Rootkit ou quelque chose? Victime de fraude en ligne – Resoudre les problemes d’un serveur MineCraft
[bzkshopping keyword= »Minecraft » count= »8″ template= »grid »]
J'ai été victime de fraude en ligne en 2019 et il semble que je n'ai pas été en mesure de résoudre complètement le problème. J'ai eu une autre charge cette semaine et je me demande si cela pourrait être dû à un rootkit ou à quelque chose du genre.
Résultat d'analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 22-01-2021
Ran par gameo (22-01-2021 21:53:28)
Exécution depuis C: Users gameo Downloads
Windows 10 Pro Version 1909 18363.1316 (X64) (2020-02-23 00:29:10)
Mode de démarrage: normal
=================================================== ========
==================== Comptes: ============================= =
Administrateur (S-1-5-21-3102237188-2254830924-1487727994-500 – Administrateur – Désactivé)
DefaultAccount (S-1-5-21-3102237188-2254830924-1487727994-503 – Limité – Désactivé)
gameo (S-1-5-21-3102237188-2254830924-1487727994-1001 – Administrateur – Activé) => C: Users gameo
Invité (S-1-5-21-3102237188-2254830924-1487727994-501 – Limité – Désactivé)
WDAGUtilityAccount (S-1-5-21-3102237188-2254830924-1487727994-504 – Limité – Désactivé)
==================== Security Center ========================
(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée.)
AV: Windows Defender (désactivé – à jour) D68DDC3A-831F-4fae-9E44-DA132C1ACF46
AV: Bitdefender Antivirus (Activé – À jour) 0E17DB7D-A20F-62CE-B95B-17DB0CDFE318
AS: Windows Defender (désactivé – à jour) D68DDC3A-831F-4fae-9E44-DA132C1ACF46
AS: Bitdefender Antispyware (activé – à jour) B5763A99-8435-6D40-83EB-2CA97758A9A5
FW: pare-feu Bitdefender (activé) 362C5A58-E860-6396-9204-BEEEF20CA463
==================== Programmes installés ======================
(Seuls les programmes publicitaires avec l'indicateur "Caché" peuvent être ajoutés à la liste de correctifs pour les afficher. Les programmes publicitaires doivent être désinstallés manuellement.)
7-Zip 19.00 (x64) (HKLM … 7-Zip) (Version: 19.00 – Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32 … AC76BA86-7AD7-1033-7B44-AC0F074E4100) (Version: 20.013.20074 – Adobe Systems Incorporated)
Amazon Photos (HKU S-1-5-21-3102237188-2254830924-1487727994-1001 … Amazon Photos) (Version: 7.6.3 – Amazon.com, Inc.)
Battle.net (HKLM-x32 … Battle.net) (Version: – Blizzard Entertainment)
Agent Bitdefender (HKLM … Agent Bitdefender) (Version: 23.0.8.134 – Bitdefender)
Bitdefender Total Security (HKLM … Bitdefender) (Version: 23.0.19.85 – Bitdefender)
Série Brother MFL-Pro Suite DCP-L2540DW (HKLM-x32 … F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD) (Version: 1.0.2.0 – Brother Industries, Ltd.)
calibre (HKLM-x32 … 09CF108A-927D-492C-9D42-54D5F7678096) (Version: 4.22.0 – Kovid Goyal)
Call of Duty Black Ops Cold War (HKLM-x32 … Call of Duty Black Ops Cold War) (Version: – Blizzard Entertainment)
CCleaner (HKLM … CCleaner) (Version: 5.76 – Piriform)
Logiciel CORSAIR iCUE (HKLM-x32 … 10730A22-FBFF-43C4-92EA-1583832711B4) (Version: 3.37.140 – Corsair)
CPUID HWMonitor 1.41 (HKLM … CPUID HWMonitor_is1) (Version: 1.41 – CPUID, Inc.)
CrewLink 1.1.6 (HKU S-1-5-21-3102237188-2254830924-1487727994-1001 … f844a100-2ca0-51d4-8013-d11548b01669) (Version: 1.1.6 – Ottomated)
Cyberpunk 2077 (HKLM-x32 … 1423049311_is1) (Version: 1.06 – GOG.com)
Déluge 1.3.15 (HKLM-x32 … Deluge) (Version: -)
Discord (HKU S-1-5-21-3102237188-2254830924-1487727994-1001 … Discord) (Version: 0.0.309 – Discord Inc.)
Dropbox (HKLM-x32 … Dropbox) (Version: 113.4.507 – Dropbox, Inc.)
Aide de mise à jour Dropbox (HKLM-x32 … 099218A5-A723-43DC-8DB5-6173656A1E94) (Version: 1.3.415.1 – Dropbox, Inc.) Masqué
Lanceur de jeux épiques (HKLM-x32 … 1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6) (Version: 1.1.267.0 – Epic Games, Inc.)
Prérequis du lanceur Epic Games (x64) (HKLM … 66C5838F-B854-4A55-89E6-A6138747A4DF) (Version: 1.0.0.0 – Epic Games, Inc.) Caché
ExpressVPN (HKLM-x32 … 57e033a5-c75e-4823-83af-c1b6b3b759ab) (Version: 10.0.9.2 – ExpressVPN)
ExpressVPN (HKLM-x32 … E5B9C3E5-889C-4F22-A959-F4B876CD0833) (Version: 10.0.9.2 – ExpressVPN) Masqué
GOG GALAXY (HKLM-x32 … 7258BA11-600C-430E-A759-27E2C691A335 _is1) (Version: – GOG.com)
Google Chrome (HKLM-x32 … Google Chrome) (Version: 87.0.4280.141 – Google LLC)
Google Update Helper (HKLM-x32 … 60EC980A-BDA2-4CB6-A427-B07A5498B4CA) (Version: 1.3.36.51 – Google LLC) Masqué
Port (HKLM-x32 … efc2cb0a-fa35-5c41-8096-d150b1cb8e83) (Version: 1.0.6 – Phoques inclinés)
Outil de réparation Hextech (HKLM-x32 … 7F9A97E6-E666-11E5-B582-B88687E82322) (Version: 1.1.175 – Riot Games, Inc.)
