Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 10-12-2023
Exécuté par METİN AYAS (11-12-2023 13:10:00)
Exécuté depuis C:\Users\METİN AYAS\Downloads
Microsoft Windows 10 Home Version 22H2 19045.3758 (X64) (2021-10-11 11:06:14)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
Administrator (S-1-5-21-2591752007-528138199-2689751265-500 - Administrator - Disabled)
Guest (S-1-5-21-2591752007-528138199-2689751265-501 - Limited - Disabled)
METİN AYAS (S-1-5-21-2591752007-528138199-2689751265-1001 - Administrator - Enabled) => C:\Users\METİN AYAS
VarsayılanHesap (S-1-5-21-2591752007-528138199-2689751265-503 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2591752007-528138199-2689751265-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: 360 Total Security (Enabled - Up to date) {FFDC234A-CE9B-08F9-406B-F876951CE066}
FW: Avira Security (Enabled) {BE55A40C-05CA-1096-36EB-CCA92DEAF539}
FW: firewall.tools.exe (Disabled) {1C715218-C920-E826-61C6-9757DD61D851}
FW: firewall.tools.exe (Enabled) {C23625D1-69FF-6539-D252-9C59FCE61F44}
FW: firewall.tools.exe (Enabled) {EC455612-A4AA-6402-45D6-DB9E6D29D254}
FW: firewall.tools.exe (Enabled) {C301BD72-1A68-FCF0-7438-70C67D82788F}
FW: firewall.tools.exe (Enabled) {2230FBD7-E019-6F49-94D9-88952527F446}
FW: firewall.tools.exe (Enabled) {099106F1-E7D0-AAA0-A006-5B67606DD9EB}
FW: firewall.tools.exe (Enabled) {584A1E3E-D555-02C4-01BA-D81B87038AEA}
FW: firewall.tools.exe (Enabled) {7345CA52-5FDB-32E9-091E-A25A5F605D90}
FW: firewall.tools.exe (Enabled) {A4140CEC-71C4-0D3F-075E-A57EB752B7CC}
FW: Avira Security (Enabled) {877B141C-E73B-9A54-223E-108CC963426A}
FW: firewall.tools.exe (Enabled) {4C92E45A-7416-54D2-AD04-C193F68EC8C0}
FW: Avira Security (Enabled) {6207A357-4A32-0B8C-12DB-C7111287446A}
FW: firewall.tools.exe (Enabled) {E2EE3342-AA78-B31E-B5E1-9EE1559AE96B}
FW: firewall.tools.exe (Enabled) {FE195218-FA5A-653B-CF2E-34A747823BDA}
FW: firewall.tools.exe (Enabled) {B8CDDC92-9ACE-829E-BE31-378580BD98EA}
FW: firewall.tools.exe (Disabled) {F3945FB6-2B3E-4CE3-7375-B5E2E67B2CCD}
FW: firewall.tools.exe (Enabled) {1A2A5BC2-8661-486A-E9A8-CDDB540A101F}
FW: firewall.tools.exe (Enabled) {DE8353B0-FA3B-1C97-A6F2-47E3086FE270}
FW: firewall.tools.exe (Enabled) {A6BFCB37-FD88-3169-9016-A19F8A583462}
FW: firewall.tools.exe (Enabled) {17E8CE47-42AD-C1F1-0700-B3410EE3DED6}
FW: firewall.tools.exe (Enabled) {47D4BDD8-0984-10EF-81DA-67DF50F9090C}
FW: firewall.tools.exe (Enabled) {D61C0689-D80C-09C3-9217-D404C4DB37CC}
FW: firewall.tools.exe (Enabled) {EABF72E2-9813-7346-E2F3-BB7D0B2AAFCB}
FW: firewall.tools.exe (Enabled) {0544AF26-4FE9-2BB0-F659-CE43883CF44F}
FW: Avira Security (Enabled) {71EC0A3F-391C-0E33-A103-0C8A6DF0EBF0}
FW: Avira Security (Enabled) {4EFB3EBA-D5BC-D311-F570-D3065B48D523}
FW: Avira Security (Enabled) {12CE3622-C811-64DE-1773-AA1774F2B8E1}
FW: Avira Security (Enabled) {76867038-CFEB-AE32-EFDA-5DE782F629FF}
FW: firewall.tools.exe (Enabled) {411C09FD-C895-2466-7CB2-4B121B959D78}
FW: firewall.tools.exe (Enabled) {568EC6DA-758B-F7DB-1DA3-0F92F0A311A4}
FW: firewall.tools.exe (Enabled) {192950A7-224C-7675-566D-ADC7513196AB}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
7-Zip 23.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2301-000001000000}) (Version: 23.01.00.0 - Igor Pavlov)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 119.1.23320.200 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1653.5 - AVAST Software) Hidden
