Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 08-09-2019
Exécuté par 33688 (10-09-2019 19:00:38)
Exécuté depuis C:\Users\33688\Desktop
Windows 10 Home Version 1803 17134.950 (X64) (2019-02-24 03:18:15)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================

33688 (S-1-5-21-3376281178-2811633939-3139901391-1001 - Administrator - Enabled) => C:\Users\33688
Administrateur (S-1-5-21-3376281178-2811633939-3139901391-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3376281178-2811633939-3139901391-503 - Limited - Disabled)
Invité (S-1-5-21-3376281178-2811633939-3139901391-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3376281178-2811633939-3139901391-504 - Limited - Disabled)

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.2.9.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{0eb123be-d81d-4443-a34b-5a9a6cfc8ee4}) (Version: 2.2.9.0 - ASUSTek COMPUTER INC.) Hidden
Asus ApoDispatchConfigurator (HKLM\...\{4FEB3307-A0EF-4385-9C8F-4B4C1503311C}) (Version: 3.6.4201 - ASUSTeK COMPUTER INC) Hidden
Asus AudioCaptureNotificationConfigurator (HKLM\...\{04C5CE55-7F32-4D2D-AEA2-FDC03E8F65CC}) (Version: 3.6.4201 - ASUSTeK COMPUTER INC) Hidden
ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.19 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.1.13 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{541a19ba-ef00-4024-8844-984a75dbd8c5}) (Version: 1.1.13 - ASUSTek COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.02.43 - ASUSTek COMPUTER INC.) Hidden
ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.5.0 - ASUSTeK COMPUTER INC.)
Asus DeviceRoutingConfigurator (HKLM\...\{AC306567-A1B7-4208-8FED-97CF535050BC}) (Version: 3.6.4201 - ASUSTeK COMPUTER INC) Hidden
ASUS GiftBox Service (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 3.2.3.0 - ASUSTeK COMPUTER INC.)
ASUS Hello (HKLM-x32\...\{D8CE1923-92A9-4036-817E-9E0D8AA2169B}) (Version: 1.1.4.0 - ASUSTeK COMPUTER INC.)
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.23 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{3ff09a0d-4fd9-4b44-92f2-9dab1288f6f7}) (Version: 1.0.23 - ASUSTek COMPUTER INC.) Hidden
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.8 - ASUSTeK COMPUTER INC.)
ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{3e9b91eb-5bb0-4272-8670-f88d353eb68b}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.21 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{be8aef12-2bc5-4b18-90c4-75276c3eb3a1}) (Version: 1.0.21 - ASUSTek COMPUTER INC.) Hidden
Asus NahimicSettingsConfigurator (HKLM\...\{B4994529-E096-4D1E-8F2A-159AA1641841}) (Version: 3.6.4201 - ASUSTeK COMPUTER INC) Hidden
Asus ProductDaemonSetup (HKLM\...\{36606417-B1C4-42C2-B5C1-67972DA63DAB}) (Version: 3.6.4201 - ASUSTeK COMPUTER INC) Hidden
Asus ProfileSwitcherCleanup (HKLM\...\{CD2BB5C3-6AFC-473C-8348-C79893C08473}) (Version: 3.6.42.51937 - ASUSTeK COMPUTER INC) Hidden
ASUS Promotion (HKLM\...\{10FE8E2F-7BDD-4430-8D63-3D3BA3F708D9}) (Version: 1.0.3 - ASUSTeK COMPUTER INC.)
Asus Sonic Radar 3 (HKLM-x32\...\{7cab61c4-45aa-4016-9c38-b868b93b8f60}) (Version: 3.6.42.51937 - ASUSTeK COMPUTER INC)
Asus Sonic Studio 3 (HKLM-x32\...\{a34044ff-d5de-4779-9854-251dce726ae2}) (Version: 3.6.42.51937 - ASUSTeK COMPUTER INC)
