Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Exécuté par Nicolas (03-07-2019 21:57:30)
Exécuté depuis C:\Users\Nicolas\Desktop
Windows 10 Pro Version 1809 17763.503 (X64) (2018-12-14 01:00:22)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================

Administrateur (S-1-5-21-4284427307-2797357125-3296747649-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4284427307-2797357125-3296747649-503 - Limited - Disabled)
Invité (S-1-5-21-4284427307-2797357125-3296747649-501 - Limited - Disabled)
Nicolas (S-1-5-21-4284427307-2797357125-3296747649-1001 - Administrator - Enabled) => C:\Users\Nicolas
Nicolas2 (S-1-5-21-4284427307-2797357125-3296747649-1002 - Limited - Enabled) => C:\Users\Nicolas2
Nicolas22 (S-1-5-21-4284427307-2797357125-3296747649-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-4284427307-2797357125-3296747649-504 - Limited - Disabled)

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Total Security (Disabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Disabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

µTorrent (HKU\S-1-5-21-4284427307-2797357125-3296747649-1001\...\uTorrent) (Version: 3.5.5.45231 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-4284427307-2797357125-3296747649-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06272019134525017\...\uTorrent) (Version: 3.5.5.45231 - BitTorrent Inc.)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.0.8 - Electronic Arts, Inc.)
Automatic Mouse and Keyboard 6.0.2.2 (HKLM-x32\...\{BFD646B6-E892-4B00-B6E2-71545D92BAEA}_is1) (Version: - Robot-Soft.com, Inc.)
Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.) Hidden
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 23.0.8.115 - Bitdefender)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.40.10.1013 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.53 - Piriform)
CodeBlocks (HKU\S-1-5-21-4284427307-2797357125-3296747649-1001\...\CodeBlocks) (Version: 17.12 - The Code::Blocks Team)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.10.0.0823 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-4284427307-2797357125-3296747649-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Discord (HKU\S-1-5-21-4284427307-2797357125-3296747649-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06272019134525017\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.35 - NVIDIA Corporation) Hidden
Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.0.1802.2601 - Micro-Star International Co., Ltd.) Hidden
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.0.1802.2601 - Micro-Star International Co., Ltd.)
DriversCloud.com (64 bits) (HKLM\...\{29DC4128-CF89-49D9-A524-B4430F036F14}) (Version: 10.0.7.0 - Cybelsoft)
Epic Games Launcher (HKLM-x32\...\{A17FC61C-F723-4856-9116-3087712BCB11}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FileZilla Client 3.40.0 (HKU\S-1-5-21-4284427307-2797357125-3296747649-1001\...\FileZilla Client) (Version: 3.40.0 - Tim Kosse)
FileZilla Client 3.40.0 (HKU\S-1-5-21-4284427307-2797357125-3296747649-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06272019134525017\...\FileZilla Client) (Version: 3.40.0 - Tim Kosse)
Game Summary (HKU\S-1-5-21-4284427307-2797357125-3296747649-1001\...\Overwolf_nafihghfcpikebhfhdhljejkcifgbdahdhngepfb) (Version: 124.0.14 - Overwolf app)
Game Summary (HKU\S-1-5-21-4284427307-2797357125-3296747649-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06272019134525017\...\Overwolf_nafihghfcpikebhfhdhljejkcifgbdahdhngepfb) (Version: 124.0.14 - Overwolf app)
GameRanger (HKU\S-1-5-21-4284427307-2797357125-3296747649-1001\...\GameRanger) (Version: - GameRanger Technologies)
GameRanger (HKU\S-1-5-21-4284427307-2797357125-3296747649-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06272019134525017\...\GameRanger) (Version: - GameRanger Technologies)
Goodgame Big Farm (HKU\S-1-5-21-4284427307-2797357125-3296747649-1001\...\Goodgame Big Farm) (Version: - ) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Grand Theft Auto V - Patch FR 1.3 (HKLM-x32\...\Grand Theft Auto V - Patch FR 1.3) (Version: 1.3 - TraductionJeux.com)
Grand Theft Auto V (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
HandBrake 1.2.2 (HKLM-x32\...\HandBrake) (Version: 1.2.2 - )
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6323 - Intel Corporation)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Java SE Development Kit 8 Update 201 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180201}) (Version: 8.0.2010.9 - Oracle Corporation)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Total Security (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Key Presser 2.1.7.8 (HKLM-x32\...\{A74CA1C1-AE87-46CB-BF3B-3E7BB192222B}_is1) (Version: - Robot-Soft.com, Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
LibreOffice 6.0 Help Pack (French) (HKLM\...\{26646404-C149-4246-B7CD-228CF88F6138}) (Version: 6.0.7.3 - The Document Foundation)
LibreOffice 6.2.3.2 (HKLM\...\{31C3855A-DA3A-4FC4-AE9B-1B4ACF89A2C4}) (Version: 6.2.3.2 - The Document Foundation)
Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.75 - McAfee, Inc.)
Metin2 (HKLM-x32\...\Metin2_FR_is1) (Version: - Gameforge 4D GmbH)
Microsoft OneDrive (HKU\S-1-5-21-4284427307-2797357125-3296747649-1001\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4284427307-2797357125-3296747649-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06272019134525017\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Express - FRA (HKLM-x32\...\Microsoft Visual C++ 2005 Express Edition - FRA) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - FRA (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - FRA) (Version: - Microsoft Corporation)
Minecraft (HKLM-x32\...\{2D1ED4EA-B59D-4665-ACB3-9325872A300D}) (Version: 1.0.4.0 - Mojang)
Mises à jour NVIDIA 37.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 37.0.0.0 - NVIDIA Corporation)
Mozilla Firefox 66.0.2 (x64 fr) (HKLM\...\Mozilla Firefox 66.0.2 (x64 fr)) (Version: 66.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.2 - Mozilla)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
MSI Feature Navigator (HKLM-x32\...\InstallShield_{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: - )
netcut version 3.5.4 (HKLM-x32\...\{6BE5152F-0885-4AA5-8385-4AD2D8472C71}_is1) (Version: 3.5.4 - arcai.com)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.18.0.102 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.102 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA Pilote graphique 419.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 419.35 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.0.1 - OBS Project)
ONE PIECE BURNING BLOOD (HKLM-x32\...\ONE PIECE BURNING BLOOD_is1) (Version: - )
Ontrack® EasyRecovery™ for Windows (HKLM-x32\...\Ontrack® EasyRecovery™ for Windows_is1) (Version: 13.0.0.0 - Ontrack)
OpenIV (HKU\S-1-5-21-4284427307-2797357125-3296747649-1001\...\OpenIV) (Version: 3.1.1032 - .black/OpenIV Team)
OpenIV (HKU\S-1-5-21-4284427307-2797357125-3296747649-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06272019134525017\...\OpenIV) (Version: 3.1.1032 - .black/OpenIV Team)
OpenOffice 4.1.6 (HKLM-x32\...\{50D70A8D-0503-4AA6-97EF-09849E9FB520}) (Version: 4.16.9790 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.41.27263 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.131.0.15 - Overwolf Ltd.)
Panneau de configuration NVIDIA 419.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.35 - NVIDIA Corporation) Hidden
PokerStars.fr (HKLM-x32\...\PokerStars.fr) (Version: - PokerStars.fr)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.21.1 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8437 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
RivaTuner Statistics Server 7.1.0 (HKLM-x32\...\RTSS) (Version: 7.1.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.14.2 (HKLM\...\SteelSeries Engine 3) (Version: 3.14.2 - SteelSeries ApS)
Sublime Text Build 3176 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
TeamSpeak 3 Client (HKU\S-1-5-21-4284427307-2797357125-3296747649-1001\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-4284427307-2797357125-3296747649-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06272019134525017\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH)
TeamSpeak Overlay (HKU\S-1-5-21-4284427307-2797357125-3296747649-1001\...\Overwolf_jnabojaampcpfclojlbildognlnebnhfhibiielh) (Version: 1.0.0.2 - Overwolf app)
TeamSpeak Overlay (HKU\S-1-5-21-4284427307-2797357125-3296747649-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06272019134525017\...\Overwolf_jnabojaampcpfclojlbildognlnebnhfhibiielh) (Version: 1.0.0.2 - Overwolf app)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
VEGAS Pro 16.0 (HKLM\...\{0A32E1A1-A098-11E8-973C-00155D6302F2}) (Version: 16.0.248 - VEGAS)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)

Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.13.5.0_x86__kgqvnymyfvs32 [2019-05-16] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1501.2.0_x86__kgqvnymyfvs32 [2019-05-08] (king.com)
Courrier et calendrier -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe [2019-04-03] (Microsoft Corporation) [MS Ad]
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.521.0_x64__rz1tebttyb220 [2019-03-12] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-12-25] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2018-12-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-08] (Microsoft Corporation) [MS Ad]
Microsoft News: les actualités à ne pas manquer -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.30.10924.0_x64__8wekyb3d8bbwe [2019-04-04] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.3.4032.0_x86__8wekyb3d8bbwe [2019-04-14] (Microsoft Studios) [MS Ad]
MSN Météo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.375.0_x64__mcm4njqhnhss8 [2019-02-19] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.953.0_x64__56jybvy8sckqj [2019-04-24] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.155.0_x64__dt26b99r8h8gj [2018-12-25] (Realtek Semiconductor Corp)
SynMsiDApp -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynMsiDApp_19005.31005.0.0_x64__807d65c4rvak2 [2018-12-25] (Synaptics Incorporated)

==================== Personnalisé CLSID (Avec liste blanche): ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\x64\ShellEx.dll [2019-07-02] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-05-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\x64\ShellEx.dll [2019-07-02] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-05-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\x64\ShellEx.dll [2019-07-02] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b846bbf1e81ea3cf\igfxDTCM.dll [2018-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\x64\ShellEx.dll [2019-07-02] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Raccourcis & WMI ========================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)