Processeur graphique Intel® (HKLM-x32 … F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA) (Version: 25.20.100.6373 – Intel Corporation)
Jackett (HKLM-x32 … C2A9FC00-AA48-4F17-9A72-62FBCEE2785B _is1) (Version: 0.12.1384.0 – Jackett)
Prérequis du lanceur (x64) (HKLM-x32 … c6c5a357-c7ca-4a5f-9789-3bb1af579253) (Version: 1.0.0.0 – Epic Games, Inc.) Masqué
League of Legends (HKLM-x32 … League of Legends 1.0) (Version: 1.0 – Riot Games, Inc)
Legends of Runeterra (HKU S-1-5-21-3102237188-2254830924-1487727994-1001 … Riot Game bacon.live) (Version: – Riot Games, Inc)
Logitech Capture (HKLM … Capture) (Version: 2.04.13 – Logitech)
Logitech G HUB (HKLM … 521c89be-637f-4274-a840-baaf7460c2b2) (Version: – Logitech)
Lua pour Windows 5.1.5-52 (HKLM-x32 … Lua_is1) (Version: 5.1.5.52 – Le projet Lua pour Windows et Lua et Tecgraf, PUC-Rio)
Malwarebytes version 4.3.0.98 (HKLM … 35065F43-4BB2-439A-BFF7-0F1014F2E0CD _is1) (Version: 4.3.0.98 – Malwarebytes)
Microsoft Edge (HKLM-x32 … Microsoft Edge) (Version: 87.0.664.75 – Microsoft Corporation)
Mise à jour Microsoft Edge (HKLM-x32 … Microsoft Edge Update) (Version: 1.3.139.71 -)
Microsoft Office Professionnel Plus 2019 – fr-fr (HKLM … ProPlus2019Retail – fr-fr) (Version: 16.0.13530.20376 – Microsoft Corporation)
Microsoft Update Health Tools (HKLM … 0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737) (Version: 2.70.0.0 – Microsoft Corporation)
Redistribuable Microsoft Visual C ++ 2005 (HKLM-x32 … 7299052b-02a4-4627-81f2-1818da5d550d) (Version: 8.0.56336 – Microsoft Corporation)
Redistribuable Microsoft Visual C ++ 2008 – x64 9.0.30729.6161 (HKLM … 5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4) (Version: 9.0.30729.6161 – Microsoft Corporation)
Microsoft Visual C ++ 2010 x64 Redistributable – 10.0.40219 (HKLM … 1D8E6291-B0D5-35EC-8441-6616F567A0F7) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C ++ 2010 x86 Redistributable – 10.0.40219 (HKLM-x32 … F0C3E5D1-1ADE-321E-8167-68EF0DE699A5) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C ++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32 … ca67548a-5ebe-413a-b50c-4b9ceb6d66c6) (Version: 11.0.61030.0 – Microsoft Corporation)
Microsoft Visual C ++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32 … 050d4fc8-5d48-4b8f-8972-47c82c46020f) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C ++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32 … f65db027-aff3-4070-886a-0d87064aabb1) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C ++ 2015-2019 Redistributable (x64) – 14.27.29016 (HKLM-x32 … 40d3fee2-b257-46c2-bdc0-cb1088d97327) (Version: 14.27.29016.0 – Microsoft Corporation)
Microsoft Visual C ++ 2015-2019 Redistributable (x86) – 14.24.28127 (HKLM-x32 … e31cb1a4-76b5-46a5-a084-3fa419e82201) (Version: 14.24.28127.4 – Microsoft Corporation)
Lanceur Minecraft (HKLM-x32 … F6678473-0198-46D0-A88F-2A247E6FA03C) (Version: 1.0.0.0 – Mojang)
Mobalytics Desktop 1.43.141 (HKU S-1-5-21-3102237188-2254830924-1487727994-1001 … 4e3246c6-dac2-5647-bc85-745a4bcf689f) (Version: 1.43.141 – Mobalytics)
Mudlet (HKU S-1-5-21-3102237188-2254830924-1487727994-1001 … Mudlet) (Version: 3.21.0 – Mudlet Makers)
Plug-in NVAPI Monitor pour NvContainer (HKLM … B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 _NvContainer.NvapiMonitor) (Version: 1.27 – NVIDIA Corporation) Masqué
SDK NVIDIA FrameView 1.1.4923.29214634 (HKLM … B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 _FrameViewSdk) (Version: 1.1.4923.29214634 – NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM … B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 _Display.GFExperience) (Version: 3.20.5.70 – NVIDIA Corporation)
Pilote graphique NVIDIA 460.89 (HKLM … B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 _Display.Driver) (Version: 460.89 – NVIDIA Corporation)
Pilote audio NVIDIA HD 1.3.38.40 (HKLM … B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 _HDAudio.Driver) (Version: 1.3.38.40 – NVIDIA Corporation)
Logiciel système NVIDIA PhysX 9.19.0218 (HKLM … B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 _Display.PhysX) (Version: 9.19.0218 – NVIDIA Corporation)
NvModuleTracker (HKLM … B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 _NvModuleTracker.Driver) (Version: 6.14.24033.38719 – NVIDIA Corporation) Masqué
Composant d'extensibilité Office 16 Démarrer en un clic (HKLM-x32 … 90160000-008C-0000-0000-0000000FF1CE) (Version: 16.0.13530.20376 – Microsoft Corporation) Masqué
Enregistrement 64 bits du composant d'extensibilité Démarrer en un clic Office 16 (HKLM … 90160000-00DD-0000-1000-0000000FF1CE) (Version: 16.0.13530.20376 – Microsoft Corporation) Masqué
Office 16 Click-to-Run Licensing Component (HKLM … 90160000-008F-0000-1000-0000000FF1CE) (Version: 16.0.13530.20376 – Microsoft Corporation) Masqué
Office 16 Click-to-Run Localization Component (HKLM-x32 … 90160000-008C-0409-0000-0000000FF1CE) (Version: 16.0.13530.20376 – Microsoft Corporation) Masqué
Origine (HKLM-x32 … Origin) (Version: 10.5.84.43868 – Electronic Arts, Inc.)
Plex Media Server (HKLM-x32 … C2C0587B-10D5-4BC6-BCBD-DBC907DA1B48) (Version: 1.21.1830 – Plex, Inc.) Masqué
Plex Media Server (HKLM-x32 … e13c65c7-be85-44c2-941d-f87143d6aa6b) (Version: 1.21.1.3830 – Plex, Inc.)
Riot Vanguard (HKLM … Riot Vanguard) (Version: – Riot Games, Inc.)
ShareX (HKLM … 82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 13.4.0 – ShareX Team)
Spotify (HKU S-1-5-21-3102237188-2254830924-1487727994-1001 … Spotify) (Version: 1.1.48.625.g1c87c7f7 – Spotify AB)
Steam (HKLM-x32 … Steam) (Version: 2.10.91.91 – Valve Corporation)
Arrêt de Plex (HKLM-x32 … C521D5F1-6B81-48B0-A35D-B433E1CCED13) (Version: 1.21.1830 – Plex, Inc.) Masqué
Streamlabs OBS 0.12.3 (HKLM … 029c4619-0385-5543-9426-46f9987161d9) (Version: 0.12.3 – General Workings, Inc.)