Avira Fallback Updater (HKLM-x32\...\Avira Fallback Updater) (Version: - ) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.43.1.16819 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.26.0.18 - Avira Operations GmbH) Hidden
CrystalDiskInfo 9.2.0 Aoi Edition (HKLM\...\CrystalDiskInfo_is1) (Version: 9.2.0 - Crystal Dew World)
DCENT Bridge 1.3.0 (HKU\S-1-5-21-2591752007-528138199-2689751265-1001\...\{9edeef81-4cc9-577c-8458-71f3666e5007}) (Version: 1.3.0 - IoTrust)
Désinstallation de l'imprimante EPSON L3250 Series (HKLM\...\EPSON L3250 Series) (Version: - Seiko Epson Corporation)
Discord (HKU\S-1-5-21-2591752007-528138199-2689751265-1001\...\Discord) (Version: 1.0.9012 - Discord Inc.)
Endpoint Protection SDK (HKLM\...\{68E1CCB4-4965-4713-BDEB-77F6D6C9BF9D}_is1) (Version: 1.0.2209.3324 - Avira Operations GmbH & Co. KG) Hidden
Epic Games Launcher (HKLM-x32\...\{E8FDD9E1-BEB2-4E7F-A179-22962E4C377A}) (Version: 1.3.82.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{35905844-0610-427D-86A0-2103FABE3D4D}) (Version: 2.0.42.0 - Epic Games, Inc.)
Epson Event Manager (HKLM-x32\...\{DBC38C08-9FB5-43A5-B6BA-EB10AC7DA570}) (Version: 3.11.0053 - Seiko Epson Corporation)
Epson Manuals (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 2.0.4.0 - Seiko Epson Corporation)
Epson Photo+ (HKLM-x32\...\{82E09177-CD4D-412F-97B6-3C4763D6B0FA}) (Version: 3.7.2.0 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{DE32F90E-1A29-4D74-BCF1-E7DDB25D713A}) (Version: 3.4.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
EPSON Scan PDF EXtensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.02 - SEIKO EPSON Corp.)
Epson ScanSmart (HKLM-x32\...\{24D63D1B-83A2-4976-8D0D-8622D96B6B86}) (Version: 3.7.1 - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{711E8536-AB71-4455-A6C4-357FDBBEBF91}) (Version: 4.6.7 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Google Chrome (HKLM\...\{BC74D7B3-F268-3A05-926D-EBBE9E1340DC}) (Version: 120.0.6099.71 - Google LLC)
K-Lite Codec Pack 16.4.6 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.4.6 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-2591752007-528138199-2689751265-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Microsoft Edge (HKLM-x32\...\{71A45013-EA85-3748-B06C-73B6C069CBF7}) (Version: 120.0.2210.61 - Microsoft Corporation)
Microsoft Edge WebView2 Çalışma Zamanı (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.61 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2591752007-528138199-2689751265-1001\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30153 (HKLM-x32\...\{9057ceb3-ab14-4d3a-aa99-38d2d660e604}) (Version: 14.29.30153.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30153 (HKLM-x32\...\{e3aefa8b-a2ea-42b8-a384-95f2ff6df681}) (Version: 14.29.30153.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30153 (HKLM\...\{4EF122F4-F7DA-4F5B-A7A1-3FE7AE34850D}) (Version: 14.29.30153 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30153 (HKLM\...\{0F03096E-F81F-48D0-AEE0-9F8513CD883F}) (Version: 14.29.30153 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30153 (HKLM-x32\...\{F263DEED-F2D3-4AB2-9D1C-C47ED5AA8BFC}) (Version: 14.29.30153 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30153 (HKLM-x32\...\{F3E4AF00-C81D-4253-B947-67DD661932EC}) (Version: 14.29.30153 - Microsoft Corporation) Hidden
NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version: 1.4.0.132 - Nord Security)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 7.15.6.0 - Nord Security)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.7.0531.052416 - Razer Inc.)
