cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-02-2020
Ran by Morgan (19-02-2020 00:17:55)
Running from C:\Users\Morgan\Desktop
Windows 10 Home Version 1903 18362.657 (X64) (2019-10-13 03:50:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3634397225-2155854724-2012029720-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3634397225-2155854724-2012029720-503 - Limited - Disabled)
Guest (S-1-5-21-3634397225-2155854724-2012029720-501 - Limited - Disabled)
Morgan (S-1-5-21-3634397225-2155854724-2012029720-1001 - Administrator - Enabled) => C:\Users\Morgan
WDAGUtilityAccount (S-1-5-21-3634397225-2155854724-2012029720-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
AS: McAfee VirusScan (Disabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4}
AS: McAfee VirusScan (Disabled - Up to date) {2624E002-54CC-27F9-FD39-B2DD14D41191}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Bitdefender Pare-feu (Enabled) {362C5A58-E860-6396-9204-BEEEF20CA463}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Anki (HKLM-x32\...\Anki) (Version: 2.1.19 - )
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 24.0.1.161 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 24.0.12.72 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 24.0.16.91 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 24.0.4.702 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 80.1.3.115 - Auteurs de Brave)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
Discord (HKU\S-1-5-21-3634397225-2155854724-2012029720-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
f.lux (HKU\S-1-5-21-3634397225-2155854724-2012029720-1001\...\Flux) (Version: - f.lux Software LLC)
FF Password Exporter (HKU\S-1-5-21-3634397225-2155854724-2012029720-1001\...\4088ae7b-2be7-5157-8053-1b94a5d03d5b) (Version: 1.1.1 - Kyle Spearrin)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.11.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.)
HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.32 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{3FC961DB-BD36-4D8D-B276-0C456A2BB638}) (Version: 1.4.0.441 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{F213102E-FD30-4E22-AF73-4C682D65FFEE}) (Version: 1.4.441.0 - HP Inc.)
HP PC Hardware Diagnostics Windows (HKLM-x32\...\{5C591A5B-EA74-44F7-81DD-A757B5935AAD}) (Version: 1.5.0.0 - HP Inc)
HP Support Assistant (HKLM-x32\...\{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8}) (Version: 8.5.37.19 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{63F82052-C045-4F97-A3CA-C41D2CCA1FFA}) (Version: 12.8.37.11 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{5D308D1F-E37B-431A-8D35-67D16287467D}) (Version: 1.4.28 - HP Inc.)
ICMIZER (HKU\S-1-5-21-3634397225-2155854724-2012029720-1001\...\98ae6a83-32ab-5b3d-925e-62223f2568a9) (Version: 3.3.0 - Valentin Kuzub)
Intel(R) Chipset Device Software (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10208.5644 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1068 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6373 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.2.1086 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{94979CD2-0904-47DE-A4AC-04F1C4524650}) (Version: 17.2.8.1029 - Intel Corporation)
Java 8 Update 231 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3634397225-2155854724-2012029720-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0005 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 73.0 (x64 en-US) (HKLM\...\Mozilla Firefox 73.0 (x64 en-US)) (Version: 73.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.1 - Mozilla)
NordPass (HKLM-x32\...\{42DD62E4-2CAA-4AB8-8B26-BAA9E7CABADA}) (Version: 2.1.50.0 - TEFINCOM S.A.) Hidden
NordPass (HKU\S-1-5-21-3634397225-2155854724-2012029720-1001\...\{e5aef032-07c7-4396-9ad3-7aceaece86f7}) (Version: 2.1.50 - TEFINCOM S.A.)
NordPass (HKU\S-1-5-21-3634397225-2155854724-2012029720-1001\...\285d85e1-fc76-5a0e-ba2d-20241a7fe9d2) (Version: 1.8.0 - NordPass Team)
NordVPN (HKLM-x32\...\{63044774-A4AC-4419-AFD7-54C1802B5ACF}) (Version: 6.26.17 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.26.17) (Version: 6.26.17 - NordVPN)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
OpenOffice 4.1.7 (HKLM-x32\...\{A9222889-1CDA-42BD-B11B-113E7C91C1C7}) (Version: 4.17.9800 - Apache Software Foundation)
PokerStove version 1.12 (HKLM-x32\...\{6D0C6BE4-F674-43D2-96BC-3509345108C9}_is1) (Version: - )
PokerStrategy.com Equilab (HKLM-x32\...\{86D09F48-CDAB-4B4C-8806-F6C16F17935A}) (Version: 1.2.8.0 - PokerStrategy.com)
PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version: - )
PostgreSQL 9.3 (HKLM\...\PostgreSQL 9.3) (Version: 9.3 - PostgreSQL Global Development Group)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.88 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.25.119.2018 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.113 - REALTEK Semiconductor Corp.)
SharkScope Desktop 1.85 (HKLM-x32\...\1016-6073-5515-0204) (Version: 1.85 - Barbary Software)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F49D6A65-1AB6-4728-9FDA-DB5BAB631CF6}) (Version: 1.23.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.1.46 - WildTangent)
WildTangent Helper (HKLM-x32\...\{A39303AB-4898-4F12-BAA0-0B8630F86DB4}) (Version: 1.0.0.396 - WildTangent) Hidden
WildTangent ShortcutProvider (HKLM-x32\...\{80831F60-19D7-43B3-A60C-5CAF8C478DF6}) (Version: 1.0.0.59 - WildTangent) Hidden
Winamax Installer (HKU\S-1-5-21-3634397225-2155854724-2012029720-1001\...\Winamax Installer 2.3.9.1545297276) (Version: 2.3.9.1545297276 - Winamax)
Winamax Installer (HKU\S-1-5-21-3634397225-2155854724-2012029720-1001\...\Winamax Installer 2.4.0.1573641598) (Version: 2.4.0.1573641598 - Winamax)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
XMind ZEN 10.0.1 (HKLM\...\{fbd30ee5-8150-549e-9aed-fd9d444364fb}) (Version: 10.0.1 - XMind Ltd.)

