Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 09.01.2019 01
Exécuté par k0reD (10-01-2019 20:09:04)
Exécuté depuis C:\Users\k0reD\Desktop
Windows 10 Home Version 1809 17763.107 (X64) (2018-12-20 18:41:23)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-2157465606-1905210227-2452084031-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2157465606-1905210227-2452084031-503 - Limited - Disabled)
Invité (S-1-5-21-2157465606-1905210227-2452084031-501 - Limited - Disabled)
k0reD (S-1-5-21-2157465606-1905210227-2452084031-1001 - Administrator - Enabled) => C:\Users\k0reD
k0zXxZ (S-1-5-21-2157465606-1905210227-2452084031-1005 - Administrator - Enabled) => C:\Users\k0zXxZ
WDAGUtilityAccount (S-1-5-21-2157465606-1905210227-2452084031-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
7-Zip 18.06 (x64) (HKLM\...\7-Zip) (Version: 18.06 - Igor Pavlov)
Adobe After Effects CC 2019 (HKLM-x32\...\AEFT_16_0_1) (Version: 16.0.1 - Adobe Systems Incorporated)
Adobe Animate CC 2019 (HKLM-x32\...\FLPR_19_1) (Version: 19.1 - Adobe Systems Incorporated)
Adobe Audition CC 2019 (HKLM-x32\...\AUDT_12_0_1) (Version: 12.0.1 - Adobe Systems Incorporated)
Adobe Bridge CC 2019 (HKLM-x32\...\KBRG_9_0_2) (Version: 9.0.2 - Adobe Systems Incorporated)
Adobe Character Animator CC 2019 (HKLM-x32\...\CHAR_2_0_1) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Dimension CC (HKLM-x32\...\ESHR_2_1) (Version: 2.1 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2019 (HKLM-x32\...\DRWV_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Illustrator CC 2019 (HKLM-x32\...\ILST_23_0_1) (Version: 23.0.1 - Adobe Systems Incorporated)
Adobe InCopy CC 2019 (HKLM-x32\...\AICY_14_0) (Version: 14.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2019 (HKLM-x32\...\IDSN_14_0_1) (Version: 14.0.1 - Adobe Systems Incorporated)
Adobe Lightroom CC (HKLM-x32\...\LRCC_2_1_1) (Version: 2.1.1 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_1) (Version: 8.1 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2019 (HKLM-x32\...\AME_13_0_2) (Version: 13.0.2 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_1) (Version: 20.0.1 - Adobe Systems Incorporated)
Adobe Prelude CC 2019 (HKLM-x32\...\PRLD_8_0_1) (Version: 8.0.1 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2019 (HKLM-x32\...\PPRO_13_0_2) (Version: 13.0.2 - Adobe Systems Incorporated)
Adobe Premiere Rush CC (HKLM-x32\...\RUSH_1_0_2) (Version: 1.0.2 - Adobe Systems Incorporated)
Assistant Mise à jour de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
Atom (HKU\S-1-5-21-2157465606-1905210227-2452084031-1001\...\atom) (Version: 1.34.0 - GitHub Inc.)
Brackets (HKLM-x32\...\{3467C87A-754F-490F-A288-BADC1CE46826}) (Version: 1.13.17699 - brackets.io)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Discord (HKU\S-1-5-21-2157465606-1905210227-2452084031-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{F994125B-7BF5-4A38-A569-82833CEB24DC}) (Version: 0.8.4.83 - Dolby Laboratories, Inc.)
Epic Games Launcher (HKLM-x32\...\{A17FC61C-F723-4856-9116-3087712BCB11}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lucinite Panels 3.0.1405.266 (HKU\S-1-5-21-2157465606-1905210227-2452084031-1001\...\Lucinite Panels_is1) (Version: 3.0.1405.266 - Lucinite)
Microsoft Office Professional Plus 2019 - fr-fr (HKLM\...\ProPlus2019Retail - fr-fr) (Version: 16.0.11029.20108 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Mises à jour NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
Mozilla Firefox 64.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 64.0.2 (x64 en-US)) (Version: 64.0.2 - Mozilla)
Mozilla Firefox 65.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 65.0 (x86 en-US)) (Version: 65.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0 - Mozilla)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.6.2 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Opera Neon (HKU\S-1-5-21-2157465606-1905210227-2452084031-1001\...\Opera Neon) (Version: 1.0.2531.0 - Opera Software AS)
Panneau de configuration NVIDIA 411.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 411.63 - NVIDIA Corporation) Hidden
Pascal XE (HKLM-x32\...\{B1AC4466-9536-4F0B-B11C-1842E82D7CA3}_is1) (Version: 2.1.0.322 - The Tunisian Community of Computer Teachers)
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 3.0.61.0 - Goversoft LLC)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.10.0 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.21.1 - Razer Inc.)
Revo Uninstaller Pro 4.0.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.0.5 - VS Revo Group, Ltd.)
Spotify (HKU\S-1-5-21-2157465606-1905210227-2452084031-1001\...\Spotify) (Version: 1.0.96.181.gf6bc1b6b - Spotify AB)
Stardock WindowFX (HKLM-x32\...\WindowFX) (Version: 6.04 - Stardock Software, Inc.)
StartIsBack++ (HKU\S-1-5-21-2157465606-1905210227-2452084031-1001\...\StartIsBack) (Version: 2.7.3 - startisback.com)
Sublime Text Build 3176 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.14.1 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH)
UltraUXThemePatcher (HKLM-x32\...\UltraUXThemePatcher) (Version: 3.5.0.0 - Manuel Hoefs (Zottel))
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
UsbFix Anti-Malware Premium (HKLM-x32\...\Usbfix) (Version: 11.0.1.0 - SOSVirus (SOSVirus.Net))
VMware Workstation (HKLM\...\{431EEEDD-6D71-4269-8F7F-836CFAF69A17}) (Version: 15.0.2 - VMware, Inc.)
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
Winaero Tweaker (HKLM\...\Winaero Tweaker_is1) (Version: 0.12.1.0 - Winaero)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-2157465606-1905210227-2452084031-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-1B6014C9BE58}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2157465606-1905210227-2452084031-1001_Classes\CLSID\{3D3B1846-CC43-42AE-BFF9-D914083C2BA3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfPreview.dll ()
CustomCLSID: HKU\S-1-5-21-2157465606-1905210227-2452084031-1001_Classes\CLSID\{55808EA8-81FE-43c6-AAE8-1D8149F941D3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfFilter.dll ()
CustomCLSID: HKU\S-1-5-21-2157465606-1905210227-2452084031-1001_Classes\CLSID\{865e5e76-ad83-4dca-a109-50dc2113ce9b}\InprocServer32 -> C:\Users\k0reD\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2157465606-1905210227-2452084031-1001_Classes\CLSID\{99E2B362-3E4E-4255-9B29-41A7F40777BA}\InprocServer32 -> C:\Users\k0reD\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2157465606-1905210227-2452084031-1001_Classes\CLSID\{99E2B362-3E4E-4255-9B29-41A7F40777BB}\InprocServer32 -> C:\Users\k0reD\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2157465606-1905210227-2452084031-1001_Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c9}\InprocServer32 -> C:\Users\k0reD\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2157465606-1905210227-2452084031-1001_Classes\CLSID\{AD1405D2-30CF-4877-8468-1EE1C52C759F}\InprocServer32 -> C:\Users\k0reD\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2157465606-1905210227-2452084031-1001_Classes\CLSID\{c71c41f1-ddad-42dc-a8fc-f5bfc61df958}\InprocServer32 -> C:\Users\k0reD\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2157465606-1905210227-2452084031-1001_Classes\CLSID\{E5C31EC8-C5E6-4E07-957E-944DB4AAD85E}\InprocServer32 -> C:\Users\k0reD\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2157465606-1905210227-2452084031-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (IvoSoft)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-12-31] ()
ContextMenuHandlers1: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll [2019-01-05] ()
ContextMenuHandlers2: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll [2019-01-05] ()
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2018-11-21] (VMware, Inc.)
ContextMenuHandlers2-x32: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2018-11-21] (VMware, Inc.)