Asus SonicMapperConfigurator (HKLM\...\{0A462643-2991-4DD5-8ED0-EE421AF14F54}) (Version: 3.6.42.51937 - ASUSTeK COMPUTER INC) Hidden
Asus SonicRadar3Setup (HKLM\...\{E0C665CB-1BC0-4DFA-9CA3-707D0B3B1D32}) (Version: 3.6.42.51937 - ASUSTeK COMPUTER INC) Hidden
Asus SonicStudio3Setup (HKLM\...\{8EAEB7E8-9699-4C45-ACEB-CF64455F0C26}) (Version: 3.6.42.51937 - ASUSTeK COMPUTER INC) Hidden
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.02.58 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{8d14f6b9-5c21-4da6-9c9d-b061d33e329b}) (Version: 3.02.58 - ASUSTeK Computer Inc.)
Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 19.7.2388 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CPUID CPU-Z 1.90 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.90 - CPUID, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.0900 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3376281178-2811633939-3139901391-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
GameFirst V (HKLM-x32\...\{8A6E0CD9-CECD-4760-869D-AC7813014B22}) (Version: 5.0.12.2 - ASUSTeK COMPUTER INC.) Hidden
GameFirst V (HKLM-x32\...\GameFirst V 5.0.12.2) (Version: 5.0.12.2 - ASUSTeK COMPUTER INC.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1808.12.0.1102 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.1.1018 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Java(TM) 6 Update 18 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216018FF}) (Version: 6.0.180 - Sun Microsystems, Inc.)
Microsoft OneDrive (HKU\S-1-5-21-3376281178-2811633939-3139901391-1001\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Mises à jour NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Pilote 3D Vision 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 399.24 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA Pilote graphique 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 399.24 - NVIDIA Corporation)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.133.0.24 - Overwolf Ltd.)
Panneau de configuration NVIDIA 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 399.24 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8683.1 - Realtek Semiconductor Corp.)
ROG Gaming Center (HKLM\...\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}) (Version: 2.5.9 - ASUSTeK COMPUTER INC.)
SWF Opener (HKLM-x32\...\{01386D1F-ADE7-43B4-A4E9-312FC5BC726F}_is1) (Version: 1.3 - UnH Solutions)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH)
TeamSpeak Overlay (HKU\S-1-5-21-3376281178-2811633939-3139901391-1001\...\Overwolf_jnabojaampcpfclojlbildognlnebnhfhibiielh) (Version: 1.0.0.2 - Overwolf app)
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: 1.25.136.1020 - Electronic Arts)
Twitch (HKU\S-1-5-21-3376281178-2811633939-3139901391-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.10.0 - ASUSTeK COMPUTER INC.)
WinRAR 5.71 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)
XSplit Gamecaster (HKLM-x32\...\{9A128943-F2EC-4E84-8088-65A9975537BD}) (Version: 3.3.1805.0401 - SplitmediaLabs)
ZoneAlarm Anti-Ransomware (HKLM-x32\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.001.1320 - Check Point Software) Hidden
ZoneAlarm Antivirus (HKLM-x32\...\{F3790C3A-1015-410D-8BE1-EA48C2637BFF}) (Version: 15.6.121.18102 - Check Point Software Technologies Ltd.) Hidden