==================== Modules chargés (Avec liste blanche) ==============

2019-01-28 00:11 - 2019-06-25 00:22 - 002148864 _____ () [Fichier non signé] C:\Program Files (x86)\arcai.com\netcut_windows.exe
2018-12-07 19:02 - 2018-11-19 04:33 - 000812032 _____ () [Fichier non signé] C:\Users\Nicolas\AppData\Roaming\Browser\CefSharp.BrowserSubprocess.Core.dll
2018-12-07 19:02 - 2018-11-19 04:32 - 001201152 _____ () [Fichier non signé] C:\Users\Nicolas\AppData\Roaming\Browser\CefSharp.Core.dll
2018-12-07 19:02 - 2018-10-22 15:32 - 086726656 _____ () [Fichier non signé] C:\Users\Nicolas\AppData\Roaming\Browser\libcef.dll
2018-12-07 19:02 - 2018-10-22 15:32 - 000089600 _____ () [Fichier non signé] C:\Users\Nicolas\AppData\Roaming\Browser\libegl.dll
2018-12-07 19:02 - 2018-10-22 15:32 - 004310528 _____ () [Fichier non signé] C:\Users\Nicolas\AppData\Roaming\Browser\libglesv2.dll
2018-12-26 14:02 - 2018-05-11 09:51 - 002677760 _____ (Arcai.com) [Fichier non signé] C:\Program Files (x86)\arcai.com\aips.exe
2018-12-07 19:02 - 2018-12-07 19:02 - 000177664 _____ (Browseza) [Fichier non signé] C:\Users\Nicolas\AppData\Roaming\Browser\Browser.exe
2009-07-09 15:54 - 2009-07-09 15:54 - 000160768 _____ (Micro-Star International Co., Ltd.) [Fichier non signé] C:\Windows\SysWOW64\MSIService.exe
2018-12-07 19:02 - 2018-11-19 04:33 - 000009728 _____ (The CefSharp Authors) [Fichier non signé] C:\Users\Nicolas\AppData\Roaming\Browser\CefSharp.BrowserSubprocess.exe
2018-12-07 19:02 - 2018-10-22 15:31 - 000583168 _____ (The Chromium Authors) [Fichier non signé] C:\Users\Nicolas\AppData\Roaming\Browser\chrome_elf.dll
2019-02-14 21:54 - 2019-06-11 08:21 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-02-14 21:54 - 2019-06-11 08:22 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\Origin\ssleay32.dll
2019-02-14 21:54 - 2019-05-25 09:55 - 001611264 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-02-14 21:54 - 2019-05-25 09:56 - 005487104 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-02-14 21:54 - 2019-05-25 09:56 - 005841920 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-02-14 21:54 - 2019-05-25 09:56 - 001179136 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-02-14 21:54 - 2019-05-25 09:56 - 005089792 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-02-14 21:54 - 2019-05-25 09:56 - 000184832 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [466]

==================== Mode sans échec (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)


==================== Internet Explorer sites de confiance/sensibles ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)

IE trusted site: HKU\S-1-5-21-4284427307-2797357125-3296747649-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-4284427307-2797357125-3296747649-1001\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-4284427307-2797357125-3296747649-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06272019134525017\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-4284427307-2797357125-3296747649-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06272019134525017\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts contenu: ===============================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2018-09-15 09:31 - 2019-07-03 18:04 - 000000002 _____ C:\Windows\system32\drivers\etc\hosts


==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\thc-hydra-windows-master;
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06272019134524792\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-4284427307-2797357125-3296747649-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-4284427307-2797357125-3296747649-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06272019134525017\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-4284427307-2797357125-3296747649-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-4284427307-2797357125-3296747649-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06272019134525611\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.

HKLM\...\StartupApproved\StartupFolder: => "SteelSeries Engine 3.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKLM\...\StartupApproved\Run32: => "AvastUI.exe"
HKU\S-1-5-21-4284427307-2797357125-3296747649-1001\...\StartupApproved\StartupFolder: => "GameRanger.lnk"
HKU\S-1-5-21-4284427307-2797357125-3296747649-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-4284427307-2797357125-3296747649-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4284427307-2797357125-3296747649-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-4284427307-2797357125-3296747649-1001\...\StartupApproved\Run: => "himself"
HKU\S-1-5-21-4284427307-2797357125-3296747649-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-4284427307-2797357125-3296747649-1001\...\StartupApproved\Run: => "optometry"
HKU\S-1-5-21-4284427307-2797357125-3296747649-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-4284427307-2797357125-3296747649-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-4284427307-2797357125-3296747649-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06272019134525017\...\StartupApproved\StartupFolder: => "GameRanger.lnk"
HKU\S-1-5-21-4284427307-2797357125-3296747649-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06272019134525017\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-4284427307-2797357125-3296747649-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06272019134525017\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4284427307-2797357125-3296747649-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06272019134525017\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-4284427307-2797357125-3296747649-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06272019134525017\...\StartupApproved\Run: => "himself"
HKU\S-1-5-21-4284427307-2797357125-3296747649-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06272019134525017\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-4284427307-2797357125-3296747649-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06272019134525017\...\StartupApproved\Run: => "optometry"
HKU\S-1-5-21-4284427307-2797357125-3296747649-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06272019134525017\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-4284427307-2797357125-3296747649-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06272019134525017\...\StartupApproved\Run: => "Chromium"