Les Sims ™ 4 (HKLM-x32 … 48EBEBBF-B9F8-4520-A3CF-89A730721917) (Version: 1.62.67.1020 – Electronic Arts Inc.)
VALORANT (HKU S-1-5-21-3102237188-2254830924-1487727994-1001 … Riot Game valorant.live) (Version: – Riot Games, Inc)
Lecteur multimédia VLC (lecteur multimédia HKLM … VLC) (Version: 3.0.11 – VideoLAN)
Zoom (HKU S-1-5-21-3102237188-2254830924-1487727994-1001 … ZoomUMX) (Version: 5.3.1 (52879.0927) – Zoom Video Communications, Inc.)
Paquets:
=========
Dolby Access -> C: Program Files WindowsApps DolbyLaboratories.DolbyAccess_3.7.337.0_x64__rz1tebttyb220 [2020-12-22] (Laboratoires Dolby)
iTunes -> C: Program Files WindowsApps AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2020-11-18] (Apple Inc.) [Startup Task]
Kit de développement logiciel (SDK) Microsoft Advertising pour XAML -> C: Program Files WindowsApps Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-22] (Microsoft Corporation) [MS Ad]
Kit de développement logiciel (SDK) Microsoft Advertising pour XAML -> C: Program Files WindowsApps Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-22] (Microsoft Corporation) [MS Ad]
Netflix -> C: Program Files WindowsApps 4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-17] (Netflix, Inc.)
Module complémentaire Photos -> C: Program Files WindowsApps Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-09-18] (Microsoft Corporation)
Module complémentaire Photos Media Engine -> C: Program Files WindowsApps Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-18] (Microsoft Corporation)
uBlock Origin -> C: Program Files WindowsApps 37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2019-03-22] (Nik Rolls)
==================== CLSID personnalisé (sur liste blanche): ===============
(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)
CustomCLSID: HKU S-1-5-21-3102237188-2254830924-1487727994-1001_Classes CLSID E31EA727-12ED-4702-820C-4B6445F28E1A -> [Dropbox] => C: Utilisateurs gameo Dropbox [2019-03-23 12:56]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> FB314ED9-A251-47B7-93E1-CDD82E34AF8B => C: Program Files (x86) Dropbox Client DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> FB314EDF-A251-47B7-93E1-CDD82E34AF8B => C: Program Files (x86) Dropbox Client DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> FB314EE1-A251-47B7-93E1-CDD82E34AF8B => C: Program Files (x86) Dropbox Client DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> FB314EDB-A251-47B7-93E1-CDD82E34AF8B => C: Program Files (x86) Dropbox Client DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> FB314EDA-A251-47B7-93E1-CDD82E34AF8B => C: Program Files (x86) Dropbox Client DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> FB314EDC-A251-47B7-93E1-CDD82E34AF8B => C: Program Files (x86) Dropbox Client DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> FB314EDD-A251-47B7-93E1-CDD82E34AF8B => C: Program Files (x86) Dropbox Client DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> FB314EE0-A251-47B7-93E1-CDD82E34AF8B => C: Program Files (x86) Dropbox Client DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> FB314EE2-A251-47B7-93E1-CDD82E34AF8B => C: Program Files (x86) Dropbox Client DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> FB314EDE-A251-47B7-93E1-CDD82E34AF8B => C: Program Files (x86) Dropbox Client DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> FB314ED9-A251-47B7-93E1-CDD82E34AF8B => C: Program Files (x86) Dropbox Client DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> FB314EDF-A251-47B7-93E1-CDD82E34AF8B => C: Program Files (x86) Dropbox Client DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> FB314EE1-A251-47B7-93E1-CDD82E34AF8B => C: Program Files (x86) Dropbox Client DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> FB314EDB-A251-47B7-93E1-CDD82E34AF8B => C: Program Files (x86) Dropbox Client DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> FB314EDA-A251-47B7-93E1-CDD82E34AF8B => C: Program Files (x86) Dropbox Client DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> FB314EDC-A251-47B7-93E1-CDD82E34AF8B => C: Program Files (x86) Dropbox Client DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> FB314EDD-A251-47B7-93E1-CDD82E34AF8B => C: Program Files (x86) Dropbox Client DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> FB314EE0-A251-47B7-93E1-CDD82E34AF8B => C: Program Files (x86) Dropbox Client DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> FB314EE2-A251-47B7-93E1-CDD82E34AF8B => C: Program Files (x86) Dropbox Client DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> FB314EDE-A251-47B7-93E1-CDD82E34AF8B => C: Program Files (x86) Dropbox Client DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C: Program Files 7-Zip 7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DropboxExt] -> ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C => C: Program Files (x86) Dropbox Client DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> 57CE581A-0CB6-4266-9CA0-19364C90A0B3 => C: Program Files Malwarebytes Anti-Malware mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C: Program Files 7-Zip 7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C => C: Program Files (x86) Dropbox Client DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C => C: Program Files (x86) Dropbox Client DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> 9B5F5829-A529-4B12-814A-E81BCB8D93FC => -> Aucun fichier
ContextMenuHandlers5: [NvCplDesktopContext] -> 3D1975AF-48C6-4f8e-A182-BE0E08FA86A9 => C: WINDOWS system32 nvshext.dll [2020-12-11] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C: Program Files 7-Zip 7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> 57CE581A-0CB6-4266-9CA0-19364C90A0B3 => C: Program Files Malwarebytes Anti-Malware mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers1_S-1-5-21-3102237188-2254830924-1487727994-1001: [ kopenwpsshellext] -> 66A22D9E-7C6D-4641-BBD7-E6C738CF32B0 => -> Aucun fichier
ContextMenuHandlers4_S-1-5-21-3102237188-2254830924-1487727994-1001: [ kopenwpsshellext] -> 66A22D9E-7C6D-4641-BBD7-E6C738CF32B0 => -> Aucun fichier
==================== Codecs (sur liste blanche) ====================
(Si une entrée est incluse dans la liste de correctifs, l'élément de registre sera restauré par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM … Drivers32: [vidc.VP60] => C: WINDOWS SysWOW64 vp6vfw.dll [447752 2014-09-16] (Arts électroniques -> On2.com)
HKLM … Drivers32: [vidc.VP61] => C: WINDOWS SysWOW64 vp6vfw.dll [447752 2014-09-16] (Arts électroniques -> On2.com)
==================== Raccourcis et WMI =========================
(Les entrées peuvent être répertoriées pour être restaurées ou supprimées.)
