\Local\Temp\po2iupid.ekc\ppi02.exe
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : 97-PC\97
Nom du processus : C:\Program Files\CCleaner\CCleaner64.exe
Version de la signature : AV: 1.283.1707.0, AS: 1.283.1707.0, NIS: 1.283.1707.0
Version du moteur : AM: 1.1.15500.2, NIS: 1.1.15500.2
Date: 2018-12-29 01:04:20.319
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanSpy:Win32/SocStealer!rfn&threatid=2147724296&enterprise=0
Nom : TrojanSpy:Win32/SocStealer!rfn
ID : 2147724296
Gravité : Grave
Catégorie : Logiciel de surveillance de cheval de Troie
Chemin : file:_C:\Users\97\AppData\Local\Temp\1wlxayf4.0r1\system.exe
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : 97-PC\97
Nom du processus : C:\Program Files\CCleaner\CCleaner64.exe
Version de la signature : AV: 1.283.1707.0, AS: 1.283.1707.0, NIS: 1.283.1707.0
Version du moteur : AM: 1.1.15500.2, NIS: 1.1.15500.2
Date: 2018-12-29 01:04:13.590
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Woreflint.A!cl&threatid=2147723317&enterprise=0
Nom : Trojan:Win32/Woreflint.A!cl
ID : 2147723317
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_C:\Users\97\AppData\Local\Microsoft\Windows\INetCache\IE\8TTIMDJH\void1[1].exe
Origine de la détection : Internet
Type de détection : Chemin rapide
Source de détection : Protection en temps réel
Utilisateur : 97-PC\97
Nom du processus : C:\Program Files\CCleaner\CCleaner64.exe
Version de la signature : AV: 1.283.1707.0, AS: 1.283.1707.0, NIS: 1.283.1707.0
Version du moteur : AM: 1.1.15500.2, NIS: 1.1.15500.2
Date: 2018-12-29 01:04:11.968
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanSpy:MSIL/Omaneat.B&threatid=2147697422&enterprise=0
Nom : TrojanSpy:MSIL/Omaneat.B
ID : 2147697422
Gravité : Grave
Catégorie : Logiciel de surveillance de cheval de Troie
Chemin : file:_C:\Users\97\AppData\Local\Microsoft\Windows\INetCache\IE\5PTSXF06\App[1].bin
Origine de la détection : Internet
Type de détection : Chemin rapide
Source de détection : Protection en temps réel
Utilisateur : 97-PC\97
Nom du processus : C:\Program Files\CCleaner\CCleaner64.exe
Version de la signature : AV: 1.283.1707.0, AS: 1.283.1707.0, NIS: 1.283.1707.0
Version du moteur : AM: 1.1.15500.2, NIS: 1.1.15500.2
Date: 2018-12-29 01:05:50.728
Description:
Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures.
Nouvelle version de la signature :
Version précédente de la signature : 1.283.1707.0
Source de mise à jour : Serveur Microsoft Update
Type de signature : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.15500.2
Code d’erreur : 0x80240438
Description de l’erreur : Un problème inattendu s’est produit lors de la vérification des mises à jour. Pour plus d’informations sur l’installation ou la résolution des problèmes de mise à jour, voir Aide et support.
CodeIntegrity:
===================================
Date: 2018-12-13 21:13:07.550
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2018-12-13 21:13:07.526
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2018-12-13 21:13:07.501
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2018-12-13 21:13:07.381
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2018-12-13 21:13:07.358
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2018-12-13 21:13:07.340
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2018-12-13 21:13:06.379
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2018-12-13 21:13:06.076
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i5-4690 CPU @ 3.50GHz
Pourcentage de mémoire utilisée: 45%
Mémoire physique - RAM - totale: 8133.76 MB
Mémoire physique - RAM - disponible: 4395.68 MB
Mémoire virtuelle totale: 16325.76 MB
Mémoire virtuelle disponible: 12126.11 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:930.97 GB) (Free:209.21 GB) NTFS
\\?\Volume{ce35e1ed-2c48-11e6-8bde-806e6f6e6963}\ (Réservé au système) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{f31d924e-0000-0000-0000-a0c4e8000000}\ () (Fixed) (Total:0.44 GB) (Free:0.04 GB) NTFS
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F31D924E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== Fin de Addition.txt ============================
Exécuté par 97 (29-12-2018 01:33:53)
Exécuté depuis C:\Users\97\Downloads
Windows 10 Home Version 1803 17134.472 (X64) (2018-05-18 19:16:51)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
97 (S-1-5-21-457500272-3158296748-1728716815-1000 - Administrator - Enabled) => C:\Users\97
Administrateur (S-1-5-21-457500272-3158296748-1728716815-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-457500272-3158296748-1728716815-503 - Limited - Disabled)
Invité (S-1-5-21-457500272-3158296748-1728716815-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-457500272-3158296748-1728716815-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
µTorrent (HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\uTorrent) (Version: 3.5.5.44954 - BitTorrent Inc.)