Revo Uninstaller 2.3.8 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.8 - VS Revo Group, Ltd.)
Riot Client (HKU\S-1-5-21-2591752007-528138199-2689751265-1001\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc)
Telegram Desktop (HKU\S-1-5-21-2591752007-528138199-2689751265-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.12.2 - Telegram FZ-LLC)
TF Global Markets MetaTrader 5 Terminal (HKLM\...\TF Global Markets MetaTrader 5 Terminal) (Version: 5.00 - MetaQuotes Ltd.)
True Proprietary Funds MT4 Terminal (HKLM-x32\...\True Proprietary Funds MT4 Terminal) (Version: 4.00 - MetaQuotes Ltd.)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Windows PC Sistem Durumu Denetimi (HKLM\...\{069FF0BE-DDC4-41D8-8799-CEAA1A506840}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 6.24 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)
Wondershare Filmora 13(Build 13.0.51.4714) (HKU\S-1-5-21-2591752007-528138199-2689751265-1001\...\Wondershare Filmora 13_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare NativePush(Build 1.0.1.0) (HKU\S-1-5-21-2591752007-528138199-2689751265-1001\...\Wondershare NativePush_is1) (Version: - Wondershare Software)
Packages:
=========
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-11-23] (Microsoft Corporation)
Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-12-13] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-10-16] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-07] (Microsoft Studios) [MS Ad]
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-2591752007-528138199-2689751265-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\METİN AYAS\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
CustomCLSID: HKU\S-1-5-21-2591752007-528138199-2689751265-1001_Classes\CLSID\{4e6f7264-5650-4e00-0000-000000000000}\localserver32 -> C:\Program Files\NordVPN\NordVPN.exe (nordvpn s.a. -> nordvpn S.A.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-12-08] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-12-08] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll -> Pas de fichier
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2023-09-22] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Pas de fichier
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Pas de fichier
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll -> Pas de fichier
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2023-09-22] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0905d5f86c27c241\nvshext.dll [2023-10-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2023-09-22] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll -> Pas de fichier
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Avec liste blanche) ====================
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
ShortcutWithArgument: C:\Users\METİN AYAS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d76736477ba15566\Xrp - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 10"
ShortcutWithArgument: C:\Users\METİN AYAS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d755e1040e5d38ac\dalskdas - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 8"
ShortcutWithArgument: C:\Users\METİN AYAS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b42be1c9c51179ef\dsad - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 7"
ShortcutWithArgument: C:\Users\METİN AYAS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Xrp - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\METİN AYAS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\603d61d7b578f489\Xrp - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 11"
ShortcutWithArgument: C:\Users\METİN AYAS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\2b054a3d8e89c41e\XrpAdaFan - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 13"
ShortcutWithArgument: C:\Users\METİN AYAS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Cosmos - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"
==================== Modules chargés (Avec liste blanche) =============