ShortcutWithArgument: C: Users gameo Desktop Emily (aa) – Chrome.lnk -> C: Program Files (x86) Google Chrome Application chrome.exe (Google LLC) -> –profile-directory = "Profil 2"
ShortcutWithArgument: C: Users gameo Desktop Emily (aaaa) – Chrome.lnk -> C: Program Files (x86) Google Chrome Application chrome.exe (Google LLC) -> –profile-directory = "Profil 1"
==================== Modules chargés (sur liste blanche) =============
2019-12-29 15:43 – 2021-01-22 11:08 – 000205824 _____ () [File not signed] [File is in use] C: ProgramData Jackett YamlDotNet.dll
2020-12-19 19:34 – 2020-12-19 19:34 – 000629760 _____ () [File not signed] \? C: Users gameo AppData Local Plex Media Server Codecs 367b3d4-3654-windows-x86 aac_decoder.dll
2020-12-19 19:34 – 2020-12-19 19:34 – 000336896 _____ () [File not signed] \? C: Users gameo AppData Local Plex Media Server Codecs 367b3d4-3654-windows-x86 ac3_decoder.dll
2020-12-19 19:34 – 2020-12-19 19:34 – 000608256 _____ () [File not signed] \? C: Users gameo AppData Local Plex Media Server Codecs 367b3d4-3654-windows-x86 dca_decoder.dll
2020-12-19 19:34 – 2020-12-19 19:34 – 001559040 _____ () [File not signed] \? C: Users gameo AppData Local Plex Media Server Codecs 367b3d4-3654-windows-x86 h264_decoder.dll
2020-12-19 19:34 – 2020-12-19 19:34 – 000818688 _____ () [File not signed] \? C: Users gameo AppData Local Plex Media Server Codecs 367b3d4-3654-windows-x86 hevc_decoder.dll
2020-12-19 19:34 – 2020-12-19 19:34 – 001800704 _____ () [File not signed] \? C: Users gameo AppData Local Plex Media Server Codecs 367b3d4-3654-windows-x86 libx264_encoder.dll
2020-12-19 19:34 – 2020-12-19 19:34 – 001268224 _____ () [File not signed] \? C: Users gameo AppData Local Plex Media Server Codecs 367b3d4-3654-windows-x86 mpeg4_decoder.dll
2020-06-28 13:32 – 2009-02-27 15:38 – 000139264 ____R () [File not signed] C: Program Files (x86) Brother BrUtilities BrLogAPI.dll
2020-06-28 13:32 – 2018-01-18 14:39 – 000519168 _____ () [File not signed] C: Program Files (x86) Browny02 BrMonitor.dll
2020-06-28 13:32 – 2017-12-22 11:53 – 000180224 _____ () [File not signed] C: Program Files (x86) Browny02 BroSNMP.dll
2020-06-28 13:32 – 2018-01-18 14:39 – 000208896 _____ () [File not signed] C: Program Files (x86) Browny02 Brother BrFirmUpdateCheck.dll
2020-06-28 13:32 – 2018-01-18 14:39 – 001720832 _____ () [File not signed] C: Program Files (x86) Browny02 Brother BrStMonWRes.dll
2020-06-28 13:32 – 2017-11-07 18:55 – 000137728 _____ () [File not signed] C: Program Files (x86) ControlCenter4 BrCcAssoc.dll
2020-06-28 13:32 – 2017-08-18 10:23 – 000087552 _____ () [File not signed] C: Program Files (x86) ControlCenter4 BrCcDlgRc.dll
2020-06-28 13:32 – 2017-08-18 10:23 – 017974784 _____ () [File not signed] C: Program Files (x86) ControlCenter4 BrCcGrImg.dll
2020-06-28 13:32 – 2017-11-07 19:04 – 000087040 _____ () [File not signed] C: Program Files (x86) ControlCenter4 BrCcLUsa.dll
2020-10-30 18:17 – 2017-11-07 18:55 – 000440832 _____ () [File not signed] C: Program Files (x86) ControlCenter4 Track.dll
2020-12-29 21:25 – 2020-12-29 21:25 – 000357376 _____ () [File not signed] C: Program Files (x86) Corsair CORSAIR iCUE Software ActionsConverters.dll
2020-12-29 21:05 – 2020-12-29 21:05 – 000760832 _____ () [File not signed] C: Program Files (x86) Corsair CORSAIR iCUE Software LegacyCommands.dll
2020-12-29 21:05 – 2020-12-29 21:05 – 000744960 _____ () [File not signed] C: Program Files (x86) Corsair CORSAIR iCUE Software LegacyNotifications.dll
2020-12-29 21:04 – 2020-12-29 21:04 – 000658944 _____ () [File not signed] C: Program Files (x86) Corsair CORSAIR iCUE Software MobileProto.dll
2020-12-29 21:05 – 2020-12-29 21:05 – 000203776 _____ () [File not signed] C: Program Files (x86) Corsair CORSAIR iCUE Software ModelHelpers.dll
2020-12-29 21:04 – 2020-12-29 21:04 – 000209408 _____ () [File not signed] C: Program Files (x86) Corsair CORSAIR iCUE Software quazip.dll
2020-12-29 21:04 – 2020-12-29 21:04 – 000101376 _____ () [File not signed] C: Program Files (x86) Corsair CORSAIR iCUE Software zlib.dll
2021-01-06 16:56 – 2021-01-06 16:56 – 000799744 _____ () [File not signed] C: Users gameo AppData Local Amazon Drive sqlite3.dll
2019-04-11 18:44 – 2005-04-21 23:36 – 000143360 _____ () [File not signed] C: WINDOWS system32 BrSNMP64.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000008704 _____ (Andreas Håkansson, Steven Robbins et contributeurs) [File not signed] [File is in use] C: ProgramData Radarr bin Nancy.Authentication.Basic.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000013824 _____ (Andreas Håkansson, Steven Robbins et contributeurs) [File not signed] [File is in use] C: ProgramData Radarr bin Nancy.Authentication.Forms.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000919552 _____ (Andreas Håkansson, Steven Robbins et contributeurs) [File not signed] [File is in use] C: ProgramData Radarr bin Nancy.dll
2019-12-29 15:43 – 2021-01-22 11:08 – 000829440 _____ (AngleSharp) [File not signed] [File is in use] C: ProgramData Jackett AngleSharp.dll
2019-12-29 15:43 – 2021-01-22 11:08 – 000251904 _____ (Autofac) [File not signed] [File is in use] C: ProgramData Jackett Autofac.dll
2019-12-29 15:43 – 2021-01-22 11:08 – 000015872 _____ (Autofac) [File not signed] [File is in use] C: ProgramData Jackett Autofac.Extensions.DependencyInjection.dll
2019-04-11 18:44 – 2013-03-08 01:44 – 000087040 _____ (Brother Industries, Ltd.) [File not signed] C: WINDOWS system32 BrNetSti.dll
2020-12-17 21:09 – 2021-01-22 11:08 – 000018432 _____ (Diego Heras (ngosang)) [File not signed] [File is in use] C: ProgramData Jackett FlareSolverrSharp.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000091648 _____ (Projet FluentMigrator) [File not signed] [File is in use] C: ProgramData Radarr bin FluentMigrator.Abstractions.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000054272 _____ (Projet FluentMigrator) [File not signed] [File is in use] C: ProgramData Radarr bin FluentMigrator.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000114176 _____ (Projet FluentMigrator) [File not signed] [File is in use] C: ProgramData Radarr bin FluentMigrator.Runner.Core.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000067072 _____ (Projet FluentMigrator) [File not signed] [File is in use] C: ProgramData Radarr bin FluentMigrator.Runner.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000021504 _____ (Projet FluentMigrator) [File not signed] [File is in use] C: ProgramData Radarr bin FluentMigrator.Runner.SQLite.dll