Acoustica Mixcraft 8 Recording Studio (64-bit) (HKLM-x32\...\Mixcraft 8-64) (Version: 8.0.1.396 - Acoustica)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.5.0.331 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe CS6 Master Collection Patch 64bit (HKLM-x32\...\Adobe CS6 Master Collection Patch 64bit) (Version: - )
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0_1) (Version: 18.0.1 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Autodesk 123D Make 1.6.0 (HKLM-x32\...\{88FF8A21-F198-43DF-A5D9-80009EB620A8}) (Version: 1.60.0000 - Autodesk)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 22.0.10.67 - Bitdefender)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 3.55.70.1783 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Destiny 2 (HKLM-x32\...\Destiny 2) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\Discord) (Version: 0.0.301 - Discord Inc.)
Droid4X (HKLM-x32\...\Droid4X) (Version: 0.10.6 - Haiyu Dongxiang Co.,Ltd.)
Epic Games Launcher (HKLM-x32\...\{D55AA8F9-1DD5-4EFD-BBAA-7879A5C32ACC}) (Version: 1.1.151.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Focusrite USB 4.36.5.0 (HKLM\...\Focusrite USB_is1) (Version: 4.36.5.0 - Focusrite Audio Engineering Ltd.)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: "1.0.0.10" - Rockstar Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{8E0BDF1C-26D9-4579-A677-53A4CC0D3693}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
LibreOffice 5.0.6.3 (HKLM-x32\...\{900D9036-4EDA-45EC-A095-E8AFB25D807A}) (Version: 5.0.6.3 - The Document Foundation)
Microsoft Office Professionnel Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mises à jour NVIDIA 2.13.0.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.13.0.21 - NVIDIA Corporation)
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
MTG Arena (HKLM-x32\...\{B418249C-5F1D-4E3B-8ABC-4081B2B6AFEE}) (Version: 0.1.964.0 - Wizards of the Coast) Hidden
MTG Arena (HKLM-x32\...\MTG Arena 0.1.964.0) (Version: 0.1.964.0 - Wizards of the Coast)
NEF Codec (HKLM-x32\...\{D6506521-0959-4FA3-875F-E2E28830B0D2}) (Version: 1.31.0 - Nikon Corporation)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.3.0 - Nikon Corporation)
Nikon Transfer 2 (HKLM-x32\...\{4D5EE11A-0D0A-4214-ABAC-72419F7BE24D}) (Version: 2.13.1 - Nikon Corporation)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.0.1.0 - Duodian Technology Co. Ltd.)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Pilote 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Pilote du contrôleur 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Pilote graphique 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
Oracle VM VirtualBox 4.3.12_ZZZZ (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Overwatch Test (HKLM-x32\...\Overwatch Test) (Version: - Blizzard Entertainment)
Panneau de configuration NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Picture Control Utility 2 (HKLM\...\{46BEAB85-B86A-4AAB-B085-136ECA032CF4}) (Version: 2.4.1 - Nikon Corporation)
Plex Media Server (HKLM-x32\...\{9E7D781B-A4F6-45B4-A715-8DBD0740B53C}) (Version: 1.0.213 - Plex, Inc.) Hidden
Plex Media Server (HKLM-x32\...\{e948767e-a48f-4fd1-9eb1-1d0f0708d8e3}) (Version: 1.0.0.2261 - Plex, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8010 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\Spotify) (Version: 1.0.94.262.g3d5c231c - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stopping Plex (HKLM-x32\...\{F7BD4113-A39F-4245-85B2-7436A63A7329}) (Version: 1.0.213 - Plex, Inc.) Hidden
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78716 - TeamViewer)
Trove (HKLM-x32\...\Glyph Trove) (Version: - Trion Worlds, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Wondershare Data Recovery(Build 6.5.1.5) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 6.5.1.5 - Wondershare Software Co.,Ltd.)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-457500272-3158296748-1728716815-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-457500272-3158296748-1728716815-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-457500272-3158296748-1728716815-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-457500272-3158296748-1728716815-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-457500272-3158296748-1728716815-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-457500272-3158296748-1728716815-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-457500272-3158296748-1728716815-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-DC1B6B626B73}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-457500272-3158296748-1728716815-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll [2011-09-05] (Adobe Systems Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll [2011-09-05] (Adobe Systems Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0709D007-C22B-4C95-92A4-F8CC9FF3F4F5} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {0C9C6F26-063C-4590-9681-90F9DE9D3D67} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {29B40BF6-170C-47D0-87CC-56E9A0CBB314} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-10] (Microsoft Corporation)
Task: {2C4B895F-8C2D-4563-9311-5BAB5DD3EC73} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [2018-11-16] (BlueStack Systems, Inc.)