2023-12-11 13:06 - 2023-12-11 13:06 - 000235520 _____ () [Fichier non signé] \\?\C:\Users\METİN AYAS\AppData\Local\Temp\c353dc2c-e847-42b1-a7f9-81d6b5d8c2d4.tmp.node
2023-12-08 21:50 - 2016-07-21 10:54 - 000137728 _____ () [Fichier non signé] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2023-12-08 21:50 - 2017-09-12 10:34 - 001506304 _____ () [Fichier non signé] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2023-01-12 18:23 - 2022-10-06 04:09 - 001945600 _____ () [Fichier non signé] C:\Users\METİN AYAS\AppData\Local\Programs\dcent-bridge\ffmpeg.dll
2023-01-12 18:23 - 2022-10-06 04:09 - 000017408 _____ () [Fichier non signé] C:\Users\METİN AYAS\AppData\Local\Programs\dcent-bridge\libegl.dll
2023-01-12 18:23 - 2022-10-06 04:09 - 003424256 _____ () [Fichier non signé] C:\Users\METİN AYAS\AppData\Local\Programs\dcent-bridge\libglesv2.dll
2023-01-12 18:23 - 2022-10-06 04:09 - 017888768 _____ (Node.js) [Fichier non signé] C:\Users\METİN AYAS\AppData\Local\Programs\dcent-bridge\node.dll
2020-02-07 17:20 - 2020-02-07 17:20 - 000132096 _____ (Seiko Epson Corporation) [Fichier non signé] C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll
2018-03-05 16:41 - 2018-03-05 16:41 - 000057856 _____ (Seiko Epson Corporation) [Fichier non signé] C:\Program Files (x86)\Epson Software\Event Manager\EPNWPSHDevFinder.DLL
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Windows\System32\enppmon.dll
2023-12-08 21:50 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [Fichier non signé] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
==================== Alternate Data Streams (Avec liste blanche) ========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\ProgramData:err [2010]
AlternateDataStreams: C:\Windows\system32\.tmp:9765A70062 [3442]
AlternateDataStreams: C:\Users\All Users:err [2010]
AlternateDataStreams: C:\ProgramData\Application Data:err [2010]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [3442]
AlternateDataStreams: C:\Users\METİN AYAS\Desktop\FVG2.png:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Desktop\lesson 02 .mov:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Desktop\Monthl.png:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Desktop\RB2.png:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Desktop\Week.png:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\2022 ICT Mentorship Episode 3 (1).pdf:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\490016-1364623600.jpg:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\5EvTtXZPWXf9FnSBmQWDE9t89N17ztehRfECGUgKtAQa8hSL (2).json:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\5EvTtXZPWXf9FnSBmQWDE9t89N17ztehRfECGUgKtAQa8hSL (3).json:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\c4304a87926b83bb6c727e7f79906657.jpg:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\Dealing ranges.pdf:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\DiscordSetup (1).exe:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\dotNetFx45_Full_setup.exe:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\Ep 2_ Elements of Trade Setup dosyasının kopyası (1).docx:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\Epson_L3250_Series_EM_10_Web (1).exe:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\f9a447af886c5126e9795d51e45e921d.jpg:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\message (1).txt:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\Neoo.jpg:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\ZoomInstaller.exe:shield [57]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [9264]
==================== Mode sans échec (Avec liste blanche) ==================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SophosVirusRemovalTool => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SophosVirusRemovalTool => ""="Service"
==================== Association (Avec liste blanche) =================
==================== Internet Explorer (Avec liste blanche) ==========
SearchScopes: HKU\S-1-5-21-2591752007-528138199-2689751265-1001 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.com.tr/search/?text={searchTerms}&clid=2233630
