Publicité
Publicité
Commentaire : Intervention malveillante, suite
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 16-02-2020
Exécuté par pchaz (19-02-2020 06:27:51)
Exécuté depuis C:\Users\pchaz\Desktop
Windows 10 Home Version 1909 18363.657 (X64) (2019-10-13 22:29:24)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-3921381143-4217399962-1613152891-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3921381143-4217399962-1613152891-503 - Limited - Disabled)
Invité (S-1-5-21-3921381143-4217399962-1613152891-501 - Limited - Disabled)
pchaz (S-1-5-21-3921381143-4217399962-1613152891-1001 - Administrator - Enabled) => C:\Users\pchaz
WDAGUtilityAccount (S-1-5-21-3921381143-4217399962-1613152891-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 23.0.8.134 - Bitdefender)
Bitdefender Antivirus Plus (HKLM\...\Bitdefender) (Version: 24.0.6.31 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
Firefox Developer Edition 74.0 (x64 fr) (HKLM\...\Firefox Developer Edition 74.0 (x64 fr)) (Version: 74.0 - Mozilla)
GIMP 2.10.14 (HKLM\...\GIMP-2_is1) (Version: 2.10.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.116 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
LibreOffice 6.4 Help Pack (French) (HKLM\...\{54E0B1D1-7EF3-462D-984C-F6EF8747194B}) (Version: 6.4.0.3 - The Document Foundation)
LibreOffice 6.4.0.3 (HKLM\...\{5DE38E8F-2A6F-44E7-9D24-0C6D056597D6}) (Version: 6.4.0.3 - The Document Foundation)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 80.0.361.54 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.119.43 - )
Microsoft OneDrive (HKU\S-1-5-21-3921381143-4217399962-1613152891-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Mozilla Firefox 73.0 (x64 fr) (HKLM\...\Mozilla Firefox 73.0 (x64 fr)) (Version: 73.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0 - Mozilla)
Mozilla Thunderbird 68.5.0 (x64 fr) (HKLM\...\Mozilla Thunderbird 68.5.0 (x64 fr)) (Version: 68.5.0 - Mozilla)
NVIDIA Logiciel système PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Pilote 3D Vision 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Pilote graphique 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
Opera Stable 66.0.3515.95 (HKU\S-1-5-21-3921381143-4217399962-1613152891-1001\...\Opera 66.0.3515.95) (Version: 66.0.3515.95 - Opera Software)
paint.net (HKLM\...\{15BCA3AB-444B-4AC5-A04F-F2AD0F7AD3EC}) (Version: 4.2.10 - dotPDN LLC)
Panneau de configuration NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.9.0 - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.45.0 - Synaptics Incorporated)
VdhCoApp 1.3.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Version bêta de Google Chrome (HKLM-x32\...\Google Chrome Beta) (Version: 81.0.4044.17 - Google LLC)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-3921381143-4217399962-1613152891-1001\...\WhatsApp) (Version: 0.3.5374 - WhatsApp)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-06-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-06-12] (Microsoft Corporation) [MS Ad]
Microsoft News: les actualités à ne pas manquer -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.35.20273.0_x64__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_20.10127.4764.0_x64__8wekyb3d8bbwe [2020-02-12] (Microsoft Corporation)
MSN Météo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
uBlock Origin -> C:\Program Files\WindowsApps\37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2019-07-21] (Nik Rolls)
Video Downloader Professional for Edge -> C:\Program Files\WindowsApps\Link64GmbH.VideoDownloaderProfessionalforEdge_1.0.12.0_neutral__r8gm29f18mcyc [2019-07-22] (Link64 GmbH)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.4.315.0_x64__cv1g1gvanyjgm [2020-01-25] (WhatsApp Inc.)