==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [{2E3948EF-491D-43F7-A9F6-EB9D5BD7C147}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [{14CB1934-759A-434E-B1C9-86438645F182}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft)
FirewallRules: [{AF091E52-C1D5-4CC2-B809-807DE2786572}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E3AF8327-079C-4AA0-BCDF-59C898A82988}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{2FE9D594-BB00-46F4-9F80-3A4C4FA1A4E8}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{2D497F9E-CD12-4D66-8DF3-C097CDA02DB2}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{1B2C83DC-F53F-4B7E-9B73-B8F2CE45BD70}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{5C5E6572-F176-4CDD-AE51-FC53F21346FE}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{F4E2ECE1-60DD-40CB-A9BD-45EEF42F239F}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe Pas de fichier
FirewallRules: [UDP Query User{812B47BA-53C2-46CB-A048-494200162AA8}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe Pas de fichier
FirewallRules: [{83ABFE20-3AC0-4060-A51B-FA067A5B1F4F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{85179E9B-1417-408A-B078-A1432DE82F89}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{02571766-0C27-4E08-B32D-51EB0CB62EE9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Pas de fichier
FirewallRules: [{18FDFC93-BDE6-4E55-99B1-72714D15712E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Pas de fichier
FirewallRules: [{AFE8173F-47B7-4C28-A2AA-6CEE93861CFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aimtastic\Aimtastic.exe () [Fichier non signé]
FirewallRules: [{A82744E9-9F66-4707-AC6A-77B4B0B4EACB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aimtastic\Aimtastic.exe () [Fichier non signé]
FirewallRules: [{DBC1BDCC-E23C-4B82-A254-C58DFE356A77}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{272321C0-9781-4BA5-8D5E-C620747A3B23}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{72D82224-D956-4486-8986-8D43690C81D5}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{C860C0A1-7BD0-41A7-B5D7-DBA2401904E9}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{E6F7A336-C377-4081-B73F-51F4A90885F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{6C67C500-E394-4C19-9337-B2A7183ACDC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{BFE83FBA-9906-4FA9-BAFD-71FF35007F8A}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [UDP Query User{CC0FCB4D-0218-42DA-97CF-017931EF897A}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [TCP Query User{20112CAF-5605-486F-A439-AD34F70AC2FF}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe Pas de fichier
FirewallRules: [UDP Query User{BACD2800-5CEF-4CE8-B89A-A34F40E68A93}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe Pas de fichier
FirewallRules: [TCP Query User{4085CA65-BBE5-495B-A01F-7949422ED496}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [UDP Query User{A5D6FFAB-2F2E-4396-83B7-025B5F3A5076}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [TCP Query User{12BD67FE-C2AB-4DC1-8863-A9963C1D08E0}C:\users\nicolas\desktop\rubinum\rubinumpatcher.exe] => (Allow) C:\users\nicolas\desktop\rubinum\rubinumpatcher.exe Pas de fichier
FirewallRules: [UDP Query User{228C5168-9A03-4BEB-8D20-B5B2B1DEF8F4}C:\users\nicolas\desktop\rubinum\rubinumpatcher.exe] => (Allow) C:\users\nicolas\desktop\rubinum\rubinumpatcher.exe Pas de fichier
FirewallRules: [{771FCB91-DAFF-4E30-82C1-DEDF4521BE23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{6A8E57D8-D917-4473-948F-1DE033F538F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{47E9968B-BA85-4383-AA57-B4890090FB48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe (Smartly Dressed Games Ltd. -> ) [Fichier non signé]
FirewallRules: [{5C05AD9A-4F85-4631-BA1D-A5FD4BB4FFDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe (Smartly Dressed Games Ltd. -> ) [Fichier non signé]
FirewallRules: [{0D206FB0-76C7-496D-9BAF-CB157642E5C5}] => (Allow) C:\Users\Nicolas\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{CF2CCE47-F5E7-4DF2-A0C9-04FF1CD8D117}] => (Allow) C:\Users\Nicolas\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{B82A0D42-F629-4F2E-AB4E-0F1DD1FC46AA}] => (Allow) C:\Users\Nicolas\AppData\Local\Programs\Opera\58.0.3135.53\opera.exe Pas de fichier
FirewallRules: [{B143B6D8-242C-414E-BAF7-6AABC02A9ACF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2 Demo\payday2_win32_release.exe () [Fichier non signé]
FirewallRules: [{409F1898-AFBC-4778-831F-90AD863AB0E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2 Demo\payday2_win32_release.exe () [Fichier non signé]
FirewallRules: [{FDC8773C-A37C-401F-AE39-5E0F35486826}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [TCP Query User{029AAC3D-B3C3-41BC-AEE7-1E80DDF59212}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [UDP Query User{706D1215-A4B2-4EC6-B095-8A94FCFCABD3}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [{C99C91A2-65AF-4471-A6E3-3C07A886305A}] => (Allow) C:\Users\Nicolas\AppData\Local\Programs\Opera\58.0.3135.65\opera.exe Pas de fichier
FirewallRules: [TCP Query User{2A26EA5C-92BF-4655-8535-461809A7F338}C:\program files (x86)\common files\oracle\java\javapath_target_178379312\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_178379312\java.exe
FirewallRules: [UDP Query User{A68BA48B-7142-4A2A-BCE0-4CC7AB3A37DF}C:\program files (x86)\common files\oracle\java\javapath_target_178379312\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_178379312\java.exe