2019-12-29 15:43 – 2021-01-22 11:08 – 000217088 _____ (gsscoder; nemec; ericnewton76; moh-hassan) [File not signed] [File is in use] C: ProgramData Jackett CommandLine.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000351744 _____ (hxxps: //system.data.sqlite.org/) [File not signed] [File is in use] C: ProgramData Radarr bin System.Data.SQLite.dll
2019-03-22 20:57 – 2019-02-21 11:00 – 000078336 _____ (Igor Pavlov) [File not signed] C: Program Files 7-Zip 7-zip.dll
2019-12-29 15:43 – 2021-01-22 11:08 – 001218560 _____ (Jackett.Common) [File not signed] [File is in use] C: ProgramData Jackett Jackett.Common.dll
2020-02-17 10:13 – 2021-01-22 11:08 – 000393216 _____ (JackettConsole) [File not signed] [File is in use] C: ProgramData Jackett JackettConsole.dll
2020-02-17 10:13 – 2021-01-22 11:08 – 000312832 _____ (JackettService) [File not signed] [File is in use] C: ProgramData Jackett JackettService.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000339456 _____ (Jeremy Skinner) [File not signed] [File is in use] C: ProgramData Radarr bin FluentValidation.dll
2019-12-29 15:43 – 2021-01-22 11:08 – 000297472 _____ (Jimmy Bogard) [File not signed] [File is in use] C: ProgramData Jackett AutoMapper.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000080384 _____ (Kveer) [File not signed] [File is in use] C: ProgramData Radarr bin Kveer.XmlRPC.dll
2019-12-29 15:43 – 2021-01-22 11:08 – 000010752 _____ (Landon Key) [File not signed] [File is in use] C: ProgramData Jackett SocksWebProxy.dll
2019-12-29 15:43 – 2021-01-22 11:08 – 000817152 _____ (NLog) [File not signed] [File is in use] C: ProgramData Jackett NLog.dll
2019-12-29 15:43 – 2021-01-22 11:08 – 000046080 _____ (NLog) [File not signed] [File is in use] C: ProgramData Jackett NLog.Extensions.Logging.dll
2019-12-29 15:43 – 2021-01-22 11:08 – 000046592 _____ (NLog) [File not signed] [File is in use] C: ProgramData Jackett NLog.Web.AspNetCore.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000803328 _____ (NLog) [File not signed] [File is in use] C: ProgramData Radarr bin NLog.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000045056 _____ (NLog) [File not signed] [File is in use] C: ProgramData Radarr bin NLog.Extensions.Logging.dll
2019-12-29 15:43 – 2021-01-22 11:08 – 000028672 _____ (Org.Mentalis) [File not signed] [File is in use] C: ProgramData Jackett Org.Mentalis.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000192000 _____ (radarr.video) [File not signed] [File is in use] C: ProgramData Radarr bin Radarr.Api.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000261120 _____ (radarr.video) [File not signed] [File is in use] C: ProgramData Radarr bin Radarr.Api.V3.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000271360 _____ (radarr.video) [File not signed] [File is in use] C: ProgramData Radarr bin Radarr.Common.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000119296 _____ (radarr.video) [File not signed] [File is in use] C: ProgramData Radarr bin Radarr.Console.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 001822720 _____ (radarr.video) [File not signed] [File is in use] C: ProgramData Radarr bin Radarr.Core.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000033280 _____ (radarr.video) [File not signed] [File is in use] C: ProgramData Radarr bin Radarr.Host.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000090624 _____ (radarr.video) [File not signed] [File is in use] C: ProgramData Radarr bin Radarr.Http.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000009216 _____ (radarr.video) [File not signed] [File is in use] C: ProgramData Radarr bin Radarr.SignalR.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000010240 _____ (radarr.video) [File not signed] C: ProgramData Radarr bin Radarr.Windows.dll
2021-01-06 16:56 – 2021-01-06 16:56 – 000125952 _____ (Robert Vazan) [File not signed] C: Users gameo AppData Local Amazon Drive crc32c.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000190464 _____ (Sam Saffron; Marc Gravell; Nick Craver) [File not signed] [File is in use] C: ProgramData Radarr bin Dapper.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000011264 _____ (Équipe sentinelle et contributeurs) [File not signed] [File is in use] C: ProgramData Radarr bin Sentry.PlatformAbstractions.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000088576 _____ (Sentry.io) [File not signed] [File is in use] C: ProgramData Radarr bin Sentry.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 000051200 _____ (Sentry.io) [File not signed] [File is in use] C: ProgramData Radarr bin Sentry.Protocol.dll
2020-11-15 15:51 – 2020-11-15 15:51 – 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C: Program Files (x86) Corsair CORSAIR iCUE Software SiUSBXp.dll
2021-01-11 17:23 – 2021-01-11 17:23 – 001148928 _____ (Six travaux) [File not signed] [File is in use] C: ProgramData Radarr bin SixLabors.ImageSharp.dll
2019-12-29 10:18 – 2019-08-14 14:55 – 000665719 _____ (Équipe de développement SQLite) [File not signed] C: ProgramData NzbDrone bin sqlite3.DLL
2019-12-29 11:07 – 2021-01-11 17:23 – 001947136 _____ (Équipe de développement SQLite) [File not signed] C: ProgramData Radarr bin sqlite3.DLL
2020-03-19 09:41 – 2020-03-16 13:05 – 001282048 _____ (Le projet OpenSSL, hxxp: //www.openssl.org/) [File not signed] C: Program Files (x86) Origin LIBEAY32.dll
2020-03-19 09:41 – 2020-03-16 13:06 – 000279040 _____ (Le projet OpenSSL, hxxp: //www.openssl.org/) [File not signed] C: Program Files (x86) Origin ssleay32.dll
2020-12-29 21:04 – 2020-12-29 21:04 – 002516992 _____ (Le projet OpenSSL, hxxps: //www.openssl.org/) [File not signed] C: Program Files (x86) Corsair CORSAIR iCUE Software libcrypto-1_1.dll
2020-12-29 21:04 – 2020-12-29 21:04 – 000530944 _____ (Le projet OpenSSL, hxxps: //www.openssl.org/) [File not signed] C: Program Files (x86) Corsair CORSAIR iCUE Software libssl-1_1.dll
2020-03-19 09:41 – 2020-03-19 09:41 – 001611264 _____ (The Qt Company Ltd) [File not signed] C: Program Files (x86) Origin plates-formes qwindows.dll
2020-10-16 16:10 – 2020-03-19 09:41 – 005487104 _____ (The Qt Company Ltd) [File not signed] C: Program Files (x86) Origin Qt5Core.dll