Packages:
=========
ASUS Battery Health Charging -> C:\Program Files\WindowsApps\B9ECED6F.ASUSBatteryHealthCharging_1.0.7.0_x86__qmba6cd70vzyy [2019-06-21] (ASUSTeK COMPUTER INC.)
ASUS GIFTBOX -> C:\Program Files\WindowsApps\B9ECED6F.ASUSGIFTBOX_3.1.7.0_x64__qmba6cd70vzyy [2019-06-21] (ASUSTeK COMPUTER INC.)
ASUS Keyboard Hotkeys -> C:\Program Files\WindowsApps\B9ECED6F.ASUSKeyboardHotkeys_1.0.10.0_x86__qmba6cd70vzyy [2019-06-21] (ASUSTeK COMPUTER INC.)
ASUS Product Registration Program -> C:\Program Files\WindowsApps\B9ECED6F.ASUSProductRegistrationProgram_3.0.3.0_x86__qmba6cd70vzyy [2019-06-21] (ASUSTeK COMPUTER INC.)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.19.5.0_x86__kgqvnymyfvs32 [2019-08-20] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1590.2.0_x86__kgqvnymyfvs32 [2019-09-04] (king.com)
Carp-Talk -> C:\Program Files\WindowsApps\MagazineCloner.com.Carp-Talk_1.1.1.3_neutral__0kt0ng7kbpwm6 [2019-06-21] (MagazineCloner.com)
Courrier et calendrier -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad]
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.2064.0_x64__rz1tebttyb220 [2019-09-06] (Dolby Laboratories)
eManual -> C:\Program Files\WindowsApps\B9ECED6F.eManual_2.0.3.0_x86__qmba6cd70vzyy [2019-06-21] (ASUSTeK COMPUTER INC.)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-06-21] (Fitbit)
Islands in the Sun -> C:\Program Files\WindowsApps\Microsoft.IslandsintheSun_1.0.0.0_neutral__8wekyb3d8bbwe [2019-06-21] (Microsoft Corporation)
Lightning Strikes -> C:\Program Files\WindowsApps\Microsoft.LightningStrikes_1.0.0.0_neutral__8wekyb3d8bbwe [2019-06-21] (Microsoft Corporation)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-06-21] (LinkedIn)
Mexican Vacation -> C:\Program Files\WindowsApps\Microsoft.MexicanVacation_1.0.0.0_neutral__8wekyb3d8bbwe [2019-06-21] (Microsoft Corporation)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.11929.20254.0_x86__8wekyb3d8bbwe [2019-08-29] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-06-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-06-21] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.11929.20254.0_x86__8wekyb3d8bbwe [2019-08-29] (Microsoft Corporation)
Microsoft News: les actualités à ne pas manquer -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-08] (Microsoft Corporation) [MS Ad]
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.11929.20254.0_x86__8wekyb3d8bbwe [2019-08-29] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11929.20254.0_x86__8wekyb3d8bbwe [2019-08-29] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.11929.20254.0_x86__8wekyb3d8bbwe [2019-08-29] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.11929.20254.0_x86__8wekyb3d8bbwe [2019-08-29] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-08-29] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.11929.20254.0_x86__8wekyb3d8bbwe [2019-08-29] (Microsoft Corporation)
MSN Météo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-21] (Microsoft Corporation) [MS Ad]
MyASUS-Service Center -> C:\Program Files\WindowsApps\B9ECED6F.MyASUS_3.3.11.0_x86__qmba6cd70vzyy [2019-06-21] (ASUSTeK COMPUTER INC.)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.9.0_x64__nfy108tqq3p12 [2019-06-21] (Thumbmunkeys Ltd) [MS Ad]
Rambling Pathways -> C:\Program Files\WindowsApps\Microsoft.RamblingPathways_1.0.0.0_neutral__8wekyb3d8bbwe [2019-06-21] (Microsoft Corporation)
Swimming Holes -> C:\Program Files\WindowsApps\Microsoft.SwimmingHoles_1.0.0.0_neutral__8wekyb3d8bbwe [2019-06-21] (Microsoft Corporation)
UnRar Windows -> C:\Program Files\WindowsApps\1253QUANTUMVM.UNRARMETRO_12.9.0.0_x64__ckbnxvahp5f44 [2019-09-04] (QuantumVM)