Task: {3334C465-8674-4562-93BC-0C7770E46641} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {38EDA466-AAE7-4E24-B779-37AF4A3BA0DF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-10] (Microsoft Corporation)
Task: {3B2ADB07-43A5-45B5-B4A7-A192F3AA1545} - System32\Tasks\AdobeGCInvoker-1.0-97-PC-97 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-12-13] (Adobe Systems, Incorporated)
Task: {4DA4EEBA-FB3A-44BF-8E8C-A70A701AA682} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {59062DB3-8C56-4736-8385-5FBAB09565FB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {5D8F15B1-9987-4718-A2AA-7699244B63A0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {885667ED-A7E1-423D-A28B-CD66E3B4EE02} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {90509804-8D80-4FDF-99F7-CE69A4913955} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2018-11-15] (Bitdefender)
Task: {A9EFDBED-917F-4009-819C-5648AC65A991} - System32\Tasks\AdobeAAMUpdater-1.0-97-PC-97 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-10] (Adobe Systems Incorporated)
Task: {C63FB105-7444-4B6F-9448-F1315ABC8E65} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {CA7F3405-5768-4EC1-AB87-290917746E69} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-10] (Microsoft Corporation)
Task: {D1A709C0-F204-4954-9ABD-2A62287C23DD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-10] (Microsoft Corporation)
Task: {E5763E8C-B12D-4F9E-8C9E-489280C7CC1A} - System32\Tasks\S-1-5-21-457500272-3158296748-1728716815-1000\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-12-08] (Microsoft Corporation)
Task: {FE6E424E-CBEF-4FE5-B19A-3552C81CD2F8} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_pepper.exe [2018-12-05] (Adobe Systems Incorporated)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
ShortcutWithArgument: C:\Users\97\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% --disable-quic
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% --disable-quic
==================== Modules chargés (Avec liste blanche) ==============
2017-07-10 09:43 - 2013-07-04 02:32 - 000936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2017-08-14 09:16 - 2017-08-14 09:16 - 000285616 _____ () C:\Program Files (x86)\Droid4X\Droid4XService.exe
2018-12-28 10:13 - 2018-12-28 10:13 - 001485720 _____ () C:\Program Files\NDhjNGY3N\MmM5NjE.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-02-27 19:08 - 2018-02-27 19:08 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-12 09:36 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-12-29 00:39 - 2018-12-29 01:21 - 000269824 _____ () C:\Program Files\Common Files\UJC7FHQWDM8E\UpdateInstall.exe
2018-12-20 08:38 - 2018-12-14 07:50 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-16 06:01 - 2018-10-16 06:02 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-12-13 21:06 - 2018-12-13 21:06 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-12-13 21:06 - 2018-12-13 21:07 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-07-11 20:58 - 2018-07-11 20:58 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-12-29 01:21 - 2018-12-29 01:21 - 000719360 _____ () C:\Users\97\AppData\Local\Temp\is-QQ2PL.tmp\1gos0uvpq3s.tmp
2018-12-11 11:54 - 2018-12-11 11:55 - 034870272 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-12-11 11:54 - 2018-12-11 11:54 - 000292352 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-01 05:38 - 2017-12-01 05:38 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-28 19:21 - 2018-11-28 19:22 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-12-11 11:54 - 2018-12-11 11:54 - 005967872 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-12-11 11:54 - 2018-12-11 11:54 - 009072128 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\EntPlat.dll
2017-10-09 22:51 - 2017-10-09 22:52 - 098275328 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2017-10-09 22:52 - 2017-10-09 22:52 - 003922432 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2017-10-09 22:52 - 2017-10-09 22:52 - 000092672 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2018-12-29 01:23 - 2018-12-29 01:23 - 000719360 _____ () C:\Users\97\AppData\Local\Temp\is-11POI.tmp\qkxhsg4oody.tmp
2018-12-29 01:23 - 2018-12-29 01:23 - 000719360 _____ () C:\Users\97\AppData\Local\Temp\is-LQQEF.tmp\aywqphjv5pi.tmp
2018-12-29 00:38 - 2018-12-29 00:38 - 000364032 _____ () C:\Program Files\Common Files\UJC7FHQWDM8E\dGk-5dfxK'.exe
2018-12-29 01:23 - 2018-12-29 01:23 - 000719360 _____ () C:\Users\97\AppData\Local\Temp\is-F50DL.tmp\1gos0uvpq3s.tmp
2018-05-04 18:18 - 2018-05-04 18:18 - 035477440 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2018-10-09 14:29 - 2018-10-09 14:29 - 004389888 _____ () C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1809.2571.0_x64__8wekyb3d8bbwe\OneConnect.dll
2017-07-10 09:43 - 2018-12-29 01:19 - 000032552 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2017-07-10 09:43 - 2013-07-04 02:32 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2018-12-29 00:39 - 2018-12-29 00:39 - 000587264 _____ () c:\users\97\appdata\local\maurice\maurice.dll
2018-12-29 00:39 - 2018-12-29 00:39 - 001113600 _____ () C:\WINDOWS\qqheydqasqjgqxr.qqh
2018-12-29 01:21 - 2008-10-15 16:44 - 000205312 _____ () C:\Users\97\AppData\Local\Temp\is-RO7AB.tmp\itdownload.dll
2016-06-07 20:19 - 2015-08-27 01:37 - 000011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-06-23 18:03 - 2016-06-23 18:03 - 000792904 _____ () C:\Program Files (x86)\Plex\Plex Media Server\tag.dll
2016-06-23 18:02 - 2016-06-23 18:02 - 001759560 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_imgproc2411.dll