Packages:
=========
Booking.com: Big savings on hotels in 96,000 destinations worldwide -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Booking.comBigsavingsonhot_1.4.4.0_x64__mgae2k3ys4ra0 [2019-08-08] (Priceline Partner Network)
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-29] (Microsoft Corporation)
Dropbox - offre promotionnelle -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-01-26] (Dropbox Inc.)
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_1.7.197.0_x64__dt26b99r8h8gj [2020-01-28] (Realtek Semiconductor Corp)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.4.481.0_x86__v10z8vjag6ke6 [2018-08-19] (HP Inc.)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.12430.20264.0_x86__8wekyb3d8bbwe [2020-02-18] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-08] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.12430.20264.0_x86__8wekyb3d8bbwe [2020-02-18] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.12430.20264.0_x86__8wekyb3d8bbwe [2020-02-18] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12430.20264.0_x86__8wekyb3d8bbwe [2020-02-18] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.12430.20264.0_x86__8wekyb3d8bbwe [2020-02-18] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.12430.20264.0_x86__8wekyb3d8bbwe [2020-02-18] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.12430.20264.0_x86__8wekyb3d8bbwe [2020-02-18] (Microsoft Corporation)
MSN Météo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-24] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-27] (Netflix, Inc.)
Solitaire Français -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_6.16.72.0_x64__kx24dqmazqk8j [2020-02-04] (Random Salad Games LLC) [MS Ad]
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35042.0.0_x64__807d65c4rvak2 [2019-10-16] (Synaptics Incorporated)
WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.82.0_x64__qt5r5pa5dyg8m [2019-12-24] (WildTangent Games)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-03-27] () [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-03-27] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki130274.inf_amd64_bafd2440fa1ffdd6\igfxDTCM.dll [2018-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Morgan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2020-02-18 00:59 - 2020-02-18 00:59 - 000138240 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\9d55aa94f59cf0a059be10a9a84b52c4\Interop.IWshRuntimeLibrary.ni.dll
2019-10-16 12:32 - 2019-10-16 12:32 - 000262656 _____ () [File not signed] C:\Program Files (x86)\NordVPN\x86\Liberation.Native.Firewall.dll
2019-08-06 15:13 - 2017-05-09 12:59 - 000178688 _____ () [File not signed] C:\Program Files\PostgreSQL\9.3\bin\LIBPQ.dll
2019-08-06 15:14 - 2016-08-02 18:40 - 002257408 _____ () [File not signed] C:\Program Files\PostgreSQL\9.3\bin\libxml2.dll
2020-02-18 00:57 - 2020-02-18 00:57 - 000160768 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\106852b62f2dce48f68f823bb25b51bb\BRIDGECommon.ni.dll
2020-02-18 00:59 - 2020-02-18 00:59 - 000125440 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\512361b13bdadec3c76781ced2b9ba25\BridgeExtension.ni.dll
2020-02-18 00:59 - 2020-02-18 00:59 - 000395264 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\8a1af52831b2ac51f3246da60333b1d9\CleanStartController.ni.dll
2020-02-18 00:59 - 2020-02-18 00:59 - 000145920 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Registratio4eabc192#\0c4e7d4693b00c0677da9c65c0889302\RegistrationUtilities.ni.dll
2019-08-06 15:13 - 2011-01-10 23:16 - 000240862 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\libintl-8.dll
