Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.01.2019
Ran by Berengere (04-01-2019 19:14:13)
Running from C:\Users\Berengere\Desktop
Windows 10 Pro Version 1803 17134.472 (X64) (2018-07-20 04:46:06)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4239714254-2943741287-1337944222-500 - Administrator - Disabled)
Berengere (S-1-5-21-4239714254-2943741287-1337944222-1001 - Administrator - Enabled) => C:\Users\Berengere
DefaultAccount (S-1-5-21-4239714254-2943741287-1337944222-503 - Limited - Disabled)
Guest (S-1-5-21-4239714254-2943741287-1337944222-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4239714254-2943741287-1337944222-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0 - Adobe Systems Incorporated)
ColorMunki Display 1.1.4 (HKLM-x32\...\ColorMunki Display_is1) (Version: 1.1.4 - X-Rite)
Gestionnaire de licences Fnac (HKLM-x32\...\Gestionnaire de licences Fnac) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4749 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
KeePass Password Safe 2.39.1 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.39.1 - Dominik Reichl)
Logiciel de base du périphérique HP OfficeJet Pro 8710 (HKLM\...\{BBDBE96F-5BEE-4883-BC12-6543AB446BC1}) (Version: 40.12.1161.1896 - HP Inc.)
Logiciel de création CEWE (HKLM-x32\...\Logiciel de création CEWE) (Version: 6.3.6 - CEWE Stiftung u Co. KGaA)
Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.11029.20108 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4239714254-2943741287-1337944222-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 64.0 (x64 fr) (HKLM\...\Mozilla Firefox 64.0 (x64 fr)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0.1 - Mozilla)
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA Pilote graphique 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.36 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Panneau de configuration NVIDIA 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 398.36 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8004 - Realtek Semiconductor Corp.)
Réunions Cisco WebEx (HKU\S-1-5-21-4239714254-2943741287-1337944222-1001\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Skype version 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.0.13880 - TeamViewer)
Time-Lapse Tool (HKLM-x32\...\{F0022410-8CBB-4A6B-9BDB-96AC722EFC72}) (Version: 2.3.4768 - AI Devs)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
X-Rite Device Services Manager (HKLM-x32\...\{1E18A923-CDF1-4D1C-93B2-AD4CC5BD33EA}) (Version: 2.4.1 - X-Rite)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki124164.inf_amd64_85b60d2b8c3af983\igfxDTCM.dll [2017-09-01] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-06-24] (NVIDIA Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0131D638-948D-42C5-A2D7-922C53F2F6FF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-12-14] (Microsoft Corporation)
Task: {062308A5-AE31-4EE6-8A20-5B2A50D501F5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-01-26] (NVIDIA Corporation)
Task: {292BBF39-9D56-457C-95EB-9C130911F675} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-12-14] (Microsoft Corporation)
Task: {37227282-C646-4F68-BD9E-ED54F0A3E6A2} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-26] (NVIDIA Corporation)
Task: {37D71765-952B-447A-AB78-466C6E9D9DDD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-04] (Google Inc.)
Task: {3A237679-68EA-4E1A-83F6-198C92B2EB25} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {3EBCFBF2-3268-4A22-99F5-DB35967851BE} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-01-26] (NVIDIA Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6C26C1A9-5FF6-42EF-87EC-64756751ED57} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-12-14] (Microsoft Corporation)
Task: {8A16C6B5-A0DF-4741-A959-8D86A88087D5} - System32\Tasks\S-1-5-21-4239714254-2943741287-1337944222-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-12-08] (Microsoft Corporation)
Task: {8E4E02BE-D42C-4C65-95BE-19B85CF0D204} - System32\Tasks\X-Rite Device Services Software Updater => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe [2015-09-18] (X-Rite Inc.)
Task: {972079A6-7FDE-4388-92F6-A57747941A99} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-04] (Google Inc.)