FirewallRules: [TCP Query User{D9E0061F-1B19-4F57-A8D1-0C08077C9BD4}C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{57B10765-2900-444B-A5FA-C443C8F2D238}C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{6F59AF76-713A-4004-95D3-93362966B27C}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{99AFC709-61CA-49B0-BEFD-BE0AD457018B}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{3FD45E75-61E7-47C9-9DDF-9F0E2D88A877}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [UDP Query User{8234D130-F8F0-4116-A9E9-9A5FE357E76C}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [{6DF32D27-5B2D-4228-9DEA-5BB97235F120}] => (Block) C:\program files\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [{4F62E8CB-38B1-4C9E-B9BD-14F40DE1EBBA}] => (Block) C:\program files\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [{3A790425-8BD9-44B1-B3F2-6ADBA1E6A03D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B67071D4-C3A3-4078-AADB-029B317055CB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{46CC21C8-6892-4172-A3F2-56AC712C936D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe () [Fichier non signé]
FirewallRules: [{AEEDE1AD-5206-43CA-AA9F-36596C97D3A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe () [Fichier non signé]
FirewallRules: [{23D3FB21-4E17-463F-A579-D73A3638D2F2}] => (Allow) C:\Program Files (x86)\Accuses\Malloch.exe Pas de fichier
FirewallRules: [{BA91B3CF-1942-4B7D-A95B-72B79F08C7D4}] => (Allow) C:\Program Files (x86)\Differently\Malloch.exe Pas de fichier
FirewallRules: [{70EF8B91-8FC1-4724-803E-2C0B4E0C97CA}] => (Allow) C:\Program Files (x86)\manoj\Crunches.exe Pas de fichier
FirewallRules: [{89AEC2A9-EB75-46EA-8606-9BBA027842D6}] => (Allow) C:\Program Files (x86)\Differently\Crunches.exe Pas de fichier
FirewallRules: [{F58A49F6-4C26-4637-9D5B-FA97476D16FE}] => (Allow) C:\Windows\SysWOW64\TCPSVCS.EXE (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{170A59F3-F48E-4E18-B052-2F068FDB2EBD}C:\users\nicolas\eclipse\java-oxygen\eclipse\eclipse.exe] => (Allow) C:\users\nicolas\eclipse\java-oxygen\eclipse\eclipse.exe () [Fichier non signé]
FirewallRules: [UDP Query User{D9AA74FF-D4D3-4451-8976-437AE6CFA185}C:\users\nicolas\eclipse\java-oxygen\eclipse\eclipse.exe] => (Allow) C:\users\nicolas\eclipse\java-oxygen\eclipse\eclipse.exe () [Fichier non signé]
FirewallRules: [TCP Query User{861CF600-A617-4117-B86A-6C056590D6BA}C:\users\nicolas\downloads\vysnc.exe] => (Allow) C:\users\nicolas\downloads\vysnc.exe Pas de fichier
FirewallRules: [UDP Query User{20C79156-8B6F-41E0-BE50-90309AE9C5EE}C:\users\nicolas\downloads\vysnc.exe] => (Allow) C:\users\nicolas\downloads\vysnc.exe Pas de fichier
FirewallRules: [TCP Query User{75103222-AC3C-4E60-A0C4-383C9B3BD7EC}C:\users\nicolas\desktop\rubinumpatcher.exe] => (Allow) C:\users\nicolas\desktop\rubinumpatcher.exe Pas de fichier
FirewallRules: [UDP Query User{CFF01C06-9DA9-48B8-82E5-1C97B7A724F4}C:\users\nicolas\desktop\rubinumpatcher.exe] => (Allow) C:\users\nicolas\desktop\rubinumpatcher.exe Pas de fichier
FirewallRules: [{3A55D0CC-7758-47DA-87DC-F78AD7229D14}] => (Allow) C:\Program Files (x86)\Mcwilliams\Macleish.exe Pas de fichier
FirewallRules: [{F4AA9C09-1082-4485-852C-73C75D80A6DD}] => (Allow) C:\Program Files (x86)\Euro\Macleish.exe Pas de fichier
FirewallRules: [{97428F57-C966-41C8-BDD0-3961AFF8260B}] => (Allow) C:\Program Files (x86)\cuisine\Weds.exe Pas de fichier
FirewallRules: [{B16463CC-6AC0-49D7-B0A9-030EE09AF13B}] => (Allow) C:\Program Files (x86)\Euro\Weds.exe Pas de fichier
FirewallRules: [{84B69D09-4900-4EF0-842F-FAC279BFC6C0}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{BCE71A4A-14DE-4CF7-A488-27E22AC22F99}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{F0B25197-11F8-4604-9206-C8D5C28C8833}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{6FC27C35-F7F9-4D92-AC58-6351DDEEDE9A}C:\program files (x86)\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\grand theft auto v\gta5.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{659438C7-AB23-4620-A552-A180DE2B7156}C:\program files (x86)\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\grand theft auto v\gta5.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{1CA41F6D-0626-44BA-9163-E10A75773527}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe () [Fichier non signé]
FirewallRules: [UDP Query User{39272963-6CA1-483B-BEDD-157127902E4B}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe () [Fichier non signé]
FirewallRules: [{FB979661-80B3-4815-80EC-865289E255C5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4B130102-5150-4456-965B-C2094088781B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F44704FA-73C5-453E-A216-474EC19FFBA9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F7FE81E3-F9F7-46A6-844C-3EBB8EFF093E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3CE9C766-4990-4738-A250-1CB713503BD1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DFF95C52-462F-4BA7-B753-498AE353DC3A}] => (Allow) C:\Program Files (x86)\arcai.com\aips.exe (Arcai.com) [Fichier non signé]
FirewallRules: [{820BCA9E-F9FB-43B1-A3BE-2D6BB60DB677}] => (Allow) C:\Program Files (x86)\arcai.com\aips.exe (Arcai.com) [Fichier non signé]
FirewallRules: [{59547116-98FC-4C4C-B109-EA66B0BEF062}] => (Allow) C:\Program Files (x86)\arcai.com\netcut_windows.exe () [Fichier non signé]
FirewallRules: [{9297EA8A-2075-4E3F-A9CD-180136F25163}] => (Allow) C:\Program Files (x86)\arcai.com\netcut_windows.exe () [Fichier non signé]
FirewallRules: [TCP Query User{6C78B5E5-17D8-40D1-B18E-F3B0C43F631B}C:\users\nicolas\desktop\dossier\rubinum\rubinumpatcher.exe] => (Allow) C:\users\nicolas\desktop\dossier\rubinum\rubinumpatcher.exe () [Fichier non signé]
FirewallRules: [UDP Query User{E415E30F-F7B5-402A-A21B-97AF59D2196E}C:\users\nicolas\desktop\dossier\rubinum\rubinumpatcher.exe] => (Allow) C:\users\nicolas\desktop\dossier\rubinum\rubinumpatcher.exe () [Fichier non signé]