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Avec liste blanche) ====================
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
Shortcut: C:\Users\pchaz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
ShortcutWithArgument: C:\Users\pchaz\Desktop\Personnel - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\pchaz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\pchaz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\127b8cab8d6f0e0a\Version bêta de Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Modules chargés (Avec liste blanche) =============
2020-01-19 18:43 - 2018-03-24 00:05 - 000343728 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
==================== Alternate Data Streams (Avec liste blanche) ========
==================== Mode sans échec (Avec liste blanche) ==================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) =================
==================== Internet Explorer sites de confiance/sensibles ==========
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2019-06-12 08:35 - 2020-02-19 06:22 - 000398221 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 fr.a2dfp.net
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 static.a-ads.com
0.0.0.0 abcstats.com
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl
0.0.0.0 ad2games.com
0.0.0.0 content.ad20.net
0.0.0.0 core.ad20.net
0.0.0.0 banner.ad.nu
0.0.0.0 adadvisor.net
0.0.0.0 wad.adbasket.net
0.0.0.0 adboost.ro
0.0.0.0 www.adchimp.com
0.0.0.0 servedby.adcombination.com
0.0.0.0 adcomplete.com
0.0.0.0 www.adcomplete.com
0.0.0.0 adcore.ru
0.0.0.0 pixel.adcrowd.com
0.0.0.0 ct1.addthis.com
0.0.0.0 static.uk.addynamo.com
Il y a 10623 plus de lignes.
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-3921381143-4217399962-1613152891-1001\Control Panel\Desktop\\Wallpaper -> E:\Images\Le Plessis Claude 2015\WIN_20141004_093445 (2).JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
HKU\S-1-5-21-3921381143-4217399962-1613152891-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3921381143-4217399962-1613152891-1001\...\StartupApproved\Run: => "OneDrive"
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8B7A89FE-92EB-4C8C-9366-27A33D11A028}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7C0BF4B9-0275-4AFA-A8D1-B142555AF91D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{FD0AE8F6-E629-4AD2-96B1-80CDE07847CA}C:\users\pchaz\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Allow) C:\users\pchaz\appdata\local\programs\opera\65.0.3467.78\opera.exe Pas de fichier
FirewallRules: [UDP Query User{8C785A64-1184-4AD4-ABDE-9067526B3463}C:\users\pchaz\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Allow) C:\users\pchaz\appdata\local\programs\opera\65.0.3467.78\opera.exe Pas de fichier
FirewallRules: [{B873C4C5-623F-4AC5-AE83-73A07621CB0D}] => (Block) C:\users\pchaz\appdata\local\programs\opera\65.0.3467.78\opera.exe Pas de fichier
FirewallRules: [{5673E312-F9B5-4444-ADD0-2CE55193F876}] => (Block) C:\users\pchaz\appdata\local\programs\opera\65.0.3467.78\opera.exe Pas de fichier
FirewallRules: [{691A472B-9DBB-4C3C-8528-E2305AD77BCD}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{98E6483E-5639-429B-A828-0936CC437FDC}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{617B4E59-305E-4089-A9CC-E28FA6D0E949}C:\program files\firefox developer edition\firefox.exe] => (Block) C:\program files\firefox developer edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{A81914E9-2C33-4FEC-9560-56B69F1A703F}C:\program files\firefox developer edition\firefox.exe] => (Block) C:\program files\firefox developer edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{2E34E90B-B987-446F-9988-04B974256AA5}C:\users\pchaz\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Block) C:\users\pchaz\appdata\local\programs\opera\66.0.3515.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{C8B144F4-1415-4D60-8BF4-F08468964AFB}C:\users\pchaz\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Block) C:\users\pchaz\appdata\local\programs\opera\66.0.3515.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{133962FF-4158-4281-A48E-219F40CB5900}] => (Allow) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C00BD008-E77B-4C5A-9941-0DD5BEE2C03D}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7F94EEA9-7D67-4435-A235-96D68B7CA9DF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Points de restauration =========================
13-02-2020 07:02:18 Windows Update
==================== Éléments en erreur du Gestionnaire de périphériques ============
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (02/19/2020 06:01:33 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10016,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/19/2020 05:17:08 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8716,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/18/2020 11:54:04 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3756,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/18/2020 11:28:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3692,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/18/2020 10:54:22 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3508,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/18/2020 08:39:03 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8240,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/18/2020 08:30:20 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4524,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/18/2020 07:49:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6436,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Erreurs système:
=============
Error: (02/19/2020 12:13:52 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JEO90LA)
Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (02/19/2020 12:13:52 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JEO90LA)
Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (02/19/2020 12:12:33 AM) (Source: disk) (EventID: 11) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\DR2.
Error: (02/19/2020 12:12:33 AM) (Source: disk) (EventID: 11) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\DR2.
Error: (02/19/2020 12:12:32 AM) (Source: disk) (EventID: 11) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\DR2.