ContextMenuHandlers3: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll [2019-01-05] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov)
ContextMenuHandlers4: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll [2019-01-05] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e8abe176c7b553b5\igfxDTCM.dll [2018-08-08] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-09-18] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ContextMenuHandlers6: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll [2019-01-05] ()
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2018-09-06] (VS Revo Group)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-07-15] (IvoSoft)
FolderExtensions: [] -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} => D:\C;Images\All Desktop\ONE\OldNewExplorer64.dll [2017-08-16] (www.startisback.com)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {27A9000A-7B21-4F20-8E81-8CD0C2CE9B7B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-12-06] (NVIDIA Corporation)
Task: {3FB13650-84F1-40AF-974F-AC6F5E7CD83A} - System32\Tasks\AdobeGCInvoker-1.0-KOZX-k0reD => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-12-13] (Adobe Systems, Incorporated)
Task: {446F8C77-D4C7-433C-BDE1-D28BBE10E04E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {4D7CA087-BCDC-4CAC-94FD-D9819C8E1B06} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-12-16] (Microsoft Corporation)
Task: {52E48D28-8EFF-43A4-9E1C-5CB905F722FA} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation)
Task: {55FEF557-F7A1-492E-A8EA-24D13472EE38} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-16] (Microsoft Corporation)
Task: {5D6276E9-1C2D-48B3-9E69-F5135CDE3D5F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-12-16] (Microsoft Corporation)
Task: {5FAEC728-D725-485C-B27E-A85499F31BA8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-16] (Microsoft Corporation)
Task: {6414C889-4129-4932-BE3B-746F21E0F34A} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {67DF39D5-53FF-4203-A910-7D718D0B2333} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {6FE12702-2185-4297-916D-06B7872B7C7E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation)
Task: {7945234C-4028-40AC-A367-E5DB99296FE4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation)
Task: {7EB16030-5119-4C79-A242-0E1734D9D978} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe [2019-01-05] (Goversoft LLC)
Task: {8A9D5AEE-DA9D-4619-82C4-3A2CB6696985} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-12-06] (NVIDIA Corporation)
Task: {9857B391-48C2-45AB-982A-1D4801E59F97} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-12-16] (Microsoft Corporation)
Task: {BAC3B107-AA16-4F74-8560-AD43B3DA35A8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-12-07] (Microsoft Corporation)
Task: {C097A455-37FB-483B-8EB0-7370C8F2E208} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {C3B74031-C893-4E9A-B16E-DE190179B412} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-12-16] (Microsoft Corporation)
Task: {D0164F6A-334E-48CC-9CAE-162BDA5A96AB} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {D9280AB0-8087-47FF-B2C5-7A5FCC75D5F6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-12-16] (Microsoft Corporation)
Task: {E079A06B-9E3A-4EA0-9D04-EB91879ABE32} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-12-07] (Microsoft Corporation)
Task: {E1601E6D-359C-4F9B-B421-8C4D0741A49E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-12-06] (NVIDIA Corporation)
Task: {E39F8E32-F4B6-44B2-B8AF-D84A6CFEB7B8} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-09-15] ()
Task: {EA660B4C-2392-4B89-BD62-CD79EDFB35B6} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-12-16] (Microsoft Corporation)
Task: {F0679845-3714-4A51-9C19-DA3F3CB03DE4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-16] (Microsoft Corporation)
Task: {F55E4BE2-DFC6-4FD8-9EBD-9CCA91FF3B7D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-16] (Microsoft Corporation)
Task: {F922AE0B-9B9F-41EA-A2A8-74E20B265E27} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
==================== Modules chargés (Avec liste blanche) ==============
2018-12-16 18:22 - 2018-09-18 13:36 - 000143344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-09-15 07:28 - 2018-09-15 07:28 - 000834088 _____ () C:\Windows\System32\InputHost.dll
2015-07-13 16:49 - 2015-07-13 16:49 - 000597496 _____ () C:\Program Files (x86)\Stardock\WindowFX\WFX32.exe
2019-01-04 23:17 - 2018-12-06 10:11 - 001315208 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-11-21 01:29 - 2018-11-21 01:29 - 015446960 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2018-03-05 20:47 - 2018-03-05 20:47 - 000614848 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-09-15 07:28 - 2018-09-15 07:28 - 000474624 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-09-15 07:28 - 2018-09-15 07:28 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-09-15 07:28 - 2018-09-15 07:28 - 001740288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-09-15 16:41 - 2018-09-15 16:41 - 000144384 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.26.95.0_x64__kzf8qxf38zg5c\SkypeHelper.exe
2018-09-15 16:41 - 2018-09-15 16:41 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.26.95.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-09-15 16:41 - 2018-09-15 16:41 - 000058880 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.26.95.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-09-15 16:42 - 2018-09-15 16:42 - 026902016 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.20211.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-09-15 16:42 - 2018-09-15 16:42 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.20211.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-09-15 16:42 - 2018-09-15 16:42 - 006736384 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.20211.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-09-15 16:42 - 2018-09-15 16:42 - 009360384 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.20211.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-09-15 16:42 - 2018-09-15 16:42 - 000093696 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.49.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-09-15 16:42 - 2018-09-15 16:42 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.49.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-09-15 16:42 - 2018-09-15 16:42 - 007813632 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.49.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2018-09-15 16:44 - 2018-09-15 16:44 - 000475136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.21218.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-09-15 16:44 - 2018-09-15 16:44 - 024116736 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.21218.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-09-15 16:44 - 2018-09-15 16:44 - 014214144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.21218.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-09-15 16:44 - 2018-09-15 16:44 - 002803712 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.21218.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-09-15 16:44 - 2018-09-15 16:44 - 001405440 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.21218.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-09-15 16:44 - 2018-09-15 16:44 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.21218.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-12-16 18:42 - 2018-12-16 18:42 - 098275328 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2018-12-16 18:42 - 2018-12-16 18:42 - 003922432 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2018-12-16 18:42 - 2018-12-16 18:42 - 000092672 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2018-11-21 01:24 - 2018-11-21 01:24 - 000091568 _____ () C:\Program Files (x86)\VMware\VMware Workstation\zlib1.dll
2018-11-21 01:29 - 2018-11-21 01:29 - 002035120 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2018-11-21 01:29 - 2018-11-21 01:29 - 000141744 _____ () C:\Program Files (x86)\VMware\VMware Workstation\expat.dll
2019-01-04 23:17 - 2018-12-06 10:11 - 001033096 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-10-15 05:15 - 2018-10-15 05:15 - 000143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [466]
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
==================== Hosts contenu: ==========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2019-01-05 15:10 - 2018-12-16 20:37 - 000047884 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msn.com
0.0.0.0 a23-218-212-69.deploy.static.akamaitechnologies.com
0.0.0.0 a248.e.akamai.net
0.0.0.0 a1961.g.akamai.net
0.0.0.0 a1856.g2.akamai.net
0.0.0.0 a1621.g.akamai.net
0.0.0.0 ads.msn.com
0.0.0.0 ads.msn.com.nsatc.net
0.0.0.0 ads1.msn.com
0.0.0.0 ads1.msads.net
0.0.0.0 adnexus.net
0.0.0.0 adnxs.com
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 choice.microsoft.com
0.0.0.0 choice.microsoft.com.nsatc.net
0.0.0.0 compatexchange.cloudapp.net
0.0.0.0 corpext.msitadfs.glbdns2.microsoft.com
0.0.0.0 cdnjs.cloudflare.com.cdn.cloudflare.net
0.0.0.0 cs1.wpc.v0cdn.net
0.0.0.0 cdp1.public-trust.com
0.0.0.0 corp.sts.microsoft.com
0.0.0.0 diagnostics.support.microsoft.com
0.0.0.0 df.telemetry.microsoft.com
0.0.0.0 e2835.dspb.akamaiedge.net
0.0.0.0 e8218.ce.akamaiedge.net
0.0.0.0 e7341.g.akamaiedge.net
0.0.0.0 e7502.ce.akamaiedge.net
0.0.0.0 feedback.windows.com
Il y a 1390 plus de lignes.