SearchScopes: HKU\S-1-5-21-2591752007-528138199-2689751265-1001 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.com.tr/search/?text={searchTerms}&clid=2233630
Toolbar: HKU\S-1-5-21-2591752007-528138199-2689751265-1001 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2019-12-07 12:14 - 2022-04-29 02:38 - 000000822 ____N C:\Windows\system32\drivers\etc\hosts
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-2591752007-528138199-2689751265-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\METİN AYAS\Pictures\carte.jpeg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [TCP Query User{1A0DC0F4-C94D-45B2-9C1C-C5B473D2737D}C:\users\metİn ayas\appdata\local\programs\dcent-bridge\dcent bridge.exe] => (Allow) C:\users\metİn ayas\appdata\local\programs\dcent-bridge\dcent bridge.exe (IoTrust Co., Ltd. -> IoTrust)
FirewallRules: [UDP Query User{27629CA9-F129-4FE3-8027-3F2CEBB1C738}C:\users\metİn ayas\appdata\local\programs\dcent-bridge\dcent bridge.exe] => (Allow) C:\users\metİn ayas\appdata\local\programs\dcent-bridge\dcent bridge.exe (IoTrust Co., Ltd. -> IoTrust)
FirewallRules: [TCP Query User{748D77E0-552C-416F-8DBE-9CE44F561FDF}C:\users\metİn ayas\appdata\local\programs\nordpass\nordpass.exe] => (Allow) C:\users\metİn ayas\appdata\local\programs\nordpass\nordpass.exe => Pas de fichier
FirewallRules: [UDP Query User{DC8F5F7B-2746-4830-8A1C-1E089B25C78E}C:\users\metİn ayas\appdata\local\programs\nordpass\nordpass.exe] => (Allow) C:\users\metİn ayas\appdata\local\programs\nordpass\nordpass.exe => Pas de fichier
FirewallRules: [{AFC17CB9-F517-46CA-B9DA-BB7E48228442}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{FB252747-0C8C-4F13-B1D7-06D5384B47E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{AAEFC89C-3066-49EA-8EA3-C4EA1834BB53}C:\users\metİn ayas\appdata\local\discord\app-1.0.9003\discord.exe] => (Allow) C:\users\metİn ayas\appdata\local\discord\app-1.0.9003\discord.exe => Pas de fichier
FirewallRules: [UDP Query User{9665AB44-2570-4AC4-AC5D-165D583657CE}C:\users\metİn ayas\appdata\local\discord\app-1.0.9003\discord.exe] => (Allow) C:\users\metİn ayas\appdata\local\discord\app-1.0.9003\discord.exe => Pas de fichier
FirewallRules: [TCP Query User{3D100BD7-CC3D-4A4F-99E1-551AA3C8F917}C:\users\metİn ayas\appdata\local\discord\app-1.0.9004\discord.exe] => (Block) C:\users\metİn ayas\appdata\local\discord\app-1.0.9004\discord.exe => Pas de fichier
FirewallRules: [UDP Query User{F362A208-ADAE-4969-925F-EA8E7970896B}C:\users\metİn ayas\appdata\local\discord\app-1.0.9004\discord.exe] => (Block) C:\users\metİn ayas\appdata\local\discord\app-1.0.9004\discord.exe => Pas de fichier
FirewallRules: [TCP Query User{FC3C58C9-D2F5-43BE-9A7A-5AAD4E8D3F6B}C:\users\metİn ayas\appdata\local\programs\dcent-bridge\dcent bridge.exe] => (Allow) C:\users\metİn ayas\appdata\local\programs\dcent-bridge\dcent bridge.exe (IoTrust Co., Ltd. -> IoTrust)
FirewallRules: [UDP Query User{87831E20-8BD2-4CC5-8103-E63EED7DACDF}C:\users\metİn ayas\appdata\local\programs\dcent-bridge\dcent bridge.exe] => (Allow) C:\users\metİn ayas\appdata\local\programs\dcent-bridge\dcent bridge.exe (IoTrust Co., Ltd. -> IoTrust)
FirewallRules: [TCP Query User{819508BA-F505-4E71-9372-C6B6E583E064}C:\users\metİn ayas\appdata\roaming\telegram desktop\telegram.exe] => (Block) C:\users\metİn ayas\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [UDP Query User{5807648D-8FF9-4C2C-B677-9C32FA413D64}C:\users\metİn ayas\appdata\roaming\telegram desktop\telegram.exe] => (Block) C:\users\metİn ayas\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [TCP Query User{7BD50010-483B-45FD-80E5-08133C0E4146}C:\users\metİn ayas\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\metİn ayas\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [UDP Query User{CF054DD7-F7AE-461D-A3B9-DA38EEC0ADC6}C:\users\metİn ayas\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\metİn ayas\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{78DAFECF-65B7-46C7-B015-000525DEEF36}] => (Allow) C:\Program Files\TF Global Markets MetaTrader 5 Terminal\metatester64.exe (MetaQuotes Ltd -> MetaQuotes Ltd.)