Error: (02/19/2020 12:12:32 AM) (Source: disk) (EventID: 11) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\DR2.
Error: (02/19/2020 12:11:22 AM) (Source: disk) (EventID: 11) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\DR2.
Error: (02/19/2020 12:11:22 AM) (Source: disk) (EventID: 11) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\DR2.
CodeIntegrity:
===================================
Date: 2020-01-15 08:03:04.407
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-15 08:03:04.107
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-15 08:03:02.462
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-15 08:03:01.718
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-15 08:03:00.918
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-15 08:02:59.373
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-15 08:02:56.678
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-15 08:02:56.596
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Infos Mémoire ===========================
BIOS: American Megatrends Inc. K73SV.209 08/16/2011
Carte mère: ASUSTeK Computer Inc. K73SV
Processeur: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Pourcentage de mémoire utilisée: 60%
Mémoire physique - RAM - totale: 6056.14 MB
Mémoire physique - RAM - disponible: 2364.52 MB
Mémoire virtuelle totale: 7592.14 MB
Mémoire virtuelle disponible: 3178.03 MB
==================== Lecteurs ================================
Drive c: (OS) (Fixed) (Total:237.69 GB) (Free:186.77 GB) NTFS ==>[lecteur avec composants d'amorçage (obtenu depuis BCD)]
Drive d: (SDATA2) (Fixed) (Total:303.2 GB) (Free:247.37 GB) NTFS
Drive e: (DATA) (Fixed) (Total:332.7 GB) (Free:241.45 GB) NTFS
\\?\Volume{aa9693fe-0000-0000-0000-00ac41000000}\ () (Fixed) (Total:0.78 GB) (Free:0.29 GB) NTFS
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: AA9693FE)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=237.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=801 MB) - (Type=27)
Partition 4: (Not Active) - (Size=332.7 GB) - (Type=0F Extended)
==========================================================
Disk: 1 (Size: 596.2 GB) (Disk ID: E61A4B73)
Partition 1: (Not Active) - (Size=293 GB) - (Type=05)
Partition 2: (Not Active) - (Size=303.2 GB) - (Type=07 NTFS)
==================== Fin de Addition.txt =======================
Exécuté par pchaz (19-02-2020 06:27:51)
Exécuté depuis C:\Users\pchaz\Desktop
Windows 10 Home Version 1909 18363.657 (X64) (2019-10-13 22:29:24)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-3921381143-4217399962-1613152891-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3921381143-4217399962-1613152891-503 - Limited - Disabled)
Invité (S-1-5-21-3921381143-4217399962-1613152891-501 - Limited - Disabled)
pchaz (S-1-5-21-3921381143-4217399962-1613152891-1001 - Administrator - Enabled) => C:\Users\pchaz
WDAGUtilityAccount (S-1-5-21-3921381143-4217399962-1613152891-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 23.0.8.134 - Bitdefender)
Bitdefender Antivirus Plus (HKLM\...\Bitdefender) (Version: 24.0.6.31 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
Firefox Developer Edition 74.0 (x64 fr) (HKLM\...\Firefox Developer Edition 74.0 (x64 fr)) (Version: 74.0 - Mozilla)
GIMP 2.10.14 (HKLM\...\GIMP-2_is1) (Version: 2.10.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.116 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
LibreOffice 6.4 Help Pack (French) (HKLM\...\{54E0B1D1-7EF3-462D-984C-F6EF8747194B}) (Version: 6.4.0.3 - The Document Foundation)
LibreOffice 6.4.0.3 (HKLM\...\{5DE38E8F-2A6F-44E7-9D24-0C6D056597D6}) (Version: 6.4.0.3 - The Document Foundation)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 80.0.361.54 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.119.43 - )
Microsoft OneDrive (HKU\S-1-5-21-3921381143-4217399962-1613152891-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Mozilla Firefox 73.0 (x64 fr) (HKLM\...\Mozilla Firefox 73.0 (x64 fr)) (Version: 73.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0 - Mozilla)
Mozilla Thunderbird 68.5.0 (x64 fr) (HKLM\...\Mozilla Thunderbird 68.5.0 (x64 fr)) (Version: 68.5.0 - Mozilla)
NVIDIA Logiciel système PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Pilote 3D Vision 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Pilote graphique 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
Opera Stable 66.0.3515.95 (HKU\S-1-5-21-3921381143-4217399962-1613152891-1001\...\Opera 66.0.3515.95) (Version: 66.0.3515.95 - Opera Software)
paint.net (HKLM\...\{15BCA3AB-444B-4AC5-A04F-F2AD0F7AD3EC}) (Version: 4.2.10 - dotPDN LLC)
Panneau de configuration NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.9.0 - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.45.0 - Synaptics Incorporated)