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Brackets\command;C:\Users\k0reD\AppData\Local\Microsoft\WindowsApps;C:\Users\k0reD\AppData\Local\atom\bin;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-2157465606-1905210227-2452084031-1001\Control Panel\Desktop\\Wallpaper -> D:\C;Images\All Desktop\Fond d'écran\127.0.0.1yellow.jpg
DNS Servers: 1.1.1.1 - 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKLM\...\StartupApproved\Run32: => "Kraken0502Launcher"
HKU\S-1-5-21-2157465606-1905210227-2452084031-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2157465606-1905210227-2452084031-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2157465606-1905210227-2452084031-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-2157465606-1905210227-2452084031-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2157465606-1905210227-2452084031-1001\...\StartupApproved\Run: => "Panels"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{8A9D2F0A-DFC4-4C95-9646-F0AF403E0A7B}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe ()
FirewallRules: [{847F864A-CC33-4F72-AD5B-01DFB93B4BBA}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe ()
FirewallRules: [{0042EC17-04DF-4DA2-AE6D-297FABA5CC37}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
FirewallRules: [{96208591-64DF-43AD-8BED-E6FEDAA49751}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
FirewallRules: [UDP Query User{E95159BD-F6A4-4666-88F8-B56850F39E67}C:\program files\adobe\adobe dreamweaver cc 2019\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2019\node\node.exe (Node.js)
FirewallRules: [TCP Query User{7DCF7C20-A2E6-4469-84DA-F6A548D02E77}C:\program files\adobe\adobe dreamweaver cc 2019\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2019\node\node.exe (Node.js)
FirewallRules: [{A4413A35-F839-43C0-AD3F-0523391FD1D3}] => (Block) C:\Windows\explorer.exe (Microsoft Corporation)
FirewallRules: [{2765E0F4-2918-4A46-B9C9-43CDD8FCBA2B}] => (Block) C:\windows\systemapps\microsoft.windows.cortana_cw5n1h2txyewy\searchui.exe (Microsoft Corporation)
FirewallRules: [{60E6D465-398E-4850-BE86-7EF7620A2377}] => (Block) C:\windows\system32\svchost.exe (Microsoft Corporation)
FirewallRules: [{95F24381-DAC6-42A5-8D3A-D0394AB59802}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{6B51F381-8705-4852-BAAF-08FFEB1AB1E8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{5470B444-9787-446E-846F-139CF983D67C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation)
FirewallRules: [{C2221B25-CE5F-4EF5-B949-8757494BEB3A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation)
FirewallRules: [{8552CDAD-5F1B-4ADA-BFA6-3CED3D3B7EE2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation)
FirewallRules: [UDP Query User{F5623A4C-99BB-4A7D-9347-AFD7BE4DDBA4}C:\users\k0red\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\k0red\appdata\roaming\spotify\spotify.exe (Spotify Ltd)
FirewallRules: [TCP Query User{66796A9E-8B9B-4735-B032-ECBA4D72A04E}C:\users\k0red\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\k0red\appdata\roaming\spotify\spotify.exe (Spotify Ltd)
FirewallRules: [UDP Query User{AA920038-F3E9-4448-9DC0-33AE60B5278A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{C9DC1950-6975-4D6A-B1D5-E14C9FBA9C33}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [{518A6B3F-A5ED-4E69-8E16-07DC2A5FB0F1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{B0F11FB9-7DEF-4D50-9B1E-559A3A5ADF40}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [TCP Query User{346DC1E3-0E8C-40A9-9EF2-893EB218389B}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{276BADD6-8AAC-4273-AA6C-155E6C0A5468}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games, Inc.)
FirewallRules: [{7BB5DC51-8296-4B2C-BB02-4CD7EAE19FC6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{1DC018D5-C5CE-4DD2-80AD-371159059E14}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{EF13E105-BEE2-48C7-927D-9EF706EA4905}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{787644AE-1F6B-42BE-A89E-28B154F47528}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{F5CE705F-53FC-42A6-BCE0-7DFF8A70B427}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{936DA115-7614-4A00-8A79-5028F55B8FFF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{DBF7EE73-52E6-4146-A497-D87B226ADA07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{054EA770-59CA-497B-8B6B-7B3F802DAD00}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [TCP Query User{F6175D23-30FB-49DC-A7E1-D1543B055203}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe (Node.js)
FirewallRules: [UDP Query User{7F3BF0E9-796E-4A0E-AFE0-B0EA6C4FA96B}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe (Node.js)
==================== Points de restauration =========================
07-01-2019 19:34:19 Point de contrôle planifié
==================== Éléments en erreur du Gestionnaire de périphériques =============
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (01/10/2019 08:02:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme ZHPDiag3.exe version 2019.1.7.5 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance.
ID de processus : 62c
Heure de début : 01d4a91f4f6ea797
Heure d'arrêt : 4294967295
Chemin d'accès à l'application : C:\Users\k0reD\Desktop\ZHPDiag3.exe
ID de rapport : d50f7a9b-b05c-4294-b92f-1040ffed2ab7
Nom complet du package défectueux :
ID de l'application relative à un package défectueux :
Type de blocage : Top level window is idle
Error: (01/10/2019 06:10:43 PM) (Source: CertEnroll) (EventID: 87) (User: AUTORITE NT)
Description: Échec de l’inscription du certificat SCEP pour WORKGROUP\KOZX$ via https://INTC-KeyId-5e73c89aa3e902b272b9f0741f7d8730e3ec724a.microsoftaik.azure.net/templates/Aik/scep :
SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request: 0x80070057."}
HTTP/1.1 400 Bad Request
Cache-Control: no-cache
Date: Thu, 10 Jan 2019 18:10:40 GMT
Pragma: no-cache
Content-Length: 86
Content-Type: application/json; charset=utf-8
Expires: -1
x-ms-request-id: aa1dec98-6276-49c2-b750-0529364c51cf
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
Méthode : POST(6016ms)
Étape : SubmitDone
Demande incorrecte (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)
Error: (01/10/2019 06:03:25 PM) (Source: CertEnroll) (EventID: 87) (User: AUTORITE NT)
Description: Échec de l’inscription du certificat SCEP pour WORKGROUP\KOZX$ via https://INTC-KeyId-5e73c89aa3e902b272b9f0741f7d8730e3ec724a.microsoftaik.azure.net/templates/Aik/scep :
SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request: 0x80070057."}
HTTP/1.1 400 Bad Request
Cache-Control: no-cache
Date: Thu, 10 Jan 2019 18:03:23 GMT
Pragma: no-cache
Content-Length: 86
Content-Type: application/json; charset=utf-8
Expires: -1
x-ms-request-id: d555bcc4-bd64-4ba6-8527-313132229d28
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
Méthode : POST(3203ms)
Étape : SubmitDone
Demande incorrecte (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)
Error: (01/09/2019 07:22:33 PM) (Source: CertEnroll) (EventID: 87) (User: AUTORITE NT)
Description: Échec de l’inscription du certificat SCEP pour WORKGROUP\KOZX$ via https://INTC-KeyId-5e73c89aa3e902b272b9f0741f7d8730e3ec724a.microsoftaik.azure.net/templates/Aik/scep :
SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request: 0x80070057."}
HTTP/1.1 400 Bad Request
Cache-Control: no-cache
Date: Wed, 09 Jan 2019 19:22:31 GMT
Pragma: no-cache
Content-Length: 86
Content-Type: application/json; charset=utf-8
Expires: -1
x-ms-request-id: d379164a-79a1-4ad3-bfa8-4977eb7a581d
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
Méthode : POST(3062ms)
Étape : SubmitDone
Demande incorrecte (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)
Error: (01/08/2019 11:05:44 PM) (Source: CertEnroll) (EventID: 87) (User: AUTORITE NT)
Description: Échec de l’inscription du certificat SCEP pour WORKGROUP\KOZX$ via https://INTC-KeyId-5e73c89aa3e902b272b9f0741f7d8730e3ec724a.microsoftaik.azure.net/templates/Aik/scep :
SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request: 0x80070057."}
HTTP/1.1 400 Bad Request
Cache-Control: no-cache
Date: Tue, 08 Jan 2019 23:05:42 GMT
Pragma: no-cache
Content-Length: 86
Content-Type: application/json; charset=utf-8
Expires: -1
Server: Microsoft-IIS/10.0
x-ms-request-id: d70a2a6a-4860-421d-9496-ad79ac99c374
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
Méthode : POST(3953ms)
Étape : SubmitDone
Demande incorrecte (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)
Error: (01/08/2019 06:15:48 PM) (Source: CertEnroll) (EventID: 87) (User: AUTORITE NT)
Description: Échec de l’inscription du certificat SCEP pour WORKGROUP\KOZX$ via https://INTC-KeyId-5e73c89aa3e902b272b9f0741f7d8730e3ec724a.microsoftaik.azure.net/templates/Aik/scep :
SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request: 0x80070057."}
HTTP/1.1 400 Bad Request
Cache-Control: no-cache
Date: Tue, 08 Jan 2019 18:15:46 GMT
Pragma: no-cache
Content-Length: 86
Content-Type: application/json; charset=utf-8
Expires: -1
x-ms-request-id: 870ebc18-6095-4073-a98c-88af68158622
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
Méthode : POST(3547ms)
Étape : SubmitDone
Demande incorrecte (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)
Error: (01/08/2019 06:12:57 PM) (Source: CertEnroll) (EventID: 87) (User: AUTORITE NT)
Description: Échec de l’inscription du certificat SCEP pour WORKGROUP\KOZX$ via https://INTC-KeyId-5e73c89aa3e902b272b9f0741f7d8730e3ec724a.microsoftaik.azure.net/templates/Aik/scep :
SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request: 0x80070057."}
HTTP/1.1 400 Bad Request
Cache-Control: no-cache
Date: Tue, 08 Jan 2019 18:12:54 GMT
Pragma: no-cache
Content-Length: 86
Content-Type: application/json; charset=utf-8
Expires: -1
x-ms-request-id: 52070e66-2421-419b-b40a-6641b2d59f87
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
Méthode : POST(6859ms)
Étape : SubmitDone
Demande incorrecte (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)
Error: (01/07/2019 11:15:05 PM) (Source: CertEnroll) (EventID: 87) (User: AUTORITE NT)
Description: Échec de l’inscription du certificat SCEP pour WORKGROUP\KOZX$ via https://INTC-KeyId-5e73c89aa3e902b272b9f0741f7d8730e3ec724a.microsoftaik.azure.net/templates/Aik/scep :
SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request: 0x80070057."}
HTTP/1.1 400 Bad Request
Cache-Control: no-cache
Date: Mon, 07 Jan 2019 23:15:03 GMT
Pragma: no-cache
Content-Length: 86
Content-Type: application/json; charset=utf-8
Expires: -1
x-ms-request-id: 89107890-bd9a-48d2-8066-2626352bfaba
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
Méthode : POST(3219ms)
Étape : SubmitDone
Demande incorrecte (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)
Erreurs système:
=============
Error: (01/10/2019 07:59:28 PM) (Source: DCOM) (EventID: 10016) (User: KOZX)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
et l’APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
au SID KOZX\k0reD de l’utilisateur (S-1-5-21-2157465606-1905210227-2452084031-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (01/10/2019 07:59:28 PM) (Source: DCOM) (EventID: 10016) (User: KOZX)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
et l’APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
au SID KOZX\k0reD de l’utilisateur (S-1-5-21-2157465606-1905210227-2452084031-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (01/10/2019 07:45:39 PM) (Source: DCOM) (EventID: 10016) (User: KOZX)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
et l’APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
au SID KOZX\k0reD de l’utilisateur (S-1-5-21-2157465606-1905210227-2452084031-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (01/10/2019 07:45:39 PM) (Source: DCOM) (EventID: 10016) (User: KOZX)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
et l’APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
au SID KOZX\k0reD de l’utilisateur (S-1-5-21-2157465606-1905210227-2452084031-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (01/10/2019 07:11:34 PM) (Source: DCOM) (EventID: 10016) (User: KOZX)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
et l’APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
au SID KOZX\k0reD de l’utilisateur (S-1-5-21-2157465606-1905210227-2452084031-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (01/10/2019 07:11:34 PM) (Source: DCOM) (EventID: 10016) (User: KOZX)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
et l’APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
au SID KOZX\k0reD de l’utilisateur (S-1-5-21-2157465606-1905210227-2452084031-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (01/10/2019 07:10:06 PM) (Source: DCOM) (EventID: 10016) (User: KOZX)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
et l’APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
au SID KOZX\k0reD de l’utilisateur (S-1-5-21-2157465606-1905210227-2452084031-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (01/10/2019 07:10:06 PM) (Source: DCOM) (EventID: 10016) (User: KOZX)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
et l’APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
au SID KOZX\k0reD de l’utilisateur (S-1-5-21-2157465606-1905210227-2452084031-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Windows Defender:
===================================
Date: 2019-01-06 16:15:34.037
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {94A5700C-08B2-4E0A-AF84-F8889E1B77B5}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2018-12-29 19:42:46.928
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {A6099462-C3F1-457B-B9D3-251A12B5957D}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2018-12-29 19:23:28.415
Description:
Antivirus Windows Defender a détecté un comportement suspect.
Nom : Behavior:Win32/ModifiedBootRecord
ID : 2124244141
Gravité : Faible
Catégorie : Comportement suspect
Chemin trouvé : file:_C:\Users\k0reD\AppData\Local\Programs\balena-etcher\balenaEtcher.exe; process:_8164
Origine de la détection : Ordinateur local
Type de détection : Suspect
Source de détection : Protection en temps réel
État : Exécution
Utilisateur : KOZX\k0reD
Nom du processus : C:\Users\k0reD\AppData\Local\Programs\balena-etcher\balenaEtcher.exe
ID de signature : 23858570787236
Version de la signature : AV: 1.283.1793.0, AS: 1.283.1793.0
Version du moteur : 1.1.15500.2
Étiquette de fidélité : Moyen
Nom du fichier cible :
Date: 2018-12-23 20:13:26.091
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {1840E2D0-5923-4E82-9540-B301AEA46D21}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2018-12-23 12:18:39.098
Description:
Antivirus Windows Defender a rencontré une erreur lors du chargement des signatures et va tenter de rétablir un jeu de signatures approprié.
Signatures tentées : Actuelle
Code d’erreur : 0x80070003
Description de l’erreur : Le chemin d’accès spécifié est introuvable.
Version de la signature : 0.0.0.0;0.0.0.0
Version du moteur : 0.0.0.0
CodeIntegrity:
===================================
Date: 2019-01-10 20:06:51.067
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume8\C;Images\All Desktop\ONE\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-01-09 21:49:44.415
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume8\C;Images\All Desktop\ONE\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-01-07 22:27:52.242
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume8\C;Images\All Desktop\ONE\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-01-05 18:47:58.018
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume8\C;Images\All Desktop\ONE\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-01-05 16:05:08.823
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume8\C;Images\All Desktop\ONE\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-01-05 16:03:40.326
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume8\C;Images\All Desktop\ONE\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-01-05 15:17:20.418
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume8\C;Images\All Desktop\ONE\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-12-29 19:19:59.021
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume8\C;Images\All Desktop\ONE\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Pourcentage de mémoire utilisée: 49%
Mémoire physique - RAM - totale: 8068.05 MB
Mémoire physique - RAM - disponible: 4067.21 MB
Mémoire virtuelle totale: 10884.05 MB
Mémoire virtuelle disponible: 4685.54 MB
==================== Lecteurs ================================
Drive c: (Système) (Fixed) (Total:221.98 GB) (Free:113.65 GB) NTFS
Drive d: (Files) (Fixed) (Total:909.18 GB) (Free:594.55 GB) NTFS
\\?\Volume{dfc435c3-8bd9-4b6d-8f0a-2ac4f8faa76e}\ (Récupération) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{cce4b817-b71b-4f2f-8344-24a43fcbd695}\ () (Fixed) (Total:0.88 GB) (Free:0.39 GB) NTFS
\\?\Volume{72798ead-7c6d-403c-b5ee-98f5fbefdbc6}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.57 GB) NTFS
\\?\Volume{95b1ab05-6e4c-4249-b923-bd55a48cfecc}\ (LENOVO_PART) (Fixed) (Total:20 GB) (Free:6.78 GB) NTFS
\\?\Volume{c62e7631-559f-4bd1-973f-557c78c1c231}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
\\?\Volume{9f9c4ba2-ab28-4bd6-b446-bd604ef8f2d5}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 3B35A373)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: B47B5C90)
Partition: GPT.