2016-06-23 18:02 - 2016-06-23 18:02 - 001989960 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_core2411.dll
2016-06-23 18:03 - 2016-06-23 18:03 - 000091464 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
2016-06-23 18:02 - 2016-06-23 18:02 - 000033608 _____ () C:\Program Files (x86)\Plex\Plex Media Server\lyric_lite.dll
2016-06-23 18:02 - 2016-06-23 18:02 - 001092424 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll
2016-06-23 18:03 - 2016-06-23 18:03 - 000068424 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll
2016-06-23 18:02 - 2016-06-23 18:02 - 000123208 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll
2016-06-23 18:02 - 2016-06-23 18:02 - 000211272 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
2018-12-29 01:23 - 2008-10-15 16:44 - 000205312 _____ () C:\Users\97\AppData\Local\Temp\is-3C3P9.tmp\itdownload.dll
2018-12-29 01:23 - 2008-10-15 16:44 - 000205312 _____ () C:\Users\97\AppData\Local\Temp\is-C84CK.tmp\itdownload.dll
2018-12-29 00:39 - 2018-12-29 00:39 - 000016384 _____ () C:\Users\97\AppData\Local\dgcege.dll
2018-12-29 01:23 - 2008-10-15 16:44 - 000205312 _____ () C:\Users\97\AppData\Local\Temp\is-5QSRD.tmp\itdownload.dll
2011-09-05 18:05 - 2011-09-05 18:05 - 000019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\fr_FR\acrotray.fra
2018-04-24 06:51 - 2018-04-24 06:51 - 067115992 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2016-06-23 18:03 - 2016-06-23 18:03 - 000058184 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd
2016-06-23 18:03 - 2016-06-23 18:03 - 000040264 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd
2016-06-23 18:03 - 2016-06-23 18:03 - 000030024 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd
2016-06-23 18:03 - 2016-06-23 18:03 - 000049992 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd
2016-06-23 18:03 - 2016-06-23 18:03 - 000939336 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd
2016-06-23 18:02 - 2016-06-23 18:02 - 000082760 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll
2016-06-23 18:02 - 2016-06-23 18:02 - 000198984 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll
2016-06-23 18:03 - 2016-06-23 18:03 - 000226120 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd
2016-06-23 18:03 - 2016-06-23 18:03 - 000026952 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd
2016-06-23 18:03 - 2016-06-23 18:03 - 000103752 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd
2016-06-23 18:03 - 2016-06-23 18:03 - 000151880 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd
2016-06-23 18:03 - 2016-06-23 18:03 - 000702792 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd
2018-04-12 20:33 - 2018-04-12 20:33 - 000142376 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\fs-ext\build\Release\fs-ext.node
2018-04-12 20:33 - 2018-04-12 20:33 - 000271400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2018-04-12 20:33 - 2018-04-12 20:33 - 000141864 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\ref\build\Release\binding.node
2018-04-12 20:33 - 2018-04-12 20:33 - 000150568 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\ffi\build\Release\ffi_bindings.node
2018-04-12 20:33 - 2018-04-12 20:33 - 000097832 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2018-04-12 20:33 - 2018-04-12 20:33 - 000110120 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\idle-gc\build\Release\idle-gc.node
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\Users\97\AppData\Local\Ci9xMhOo4HmqGCv:C6gbzmdRkt596U77Sw [1774]
AlternateDataStreams: C:\Users\97\AppData\Local\KuBQqS1zHsdJsw:nXQNIlenL1vAQRnOx [1762]
AlternateDataStreams: C:\Users\97\AppData\Local\Temp:$DATA [16]
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
IE trusted site: HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts contenu: ===============================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2009-07-14 03:34 - 2018-12-29 00:38 - 000000834 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-457500272-3158296748-1728716815-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\97\Desktop\gogeta_super_saiyan_blue_by_rmehedi-daowmbn.png
DNS Servers: 208.67.222.222 - 208.67.220.220
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Pas de fichier)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.
HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\StartupApproved\StartupFolder: => "DS4Windows.lnk"
HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-457500272-3158296748-1728716815-1000\...\StartupApproved\Run: => "Discord"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{9FA0EA17-C8E9-4EFF-9AC6-691094F12ADB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{B5602C85-23EA-4D0E-8358-FC7CC3C2318B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{C8B3BCB2-46E2-4D4F-AEFE-6BCF0152014F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{27DD0E70-2121-49A9-BA52-BE2C742E3531}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [UDP Query User{32798D84-58F2-455D-BDA7-CAB06D5DDC2C}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe ()
FirewallRules: [TCP Query User{D1781D53-B5CB-4301-8220-F0F68A741539}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe ()
FirewallRules: [UDP Query User{BF5A1187-304A-431E-AFB1-633F6B2D6BE8}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{7300372E-0068-4DE9-8C47-F720B003378D}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{AC89E680-0724-4C2E-8288-C9AD35808171}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{068C586D-2D58-4742-879D-0FED1501EEBA}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [{6C2AC268-DADA-468D-977D-3B1E04C4801D}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe (BlueStack Systems, Inc.)