2020-10-16 16:10 – 2020-03-19 09:41 – 005841920 _____ (The Qt Company Ltd) [File not signed] C: Program Files (x86) Origin Qt5Gui.dll
2020-10-16 16:10 – 2020-03-19 09:41 – 001179136 _____ (The Qt Company Ltd) [File not signed] C: Program Files (x86) Origin Qt5Network.dll
2020-10-16 16:10 – 2020-03-19 09:41 – 000146432 _____ (The Qt Company Ltd) [File not signed] C: Program Files (x86) Origin Qt5WebSockets.dll
2020-10-16 16:10 – 2020-03-19 09:41 – 005089792 _____ (The Qt Company Ltd) [File not signed] C: Program Files (x86) Origin Qt5Widgets.dll
2020-10-16 16:10 – 2020-03-19 09:41 – 000184832 _____ (The Qt Company Ltd) [File not signed] C: Program Files (x86) Origin Qt5Xml.dll
==================== Flux de données alternatifs (sur liste blanche) ========
(Si une entrée est incluse dans la liste de correctifs, seul l'ADS sera supprimé.)
AlternateDataStreams: C: Users gameo ntuser.ini: NTV [8636]
AlternateDataStreams: C: Users Public Shared Files: VersionCache [490]
==================== Mode sans échec (sur liste blanche) ==================
(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le "AlternateShell" sera restauré.)
HKLM SYSTEM CurrentControlSet Control SafeBoot Minimal MBAMService => "" = "Service"
HKLM SYSTEM CurrentControlSet Control SafeBoot Network MBAMService => "" = "Service"
==================== Association (sur liste blanche) ==================
==================== Internet Explorer (sur liste blanche) ==========
HKLM Software Microsoft Internet Explorer Main, Start Page = about: vide
HKLM Software Wow6432Node Microsoft Internet Explorer Main, Start Page = about: vide
HKLM Software Microsoft Internet Explorer Main, Default_Page_URL =
HKLM Software Wow6432Node Microsoft Internet Explorer Main, Default_Page_URL =
HKLM Software Microsoft Internet Explorer Main, Default_Search_URL =
HKLM Software Wow6432Node Microsoft Internet Explorer Main, Default_Search_URL =
HKU S-1-5-21-3102237188-2254830924-1487727994-1001 Software Microsoft Internet Explorer Main, Start Page = hxxps: //go.microsoft.com/fwlink/p/? LinkId = 620947 & OCID = AVRES000 & pc = UE00
SearchScopes: HKU S-1-5-21-3102237188-2254830924-1487727994-1001 -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL = hxxps: //www.bing.com/search? Q = searchTerms & src = IE-SearchBox & FORM = IESR02 & pc = UE00
SearchScopes: HKU S-1-5-21-3102237188-2254830924-1487727994-1001 -> 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL = hxxps: //www.bing.com/search? Q = searchTerms & src = IE-SearchBox & FORM = IESR02 & pc = UE00
BHO: Blocage des traqueurs Bitdefender -> 159ff5d5-55f1-4d2f-b706-767a55f77abb -> C: Program Files Bitdefender Bitdefender Security bdtbie.dll [2020-12-11] (Bitdefender SRL -> Bitdefender)
BHO: Bitdefender Wallet -> 1DAC0C53-7D23-4AB3-856A-B04D98CD982A -> C: Program Files Bitdefender Bitdefender Security pmbxie.dll [2020-12-11] (Bitdefender SRL -> Bitdefender)
BHO: Skype for Business Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C: Program Files (x86) Microsoft Office root VFS ProgramFilesX64 Microsoft Office Office16 OCHelper.dll [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Blocage des trackers Bitdefender -> 159ff5d5-55f1-4d2f-b706-767a55f77abb -> C: Program Files Bitdefender Bitdefender Security antispam32 bdtbie.dll [2020-12-11] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender Wallet -> 1DAC0C53-7D23-4AB3-856A-B04D98CD982A -> C: Program Files Bitdefender Bitdefender Security Antispam32 pmbxie.dll [2020-12-11] (Bitdefender SRL -> Bitdefender)
BHO-x32: Skype for Business Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C:Program Files (x86)Microsoft OfficerootOffice16OCHelper.dll [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM – Bitdefender Wallet – 1DAC0C53-7D23-4AB3-856A-B04D98CD982A – C:Program FilesBitdefenderBitdefender Securitypmbxie.dll [2020-12-11] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM-x32 – Bitdefender Wallet – 1DAC0C53-7D23-4AB3-856A-B04D98CD982A – C:Program FilesBitdefenderBitdefender SecurityAntispam32pmbxie.dll [2020-12-11] (Bitdefender SRL -> Bitdefender)
Handler-x32: mso-minsb-roaming.16 – 83C25742-A9F7-49FB-9138-434302C88D07 – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 02:31 – 2021-01-22 21:07 – 000000824 _____ C:WINDOWSsystem32driversetchosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKUS-1-5-21-3102237188-2254830924-1487727994-1001Control PanelDesktop\Wallpaper -> C:UsersgameoDesktop 0_CLIENT_Editorial_2_web.jpg
DNS Servers: 10.71.0.1 – 24.201.245.77
HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKUS-1-5-21-3102237188-2254830924-1487727994-1001…StartupApprovedRun: => "Discord"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [8E96DB9A-FFD6-4B6B-A035-81A92DACEEEC] => (Allow) LPort=7878
FirewallRules: [287C28BB-EC4B-4742-A83D-B2F4CB06E669] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe => No File
FirewallRules: [8CD1C7C8-D4BD-4B37-8DA9-DFC4B9F7DD6B] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe => No File
FirewallRules: [FD93C994-D512-44F0-964D-90F9F1C2A7D3] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe => No File
FirewallRules: [9891BAFA-6191-4AA3-B099-EA81C7DC81B3] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe => No File
FirewallRules: [CB42307B-6C8A-4E7E-A8A7-278E3B20DC55] => (Allow) C:Program Files (x86)SteamsteamappscommonSkyrim Special EditionSkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [47CAAA01-C8D2-4F41-B4F5-A0FE2734146C] => (Allow) C:Program Files (x86)SteamsteamappscommonSkyrim Special EditionSkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [BB05E7AE-9A4A-4DCE-B636-3F7583AD9DB8] => (Allow) C:Program Files (x86)SteamsteamappscommonRimWorldRimWorldWin64.exe () [File not signed]
FirewallRules: [924F70E0-B1E1-400E-ACBB-B5139BD569BE] => (Allow) C:Program Files (x86)SteamsteamappscommonRimWorldRimWorldWin64.exe () [File not signed]
FirewallRules: [8411BEF8-DDD1-412B-B54B-C45CB470E7C1] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [36C68864-1FEB-4791-816F-608EFD8C765F] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [CE038576-5F1F-4546-AACD-442035711384] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [EB23DFD6-38D1-486A-94B6-34274A92FABF] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [D4B0A07C-0AEE-4835-8F9F-459FF11D3A3F] => (Allow) C:Program Files (x86)SteamsteamappscommonAoW3AoW3Launcher.exe () [File not signed]