Task: {A8479D39-27DF-4C11-9C92-212D4FD159CC} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-26] (NVIDIA Corporation)
Task: {ACCCF4DB-0AAE-4254-9B70-318FCB347337} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-12-07] (Microsoft Corporation)
Task: {B7D70874-13A3-4059-8689-DB12F292F49F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-26] (NVIDIA Corporation)
Task: {B9A912FE-EDFA-4E41-BD6F-270236F4680E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-12-14] (Microsoft Corporation)
Task: {C47C313C-CCCD-489A-B4FF-7B492484B0D2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-12-07] (Microsoft Corporation)
Task: {E791C67B-7FE0-43D9-89C7-9D740C3EB794} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-26] (NVIDIA Corporation)
Task: {E9C0D563-460D-473A-916F-556C6E90021C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-01-26] (NVIDIA Corporation)
Task: {F760650C-FFC7-421A-89A1-ABAD636982D9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-12-14] (Microsoft Corporation)
Task: {F9B878A1-02D9-468C-8529-D457F1034B90} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-26] (NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\X-Rite Device Services Software Updater.job => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-03-21 05:26 - 2018-03-21 05:26 - 000165104 _____ () C:\WINDOWS\system32\IntelWifiIhv04.dll
2015-05-19 17:11 - 2015-05-19 17:11 - 000007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-11 20:31 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-12-20 11:56 - 2018-12-14 07:50 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-07-13 10:33 - 2015-07-13 10:33 - 001592832 _____ () C:\Program Files (x86)\X-Rite\Devices\rm200\GoldenEye.dll
2013-06-21 14:03 - 2013-06-21 14:03 - 002633728 _____ () C:\Program Files (x86)\X-Rite\Devices\colormunki\colormunki.dll
2015-07-07 04:36 - 2015-07-07 04:36 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-4239714254-2943741287-1337944222-1001\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-4239714254-2943741287-1337944222-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Berengere\Pictures\Saved Pictures\wallhaven-128116.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\StartupFolder: => "XRGamma.lnk"
HKLM\...\StartupApproved\StartupFolder: => "ColorMunki Display Tray.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "WinZip FAH"
HKLM\...\StartupApproved\Run: => "WinZip PreLoader"
HKLM\...\StartupApproved\Run: => "WinZip UN"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-4239714254-2943741287-1337944222-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4239714254-2943741287-1337944222-1001\...\StartupApproved\Run: => "HP OfficeJet Pro 8710 (NET)"
HKU\S-1-5-21-4239714254-2943741287-1337944222-1001\...\StartupApproved\Run: => "Skype for Desktop"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{DA95C143-8A0A-43D3-A72B-5E0106EFA4C1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{663CE117-2784-472B-BDDD-3758E3ED70D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{2AC6C475-C936-48AF-86C4-C62ABDF92352}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{CB67C609-DF92-4EC6-AE79-DDAB09D47D42}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{9A7AB888-9424-44DD-A8D8-B55B752E8547}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{377C077C-CD04-4D02-9F50-86A1586D83B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{26CCF500-ADA4-486C-825B-034E464E6B57}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{364E4285-E072-416B-B140-1DDA9609EEAD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{655FD1DE-4E5C-4663-BEAE-CCC9F0C28C92}] => (Allow) C:\Users\Berengere\AppData\Roaming\BitTorrent\BitTorrent.exe No File
FirewallRules: [{84253B7F-7142-4791-BD2F-7F6E2860D6AA}] => (Allow) C:\Users\Berengere\AppData\Roaming\BitTorrent\BitTorrent.exe No File
FirewallRules: [{0BA27771-35B4-433B-88B5-60D5DDFE76E7}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\FaxApplications.exe (HP Inc.)
FirewallRules: [{CEE2487F-53FC-4D48-83E3-0ADE40840DDC}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\DigitalWizards.exe (HP Inc.)
FirewallRules: [{A7C57EF5-AD56-4658-B3DC-0F6354BC71CF}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\SendAFax.exe (HP Inc.)
FirewallRules: [{511E213D-382F-4285-8F56-BB3C173715CF}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\FaxPrinterUtility.exe (HP Inc.)
FirewallRules: [{22FAEB47-4CF3-4384-9217-E347503AD34A}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\DeviceSetup.exe (HP Inc.)
FirewallRules: [{BEE2BCA6-6243-419C-9145-5B8495390133}] => (Allow) LPort=5357
FirewallRules: [{AEBD6566-1AFC-47DB-BA9C-FCE85D701F54}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\HPNetworkCommunicatorCom.exe (HP Inc.)
FirewallRules: [{7996C8B5-8704-467B-98E7-0EDCA0CEC336}] => (Allow) C:\Users\Berengere\AppData\Local\Temp\7zS537C\HPDiagnosticCoreUI.exe No File
FirewallRules: [{26694F81-B830-4B62-9646-0BDC5AB01E65}] => (Allow) C:\Users\Berengere\AppData\Local\Temp\7zS537C\HPDiagnosticCoreUI.exe No File
FirewallRules: [{FFEEDE01-4E73-41FB-9CCB-3B30FB83A740}] => (Allow) C:\Users\Berengere\AppData\Local\Temp\7zS55C5\HPDiagnosticCoreUI.exe No File
FirewallRules: [{6F37F181-A16F-4466-810F-82723625DC11}] => (Allow) C:\Users\Berengere\AppData\Local\Temp\7zS55C5\HPDiagnosticCoreUI.exe No File
FirewallRules: [{07D02256-EE49-473A-B5FC-BC400B68D397}] => (Allow) C:\Users\Berengere\AppData\Local\Temp\7zS5648\HPDiagnosticCoreUI.exe No File
FirewallRules: [{0BD30A5B-1C06-4A9B-87B8-FF3B1426EF62}] => (Allow) C:\Users\Berengere\AppData\Local\Temp\7zS5648\HPDiagnosticCoreUI.exe No File
FirewallRules: [{3300728F-2934-4BD4-8B25-777CE5C45375}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation)