==================== Personnalisé CLSID (Avec liste blanche): ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-04] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-04] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [ZLAVShExt] -> {D9872D13-7651-4471-9EEE-F0A00218BEBB} => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlavscan.dll -> Pas de fichier
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-06-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-04] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-06-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-04] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [ZLAVShExt] -> {D9872D13-7651-4471-9EEE-F0A00218BEBB} => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlavscan.dll -> Pas de fichier

==================== Raccourcis & WMI ========================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)


==================== Modules chargés (Avec liste blanche) ==============

2018-10-26 18:34 - 2018-10-26 18:34 - 000053248 _____ () [Fichier non signé] C:\Program Files (x86)\LightingService\cpuutil.dll
2018-10-26 18:34 - 2018-10-26 18:34 - 000018432 _____ () [Fichier non signé] C:\Program Files (x86)\LightingService\Log4cxxWrapper.dll
2018-10-26 18:34 - 2018-10-26 18:34 - 002831360 _____ (Apache Software Foundation) [Fichier non signé] C:\Program Files (x86)\LightingService\log4cxx.dll
2019-08-19 21:15 - 2019-08-19 21:15 - 001124352 _____ (Robert Simpson, et al.) [Fichier non signé] C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\SQLite\System.Data.SQLite.dll

==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)

AlternateDataStreams: C:\Users\33688\Downloads:Shareaza.GUID [16]

==================== Mode sans échec (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)


==================== Internet Explorer sites de confiance/sensibles ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)


==================== Hosts contenu: ===============================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3376281178-2811633939-3139901391-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\33688\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.

HKLM\...\StartupApproved\Run: => "Sonic Studio 3"
HKLM\...\StartupApproved\Run32: => "ZaAntiRansomware"
HKU\S-1-5-21-3376281178-2811633939-3139901391-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3376281178-2811633939-3139901391-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-3376281178-2811633939-3139901391-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3376281178-2811633939-3139901391-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [{9E8CA01E-5837-4B5F-B206-3D8989DC5D51}] => (Allow) C:\Program Files (x86)\ASUS\GameFirst\DUTUtil.exe (Apex Titan Technology Corp. -> ASUSTeK Computer Inc.)
FirewallRules: [{A2C0FD09-B0D2-44B0-AEBF-B92417DAFD0D}] => (Allow) C:\Program Files (x86)\ASUS\GameFirst\DUTUtil.exe (Apex Titan Technology Corp. -> ASUSTeK Computer Inc.)
FirewallRules: [{AD6D0681-E2A8-4618-B0A5-1659AB0DF33B}] => (Allow) C:\Program Files (x86)\ASUS\GameFirst\GameFirst_V.exe (Apex Titan Technology Corp. -> ASUS)
FirewallRules: [{FAE10DFF-20A7-4AAF-AB70-0808702D3E17}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{756E401D-0B7D-40AF-AE37-DE8B40C28ED7}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{5A99679E-279B-4FC4-9A3E-66A1D709CF48}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{F40548A0-AA6E-462F-976B-9FFBD685F5B9}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{9605FCDC-18F6-43D6-8E40-10BD220F2665}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe Pas de fichier
FirewallRules: [{8DB52A69-E247-4201-AAC1-20BAF58C3EDF}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe Pas de fichier
FirewallRules: [TCP Query User{0525A79D-E208-4EB5-963F-09840340588F}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{C9AFD5DE-B98E-45F8-87B6-C65FE9451275}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{FD1C61DC-C523-4884-9A49-BD0875DC6A8D}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{9B3A060B-A693-41C4-BD02-215C1795AA0D}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{09B1C1DF-7065-4D06-892B-85DF1A9FDC8F}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{B31D635A-D9DC-48D6-AF71-5628CCC4A301}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{71FA816B-80BD-4E03-9BF4-D272B9183AAA}C:\program files (x86)\limewire\limewire.exe] => (Allow) C:\program files (x86)\limewire\limewire.exe Pas de fichier
FirewallRules: [UDP Query User{A2448827-4CBE-4144-91B0-2E6D2E8DF977}C:\program files (x86)\limewire\limewire.exe] => (Allow) C:\program files (x86)\limewire\limewire.exe Pas de fichier
FirewallRules: [TCP Query User{EB1A100B-5115-4D47-9266-919EE83D2D8F}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe Pas de fichier
FirewallRules: [UDP Query User{84E83AA9-F267-407B-B468-3EEFA59FE489}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe Pas de fichier
FirewallRules: [TCP Query User{C4F547EF-3B4F-4CD6-8FBC-326BFE8C4F16}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{42128EFF-561E-487A-A70E-2C7007A12874}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{D1D86BEF-7951-455B-9FF3-3ABE158B1DE0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11929.20254.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CB79C469-7F52-4116-9F68-3B6B3C67E0C0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{30A15F9D-C151-4395-A267-DD0F384455D1}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe Pas de fichier
FirewallRules: [{A4353B79-E365-40E5-A5BD-F68FBD1CEC66}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe Pas de fichier
FirewallRules: [{DFA855E2-61E2-49BF-9581-EF7928EFDCDA}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe Pas de fichier
FirewallRules: [{1C641083-AA2F-4144-A22B-E9FC4AB98A94}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe Pas de fichier
FirewallRules: [{5C88B888-22FC-44FB-9004-D35856E93D59}] => (Allow) C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGCAndroidService.exe (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{1864CF61-B036-4FC9-97A6-91E5DE66A7D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{48149612-A968-49B7-8811-8066270EE913}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1FA70712-4071-43D0-9E9E-31B73C27D34E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{00266A5A-1548-4DEC-AD3D-0B7EF061579C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{64D21871-5701-4F31-9D68-1B31D59BEC2E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E9ECCF7F-A265-41F3-A290-FC52DECA982A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