==================== Fin de Addition.txt ============================
Exécuté par k0reD (10-01-2019 20:09:04)
Exécuté depuis C:\Users\k0reD\Desktop
Windows 10 Home Version 1809 17763.107 (X64) (2018-12-20 18:41:23)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-2157465606-1905210227-2452084031-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2157465606-1905210227-2452084031-503 - Limited - Disabled)
Invité (S-1-5-21-2157465606-1905210227-2452084031-501 - Limited - Disabled)
k0reD (S-1-5-21-2157465606-1905210227-2452084031-1001 - Administrator - Enabled) => C:\Users\k0reD
k0zXxZ (S-1-5-21-2157465606-1905210227-2452084031-1005 - Administrator - Enabled) => C:\Users\k0zXxZ
WDAGUtilityAccount (S-1-5-21-2157465606-1905210227-2452084031-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
7-Zip 18.06 (x64) (HKLM\...\7-Zip) (Version: 18.06 - Igor Pavlov)
Adobe After Effects CC 2019 (HKLM-x32\...\AEFT_16_0_1) (Version: 16.0.1 - Adobe Systems Incorporated)
Adobe Animate CC 2019 (HKLM-x32\...\FLPR_19_1) (Version: 19.1 - Adobe Systems Incorporated)
Adobe Audition CC 2019 (HKLM-x32\...\AUDT_12_0_1) (Version: 12.0.1 - Adobe Systems Incorporated)
Adobe Bridge CC 2019 (HKLM-x32\...\KBRG_9_0_2) (Version: 9.0.2 - Adobe Systems Incorporated)
Adobe Character Animator CC 2019 (HKLM-x32\...\CHAR_2_0_1) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Dimension CC (HKLM-x32\...\ESHR_2_1) (Version: 2.1 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2019 (HKLM-x32\...\DRWV_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Illustrator CC 2019 (HKLM-x32\...\ILST_23_0_1) (Version: 23.0.1 - Adobe Systems Incorporated)
Adobe InCopy CC 2019 (HKLM-x32\...\AICY_14_0) (Version: 14.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2019 (HKLM-x32\...\IDSN_14_0_1) (Version: 14.0.1 - Adobe Systems Incorporated)
Adobe Lightroom CC (HKLM-x32\...\LRCC_2_1_1) (Version: 2.1.1 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_1) (Version: 8.1 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2019 (HKLM-x32\...\AME_13_0_2) (Version: 13.0.2 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_1) (Version: 20.0.1 - Adobe Systems Incorporated)
Adobe Prelude CC 2019 (HKLM-x32\...\PRLD_8_0_1) (Version: 8.0.1 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2019 (HKLM-x32\...\PPRO_13_0_2) (Version: 13.0.2 - Adobe Systems Incorporated)
Adobe Premiere Rush CC (HKLM-x32\...\RUSH_1_0_2) (Version: 1.0.2 - Adobe Systems Incorporated)
Assistant Mise à jour de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
Atom (HKU\S-1-5-21-2157465606-1905210227-2452084031-1001\...\atom) (Version: 1.34.0 - GitHub Inc.)
Brackets (HKLM-x32\...\{3467C87A-754F-490F-A288-BADC1CE46826}) (Version: 1.13.17699 - brackets.io)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Discord (HKU\S-1-5-21-2157465606-1905210227-2452084031-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{F994125B-7BF5-4A38-A569-82833CEB24DC}) (Version: 0.8.4.83 - Dolby Laboratories, Inc.)
Epic Games Launcher (HKLM-x32\...\{A17FC61C-F723-4856-9116-3087712BCB11}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lucinite Panels 3.0.1405.266 (HKU\S-1-5-21-2157465606-1905210227-2452084031-1001\...\Lucinite Panels_is1) (Version: 3.0.1405.266 - Lucinite)
Microsoft Office Professional Plus 2019 - fr-fr (HKLM\...\ProPlus2019Retail - fr-fr) (Version: 16.0.11029.20108 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Mises à jour NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
Mozilla Firefox 64.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 64.0.2 (x64 en-US)) (Version: 64.0.2 - Mozilla)
Mozilla Firefox 65.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 65.0 (x86 en-US)) (Version: 65.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0 - Mozilla)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.6.2 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Opera Neon (HKU\S-1-5-21-2157465606-1905210227-2452084031-1001\...\Opera Neon) (Version: 1.0.2531.0 - Opera Software AS)
Panneau de configuration NVIDIA 411.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 411.63 - NVIDIA Corporation) Hidden
Pascal XE (HKLM-x32\...\{B1AC4466-9536-4F0B-B11C-1842E82D7CA3}_is1) (Version: 2.1.0.322 - The Tunisian Community of Computer Teachers)
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 3.0.61.0 - Goversoft LLC)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.10.0 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.21.1 - Razer Inc.)
Revo Uninstaller Pro 4.0.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.0.5 - VS Revo Group, Ltd.)
Spotify (HKU\S-1-5-21-2157465606-1905210227-2452084031-1001\...\Spotify) (Version: 1.0.96.181.gf6bc1b6b - Spotify AB)
Stardock WindowFX (HKLM-x32\...\WindowFX) (Version: 6.04 - Stardock Software, Inc.)
StartIsBack++ (HKU\S-1-5-21-2157465606-1905210227-2452084031-1001\...\StartIsBack) (Version: 2.7.3 - startisback.com)
Sublime Text Build 3176 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.14.1 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH)
UltraUXThemePatcher (HKLM-x32\...\UltraUXThemePatcher) (Version: 3.5.0.0 - Manuel Hoefs (Zottel))
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
UsbFix Anti-Malware Premium (HKLM-x32\...\Usbfix) (Version: 11.0.1.0 - SOSVirus (SOSVirus.Net))
VMware Workstation (HKLM\...\{431EEEDD-6D71-4269-8F7F-836CFAF69A17}) (Version: 15.0.2 - VMware, Inc.)
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
Winaero Tweaker (HKLM\...\Winaero Tweaker_is1) (Version: 0.12.1.0 - Winaero)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-2157465606-1905210227-2452084031-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-1B6014C9BE58}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2157465606-1905210227-2452084031-1001_Classes\CLSID\{3D3B1846-CC43-42AE-BFF9-D914083C2BA3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfPreview.dll ()
CustomCLSID: HKU\S-1-5-21-2157465606-1905210227-2452084031-1001_Classes\CLSID\{55808EA8-81FE-43c6-AAE8-1D8149F941D3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfFilter.dll ()
CustomCLSID: HKU\S-1-5-21-2157465606-1905210227-2452084031-1001_Classes\CLSID\{865e5e76-ad83-4dca-a109-50dc2113ce9b}\InprocServer32 -> C:\Users\k0reD\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2157465606-1905210227-2452084031-1001_Classes\CLSID\{99E2B362-3E4E-4255-9B29-41A7F40777BA}\InprocServer32 -> C:\Users\k0reD\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2157465606-1905210227-2452084031-1001_Classes\CLSID\{99E2B362-3E4E-4255-9B29-41A7F40777BB}\InprocServer32 -> C:\Users\k0reD\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2157465606-1905210227-2452084031-1001_Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c9}\InprocServer32 -> C:\Users\k0reD\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2157465606-1905210227-2452084031-1001_Classes\CLSID\{AD1405D2-30CF-4877-8468-1EE1C52C759F}\InprocServer32 -> C:\Users\k0reD\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2157465606-1905210227-2452084031-1001_Classes\CLSID\{c71c41f1-ddad-42dc-a8fc-f5bfc61df958}\InprocServer32 -> C:\Users\k0reD\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2157465606-1905210227-2452084031-1001_Classes\CLSID\{E5C31EC8-C5E6-4E07-957E-944DB4AAD85E}\InprocServer32 -> C:\Users\k0reD\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2157465606-1905210227-2452084031-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (IvoSoft)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-12-31] ()
ContextMenuHandlers1: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll [2019-01-05] ()
ContextMenuHandlers2: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll [2019-01-05] ()
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2018-11-21] (VMware, Inc.)
ContextMenuHandlers2-x32: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2018-11-21] (VMware, Inc.)