FirewallRules: [UDP Query User{1E6E62C6-BBC2-4E9E-840D-B56B0CEBB3C8}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{D6508371-960C-48E9-AFA7-613251532907}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{A80B5F4A-BD58-41B6-9C1F-15308C7D0E3F}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN)
FirewallRules: [TCP Query User{E39B2E63-CA39-4270-8F25-0B15262B1121}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN)
FirewallRules: [UDP Query User{8C81D392-B308-441B-A599-643E95378569}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation)
FirewallRules: [TCP Query User{48E573B8-BACC-419A-89B0-8F985C6BC98F}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation)
FirewallRules: [{9AD95DBB-FC0B-4CCB-8C23-36D7F54F41B5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{56188EC6-4886-48EE-96F3-9F5A0295FF55}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{D60C96F7-EFDF-4F84-8450-66C49C6D0E4C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{DEB7EC81-C9D0-41E8-8172-D22CCF748761}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{E537D13B-4DEC-4530-B397-4A1B79AE72C8}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe ()
FirewallRules: [{5F93A0A3-2629-4ACF-BAF7-14DA9F38541F}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe ()
FirewallRules: [{B922FB92-AC60-4C9C-9B70-E433EC7179D1}] => (Allow) LPort=7935
FirewallRules: [UDP Query User{F2F22874-1A01-473D-816D-9A19253F0BCF}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe (Blizzard Entertainment)
FirewallRules: [TCP Query User{219913DB-B4BB-424C-BC10-0246301D3D40}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe (Blizzard Entertainment)
FirewallRules: [{A7B8DB91-761A-47C3-819E-2C4141AE4203}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{E7B95266-8499-462A-85DF-D12F237F7F83}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{7E6B59D7-12F0-4D1E-BDB7-77751B52E031}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{D1AE2A0C-4256-420F-9600-D9D084DEF0C3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{CE6E4BA7-9404-4C07-AA45-76AEBA31ADF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{D1F6393C-7D30-43D9-99E4-6A05BC906399}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{AC28740B-0AE2-41FC-8491-6CD904540A14}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation)
FirewallRules: [{162BC87A-0C52-4D89-B4AE-4FB3F69F76D9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
FirewallRules: [{B6D5BAE2-052F-4C70-BA8B-9FE424A4A23C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
FirewallRules: [TCP Query User{5EB94FD2-A76F-4C8E-B030-FE398DE38F49}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe ()
FirewallRules: [UDP Query User{BDA6B17D-6317-440E-BFEC-6C0C135A0AC6}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe ()
FirewallRules: [TCP Query User{FBAD87D7-D174-42CC-8E2F-F2DE21157DA4}C:\program files (x86)\overwatch\overwatch.exe] => (Block) C:\program files (x86)\overwatch\overwatch.exe (Blizzard Entertainment)
FirewallRules: [UDP Query User{B5D7F673-2429-4DB4-B283-A6548042E879}C:\program files (x86)\overwatch\overwatch.exe] => (Block) C:\program files (x86)\overwatch\overwatch.exe (Blizzard Entertainment)
FirewallRules: [TCP Query User{6D33D177-EA13-40A2-A3F2-4E303345615C}C:\users\97\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\97\appdata\roaming\spotify\spotify.exe (Spotify Ltd)
FirewallRules: [UDP Query User{FBC98B7D-27BD-4B06-B4BF-0FEEAE432C93}C:\users\97\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\97\appdata\roaming\spotify\spotify.exe (Spotify Ltd)
FirewallRules: [{78F733A9-D04B-46C6-A6D8-992531468159}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.)
FirewallRules: [{6488258C-ECDF-4045-B21E-F7A1AA4A37FE}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Python Software Foundation)
FirewallRules: [TCP Query User{C88F110B-BD0B-427B-89E9-A9D23545399C}C:\program files (x86)\plex\plex media server\plex dlna server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex dlna server.exe (Plex, Inc.)
FirewallRules: [UDP Query User{30B53A69-2D3D-4685-9D67-3DEA4F2E9233}C:\program files (x86)\plex\plex media server\plex dlna server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex dlna server.exe (Plex, Inc.)
FirewallRules: [TCP Query User{AF10311E-3AA7-4380-A22C-D940FA231E87}C:\users\97\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\97\appdata\roaming\spotify\spotify.exe (Spotify Ltd)
FirewallRules: [UDP Query User{0D3AFFC1-4CB5-4ABE-88BC-53B6FDB7C802}C:\users\97\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\97\appdata\roaming\spotify\spotify.exe (Spotify Ltd)
FirewallRules: [TCP Query User{079ED09B-3EB7-4DC5-B246-72CE741235F8}C:\program files (x86)\plex\plex media server\plex dlna server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex dlna server.exe (Plex, Inc.)
FirewallRules: [UDP Query User{FAAC49A4-F9C1-4881-A357-DB3BB564C8E0}C:\program files (x86)\plex\plex media server\plex dlna server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex dlna server.exe (Plex, Inc.)