==================== Points de restauration =========================

28-08-2019 18:26:01 Point de contrôle planifié
04-09-2019 19:56:13 Point de contrôle planifié
08-09-2019 13:41:55 Windows Update

==================== Éléments en erreur du Gestionnaire de périphériques =============


==================== Erreurs du Journal des événements: =========================

Erreurs Application:
==================
Error: (09/10/2019 07:01:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante TESvc.exe, version : 8.60.5.8003, horodatage : 0x5d627484
Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000
Code d’exception : 0x80131623
Décalage d’erreur : 0x08129607
ID du processus défaillant : 0x3368
Heure de début de l’application défaillante : 0x01d567f956dbdafa
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
Chemin d’accès du module défaillant: unknown
ID de rapport : c826d1eb-578b-4a31-ad61-0a2f13a8cb3d
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (09/10/2019 07:01:10 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application : TESvc.exe
Version du Framework : v4.0.30319
Description : l'application a demandé l'arrêt du processus via System.Environment.FailFast(message de la chaîne).
Message : Time: 2019-09-10 19:01:10Z
HResult: -2146233088
Is Terminating: True
Exception: System.Exception: Can't connect to cpepmon: -2147024894
at CheckPoint.ThreatEmulation.Service.Engine.CpepmonBridge.KickStart()
at CheckPoint.ThreatEmulation.Service.Engine.Dispatcher.Configure(OperatingModeEnum cpepmonMode, UInt32 maxFileSize, List`1 signatures, List`1 processExclusions, List`1 eligibleExts)
at CheckPoint.ThreatEmulation.Service.Engine.Engine.ConfigureDynamicSettings()
at CheckPoint.ThreatEmulation.Service.Engine.Engine.InitializeAndStart()
at CheckPoint.ThreatEmulation.Service.EntryPoint.ServiceKickStarter()
at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Threading.ThreadHelper.ThreadStart()

Pile :
à System.Environment.FailFast(System.String, System.Exception)
à EPNetUtils.Helper.FailureHandling.UnhandledExceptionHelper.WriteCrashEventLogAndExit(System.String, System.Exception)
à CheckPoint.ThreatEmulation.Service.Engine.Engine.UnhandledExceptionCallback(System.Object, System.UnhandledExceptionEventArgs)
à CheckPoint.ThreatEmulation.Service.Engine.CpepmonBridge.KickStart()
à CheckPoint.ThreatEmulation.Service.Engine.Dispatcher.Configure(CheckPoint.ThreatEmulation.Infrastructure.Configuration.OperatingModeEnum, UInt32, System.Collections.Generic.List`1<CheckPoint.ThreatEmulation.Infrastructure.FileType.Signature>, System.Collections.Generic.List`1<CheckPoint.ThreatEmulation.Infrastructure.File.ExclusionEntry>, System.Collections.Generic.List`1<System.String>)
à CheckPoint.ThreatEmulation.Service.Engine.Engine.ConfigureDynamicSettings()
à CheckPoint.ThreatEmulation.Service.Engine.Engine.InitializeAndStart()
à CheckPoint.ThreatEmulation.Service.EntryPoint.ServiceKickStarter()
à System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
à System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
à System.Threading.ThreadHelper.ThreadStart()