==================== Points de restauration =========================

14-06-2019 17:35:24 Point de contrôle planifié
26-06-2019 21:18:29 Point de contrôle planifié

==================== Éléments en erreur du Gestionnaire de périphériques =============


==================== Erreurs du Journal des événements: =========================

Erreurs Application:
==================
Error: (07/03/2019 08:36:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante RubinumPatcher.exe, version : 1.0.0.1, horodatage : 0x5c477944
Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000
Code d’exception : 0xc000041d
Décalage d’erreur : 0x59bdc2c8
ID du processus défaillant : 0x3100
Heure de début de l’application défaillante : 0x01d531cbdb72d1b5
Chemin d’accès de l’application défaillante : C:\Users\Nicolas\Desktop\Dossier\Rubinum\RubinumPatcher.exe
Chemin d’accès du module défaillant: unknown
ID de rapport : daded9c1-b460-4dc6-9b34-d892d40ff959
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (07/03/2019 08:36:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante RubinumPatcher.exe, version : 1.0.0.1, horodatage : 0x5c477944
Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00000000
ID du processus défaillant : 0x3100
Heure de début de l’application défaillante : 0x01d531cbdb72d1b5
Chemin d’accès de l’application défaillante : C:\Users\Nicolas\Desktop\Dossier\Rubinum\RubinumPatcher.exe
Chemin d’accès du module défaillant: unknown
ID de rapport : 82f7c1c0-dfeb-4beb-961a-8a2c077de399
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (07/03/2019 12:01:50 AM) (Source: MsiInstaller) (EventID: 1023) (User: AUTORITE NT)
Description: Produit : Kaspersky Total Security - La mise à jour ‘KIS 2019 MP0 family (Patch e)’ n’a pas pu être installée. Code d’erreur 1603. Des informations supplémentaires sont disponibles dans le fichier journal C:\Windows\TEMP\MSI49851.LOG.