ContextMenuHandlers3: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll [2019-01-05] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov)
ContextMenuHandlers4: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll [2019-01-05] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e8abe176c7b553b5\igfxDTCM.dll [2018-08-08] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-09-18] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ContextMenuHandlers6: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll [2019-01-05] ()
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2018-09-06] (VS Revo Group)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-07-15] (IvoSoft)
FolderExtensions: [] -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} => D:\C;Images\All Desktop\ONE\OldNewExplorer64.dll [2017-08-16] (www.startisback.com)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {27A9000A-7B21-4F20-8E81-8CD0C2CE9B7B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-12-06] (NVIDIA Corporation)
Task: {3FB13650-84F1-40AF-974F-AC6F5E7CD83A} - System32\Tasks\AdobeGCInvoker-1.0-KOZX-k0reD => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-12-13] (Adobe Systems, Incorporated)
Task: {446F8C77-D4C7-433C-BDE1-D28BBE10E04E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {4D7CA087-BCDC-4CAC-94FD-D9819C8E1B06} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-12-16] (Microsoft Corporation)
Task: {52E48D28-8EFF-43A4-9E1C-5CB905F722FA} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation)
Task: {55FEF557-F7A1-492E-A8EA-24D13472EE38} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-16] (Microsoft Corporation)
Task: {5D6276E9-1C2D-48B3-9E69-F5135CDE3D5F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-12-16] (Microsoft Corporation)
Task: {5FAEC728-D725-485C-B27E-A85499F31BA8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-16] (Microsoft Corporation)
Task: {6414C889-4129-4932-BE3B-746F21E0F34A} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {67DF39D5-53FF-4203-A910-7D718D0B2333} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {6FE12702-2185-4297-916D-06B7872B7C7E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation)
Task: {7945234C-4028-40AC-A367-E5DB99296FE4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation)
Task: {7EB16030-5119-4C79-A242-0E1734D9D978} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe [2019-01-05] (Goversoft LLC)
Task: {8A9D5AEE-DA9D-4619-82C4-3A2CB6696985} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-12-06] (NVIDIA Corporation)
Task: {9857B391-48C2-45AB-982A-1D4801E59F97} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-12-16] (Microsoft Corporation)
Task: {BAC3B107-AA16-4F74-8560-AD43B3DA35A8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-12-07] (Microsoft Corporation)
Task: {C097A455-37FB-483B-8EB0-7370C8F2E208} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {C3B74031-C893-4E9A-B16E-DE190179B412} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-12-16] (Microsoft Corporation)
Task: {D0164F6A-334E-48CC-9CAE-162BDA5A96AB} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {D9280AB0-8087-47FF-B2C5-7A5FCC75D5F6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-12-16] (Microsoft Corporation)
Task: {E079A06B-9E3A-4EA0-9D04-EB91879ABE32} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-12-07] (Microsoft Corporation)
Task: {E1601E6D-359C-4F9B-B421-8C4D0741A49E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-12-06] (NVIDIA Corporation)
Task: {E39F8E32-F4B6-44B2-B8AF-D84A6CFEB7B8} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-09-15] ()
Task: {EA660B4C-2392-4B89-BD62-CD79EDFB35B6} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-12-16] (Microsoft Corporation)
Task: {F0679845-3714-4A51-9C19-DA3F3CB03DE4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-16] (Microsoft Corporation)
Task: {F55E4BE2-DFC6-4FD8-9EBD-9CCA91FF3B7D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-16] (Microsoft Corporation)
Task: {F922AE0B-9B9F-41EA-A2A8-74E20B265E27} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
==================== Modules chargés (Avec liste blanche) ==============
2018-12-16 18:22 - 2018-09-18 13:36 - 000143344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-09-15 07:28 - 2018-09-15 07:28 - 000834088 _____ () C:\Windows\System32\InputHost.dll
2015-07-13 16:49 - 2015-07-13 16:49 - 000597496 _____ () C:\Program Files (x86)\Stardock\WindowFX\WFX32.exe
2019-01-04 23:17 - 2018-12-06 10:11 - 001315208 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-11-21 01:29 - 2018-11-21 01:29 - 015446960 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2018-03-05 20:47 - 2018-03-05 20:47 - 000614848 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-09-15 07:28 - 2018-09-15 07:28 - 000474624 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-09-15 07:28 - 2018-09-15 07:28 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-09-15 07:28 - 2018-09-15 07:28 - 001740288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-09-15 16:41 - 2018-09-15 16:41 - 000144384 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.26.95.0_x64__kzf8qxf38zg5c\SkypeHelper.exe
2018-09-15 16:41 - 2018-09-15 16:41 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.26.95.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-09-15 16:41 - 2018-09-15 16:41 - 000058880 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.26.95.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-09-15 16:42 - 2018-09-15 16:42 - 026902016 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.20211.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-09-15 16:42 - 2018-09-15 16:42 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.20211.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-09-15 16:42 - 2018-09-15 16:42 - 006736384 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.20211.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-09-15 16:42 - 2018-09-15 16:42 - 009360384 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.20211.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-09-15 16:42 - 2018-09-15 16:42 - 000093696 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.49.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-09-15 16:42 - 2018-09-15 16:42 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.49.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-09-15 16:42 - 2018-09-15 16:42 - 007813632 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.49.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2018-09-15 16:44 - 2018-09-15 16:44 - 000475136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.21218.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-09-15 16:44 - 2018-09-15 16:44 - 024116736 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.21218.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-09-15 16:44 - 2018-09-15 16:44 - 014214144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.21218.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-09-15 16:44 - 2018-09-15 16:44 - 002803712 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.21218.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-09-15 16:44 - 2018-09-15 16:44 - 001405440 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.21218.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-09-15 16:44 - 2018-09-15 16:44 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.21218.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-12-16 18:42 - 2018-12-16 18:42 - 098275328 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2018-12-16 18:42 - 2018-12-16 18:42 - 003922432 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2018-12-16 18:42 - 2018-12-16 18:42 - 000092672 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2018-11-21 01:24 - 2018-11-21 01:24 - 000091568 _____ () C:\Program Files (x86)\VMware\VMware Workstation\zlib1.dll
2018-11-21 01:29 - 2018-11-21 01:29 - 002035120 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2018-11-21 01:29 - 2018-11-21 01:29 - 000141744 _____ () C:\Program Files (x86)\VMware\VMware Workstation\expat.dll
2019-01-04 23:17 - 2018-12-06 10:11 - 001033096 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-10-15 05:15 - 2018-10-15 05:15 - 000143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [466]
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
==================== Hosts contenu: ==========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2019-01-05 15:10 - 2018-12-16 20:37 - 000047884 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msn.com
0.0.0.0 a23-218-212-69.deploy.static.akamaitechnologies.com
0.0.0.0 a248.e.akamai.net
0.0.0.0 a1961.g.akamai.net
0.0.0.0 a1856.g2.akamai.net
0.0.0.0 a1621.g.akamai.net
0.0.0.0 ads.msn.com
0.0.0.0 ads.msn.com.nsatc.net
0.0.0.0 ads1.msn.com
0.0.0.0 ads1.msads.net
0.0.0.0 adnexus.net
0.0.0.0 adnxs.com
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 choice.microsoft.com
0.0.0.0 choice.microsoft.com.nsatc.net
0.0.0.0 compatexchange.cloudapp.net
0.0.0.0 corpext.msitadfs.glbdns2.microsoft.com
0.0.0.0 cdnjs.cloudflare.com.cdn.cloudflare.net
0.0.0.0 cs1.wpc.v0cdn.net
0.0.0.0 cdp1.public-trust.com
0.0.0.0 corp.sts.microsoft.com
0.0.0.0 diagnostics.support.microsoft.com
0.0.0.0 df.telemetry.microsoft.com
0.0.0.0 e2835.dspb.akamaiedge.net
0.0.0.0 e8218.ce.akamaiedge.net
0.0.0.0 e7341.g.akamaiedge.net
0.0.0.0 e7502.ce.akamaiedge.net
0.0.0.0 feedback.windows.com
Il y a 1390 plus de lignes.