Error: (09/10/2019 07:01:10 PM) (Source: TESvc) (EventID: 1000) (User: )
Description: TESvc crashed with the following message: 'Time: 2019-09-10 19:01:10Z
HResult: -2146233088
Is Terminating: True
Exception: System.Exception: Can't connect to cpepmon: -2147024894
at CheckPoint.ThreatEmulation.Service.Engine.CpepmonBridge.KickStart()
at CheckPoint.ThreatEmulation.Service.Engine.Dispatcher.Configure(OperatingModeEnum cpepmonMode, UInt32 maxFileSize, List`1 signatures, List`1 processExclusions, List`1 eligibleExts)
at CheckPoint.ThreatEmulation.Service.Engine.Engine.ConfigureDynamicSettings()
at CheckPoint.ThreatEmulation.Service.Engine.Engine.InitializeAndStart()
at CheckPoint.ThreatEmulation.Service.EntryPoint.ServiceKickStarter()
at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Threading.ThreadHelper.ThreadStart()
'

Error: (09/10/2019 07:01:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante TESvc.exe, version : 8.60.5.8003, horodatage : 0x5d627484
Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000
Code d’exception : 0x80131623
Décalage d’erreur : 0x073796cf
ID du processus défaillant : 0x1984
Heure de début de l’application défaillante : 0x01d567f953c5bb72
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
Chemin d’accès du module défaillant: unknown
ID de rapport : ccf40f8d-c6d3-46e7-992a-6483d7e56441
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (09/10/2019 07:01:05 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application : TESvc.exe
Version du Framework : v4.0.30319
Description : l'application a demandé l'arrêt du processus via System.Environment.FailFast(message de la chaîne).
Message : Time: 2019-09-10 19:01:04Z
HResult: -2146233088
Is Terminating: True
Exception: System.Exception: Can't connect to cpepmon: -2147024894
at CheckPoint.ThreatEmulation.Service.Engine.CpepmonBridge.KickStart()
at CheckPoint.ThreatEmulation.Service.Engine.Dispatcher.Configure(OperatingModeEnum cpepmonMode, UInt32 maxFileSize, List`1 signatures, List`1 processExclusions, List`1 eligibleExts)
at CheckPoint.ThreatEmulation.Service.Engine.Engine.ConfigureDynamicSettings()
at CheckPoint.ThreatEmulation.Service.Engine.Engine.InitializeAndStart()
at CheckPoint.ThreatEmulation.Service.EntryPoint.ServiceKickStarter()
at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Threading.ThreadHelper.ThreadStart()

Pile :
à System.Environment.FailFast(System.String, System.Exception)
à EPNetUtils.Helper.FailureHandling.UnhandledExceptionHelper.WriteCrashEventLogAndExit(System.String, System.Exception)
à CheckPoint.ThreatEmulation.Service.Engine.Engine.UnhandledExceptionCallback(System.Object, System.UnhandledExceptionEventArgs)
à CheckPoint.ThreatEmulation.Service.Engine.CpepmonBridge.KickStart()
à CheckPoint.ThreatEmulation.Service.Engine.Dispatcher.Configure(CheckPoint.ThreatEmulation.Infrastructure.Configuration.OperatingModeEnum, UInt32, System.Collections.Generic.List`1<CheckPoint.ThreatEmulation.Infrastructure.FileType.Signature>, System.Collections.Generic.List`1<CheckPoint.ThreatEmulation.Infrastructure.File.ExclusionEntry>, System.Collections.Generic.List`1<System.String>)
à CheckPoint.ThreatEmulation.Service.Engine.Engine.ConfigureDynamicSettings()
à CheckPoint.ThreatEmulation.Service.Engine.Engine.InitializeAndStart()
à CheckPoint.ThreatEmulation.Service.EntryPoint.ServiceKickStarter()
à System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
à System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
à System.Threading.ThreadHelper.ThreadStart()