FirewallRules: [{F52F3B8A-3171-4F92-91B0-784A34830E8B}] => (Allow) C:\Users\Berengere\AppData\Local\Temp\7zS5359\HPDiagnosticCoreUI.exe No File
FirewallRules: [{2406B423-296A-4D5A-AF7E-4D9F89ED3529}] => (Allow) C:\Users\Berengere\AppData\Local\Temp\7zS5359\HPDiagnosticCoreUI.exe No File
FirewallRules: [{DE14ED8C-5CE3-44F2-BE09-62968EAEDEB3}] => (Allow) C:\Users\Berengere\AppData\Local\Temp\7zS4B4D\HPDiagnosticCoreUI.exe No File
FirewallRules: [{9CDE51A3-1901-4E0B-A476-318F5A98173D}] => (Allow) C:\Users\Berengere\AppData\Local\Temp\7zS4B4D\HPDiagnosticCoreUI.exe No File
FirewallRules: [TCP Query User{9DC34E1F-AC0E-4F27-86FB-83333600F2F1}C:\program files\openshot video editor\launch.exe] => (Block) C:\program files\openshot video editor\launch.exe No File
FirewallRules: [UDP Query User{1558B232-8BF6-4AB1-A70B-6665C41F09A1}C:\program files\openshot video editor\launch.exe] => (Block) C:\program files\openshot video editor\launch.exe No File
FirewallRules: [{AEF43660-23EB-4328-A7E2-D614D9BBD365}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{178D846A-AE52-4E16-AEFA-194E5C9F1A93}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{25F759DD-8080-4123-8BFB-8948DBC02A73}] => (Allow) C:\Users\Berengere\AppData\Local\Temp\7zS4C48\HPDiagnosticCoreUI.exe No File
FirewallRules: [{1DACB567-610D-465C-9609-0F6D10C1384F}] => (Allow) C:\Users\Berengere\AppData\Local\Temp\7zS4C48\HPDiagnosticCoreUI.exe No File
FirewallRules: [{83230260-DA14-4818-98D1-BB172EC58D7E}] => (Allow) LPort=5454
FirewallRules: [{7E7153CF-DF71-4EE3-9600-87AFA03A4A14}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{7A787D49-57A2-44F1-B5EC-CCF449D3DDA7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{C2C676E6-F385-4C40-AEBB-B73C35B08D14}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{3E01F790-647A-4B94-A7E7-F599B2AE5046}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{8FA8C81D-1C2B-4469-BD11-9C39919AD0DA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{AC56F663-D3BD-446C-97A7-4270DA0E7CD6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{33C7F82A-CBE7-4091-9A21-83CBADD8DA38}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{947E46A5-18F3-4CA6-B92A-F9A624E54062}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{F532D776-C9FE-4A2D-BBE5-6094C3D585BB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{DC6A7952-FA6A-4F86-BF62-C15DC85881BF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{D049C8AA-358A-4EDB-8EF3-902FD25968F4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{94796D16-DA3E-414B-8105-995AE0EE3B2C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{777675B9-0DBF-4372-8E38-FCF58AA4A074}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
==================== Restore Points =========================
14-12-2018 18:53:12 Installed HitFilm Express
20-12-2018 11:55:51 Windows Update
27-12-2018 21:33:32 Point de contrôle planifié
03-01-2019 19:06:37 WinZip 22.5 supprimé.
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/04/2019 07:06:18 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erreur lors de la mise à jour du statut Windows Defender vers SECURITY_PRODUCT_STATE_ON.
Error: (01/04/2019 07:06:18 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erreur lors de la mise à jour du statut Windows Defender vers SECURITY_PRODUCT_STATE_ON.
Error: (01/04/2019 02:27:13 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-HKRUMKD)
Description: httphttp-2147467263
Error: (01/04/2019 01:42:49 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-HKRUMKD)
Description: httphttp-2147467263
Error: (01/04/2019 10:41:29 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/03/2019 07:06:32 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-HKRUMKD)
Description: httphttp-2147467263
Error: (01/03/2019 11:36:34 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/02/2019 10:37:20 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (01/04/2019 07:12:59 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (01/04/2019 07:03:07 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (01/04/2019 07:03:07 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (01/04/2019 02:37:56 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-HKRUMKD)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID DESKTOP-HKRUMKD\Berengere de l’utilisateur (S-1-5-21-4239714254-2943741287-1337944222-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (01/04/2019 02:17:18 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (01/04/2019 02:16:33 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (01/04/2019 02:07:00 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (01/04/2019 02:07:00 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 28%
Total physical RAM: 8077.22 MB
Available physical RAM: 5814.94 MB
Total Virtual: 10637.22 MB
Available Virtual: 7791.36 MB
==================== Drives ================================
Drive b: (Data) (Fixed) (Total:457.29 GB) (Free:457.03 GB) NTFS
Drive c: (Windows) (Fixed) (Total:459.08 GB) (Free:345.36 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:13.91 GB) (Free:1.42 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: () (Removable) (Total:29.71 GB) (Free:0.29 GB) FAT32
\\?\Volume{c0d975e2-3a91-4cb7-acce-9f5b27d05e68}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.55 GB) NTFS
\\?\Volume{20ce9475-cc19-4f10-a234-0ff757ba553c}\ () (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E5F26B2C)
Partition: GPT.
========================================================
Disk: 1 (Protective MBR) (Size: 29.7 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================