FirewallRules: [{738535B9-767E-4EE9-90BA-A613FBF0AAA5}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (Seiko Epson Corporation) [Fichier non signé]
FirewallRules: [{ED5799A6-D4DE-4070-8EEA-AF84FE4C9935}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (Seiko Epson Corporation) [Fichier non signé]
FirewallRules: [{1EFA3D52-256A-4250-9656-50C3087F9877}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0EA7D813-B563-407C-9FEF-281B4A435FB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{CBBEE77B-A69C-4A0F-B980-CCB5A6718925}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B30272D2-8648-483E-8AFB-E6ABFB6A3FEE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{EDB01DBF-8C13-47A9-8CFB-F7130D5DDEA0}C:\users\metİn ayas\appdata\local\avira\browser\application\avirabrowser.exe] => (Block) C:\users\metİn ayas\appdata\local\avira\browser\application\avirabrowser.exe => Pas de fichier
FirewallRules: [UDP Query User{D584C1A3-2ADB-46CD-B336-85D04B5516D3}C:\users\metİn ayas\appdata\local\avira\browser\application\avirabrowser.exe] => (Block) C:\users\metİn ayas\appdata\local\avira\browser\application\avirabrowser.exe => Pas de fichier
FirewallRules: [{63348C4E-6AB2-4ACE-BA53-8940B5C02061}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A7C10F77-FFDE-4C78-AEE0-2014C02DE684}] => (Allow) C:\Users\METİN AYAS\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [{2E2D368D-D7FA-4303-9BD6-156C4A2A7D17}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{095A54AD-B63C-41AC-B382-8E0DCBB6F004}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.61\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F0EB838F-56CE-4DEB-AF6C-F5AE6773F232}] => (Allow) C:\Program Files\NordVPN\nordvpn-service.exe (nordvpn s.a. -> nordvpn S.A.)
FirewallRules: [{C1A6E0C5-26B7-43FE-8D84-AF9A62DB28E5}] => (Allow) C:\Program Files\NordVPN\nordvpn-service.exe (nordvpn s.a. -> nordvpn S.A.)
FirewallRules: [{D9844BE2-52E9-478D-8C27-E10B25055596}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
FirewallRules: [{5F314429-06C8-4E1F-9167-A206DB07A984}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
==================== Points de restauration =========================
09-12-2023 12:18:55 TRON v12.0.6: Pre-run checkpoint
==================== Éléments en erreur du Gestionnaire de périphériques ============
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (12/11/2023 01:06:26 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Le service Centre de sécurité Windows n'a pas pu charger les instances de FirewallProduct à partir du magasin de services.
Error: (12/11/2023 01:05:41 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Sistem kapatma işlemi sürüyor.
]
Error: (12/11/2023 01:04:08 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x8007001f, Sisteme bağlı bir aygıt çalışmıyor.
.
İşlem:
Zaman Uyumsuz İşlem Yapılıyor
Bağlam:
Geçerli Durum: DoSnapshotSet
Error: (12/11/2023 01:03:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service QHProtected since QueryServiceConfig API failed
System Error:
Sistem belirtilen dosyayı bulamıyor.
.
Error: (12/11/2023 12:58:51 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x8007001f, Sisteme bağlı bir aygıt çalışmıyor.
.
İşlem:
Zaman Uyumsuz İşlem Yapılıyor
Bağlam:
Geçerli Durum: DoSnapshotSet
Error: (12/11/2023 12:58:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service QHProtected since QueryServiceConfig API failed
System Error:
Sistem belirtilen dosyayı bulamıyor.
.
Error: (12/11/2023 12:51:12 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x8007001f, Sisteme bağlı bir aygıt çalışmıyor.
.
İşlem:
Zaman Uyumsuz İşlem Yapılıyor
Bağlam:
Geçerli Durum: DoSnapshotSet
Error: (12/11/2023 12:50:49 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005, Erişim engellendi.
.
Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur.
İşlem:
Yazıcı Verileri Toplanıyor
Bağlam:
Yazıcı Sınıf Kimliği: {e8132975-6f93-4464-a53e-1050253ae220}
Yazıcı Adı: System Writer
Yazıcı Örnek Kimliği: {a1902526-6f10-4e78-86be-63f5acf08624}
Erreurs système:
=============
Error: (12/11/2023 01:05:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Avira Security s’est terminé de façon inattendue pour la 1ème fois.