FirewallRules: [{FEC2E13D-8BBD-4244-AE2C-105E232D9AA0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{F1A03B75-D715-48DA-8C87-34E9846B9C8D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{59D3AF68-555E-4402-A068-9CF28465D910}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{49F3CDAE-CE2F-4608-A371-C0D1F5B72454}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [TCP Query User{8BEEEE25-AE3A-4BC3-94F0-1AF999D1D3D9}C:\users\97\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Allow) C:\users\97\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe (深圳市迅雷网络技术有限公司)
FirewallRules: [TCP Query User{A51D81F6-0F57-4A5F-AE40-CBC74BA4FC84}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{5043626B-F78F-42D9-B17C-DB8B2FFC58FF}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{5DCCB3AB-D9CD-4553-BC6E-4FB11538BF70}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{E2DEEB79-30C2-4D7D-A9F1-85FDD2355A72}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [{E82B569C-5ADC-4CC5-826C-11EC262882F3}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe (Duodian Technology Co. Ltd.)
FirewallRules: [{E813F54A-2067-4F68-8CCF-F3CBD7B8CE28}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe ()
FirewallRules: [{0DB88EC2-907A-4C24-97DB-8CEB3A4B7F40}] => (Allow) C:\Program Files (x86)\Droid4X\Droid4X.exe ()
FirewallRules: [{8D3E815A-E277-47FE-926C-91308F13C23A}] => (Allow) C:\Program Files (x86)\Droid4X\download\MiniThunderPlatform.exe (深圳市迅雷网络技术有限公司)
FirewallRules: [{DA18A961-22ED-4D5F-A9AE-CFB02B5AA9E9}] => (Allow) C:\Program Files\Oracle\VirtualBox\vboxheadless.exe ()
FirewallRules: [TCP Query User{5B89FA3D-773D-4F6A-BFC6-A5FB82F0E82A}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{D1874098-A012-48A6-AA3B-A421B01FDEC9}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [{A817ACDF-B8DA-4187-9A8D-DBCD808E3544}] => (Allow) C:\Program Files (x86)\Droid4X\MultiMgr.exe ()
FirewallRules: [TCP Query User{4F83333E-CA16-4A4C-A823-B4213EF028D0}C:\program files (x86)\destiny 2\destiny2.exe] => (Allow) C:\program files (x86)\destiny 2\destiny2.exe (Bungie)
FirewallRules: [UDP Query User{C7B88329-77F3-4513-BE3F-0E7A282895D8}C:\program files (x86)\destiny 2\destiny2.exe] => (Allow) C:\program files (x86)\destiny 2\destiny2.exe (Bungie)
FirewallRules: [{8D9C9EDD-A1F8-4A39-BE63-6FE29C90EADE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{908A5545-9A9E-4CF5-8F02-93B26D7F815E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [TCP Query User{C626CC24-073E-4993-9C97-5EF6A7A3FACE}C:\program files (x86)\destiny 2\destiny2.exe] => (Allow) C:\program files (x86)\destiny 2\destiny2.exe (Bungie)
FirewallRules: [UDP Query User{0CF92E75-5624-4C28-8727-5A8A17542D13}C:\program files (x86)\destiny 2\destiny2.exe] => (Allow) C:\program files (x86)\destiny 2\destiny2.exe (Bungie)
FirewallRules: [TCP Query User{52C7AD06-2EDC-4593-931F-243035DE6072}C:\program files (x86)\overwatch test\overwatch.exe] => (Allow) C:\program files (x86)\overwatch test\overwatch.exe (Blizzard Entertainment)
FirewallRules: [UDP Query User{D6A9A0E0-652E-471E-A117-5061543E4A5B}C:\program files (x86)\overwatch test\overwatch.exe] => (Allow) C:\program files (x86)\overwatch test\overwatch.exe (Blizzard Entertainment)
FirewallRules: [{5D78EF85-465C-47B2-9BAA-352D4AC494CD}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe (Rockstar Games)
FirewallRules: [{EFF26A73-F9BA-4D90-8176-87DDA8195C4B}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe (Rockstar Games)
FirewallRules: [{5FD4E713-BFA4-4E04-9846-78E6B97D323B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MapleStory 2\nxsteam\nxsteam.exe (NEXON)
FirewallRules: [{2431B952-466A-42A6-8765-29CA72D1F990}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MapleStory 2\nxsteam\nxsteam.exe (NEXON)
FirewallRules: [TCP Query User{4980BAFA-6246-4E03-B9A5-F27819597FF9}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe ()
FirewallRules: [UDP Query User{AB66C73B-0CCE-4730-A366-FCDC60DBCEF2}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe ()
FirewallRules: [TCP Query User{A5996A44-3E5D-4C38-A228-C90A6C5E183C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe ()
FirewallRules: [UDP Query User{C9F30D28-6FAC-4347-A864-64DC2415EA44}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe ()
FirewallRules: [TCP Query User{B7704E2D-A85D-4589-AE5F-61449D618518}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe ()
FirewallRules: [UDP Query User{628296E2-F6B2-4C32-A042-494F5FBA300C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe ()
FirewallRules: [{F2A7438A-E7EE-4627-AD11-9E48B631146D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{CF89C4A5-C455-407E-9E58-456171CC1DF5}] => (Allow) C:\Users\97\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{7B23E4B7-59A2-4F57-9C0A-B846CE0E430A}] => (Allow) C:\Users\97\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{9A395950-F580-420A-9ADC-8D0E3601EDF8}] => (Allow) C:\WINDOWS\system32\rundll32.exe (Microsoft Corporation)
==================== Points de restauration =========================
==================== Éléments en erreur du Gestionnaire de périphériques =============
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (12/29/2018 01:34:35 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, Descripteur non valide
.