Error: (07/02/2019 04:42:43 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application : CefSharp.BrowserSubprocess.exe
Version du Framework : v4.0.30319
Description : le processus a été arrêté en raison d'une exception non gérée.
Informations sur l'exception : code d'exception c0000005, adresse d'exception 68299BF3

Error: (07/02/2019 11:40:03 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Users\Nicolas\AppData\Local\chromium\Application\chrome.exe ».
Assembly dépendant 58.0.3025.0,language="*",type="win32",version="58.0.3025.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.

Error: (07/02/2019 11:38:34 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Users\Nicolas\AppData\Local\chromium\Application\chrome.exe ».
Assembly dépendant 58.0.3025.0,language="*",type="win32",version="58.0.3025.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.

Error: (07/02/2019 11:37:51 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Users\Nicolas\AppData\Local\chromium\Application\chrome.exe ».
Assembly dépendant 58.0.3025.0,language="*",type="win32",version="58.0.3025.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.

Error: (07/01/2019 11:50:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante fortnite_-_cheat_pro.exe, version : 0.0.0.0, horodatage : 0x5ccbffa8
Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000
Code d’exception : 0xc00001a5
Décalage d’erreur : 0x03088f27
ID du processus défaillant : 0x3c1c
Heure de début de l’application défaillante : 0x01d53056fa49e235
Chemin d’accès de l’application défaillante : C:\Users\Nicolas\AppData\Local\Temp\Rar$EXb13904.31699\fortnite_-_cheat_pro.exe
Chemin d’accès du module défaillant: unknown
ID de rapport : 1b9cd5b3-a04c-4f7a-9a42-d341cedd1ef8
Nom complet du package défaillant :
ID de l’application relative au package défaillant :


Erreurs système:
=============
Error: (07/03/2019 09:58:22 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-A2BMGPB)
Description: Le serveur {9E175B6D-F52A-11D8-B9A5-505054503030} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (07/03/2019 09:56:22 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-A2BMGPB)
Description: Le serveur {E48EDA45-43C6-48E0-9323-A7B2067D9CD5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (07/03/2019 09:56:01 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT)
Description: Le serveur {E60687F7-01A1-40AA-86AC-DB1CBF673334} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (07/03/2019 09:54:22 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-A2BMGPB)
Description: Le serveur {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (07/03/2019 09:54:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Le service wuauserv s’est arrêté avec l’erreur :
Le fichier spécifié est introuvable.

Error: (07/03/2019 09:54:01 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT)
Description: Le serveur {E60687F7-01A1-40AA-86AC-DB1CBF673334} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (07/03/2019 09:52:22 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-A2BMGPB)
Description: Le serveur {9E175B6D-F52A-11D8-B9A5-505054503030} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (07/03/2019 09:52:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Le service wuauserv s’est arrêté avec l’erreur :
Le fichier spécifié est introuvable.


Windows Defender:
===================================
Date: 2019-04-25 22:20:19.479
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Adload!rfn&threatid=2147710919&enterprise=0
Nom : Trojan:Win32/Adload!rfn
ID : 2147710919
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : chromeinstall:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GOOGLE CHROME; containerfile:_C:\Users\Nicolas\AppData\Local\Temp\nsh3E90.tmp\4381698.exe; file:_C:\Program Files (x86)\Google\Chrome\Application\encouragement.exe; file:_C:\Users\Nicolas\AppData\Local\Temp\nsh3E90.tmp\4381698.exe->(nsis-1-fairfield.exe)->(nsis-1-Condiment.exe); file:_C:\Users\Nicolas\AppData\Local\Temp\nsh3E90.tmp\4381698.exe->(nsis-1-fairfield.exe)->(nsis-1-encouragement.exe)
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : DESKTOP-A2BMGPB\Nicolas
Nom du processus : C:\Users\Nicolas\AppData\Local\Temp\nsh7DBC.tmp\fairfield.exe
Version de la signature : AV: 1.293.157.0, AS: 1.293.157.0, NIS: 1.293.157.0
Version du moteur : AM: 1.1.15900.4, NIS: 1.1.15900.4

Date: 2019-04-25 22:18:58.157
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Adload.DU!bit&threatid=249572&enterprise=0
Nom : TrojanDownloader:Win32/Adload.DU!bit
ID : 249572
Gravité : Élevée
Catégorie : Cheval de Troie téléchargeur
Chemin : containerfile:_C:\Users\Nicolas\AppData\Local\Temp\nsh3E90.tmp\4381698.exe; file:_C:\Users\Nicolas\AppData\Local\Temp\nsh3E90.tmp\4381698.exe->(nsis-1-deserved.exe)
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Système
Utilisateur : AUTORITE NT\Système
Nom du processus : Unknown
Version de la signature : AV: 1.293.157.0, AS: 1.293.157.0, NIS: 1.293.157.0
Version du moteur : AM: 1.1.15900.4, NIS: 1.1.15900.4