VdhCoApp 1.3.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Version bêta de Google Chrome (HKLM-x32\...\Google Chrome Beta) (Version: 81.0.4044.17 - Google LLC)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-3921381143-4217399962-1613152891-1001\...\WhatsApp) (Version: 0.3.5374 - WhatsApp)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-06-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-06-12] (Microsoft Corporation) [MS Ad]
Microsoft News: les actualités à ne pas manquer -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.35.20273.0_x64__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_20.10127.4764.0_x64__8wekyb3d8bbwe [2020-02-12] (Microsoft Corporation)
MSN Météo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
uBlock Origin -> C:\Program Files\WindowsApps\37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2019-07-21] (Nik Rolls)
Video Downloader Professional for Edge -> C:\Program Files\WindowsApps\Link64GmbH.VideoDownloaderProfessionalforEdge_1.0.12.0_neutral__r8gm29f18mcyc [2019-07-22] (Link64 GmbH)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.4.315.0_x64__cv1g1gvanyjgm [2020-01-25] (WhatsApp Inc.)
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Avec liste blanche) ====================
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
Shortcut: C:\Users\pchaz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
ShortcutWithArgument: C:\Users\pchaz\Desktop\Personnel - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\pchaz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\pchaz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\127b8cab8d6f0e0a\Version bêta de Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Modules chargés (Avec liste blanche) =============
2020-01-19 18:43 - 2018-03-24 00:05 - 000343728 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
==================== Alternate Data Streams (Avec liste blanche) ========
==================== Mode sans échec (Avec liste blanche) ==================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) =================
==================== Internet Explorer sites de confiance/sensibles ==========
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2019-06-12 08:35 - 2020-02-19 06:22 - 000398221 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 fr.a2dfp.net
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 static.a-ads.com
0.0.0.0 abcstats.com
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl
0.0.0.0 ad2games.com
0.0.0.0 content.ad20.net
0.0.0.0 core.ad20.net
0.0.0.0 banner.ad.nu
0.0.0.0 adadvisor.net
0.0.0.0 wad.adbasket.net
0.0.0.0 adboost.ro
0.0.0.0 www.adchimp.com
0.0.0.0 servedby.adcombination.com
0.0.0.0 adcomplete.com
0.0.0.0 www.adcomplete.com
0.0.0.0 adcore.ru
0.0.0.0 pixel.adcrowd.com
0.0.0.0 ct1.addthis.com
0.0.0.0 static.uk.addynamo.com
Il y a 10623 plus de lignes.
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-3921381143-4217399962-1613152891-1001\Control Panel\Desktop\\Wallpaper -> E:\Images\Le Plessis Claude 2015\WIN_20141004_093445 (2).JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
HKU\S-1-5-21-3921381143-4217399962-1613152891-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3921381143-4217399962-1613152891-1001\...\StartupApproved\Run: => "OneDrive"
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8B7A89FE-92EB-4C8C-9366-27A33D11A028}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7C0BF4B9-0275-4AFA-A8D1-B142555AF91D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{FD0AE8F6-E629-4AD2-96B1-80CDE07847CA}C:\users\pchaz\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Allow) C:\users\pchaz\appdata\local\programs\opera\65.0.3467.78\opera.exe Pas de fichier
FirewallRules: [UDP Query User{8C785A64-1184-4AD4-ABDE-9067526B3463}C:\users\pchaz\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Allow) C:\users\pchaz\appdata\local\programs\opera\65.0.3467.78\opera.exe Pas de fichier
FirewallRules: [{B873C4C5-623F-4AC5-AE83-73A07621CB0D}] => (Block) C:\users\pchaz\appdata\local\programs\opera\65.0.3467.78\opera.exe Pas de fichier
FirewallRules: [{5673E312-F9B5-4444-ADD0-2CE55193F876}] => (Block) C:\users\pchaz\appdata\local\programs\opera\65.0.3467.78\opera.exe Pas de fichier
FirewallRules: [{691A472B-9DBB-4C3C-8528-E2305AD77BCD}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{98E6483E-5639-429B-A828-0936CC437FDC}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{617B4E59-305E-4089-A9CC-E28FA6D0E949}C:\program files\firefox developer edition\firefox.exe] => (Block) C:\program files\firefox developer edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{A81914E9-2C33-4FEC-9560-56B69F1A703F}C:\program files\firefox developer edition\firefox.exe] => (Block) C:\program files\firefox developer edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{2E34E90B-B987-446F-9988-04B974256AA5}C:\users\pchaz\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Block) C:\users\pchaz\appdata\local\programs\opera\66.0.3515.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{C8B144F4-1415-4D60-8BF4-F08468964AFB}C:\users\pchaz\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Block) C:\users\pchaz\appdata\local\programs\opera\66.0.3515.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{133962FF-4158-4281-A48E-219F40CB5900}] => (Allow) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C00BD008-E77B-4C5A-9941-0DD5BEE2C03D}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7F94EEA9-7D67-4435-A235-96D68B7CA9DF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Points de restauration =========================