Error: (09/10/2019 07:01:04 PM) (Source: TESvc) (EventID: 1000) (User: )
Description: TESvc crashed with the following message: 'Time: 2019-09-10 19:01:04Z
HResult: -2146233088
Is Terminating: True
Exception: System.Exception: Can't connect to cpepmon: -2147024894
at CheckPoint.ThreatEmulation.Service.Engine.CpepmonBridge.KickStart()
at CheckPoint.ThreatEmulation.Service.Engine.Dispatcher.Configure(OperatingModeEnum cpepmonMode, UInt32 maxFileSize, List`1 signatures, List`1 processExclusions, List`1 eligibleExts)
at CheckPoint.ThreatEmulation.Service.Engine.Engine.ConfigureDynamicSettings()
at CheckPoint.ThreatEmulation.Service.Engine.Engine.InitializeAndStart()
at CheckPoint.ThreatEmulation.Service.EntryPoint.ServiceKickStarter()
at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Threading.ThreadHelper.ThreadStart()
'

Error: (09/10/2019 07:01:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante TESvc.exe, version : 8.60.5.8003, horodatage : 0x5d627484
Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000
Code d’exception : 0x80131623
Décalage d’erreur : 0x075596cf
ID du processus défaillant : 0x3a9c
Heure de début de l’application défaillante : 0x01d567f950baa981
Chemin d’accès de l’application défaillante : C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
Chemin d’accès du module défaillant: unknown
ID de rapport : 04ec6d61-889a-4954-bee4-e70d6c9399b5
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (09/10/2019 07:01:00 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application : TESvc.exe
Version du Framework : v4.0.30319
Description : l'application a demandé l'arrêt du processus via System.Environment.FailFast(message de la chaîne).
Message : Time: 2019-09-10 19:00:59Z
HResult: -2146233088
Is Terminating: True
Exception: System.Exception: Can't connect to cpepmon: -2147024894
at CheckPoint.ThreatEmulation.Service.Engine.CpepmonBridge.KickStart()
at CheckPoint.ThreatEmulation.Service.Engine.Dispatcher.Configure(OperatingModeEnum cpepmonMode, UInt32 maxFileSize, List`1 signatures, List`1 processExclusions, List`1 eligibleExts)
at CheckPoint.ThreatEmulation.Service.Engine.Engine.ConfigureDynamicSettings()
at CheckPoint.ThreatEmulation.Service.Engine.Engine.InitializeAndStart()
at CheckPoint.ThreatEmulation.Service.EntryPoint.ServiceKickStarter()
at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Threading.ThreadHelper.ThreadStart()

Pile :
à System.Environment.FailFast(System.String, System.Exception)
à EPNetUtils.Helper.FailureHandling.UnhandledExceptionHelper.WriteCrashEventLogAndExit(System.String, System.Exception)
à CheckPoint.ThreatEmulation.Service.Engine.Engine.UnhandledExceptionCallback(System.Object, System.UnhandledExceptionEventArgs)
à CheckPoint.ThreatEmulation.Service.Engine.CpepmonBridge.KickStart()
à CheckPoint.ThreatEmulation.Service.Engine.Dispatcher.Configure(CheckPoint.ThreatEmulation.Infrastructure.Configuration.OperatingModeEnum, UInt32, System.Collections.Generic.List`1<CheckPoint.ThreatEmulation.Infrastructure.FileType.Signature>, System.Collections.Generic.List`1<CheckPoint.ThreatEmulation.Infrastructure.File.ExclusionEntry>, System.Collections.Generic.List`1<System.String>)
à CheckPoint.ThreatEmulation.Service.Engine.Engine.ConfigureDynamicSettings()
à CheckPoint.ThreatEmulation.Service.Engine.Engine.InitializeAndStart()
à CheckPoint.ThreatEmulation.Service.EntryPoint.ServiceKickStarter()
à System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
à System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
à System.Threading.ThreadHelper.ThreadStart()


Erreurs système:
=============
Error: (09/10/2019 07:01:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Check Point SandBlast Agent Threat Emulation s’est terminé de manière inattendue. Ceci s’est produit 373 fois. L’action corrective suivante va être effectuée dans 500 millisecondes : Redémarrer le service.