Opération :
Opération asynchrone en cours d’exécution
Contexte :
État actuel: DoSnapshotSet
Error: (12/29/2018 01:28:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante chrome.exe, version : 71.0.3578.98, horodatage : 0x5c0f4450
Nom du module défaillant : KERNELBASE.dll, version : 10.0.17134.441, horodatage : 0x428de48c
Code d’exception : 0xc06d007e
Décalage d’erreur : 0x000000000003a388
ID du processus défaillant : 0x29ec
Heure de début de l’application défaillante : 0x01d49f0d684ef07b
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll
ID de rapport : f6e12949-bdff-4e8e-bcc9-cece06e52ca7
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (12/29/2018 01:28:28 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, Descripteur non valide
.
Opération :
Opération asynchrone en cours d’exécution
Contexte :
État actuel: DoSnapshotSet
Error: (12/29/2018 01:23:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante MicrosoftEdge.exe, version : 11.0.17134.471, horodatage : 0x5c0b7893
Nom du module défaillant : ntdll.dll, version : 10.0.17134.471, horodatage : 0x7e614c22
Code d’exception : 0xcfffffff
Décalage d’erreur : 0x000000000009aa24
ID du processus défaillant : 0x1c14
Heure de début de l’application défaillante : 0x01d49f0c5ddbea9c
Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll
ID de rapport : fd0a47e2-58f9-4b80-aeba-6d4702136700
Nom complet du package défaillant : Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe
ID de l’application relative au package défaillant : MicrosoftEdge
Error: (12/29/2018 01:18:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante chrome.exe, version : 71.0.3578.98, horodatage : 0x5c0f4450
Nom du module défaillant : KERNELBASE.dll, version : 10.0.17134.441, horodatage : 0x428de48c
Code d’exception : 0xc06d007e
Décalage d’erreur : 0x000000000003a388
ID du processus défaillant : 0x1700
Heure de début de l’application défaillante : 0x01d49f0bff579d0e
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll
ID de rapport : a48c1d7f-534b-4e8a-97ae-032d037f1143
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (12/29/2018 01:18:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante chrome.exe, version : 71.0.3578.98, horodatage : 0x5c0f4450
Nom du module défaillant : KERNELBASE.dll, version : 10.0.17134.441, horodatage : 0x428de48c
Code d’exception : 0xc06d007e
Décalage d’erreur : 0x000000000003a388
ID du processus défaillant : 0x2120
Heure de début de l’application défaillante : 0x01d49f0bf50f3972
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll
ID de rapport : a50b91e1-317a-446d-9378-bca54810cea6
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (12/29/2018 01:17:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante chrome.exe, version : 71.0.3578.98, horodatage : 0x5c0f4450
Nom du module défaillant : KERNELBASE.dll, version : 10.0.17134.441, horodatage : 0x428de48c
Code d’exception : 0xc06d007e
Décalage d’erreur : 0x000000000003a388
ID du processus défaillant : 0x3798
Heure de début de l’application défaillante : 0x01d49f0bdf909ace
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll
ID de rapport : 808cc6c5-3214-4e63-9eec-0aa003faf76c
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (12/29/2018 01:15:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante chrome.exe, version : 71.0.3578.98, horodatage : 0x5c0f4450
Nom du module défaillant : KERNELBASE.dll, version : 10.0.17134.441, horodatage : 0x428de48c
Code d’exception : 0xc06d007e
Décalage d’erreur : 0x000000000003a388
ID du processus défaillant : 0x3758
Heure de début de l’application défaillante : 0x01d49f0b8a48b325
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll
ID de rapport : cd170491-a197-46a1-ae61-b49f1086f45c
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Erreurs système:
=============
Error: (12/29/2018 01:33:02 AM) (Source: DCOM) (EventID: 10010) (User: 97-PC)
Description: Le serveur {9E175B6D-F52A-11D8-B9A5-505054503030} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/29/2018 01:31:02 AM) (Source: DCOM) (EventID: 10010) (User: 97-PC)
Description: Le serveur {9E175B6D-F52A-11D8-B9A5-505054503030} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/29/2018 01:29:02 AM) (Source: DCOM) (EventID: 10010) (User: 97-PC)
Description: Le serveur {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/29/2018 01:28:42 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Exécution pour l’application serveur COM avec le CLSID
Windows.SecurityCenter.WscBrokerManager
et l’APPID
Non disponible
au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (12/29/2018 01:27:02 AM) (Source: DCOM) (EventID: 10010) (User: 97-PC)
Description: Le serveur {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/29/2018 01:26:41 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Le service Gestionnaire des cartes téléchargées est en attente de démarrage.
Error: (12/29/2018 01:25:02 AM) (Source: DCOM) (EventID: 10010) (User: 97-PC)
Description: Le serveur {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/29/2018 01:24:40 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Le service Optimisation de livraison est en attente de démarrage.