13-02-2020 07:02:18 Windows Update
==================== Éléments en erreur du Gestionnaire de périphériques ============
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (02/19/2020 06:01:33 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10016,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/19/2020 05:17:08 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8716,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/18/2020 11:54:04 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3756,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/18/2020 11:28:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3692,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/18/2020 10:54:22 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3508,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/18/2020 08:39:03 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8240,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/18/2020 08:30:20 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4524,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/18/2020 07:49:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6436,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Erreurs système:
=============
Error: (02/19/2020 12:13:52 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JEO90LA)
Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (02/19/2020 12:13:52 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JEO90LA)
Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (02/19/2020 12:12:33 AM) (Source: disk) (EventID: 11) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\DR2.
Error: (02/19/2020 12:12:33 AM) (Source: disk) (EventID: 11) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\DR2.
Error: (02/19/2020 12:12:32 AM) (Source: disk) (EventID: 11) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\DR2.
Error: (02/19/2020 12:12:32 AM) (Source: disk) (EventID: 11) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\DR2.
Error: (02/19/2020 12:11:22 AM) (Source: disk) (EventID: 11) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\DR2.
Error: (02/19/2020 12:11:22 AM) (Source: disk) (EventID: 11) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\DR2.
CodeIntegrity:
===================================
Date: 2020-01-15 08:03:04.407
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-15 08:03:04.107
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-15 08:03:02.462
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-15 08:03:01.718
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-15 08:03:00.918
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-15 08:02:59.373
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-15 08:02:56.678
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-15 08:02:56.596
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Infos Mémoire ===========================
BIOS: American Megatrends Inc. K73SV.209 08/16/2011
Carte mère: ASUSTeK Computer Inc. K73SV
Processeur: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Pourcentage de mémoire utilisée: 60%
Mémoire physique - RAM - totale: 6056.14 MB
Mémoire physique - RAM - disponible: 2364.52 MB
Mémoire virtuelle totale: 7592.14 MB
Mémoire virtuelle disponible: 3178.03 MB
==================== Lecteurs ================================
Drive c: (OS) (Fixed) (Total:237.69 GB) (Free:186.77 GB) NTFS ==>[lecteur avec composants d'amorçage (obtenu depuis BCD)]
Drive d: (SDATA2) (Fixed) (Total:303.2 GB) (Free:247.37 GB) NTFS
Drive e: (DATA) (Fixed) (Total:332.7 GB) (Free:241.45 GB) NTFS
\\?\Volume{aa9693fe-0000-0000-0000-00ac41000000}\ () (Fixed) (Total:0.78 GB) (Free:0.29 GB) NTFS
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: AA9693FE)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=237.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=801 MB) - (Type=27)
Partition 4: (Not Active) - (Size=332.7 GB) - (Type=0F Extended)
==========================================================
Disk: 1 (Size: 596.2 GB) (Disk ID: E61A4B73)
Partition 1: (Not Active) - (Size=293 GB) - (Type=05)
Partition 2: (Not Active) - (Size=303.2 GB) - (Type=07 NTFS)
==================== Fin de Addition.txt =======================