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Brackets\command;C:\Users\k0reD\AppData\Local\Microsoft\WindowsApps;C:\Users\k0reD\AppData\Local\atom\bin;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-2157465606-1905210227-2452084031-1001\Control Panel\Desktop\\Wallpaper -> D:\C;Images\All Desktop\Fond d'écran\127.0.0.1yellow.jpg
DNS Servers: 1.1.1.1 - 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKLM\...\StartupApproved\Run32: => "Kraken0502Launcher"
HKU\S-1-5-21-2157465606-1905210227-2452084031-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2157465606-1905210227-2452084031-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2157465606-1905210227-2452084031-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-2157465606-1905210227-2452084031-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2157465606-1905210227-2452084031-1001\...\StartupApproved\Run: => "Panels"
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{8A9D2F0A-DFC4-4C95-9646-F0AF403E0A7B}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe ()
FirewallRules: [{847F864A-CC33-4F72-AD5B-01DFB93B4BBA}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe ()
FirewallRules: [{0042EC17-04DF-4DA2-AE6D-297FABA5CC37}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
FirewallRules: [{96208591-64DF-43AD-8BED-E6FEDAA49751}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
FirewallRules: [UDP Query User{E95159BD-F6A4-4666-88F8-B56850F39E67}C:\program files\adobe\adobe dreamweaver cc 2019\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2019\node\node.exe (Node.js)
FirewallRules: [TCP Query User{7DCF7C20-A2E6-4469-84DA-F6A548D02E77}C:\program files\adobe\adobe dreamweaver cc 2019\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2019\node\node.exe (Node.js)
FirewallRules: [{A4413A35-F839-43C0-AD3F-0523391FD1D3}] => (Block) C:\Windows\explorer.exe (Microsoft Corporation)
FirewallRules: [{2765E0F4-2918-4A46-B9C9-43CDD8FCBA2B}] => (Block) C:\windows\systemapps\microsoft.windows.cortana_cw5n1h2txyewy\searchui.exe (Microsoft Corporation)
FirewallRules: [{60E6D465-398E-4850-BE86-7EF7620A2377}] => (Block) C:\windows\system32\svchost.exe (Microsoft Corporation)
FirewallRules: [{95F24381-DAC6-42A5-8D3A-D0394AB59802}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{6B51F381-8705-4852-BAAF-08FFEB1AB1E8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{5470B444-9787-446E-846F-139CF983D67C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation)
FirewallRules: [{C2221B25-CE5F-4EF5-B949-8757494BEB3A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation)
FirewallRules: [{8552CDAD-5F1B-4ADA-BFA6-3CED3D3B7EE2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation)
FirewallRules: [UDP Query User{F5623A4C-99BB-4A7D-9347-AFD7BE4DDBA4}C:\users\k0red\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\k0red\appdata\roaming\spotify\spotify.exe (Spotify Ltd)
FirewallRules: [TCP Query User{66796A9E-8B9B-4735-B032-ECBA4D72A04E}C:\users\k0red\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\k0red\appdata\roaming\spotify\spotify.exe (Spotify Ltd)
FirewallRules: [UDP Query User{AA920038-F3E9-4448-9DC0-33AE60B5278A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{C9DC1950-6975-4D6A-B1D5-E14C9FBA9C33}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [{518A6B3F-A5ED-4E69-8E16-07DC2A5FB0F1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{B0F11FB9-7DEF-4D50-9B1E-559A3A5ADF40}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [TCP Query User{346DC1E3-0E8C-40A9-9EF2-893EB218389B}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{276BADD6-8AAC-4273-AA6C-155E6C0A5468}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games, Inc.)
FirewallRules: [{7BB5DC51-8296-4B2C-BB02-4CD7EAE19FC6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{1DC018D5-C5CE-4DD2-80AD-371159059E14}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{EF13E105-BEE2-48C7-927D-9EF706EA4905}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{787644AE-1F6B-42BE-A89E-28B154F47528}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{F5CE705F-53FC-42A6-BCE0-7DFF8A70B427}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{936DA115-7614-4A00-8A79-5028F55B8FFF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{DBF7EE73-52E6-4146-A497-D87B226ADA07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{054EA770-59CA-497B-8B6B-7B3F802DAD00}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [TCP Query User{F6175D23-30FB-49DC-A7E1-D1543B055203}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe (Node.js)
FirewallRules: [UDP Query User{7F3BF0E9-796E-4A0E-AFE0-B0EA6C4FA96B}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe (Node.js)
==================== Points de restauration =========================
07-01-2019 19:34:19 Point de contrôle planifié
==================== Éléments en erreur du Gestionnaire de périphériques =============
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (01/10/2019 08:02:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme ZHPDiag3.exe version 2019.1.7.5 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance.
ID de processus : 62c
Heure de début : 01d4a91f4f6ea797
Heure d'arrêt : 4294967295
Chemin d'accès à l'application : C:\Users\k0reD\Desktop\ZHPDiag3.exe
ID de rapport : d50f7a9b-b05c-4294-b92f-1040ffed2ab7
Nom complet du package défectueux :
ID de l'application relative à un package défectueux :
Type de blocage : Top level window is idle
Error: (01/10/2019 06:10:43 PM) (Source: CertEnroll) (EventID: 87) (User: AUTORITE NT)
Description: Échec de l’inscription du certificat SCEP pour WORKGROUP\KOZX$ via https://INTC-KeyId-5e73c89aa3e902b272b9f0741f7d8730e3ec724a.microsoftaik.azure.net/templates/Aik/scep :
SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request: 0x80070057."}
HTTP/1.1 400 Bad Request
Cache-Control: no-cache
Date: Thu, 10 Jan 2019 18:10:40 GMT
Pragma: no-cache
Content-Length: 86
Content-Type: application/json; charset=utf-8
Expires: -1
x-ms-request-id: aa1dec98-6276-49c2-b750-0529364c51cf
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
Méthode : POST(6016ms)
Étape : SubmitDone
Demande incorrecte (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)
Error: (01/10/2019 06:03:25 PM) (Source: CertEnroll) (EventID: 87) (User: AUTORITE NT)
Description: Échec de l’inscription du certificat SCEP pour WORKGROUP\KOZX$ via https://INTC-KeyId-5e73c89aa3e902b272b9f0741f7d8730e3ec724a.microsoftaik.azure.net/templates/Aik/scep :
SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request: 0x80070057."}
HTTP/1.1 400 Bad Request
Cache-Control: no-cache
Date: Thu, 10 Jan 2019 18:03:23 GMT
Pragma: no-cache
Content-Length: 86
Content-Type: application/json; charset=utf-8
Expires: -1
x-ms-request-id: d555bcc4-bd64-4ba6-8527-313132229d28
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
Méthode : POST(3203ms)
Étape : SubmitDone
Demande incorrecte (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)
Error: (01/09/2019 07:22:33 PM) (Source: CertEnroll) (EventID: 87) (User: AUTORITE NT)
Description: Échec de l’inscription du certificat SCEP pour WORKGROUP\KOZX$ via https://INTC-KeyId-5e73c89aa3e902b272b9f0741f7d8730e3ec724a.microsoftaik.azure.net/templates/Aik/scep :
SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request: 0x80070057."}
HTTP/1.1 400 Bad Request
Cache-Control: no-cache
Date: Wed, 09 Jan 2019 19:22:31 GMT
Pragma: no-cache
Content-Length: 86
Content-Type: application/json; charset=utf-8
Expires: -1
x-ms-request-id: d379164a-79a1-4ad3-bfa8-4977eb7a581d
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
Méthode : POST(3062ms)
Étape : SubmitDone
Demande incorrecte (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)
Error: (01/08/2019 11:05:44 PM) (Source: CertEnroll) (EventID: 87) (User: AUTORITE NT)
Description: Échec de l’inscription du certificat SCEP pour WORKGROUP\KOZX$ via https://INTC-KeyId-5e73c89aa3e902b272b9f0741f7d8730e3ec724a.microsoftaik.azure.net/templates/Aik/scep :
SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request: 0x80070057."}
HTTP/1.1 400 Bad Request
Cache-Control: no-cache
Date: Tue, 08 Jan 2019 23:05:42 GMT
Pragma: no-cache
Content-Length: 86
Content-Type: application/json; charset=utf-8
Expires: -1
Server: Microsoft-IIS/10.0
x-ms-request-id: d70a2a6a-4860-421d-9496-ad79ac99c374
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
Méthode : POST(3953ms)
Étape : SubmitDone
Demande incorrecte (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)
Error: (01/08/2019 06:15:48 PM) (Source: CertEnroll) (EventID: 87) (User: AUTORITE NT)
Description: Échec de l’inscription du certificat SCEP pour WORKGROUP\KOZX$ via https://INTC-KeyId-5e73c89aa3e902b272b9f0741f7d8730e3ec724a.microsoftaik.azure.net/templates/Aik/scep :
SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request: 0x80070057."}
HTTP/1.1 400 Bad Request
Cache-Control: no-cache
Date: Tue, 08 Jan 2019 18:15:46 GMT
Pragma: no-cache
Content-Length: 86
Content-Type: application/json; charset=utf-8
Expires: -1
x-ms-request-id: 870ebc18-6095-4073-a98c-88af68158622
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
Méthode : POST(3547ms)
Étape : SubmitDone
Demande incorrecte (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)
Error: (01/08/2019 06:12:57 PM) (Source: CertEnroll) (EventID: 87) (User: AUTORITE NT)
Description: Échec de l’inscription du certificat SCEP pour WORKGROUP\KOZX$ via https://INTC-KeyId-5e73c89aa3e902b272b9f0741f7d8730e3ec724a.microsoftaik.azure.net/templates/Aik/scep :
SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request: 0x80070057."}
HTTP/1.1 400 Bad Request
Cache-Control: no-cache
Date: Tue, 08 Jan 2019 18:12:54 GMT
Pragma: no-cache
Content-Length: 86
Content-Type: application/json; charset=utf-8
Expires: -1
x-ms-request-id: 52070e66-2421-419b-b40a-6641b2d59f87
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
Méthode : POST(6859ms)
Étape : SubmitDone
Demande incorrecte (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)
Error: (01/07/2019 11:15:05 PM) (Source: CertEnroll) (EventID: 87) (User: AUTORITE NT)
Description: Échec de l’inscription du certificat SCEP pour WORKGROUP\KOZX$ via https://INTC-KeyId-5e73c89aa3e902b272b9f0741f7d8730e3ec724a.microsoftaik.azure.net/templates/Aik/scep :
SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request: 0x80070057."}
HTTP/1.1 400 Bad Request
Cache-Control: no-cache
Date: Mon, 07 Jan 2019 23:15:03 GMT
Pragma: no-cache
Content-Length: 86
Content-Type: application/json; charset=utf-8
Expires: -1
x-ms-request-id: 89107890-bd9a-48d2-8066-2626352bfaba
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
Méthode : POST(3219ms)
Étape : SubmitDone
Demande incorrecte (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)
Erreurs système:
=============
Error: (01/10/2019 07:59:28 PM) (Source: DCOM) (EventID: 10016) (User: KOZX)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
et l’APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
au SID KOZX\k0reD de l’utilisateur (S-1-5-21-2157465606-1905210227-2452084031-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (01/10/2019 07:59:28 PM) (Source: DCOM) (EventID: 10016) (User: KOZX)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
et l’APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
au SID KOZX\k0reD de l’utilisateur (S-1-5-21-2157465606-1905210227-2452084031-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (01/10/2019 07:45:39 PM) (Source: DCOM) (EventID: 10016) (User: KOZX)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
et l’APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
au SID KOZX\k0reD de l’utilisateur (S-1-5-21-2157465606-1905210227-2452084031-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (01/10/2019 07:45:39 PM) (Source: DCOM) (EventID: 10016) (User: KOZX)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
et l’APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
au SID KOZX\k0reD de l’utilisateur (S-1-5-21-2157465606-1905210227-2452084031-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (01/10/2019 07:11:34 PM) (Source: DCOM) (EventID: 10016) (User: KOZX)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
et l’APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
au SID KOZX\k0reD de l’utilisateur (S-1-5-21-2157465606-1905210227-2452084031-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (01/10/2019 07:11:34 PM) (Source: DCOM) (EventID: 10016) (User: KOZX)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
et l’APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
au SID KOZX\k0reD de l’utilisateur (S-1-5-21-2157465606-1905210227-2452084031-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (01/10/2019 07:10:06 PM) (Source: DCOM) (EventID: 10016) (User: KOZX)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
et l’APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
au SID KOZX\k0reD de l’utilisateur (S-1-5-21-2157465606-1905210227-2452084031-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (01/10/2019 07:10:06 PM) (Source: DCOM) (EventID: 10016) (User: KOZX)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
et l’APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
au SID KOZX\k0reD de l’utilisateur (S-1-5-21-2157465606-1905210227-2452084031-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Windows Defender:
===================================
Date: 2019-01-06 16:15:34.037
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {94A5700C-08B2-4E0A-AF84-F8889E1B77B5}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2018-12-29 19:42:46.928
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {A6099462-C3F1-457B-B9D3-251A12B5957D}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2018-12-29 19:23:28.415
Description:
Antivirus Windows Defender a détecté un comportement suspect.
Nom : Behavior:Win32/ModifiedBootRecord
ID : 2124244141
Gravité : Faible
Catégorie : Comportement suspect
Chemin trouvé : file:_C:\Users\k0reD\AppData\Local\Programs\balena-etcher\balenaEtcher.exe; process:_8164
Origine de la détection : Ordinateur local
Type de détection : Suspect
Source de détection : Protection en temps réel
État : Exécution
Utilisateur : KOZX\k0reD
Nom du processus : C:\Users\k0reD\AppData\Local\Programs\balena-etcher\balenaEtcher.exe
ID de signature : 23858570787236
Version de la signature : AV: 1.283.1793.0, AS: 1.283.1793.0
Version du moteur : 1.1.15500.2
Étiquette de fidélité : Moyen
Nom du fichier cible :
Date: 2018-12-23 20:13:26.091
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {1840E2D0-5923-4E82-9540-B301AEA46D21}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2018-12-23 12:18:39.098
Description:
Antivirus Windows Defender a rencontré une erreur lors du chargement des signatures et va tenter de rétablir un jeu de signatures approprié.
Signatures tentées : Actuelle
Code d’erreur : 0x80070003
Description de l’erreur : Le chemin d’accès spécifié est introuvable.
Version de la signature : 0.0.0.0;0.0.0.0
Version du moteur : 0.0.0.0
CodeIntegrity:
===================================
Date: 2019-01-10 20:06:51.067
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume8\C;Images\All Desktop\ONE\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-01-09 21:49:44.415
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume8\C;Images\All Desktop\ONE\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-01-07 22:27:52.242
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume8\C;Images\All Desktop\ONE\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-01-05 18:47:58.018
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume8\C;Images\All Desktop\ONE\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-01-05 16:05:08.823
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume8\C;Images\All Desktop\ONE\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-01-05 16:03:40.326
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume8\C;Images\All Desktop\ONE\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-01-05 15:17:20.418
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume8\C;Images\All Desktop\ONE\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-12-29 19:19:59.021
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume8\C;Images\All Desktop\ONE\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Pourcentage de mémoire utilisée: 49%
Mémoire physique - RAM - totale: 8068.05 MB
Mémoire physique - RAM - disponible: 4067.21 MB
Mémoire virtuelle totale: 10884.05 MB
Mémoire virtuelle disponible: 4685.54 MB
==================== Lecteurs ================================
Drive c: (Système) (Fixed) (Total:221.98 GB) (Free:113.65 GB) NTFS
Drive d: (Files) (Fixed) (Total:909.18 GB) (Free:594.55 GB) NTFS
\\?\Volume{dfc435c3-8bd9-4b6d-8f0a-2ac4f8faa76e}\ (Récupération) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{cce4b817-b71b-4f2f-8344-24a43fcbd695}\ () (Fixed) (Total:0.88 GB) (Free:0.39 GB) NTFS
\\?\Volume{72798ead-7c6d-403c-b5ee-98f5fbefdbc6}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.57 GB) NTFS
\\?\Volume{95b1ab05-6e4c-4249-b923-bd55a48cfecc}\ (LENOVO_PART) (Fixed) (Total:20 GB) (Free:6.78 GB) NTFS
\\?\Volume{c62e7631-559f-4bd1-973f-557c78c1c231}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
\\?\Volume{9f9c4ba2-ab28-4bd6-b446-bd604ef8f2d5}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 3B35A373)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: B47B5C90)
Partition: GPT.
==================== Fin de Addition.txt ============================