Windows Defender:
===================================
Date: 2018-12-29 01:04:40.321
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Cloxer.D!cl&threatid=2147726003&enterprise=0
Nom : Trojan:Win32/Cloxer.D!cl
ID : 2147726003
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_C:\Users\97\AppData\Local\Temp\RarSFX0\LogicHandler.exe
Origine de la détection : Ordinateur local
Type de détection : Chemin rapide
Source de détection : Protection en temps réel
Utilisateur : 97-PC\97
Nom du processus : C:\Program Files\CCleaner\CCleaner64.exe
Version de la signature : AV: 1.283.1707.0, AS: 1.283.1707.0, NIS: 1.283.1707.0
Version du moteur : AM: 1.1.15500.2, NIS: 1.1.15500.2
Date: 2018-12-29 01:04:37.572
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Nom : Trojan:Win32/Occamy.C
ID : 2147726780
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_C:\Users\97\AppData\Local\Temp\po2iupid.ekc\ppi02.exe
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : 97-PC\97
Nom du processus : C:\Program Files\CCleaner\CCleaner64.exe
Version de la signature : AV: 1.283.1707.0, AS: 1.283.1707.0, NIS: 1.283.1707.0
Version du moteur : AM: 1.1.15500.2, NIS: 1.1.15500.2
Date: 2018-12-29 01:04:20.319
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanSpy:Win32/SocStealer!rfn&threatid=2147724296&enterprise=0
Nom : TrojanSpy:Win32/SocStealer!rfn
ID : 2147724296
Gravité : Grave
Catégorie : Logiciel de surveillance de cheval de Troie
Chemin : file:_C:\Users\97\AppData\Local\Temp\1wlxayf4.0r1\system.exe
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : 97-PC\97
Nom du processus : C:\Program Files\CCleaner\CCleaner64.exe
Version de la signature : AV: 1.283.1707.0, AS: 1.283.1707.0, NIS: 1.283.1707.0
Version du moteur : AM: 1.1.15500.2, NIS: 1.1.15500.2
Date: 2018-12-29 01:04:13.590
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Woreflint.A!cl&threatid=2147723317&enterprise=0
Nom : Trojan:Win32/Woreflint.A!cl
ID : 2147723317
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_C:\Users\97\AppData\Local\Microsoft\Windows\INetCache\IE\8TTIMDJH\void1[1].exe
Origine de la détection : Internet
Type de détection : Chemin rapide
Source de détection : Protection en temps réel
Utilisateur : 97-PC\97
Nom du processus : C:\Program Files\CCleaner\CCleaner64.exe
Version de la signature : AV: 1.283.1707.0, AS: 1.283.1707.0, NIS: 1.283.1707.0
Version du moteur : AM: 1.1.15500.2, NIS: 1.1.15500.2
Date: 2018-12-29 01:04:11.968
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanSpy:MSIL/Omaneat.B&threatid=2147697422&enterprise=0
Nom : TrojanSpy:MSIL/Omaneat.B
ID : 2147697422
Gravité : Grave
Catégorie : Logiciel de surveillance de cheval de Troie
Chemin : file:_C:\Users\97\AppData\Local\Microsoft\Windows\INetCache\IE\5PTSXF06\App[1].bin
Origine de la détection : Internet
Type de détection : Chemin rapide
Source de détection : Protection en temps réel
Utilisateur : 97-PC\97
Nom du processus : C:\Program Files\CCleaner\CCleaner64.exe
Version de la signature : AV: 1.283.1707.0, AS: 1.283.1707.0, NIS: 1.283.1707.0
Version du moteur : AM: 1.1.15500.2, NIS: 1.1.15500.2
Date: 2018-12-29 01:05:50.728
Description:
Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures.
Nouvelle version de la signature :
Version précédente de la signature : 1.283.1707.0
Source de mise à jour : Serveur Microsoft Update
Type de signature : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.15500.2
Code d’erreur : 0x80240438
Description de l’erreur : Un problème inattendu s’est produit lors de la vérification des mises à jour. Pour plus d’informations sur l’installation ou la résolution des problèmes de mise à jour, voir Aide et support.
CodeIntegrity:
===================================
Date: 2018-12-13 21:13:07.550
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2018-12-13 21:13:07.526
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2018-12-13 21:13:07.501
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2018-12-13 21:13:07.381
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2018-12-13 21:13:07.358
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2018-12-13 21:13:07.340
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2018-12-13 21:13:06.379
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2018-12-13 21:13:06.076
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i5-4690 CPU @ 3.50GHz
Pourcentage de mémoire utilisée: 45%
Mémoire physique - RAM - totale: 8133.76 MB
Mémoire physique - RAM - disponible: 4395.68 MB
Mémoire virtuelle totale: 16325.76 MB
Mémoire virtuelle disponible: 12126.11 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:930.97 GB) (Free:209.21 GB) NTFS
\\?\Volume{ce35e1ed-2c48-11e6-8bde-806e6f6e6963}\ (Réservé au système) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{f31d924e-0000-0000-0000-a0c4e8000000}\ () (Fixed) (Total:0.44 GB) (Free:0.04 GB) NTFS
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F31D924E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== Fin de Addition.txt ============================