FirewallRules: [812AC951-175C-4B6C-B74D-935B17FDADED] => (Allow) C:Program Files (x86)SteamsteamappscommonAoW3AoW3Launcher.exe () [File not signed]
FirewallRules: [3D81A5EE-1012-4673-BAF8-C5E506B58625] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [57BD58AD-2EED-47DF-8943-A062F6CADD3A] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [9E07A662-244B-4BB4-8379-E0215779DEBD] => (Allow) C:Program Files (x86)SteamsteamappscommonPath of ExilePathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [0BC22715-A505-4851-B7E4-4DB7C6C84223] => (Allow) C:Program Files (x86)SteamsteamappscommonPath of ExilePathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [20D31AA1-32C7-4609-B623-D944F1CB3D1F] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)
FirewallRules: [B47AADFA-188A-4E28-93F5-8F199E740290] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)
FirewallRules: [48041C16-FE5A-4AC1-B33C-E3CE27BC3C14] => (Allow) LPort=8989
FirewallRules: [1E3C2B47-F6FB-416F-848B-EF44FEF258A6] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [9E70D0AD-2FC0-4B5D-BD4F-14372B39CDC1] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [5ADD2BC5-3D3A-4170-AFE9-8C08D56E7C6D] => (Allow) C:Program Files (x86)Origin GamesThe Sims 4GameBin_LETS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [B539EF22-4905-494D-B568-192B15FF57D1] => (Allow) C:Program Files (x86)Origin GamesThe Sims 4GameBin_LETS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [EFDF3611-231D-479C-9996-208104E1E011] => (Allow) C:Program Files (x86)Origin GamesThe Sims 4GameBinTS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [08F84061-AB0F-4563-8ED1-DD6F4095E3B5] => (Allow) C:Program Files (x86)Origin GamesThe Sims 4GameBinTS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [0DBAC74A-2732-4FD0-ACFB-D154E6793103] => (Allow) LPort=54925
FirewallRules: [C944281D-9AAC-433F-B550-E66A1F3ED99F] => (Allow) C:Program Files (x86)SteamsteamappscommonFall GuysFallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [4CF438EA-A4B7-46DC-BDB2-39069CF9B7DB] => (Allow) C:Program Files (x86)SteamsteamappscommonFall GuysFallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [5F915449-708C-4F37-9A5D-4D062202E324] => (Allow) C:Program Files (x86)SteamsteamappscommonPummel PartyPummelParty.exe () [File not signed]
FirewallRules: [E0ADA25D-B057-45A4-B06A-E5E1CFD4158C] => (Allow) C:Program Files (x86)SteamsteamappscommonPummel PartyPummelParty.exe () [File not signed]
FirewallRules: [0929A327-B1F8-495D-8B18-5F16EB098B3B] => (Allow) C:Program Files (x86)SteamsteamappscommonAmong UsAmong Us.exe () [File not signed]
FirewallRules: [ACDFDF1A-2EAA-4C17-8A52-EE1C414DF910] => (Allow) C:Program Files (x86)SteamsteamappscommonAmong UsAmong Us.exe () [File not signed]
FirewallRules: [642AA216-77A6-4706-8DA0-D3D9A83C5A68] => (Allow) C:Riot GamesLeague of LegendsLeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [80ECEB43-5488-4124-9564-07832076A37D] => (Allow) C:Riot GamesLeague of LegendsLeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [EABA63C5-53F5-40D8-B92C-617428C77E96] => (Allow) C:Program Files (x86)SteamsteamappscommonAoW3AoW3.exe () [File not signed]
FirewallRules: [10CA5527-09F7-477F-A2FD-429EED3DF226] => (Allow) C:Program Files (x86)SteamsteamappscommonAoW3AoW3.exe () [File not signed]
FirewallRules: [3C0987AB-59AA-433B-809C-EDE7B0EBF8F9] => (Allow) C:Program Files (x86)SteamsteamappscommonAoW3AoW3_Debug.exe () [File not signed]
FirewallRules: [D7ACA30C-AF9C-4430-8418-8F3CE8A7BB3E] => (Allow) C:Program Files (x86)SteamsteamappscommonAoW3AoW3_Debug.exe () [File not signed]
FirewallRules: [3C222ACB-CBED-43C8-9694-DE839AC4AF56] => (Allow) C:Program Files (x86)SteamsteamappscommonBrawlhallaBrawlhalla.exe () [File not signed]
FirewallRules: [A0047219-FDF5-4B2C-B8DC-15FA3320EA4B] => (Allow) C:Program Files (x86)SteamsteamappscommonBrawlhallaBrawlhalla.exe () [File not signed]
FirewallRules: [76573417-EB76-4669-852D-489B4B8F276C] => (Allow) C:UsersgameoAppDataRoamingZoombinZoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [0943550D-9AA3-4026-A2DA-1C084BFB4AF3] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [B9DFF820-A932-4180-8E04-97B37F525278] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [240509B3-B742-406A-B910-506E6A97D485] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [845C852A-D2AA-4192-8BBB-4BD5E6376C55] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [B0747400-DD0A-4948-86E7-166239A7BA53] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqaiTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [3776E0DF-E9D0-46EA-9E26-E388C054B43A] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqaiTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [B6A36284-CC20-47BB-BF50-F3A349843FB3] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqaiTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [C37D28C8-7E02-479D-88CD-8BE3208E1FCA] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqaiTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [7F8DB677-76B6-4242-86B7-6E6F8B02AEE3] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqaAMDS64AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [3B237FFE-F34C-4D0D-8B92-94C0A26CF2CE] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqaAMDS64AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [7F4BD172-CED1-4600-B95D-9CCD5D4091A4] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqaAMDS64AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [F7547CA8-E62E-41BD-93EB-92FFF2D7C448] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqaAMDS64AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [BE9C3565-D9CE-4BDD-A5C6-535BD1412C1C] => (Allow) P:Plex Media ServerPlex Media Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [9DC00415-210A-4034-877B-CEB62F63FC66] => (Allow) P:Plex Media ServerPlexScriptHost.exe (Plex, Inc. -> Python Software Foundation)
FirewallRules: [52B1590B-6809-43F2-B12F-CA54F3FD8ED6] => (Allow) P:Plex Media ServerPlex DLNA Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [51BD144E-E024-4D64-8C92-C86F4D63EB36] => (Allow) P:Plex Media ServerPlex Tuner Service.exe (Plex, Inc. -> )
FirewallRules: [14FCC767-AC35-44FC-BED8-8C151FF814B5] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)