Date: 2019-04-25 22:18:57.218
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Adload.DU!bit&threatid=249572&enterprise=0
Nom : TrojanDownloader:Win32/Adload.DU!bit
ID : 249572
Gravité : Élevée
Catégorie : Cheval de Troie téléchargeur
Chemin : file:_C:\Program Files (x86)\Shakespeares\deserved.exe; file:_C:\Windows\System32\Tasks\loudmouthloudmouth->(UTF-16LE); regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCD713A8-2C9A-4854-BCC8-658EB75C1764}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\loudmouthloudmouth; taskscheduler:_C:\Windows\System32\Tasks\loudmouthloudmouth
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : DESKTOP-A2BMGPB\Nicolas
Nom du processus : C:\Users\Nicolas\AppData\Local\Temp\nsh3E90.tmp\4381698.exe
Version de la signature : AV: 1.293.157.0, AS: 1.293.157.0, NIS: 1.293.157.0
Version du moteur : AM: 1.1.15900.4, NIS: 1.1.15900.4

Date: 2019-04-25 22:18:37.388
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Adload!rfn&threatid=2147710919&enterprise=0
Nom : Trojan:Win32/Adload!rfn
ID : 2147710919
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : containerfile:_C:\Users\Nicolas\AppData\Local\Temp\nsh3E90.tmp\4381698.exe; file:_C:\Program Files (x86)\Google\Chrome\Application\encouragement.exe; file:_C:\Users\Nicolas\AppData\Local\Temp\nsh3E90.tmp\4381698.exe->(nsis-1-fairfield.exe)->(nsis-1-Condiment.exe); file:_C:\Users\Nicolas\AppData\Local\Temp\nsh3E90.tmp\4381698.exe->(nsis-1-fairfield.exe)->(nsis-1-encouragement.exe)
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : DESKTOP-A2BMGPB\Nicolas
Nom du processus : C:\Users\Nicolas\AppData\Local\Temp\nsh7DBC.tmp\fairfield.exe
Version de la signature : AV: 1.293.157.0, AS: 1.293.157.0, NIS: 1.293.157.0
Version du moteur : AM: 1.1.15900.4, NIS: 1.1.15900.4

Date: 2019-04-25 22:18:37.386
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Adload.DU!bit&threatid=249572&enterprise=0
Nom : TrojanDownloader:Win32/Adload.DU!bit
ID : 249572
Gravité : Élevée
Catégorie : Cheval de Troie téléchargeur
Chemin : containerfile:_C:\Users\Nicolas\AppData\Local\Temp\nsh3E90.tmp\4381698.exe; file:_C:\Users\Nicolas\AppData\Local\Temp\nsh3E90.tmp\4381698.exe->(nsis-1-deserved.exe)
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Système
Utilisateur : AUTORITE NT\Système
Nom du processus : Unknown
Version de la signature : AV: 1.293.157.0, AS: 1.293.157.0, NIS: 1.293.157.0
Version du moteur : AM: 1.1.15900.4, NIS: 1.1.15900.4

CodeIntegrity:
===================================

Date: 2019-07-02 14:43:56.195
Description:
Windows blocked file \Device\HarddiskVolume4\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-07-02 14:43:56.190
Description:
Windows blocked file \Device\HarddiskVolume4\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-07-02 14:43:56.185
Description:
Windows blocked file \Device\HarddiskVolume4\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-07-02 14:43:56.127
Description:
Windows blocked file \Device\HarddiskVolume4\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-07-02 14:43:56.124
Description:
Windows blocked file \Device\HarddiskVolume4\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-07-02 14:43:56.121
Description:
Windows blocked file \Device\HarddiskVolume4\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-07-02 14:41:12.707
Description:
Windows blocked file \Device\HarddiskVolume4\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-07-02 14:41:12.702
Description:
Windows blocked file \Device\HarddiskVolume4\Windows\System32\scrobj.dll which has been disallowed for protected processes.

==================== Infos Mémoire ===========================

BIOS: American Megatrends Inc. E16P6IMS.106 07/16/2018
Motherboard: Micro-Star International Co., Ltd. MS-16P6
Processeur: Intel(R) Core(TM) i5-8300H CPU @ 2.30GHz
Pourcentage de mémoire utilisée: 49%
Mémoire physique - RAM - totale: 8037.18 MB
Mémoire physique - RAM - disponible: 4075.72 MB
Mémoire virtuelle totale: 14670.54 MB
Mémoire virtuelle disponible: 5571.28 MB

==================== Lecteurs ================================

Drive c: () (Fixed) (Total:920.91 GB) (Free:467.52 GB) NTFS
Drive d: (DriverCD) (Fixed) (Total:10 GB) (Free:5.49 GB) NTFS

\\?\Volume{92617ebb-f705-4ef5-b522-7ffbe6ee34e0}\ (Récupération) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{b2f8c2e5-599f-4faf-879c-32c8869e842b}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Table des partitions ==================
Could not read MBR for disk 0.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 6C3AA21E)

Partition: GPT.

==================== Fin de Addition.txt ============================