2020-02-18 00:59 - 2020-02-18 00:59 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\11984c17b5f4f3dea431730df7b4fde4\Hardcodet.Wpf.TaskbarNotification.ni.dll
2020-02-18 00:59 - 2020-02-18 00:59 - 000136192 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\661da84cbe3eb8c9142d35b54c52a1d9\CommonPortable.ni.dll
2019-03-27 13:29 - 2019-03-27 13:29 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2020-02-18 00:59 - 2020-02-18 00:59 - 001585152 _____ (Mark Heath) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\6a49bfb0dc2547906c21bf6d0518714a\NAudio.ni.dll
2020-02-18 00:58 - 2020-02-18 00:58 - 002306560 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\cbac7b8be40869c5395f0ef28ddabd0b\Newtonsoft.Json.ni.dll
2020-02-18 00:59 - 2020-02-18 00:59 - 000792064 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\ca66092f2918c821df7dc1b0ffc4b83b\log4net.ni.dll
2019-08-06 15:14 - 2017-01-31 14:35 - 001662976 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\LIBEAY32.dll
2019-08-06 15:14 - 2017-01-31 14:35 - 000353280 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\SSLEAY32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 07:38 - 2020-02-18 23:56 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-3634397225-2155854724-2012029720-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Morgan\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\IMG_4898.JPG
DNS Servers: 203.113.131.2 - 203.113.131.3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{93CA6D40-DC5E-47D0-B85B-D80F316B4BDF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FDE1D791-C543-48A1-86AB-895AC273308C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{53E66CD1-DD59-4A46-856C-F063A1B18888}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F249DA3D-3EBB-4740-A88E-0C631C583732}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{13191AA0-E0C9-4491-B799-B5535FF86550}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6316D89C-109C-43BF-AA39-8DAFA080C302}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6E2598CF-89FD-4991-B71E-ABD4E8B4D6FD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{DEE2A941-6733-4A2E-AC95-8A6815D3CE96}C:\program files (x86)\sharkscope desktop\sharkscopedesktop.exe] => (Allow) C:\program files (x86)\sharkscope desktop\sharkscopedesktop.exe (Barbary Software SL -> Barbary Software)
FirewallRules: [UDP Query User{85400CD8-10BA-4B3B-A41E-DC386FF7F297}C:\program files (x86)\sharkscope desktop\sharkscopedesktop.exe] => (Allow) C:\program files (x86)\sharkscope desktop\sharkscopedesktop.exe (Barbary Software SL -> Barbary Software)
FirewallRules: [TCP Query User{CD450CF2-D917-4655-B35C-17D9B89762C2}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{3B8100AD-2D7E-4387-87B8-E5024825C329}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{128C8FC2-3C3F-491A-9534-9495AFA58964}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{F852F509-1A86-4886-AC30-5818DC5A9675}C:\users\morgan\appdata\local\programs\nordpass\nordpass.exe] => (Allow) C:\users\morgan\appdata\local\programs\nordpass\nordpass.exe (NordPass Team) [File not signed]
FirewallRules: [UDP Query User{170D1C42-8EDC-4E2A-BF43-31E012DC6C4B}C:\users\morgan\appdata\local\programs\nordpass\nordpass.exe] => (Allow) C:\users\morgan\appdata\local\programs\nordpass\nordpass.exe (NordPass Team) [File not signed]
FirewallRules: [{49BE22AF-8A03-4AED-AC72-053D602AB416}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{426161C5-E82C-47B3-8427-0854BD7C4F1A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12430.20264.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