FirewallRules: [E537736C-A8F4-48C7-844F-90EAD949A62A] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [A971193C-8DFB-435D-A007-388AB7D76676] => (Allow) C:Program Files (x86)SteamsteamappscommonThe Jackbox Party Pack 7The Jackbox Party Pack 7.exe () [File not signed]
FirewallRules: [03E744C5-9F5F-42C8-9E9E-41AF43C8EEF5] => (Allow) C:Program Files (x86)SteamsteamappscommonThe Jackbox Party Pack 7The Jackbox Party Pack 7.exe () [File not signed]
FirewallRules: [725A92E5-BF2F-4616-8032-1F04DB564A8C] => (Allow) C:Program Files (x86)DropboxClientDropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Restore Points =========================
22-01-2021 10:17:57 ExpressVPN
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/22/2021 09:49:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4024,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.
Error: (01/22/2021 09:42:59 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (18396,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.
Error: (01/22/2021 09:37:57 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DESKTOP-6NOG2LS)
Description: Windows cannot load the extensible counter DLL "C:WINDOWSsystem32sysmain.dll" (Win32 error code 126).
Error: (01/22/2021 09:37:57 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-6NOG2LS)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (01/22/2021 08:02:21 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (22432,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.
Error: (01/22/2021 07:36:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6628,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.
Error: (01/22/2021 06:57:21 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (21424,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.
Error: (01/22/2021 06:28:50 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (20916,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.
System errors:
=============
Error: (01/22/2021 05:04:19 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-6NOG2LS)
Description: Unable to start a DCOM Server: 0358B920-0AC7-461F-98F4-58E32CD89148. The error:
"2147942767"
Happened while starting this command:
C:WINDOWSsystem32DllHost.exe /Processid:3EB3C877-1F16-487C-9050-104DBCD66683
Error: (01/22/2021 04:59:38 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-6NOG2LS)
Description: Unable to start a DCOM Server: 0358B920-0AC7-461F-98F4-58E32CD89148. The error:
"2147942767"
Happened while starting this command:
C:WINDOWSsystem32DllHost.exe /Processid:3EB3C877-1F16-487C-9050-104DBCD66683
Error: (01/22/2021 04:47:07 PM) (Source: Tcpip) (EventID: 4207) (User: )
Description: The IPv6 TCP/IP interface with index 16 failed to bind to its provider.
Error: (01/22/2021 12:58:44 PM) (Source: Tcpip) (EventID: 4207) (User: )
Description: The IPv6 TCP/IP interface with index 16 failed to bind to its provider.
Error: (01/21/2021 11:44:08 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-6NOG2LS)
Description: The server FD06603A-2BDF-4BB1-B7DF-5DC68F353601 did not register with DCOM within the required timeout.
Error: (01/21/2021 11:26:12 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-6NOG2LS)
Description: The server Windows.Media.Capture.Internal.AppCaptureShell did not register with DCOM within the required timeout.
Error: (01/20/2021 08:44:08 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-6NOG2LS)
Description: The server AB8902B4-09CA-4BB6-B78D-A8F59079A8D5 did not register with DCOM within the required timeout.
Error: (01/20/2021 08:44:08 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-6NOG2LS)
Description: The server AB8902B4-09CA-4BB6-B78D-A8F59079A8D5 did not register with DCOM within the required timeout.
CodeIntegrity:
===================================
Date: 2020-12-01 21:39:04.365
Description:
Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume4Program FilesNVIDIA CorporationAnselNvCameraAllowlisting64.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-12-01 21:39:04.361
Description:
Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume4WindowsSystem32cryptnet.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-12-01 21:39:04.326
Description:
Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume4WindowsSystem32cryptnet.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-12-01 21:39:03.343
Description:
Code Integrity determined that a process (DeviceHarddiskVolume4Program Files (x86)MicrosoftEdgeApplicationmsedge.exe) attempted to load DeviceHarddiskVolume4WindowsSystem32nvspcap64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-01 21:39:03.324
Description:
Code Integrity determined that a process (DeviceHarddiskVolume4Program Files (x86)MicrosoftEdgeApplicationmsedge.exe) attempted to load DeviceHarddiskVolume4WindowsSystem32nvspcap64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-12-01 20:35:38.613
Description:
Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume4Program FilesNVIDIA CorporationAnselNvCameraAllowlisting64.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-12-01 20:35:38.609
Description:
Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume4WindowsSystem32cryptnet.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-12-01 20:35:38.575
Description:
Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume4WindowsSystem32cryptnet.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1404 09/13/2018
Motherboard: ASUSTeK COMPUTER INC. ROG STRIX B360-I GAMING
Processor: Intel® Core™ i5-8600 CPU @ 3.10GHz
Percentage of memory in use: 50%
Total physical RAM: 16306.38 MB
Available physical RAM: 8136.44 MB
Total Virtual: 19762.38 MB
Available Virtual: 8770.21 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:953.27 GB) (Free:435.73 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:908.87 GB) NTFS
Drive p: (Plex) (Fixed) (Total:232.87 GB) (Free:61.09 GB) NTFS
\?Volume41d142bb-a771-4936-a684-8dcc832317a4 (Recovery) (Fixed) (Total:0.49 GB) (Free:0.07 GB) NTFS
\?Volume15aeee02-940b-4335-b85f-b08495354e53 () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 953.9 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F683CCAE)
Partition 1: (Not Active) – (Size=931.5 GB) – (Type=07 NTFS)
==================== End of Addition.txt =======================
Commentaires
Laisser un commentaire