Error: (09/10/2019 07:01:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Check Point SandBlast Agent Threat Emulation s’est terminé de manière inattendue. Ceci s’est produit 372 fois. L’action corrective suivante va être effectuée dans 500 millisecondes : Redémarrer le service.

Error: (09/10/2019 07:00:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Check Point SandBlast Agent Threat Emulation s’est terminé de manière inattendue. Ceci s’est produit 371 fois. L’action corrective suivante va être effectuée dans 500 millisecondes : Redémarrer le service.

Error: (09/10/2019 07:00:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Check Point SandBlast Agent Threat Emulation s’est terminé de manière inattendue. Ceci s’est produit 370 fois. L’action corrective suivante va être effectuée dans 500 millisecondes : Redémarrer le service.

Error: (09/10/2019 07:00:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Check Point SandBlast Agent Threat Emulation s’est terminé de manière inattendue. Ceci s’est produit 369 fois. L’action corrective suivante va être effectuée dans 500 millisecondes : Redémarrer le service.

Error: (09/10/2019 07:00:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Check Point SandBlast Agent Threat Emulation s’est terminé de manière inattendue. Ceci s’est produit 368 fois. L’action corrective suivante va être effectuée dans 500 millisecondes : Redémarrer le service.

Error: (09/10/2019 07:00:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Check Point SandBlast Agent Threat Emulation s’est terminé de manière inattendue. Ceci s’est produit 367 fois. L’action corrective suivante va être effectuée dans 500 millisecondes : Redémarrer le service.

Error: (09/10/2019 07:00:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Check Point SandBlast Agent Threat Emulation s’est terminé de manière inattendue. Ceci s’est produit 366 fois. L’action corrective suivante va être effectuée dans 500 millisecondes : Redémarrer le service.


CodeIntegrity:
===================================

Date: 2019-08-31 21:06:07.465
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.

Date: 2019-08-31 21:06:03.821
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.

Date: 2019-08-31 21:06:02.551
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.

Date: 2019-08-31 16:20:17.089
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.

Date: 2019-08-31 16:20:16.732
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume5\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Microsoft signing level requirements.

Date: 2019-08-31 16:20:09.257
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume5\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.

Date: 2019-08-31 03:02:56.088
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.

Date: 2019-08-31 03:02:51.780
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.

==================== Infos Mémoire ===========================

BIOS: American Megatrends Inc. GL703GM.310 07/11/2019
Motherboard: ASUSTeK COMPUTER INC. GL703GM
Processeur: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Pourcentage de mémoire utilisée: 47%
Mémoire physique - RAM - totale: 8115.43 MB
Mémoire physique - RAM - disponible: 4233.36 MB
Mémoire virtuelle totale: 13491.43 MB
Mémoire virtuelle disponible: 7399.13 MB

==================== Lecteurs ================================

Drive c: (OS) (Fixed) (Total:237.42 GB) (Free:85.43 GB) NTFS
Drive d: (Réservé au système) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
Drive e: () (Fixed) (Total:465.66 GB) (Free:225.61 GB) NTFS

\\?\Volume{e2926b75-136b-4315-ab8a-2b606dd272d5}\ (RECOVERY) (Fixed) (Total:0.78 GB) (Free:0.39 GB) NTFS
\\?\Volume{d0dcdb58-691c-465c-b959-9c7e05b580b9}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.23 GB) FAT32

==================== MBR & Table des partitions ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 2DF6FFD9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 687FA188)

Partition: GPT.

==================== Fin de Addition.txt ============================