30-01-2020 01:53:01 Windows Update
08-02-2020 07:02:08 Point de contrôle planifié
13-02-2020 08:47:36 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/19/2020 12:11:56 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2516,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/18/2020 11:43:37 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1260,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/18/2020 11:12:50 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3440,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/18/2020 10:47:07 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (02/18/2020 10:46:05 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (02/18/2020 10:31:05 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (02/18/2020 10:29:03 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (02/18/2020 10:08:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1408,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


System errors:
=============
Error: (02/18/2020 11:55:54 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The NcbService service terminated with the following error:
A device attached to the system is not functioning.

Error: (02/18/2020 11:55:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:37:43 PM on ‎2/‎18/‎2020 was unexpected.

Error: (02/18/2020 02:18:50 AM) (Source: Tcpip) (EventID: 4207) (User: )
Description: The IPv6 TCP/IP interface with index 11 failed to bind to its provider.

Error: (02/17/2020 11:07:03 PM) (Source: Tcpip) (EventID: 4207) (User: )
Description: The IPv6 TCP/IP interface with index 11 failed to bind to its provider.

Error: (02/17/2020 05:43:32 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mfemms service.

Error: (02/11/2020 10:40:42 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.

Error: (02/11/2020 10:40:02 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 88) (User: )
Description: 9\_TZ.TZ022020-02-11T14:40:02.709011800Z372

Error: (02/11/2020 12:32:36 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.


Windows Defender:
===================================
Date: 2019-10-16 21:01:07.171
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {3F9C04FB-8D9F-4151-B387-DFA2E0416958}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-10-16 20:17:14.939
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {42465ED0-61D1-4689-9010-29B8EB26DF3D}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-10-16 17:01:43.997
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {43247A52-9334-4933-8AFA-7E27A64F60A9}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-02-17 17:58:27.014
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.309.1143.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16700.3
Error code: 0x8050a003
Error description: Ce package ne contient pas de fichiers de définitions à jour pour ce programme. Pour plus d’informations, voir Aide et support.

Date: 2020-02-17 17:58:27.013
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.309.1143.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16700.3
Error code: 0x8050a003
Error description: Ce package ne contient pas de fichiers de définitions à jour pour ce programme. Pour plus d’informations, voir Aide et support.

Date: 2020-02-17 17:58:27.013
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.309.1143.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16700.3
Error code: 0x8050a003
Error description: Ce package ne contient pas de fichiers de définitions à jour pour ce programme. Pour plus d’informations, voir Aide et support.

Date: 2020-02-17 17:57:12.478
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.415.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16700.3
Error code: 0x80240016
Error description: Un problème inattendu s’est produit lors de la vérification des mises à jour. Pour plus d’informations sur l’installation ou la résolution des problèmes de mise à jour, voir Aide et support.

Date: 2020-02-17 17:46:45.748
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.415.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80072ee7
Error description: L’adresse ou le nom de serveur n’a pas pu être résolu

CodeIntegrity:
===================================

Date: 2020-02-18 22:30:40.035
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements.

Date: 2020-02-18 22:30:40.028
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements.

Date: 2020-02-18 22:30:40.014
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements.

Date: 2020-02-18 22:29:36.245
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-18 22:29:36.239
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-18 22:29:36.232
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-18 22:29:36.226
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-18 22:29:36.220
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Insyde F.07 11/21/2018
Motherboard: HP 84A6
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 68%
Total physical RAM: 4011.1 MB
Available physical RAM: 1253.75 MB
Total Virtual: 12715.1 MB
Available Virtual: 7951.69 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:914.33 GB) (Free:766.45 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:15.95 GB) (Free:1.86 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{e802738f-afb8-4146-b819-df0e1de30b0e}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.38 GB) NTFS
\\?\Volume{28002cab-c5b4-4ced-a65a-deed0a0cdd0a}\ () (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E76E0AD2)

Partition: GPT.

==================== End of Addition.txt =======================

Publicité


Signaler le contenu de ce document

Publicité