Error: (12/10/2023 08:22:00 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RL0QLOL)
Description: Le serveur Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/10/2023 03:46:23 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RL0QLOL)
Description: Le serveur Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/10/2023 03:44:59 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RL0QLOL)
Description: Le serveur Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/10/2023 12:01:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Avira Security Updater n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (12/10/2023 12:01:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Avira Security Updater.
Error: (12/10/2023 11:56:05 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 20:37:18 le 9.12.2023 n’était pas prévu.
Error: (12/09/2023 08:37:18 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 20:20:44 le 9.12.2023 n’était pas prévu.
Windows Defender:
================
Date: 2022-05-12 15:44:12
Description:
L’analyse Microsoft Defender Virüsten Koruma a été arrêtée avant la fin.
ID de l’analyse : {C44B0C85-43DD-44CE-B3A0-A60B8B6997A3}
Type de l’analyse : Kötü Amaçlı Yazılımdan Koruma
Paramètres de l’analyse : Hızlı Tarama
Utilisateur : NT AUTHORITY\SYSTEM
Date: 2022-05-11 15:44:12
Description:
L’analyse Microsoft Defender Virüsten Koruma a été arrêtée avant la fin.
ID de l’analyse : {067C5770-6F0D-4C18-8E5E-B60035179589}
Type de l’analyse : Kötü Amaçlı Yazılımdan Koruma
Paramètres de l’analyse : Hızlı Tarama
Utilisateur : NT AUTHORITY\SYSTEM
Date: 2022-05-10 15:44:12
Description:
L’analyse Microsoft Defender Virüsten Koruma a été arrêtée avant la fin.
ID de l’analyse : {A491CA4F-BCE1-4349-8D41-BDCDC7538FEA}
Type de l’analyse : Kötü Amaçlı Yazılımdan Koruma
Paramètres de l’analyse : Hızlı Tarama
Utilisateur : NT AUTHORITY\SYSTEM
Date: 2022-05-09 15:15:50
Description:
L’analyse Microsoft Defender Virüsten Koruma a été arrêtée avant la fin.
ID de l’analyse : {FDDCA2C0-CECF-4D5D-ABB0-79103FFD380E}
Type de l’analyse : Kötü Amaçlı Yazılımdan Koruma
Paramètres de l’analyse : Hızlı Tarama
Utilisateur : NT AUTHORITY\SYSTEM
Date: 2022-05-08 15:22:17
Description:
L’analyse Microsoft Defender Virüsten Koruma a été arrêtée avant la fin.
ID de l’analyse : {C8BE7B54-10C3-4EFD-8226-F54C724E6CDD}
Type de l’analyse : Kötü Amaçlı Yazılımdan Koruma
Paramètres de l’analyse : Hızlı Tarama
Utilisateur : NT AUTHORITY\SYSTEM
Event[0]:
Date: 2023-06-16 02:28:20
Description:
Microsoft Defender Virüsten Koruma a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité : 1.391.1582.0
Version précédente de la veille de sécurité : 1.389.82.0
Source de mise à jour : Kullanıcı
Type de veille de sécurité : Casus Yazılım Önleme
Type de mise à jour : Tam
Utilisateur : NT AUTHORITY\SYSTEM
Version actuelle du moteur : 1.1.23050.3
Version précédente du moteur : 1.1.20300.3
Code d’erreur : 0x80501102
Description de l’erreur : Beklenmeyen bir hata oluştu. Mevcut güncelleştirmelerin tümünü yükleyin, ardından programı yeniden başlatmayı deneyin. Güncelleştirmeleri yükleme hakkında bilgi için Yardım ve Destek'e bakın.
Date: 2023-06-16 02:28:20
Description:
Microsoft Defender Virüsten Koruma a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité : 1.391.1582.0
Version précédente de la veille de sécurité : 1.389.82.0
Source de mise à jour : Kullanıcı
Type de veille de sécurité : Virüsten Koruma
Type de mise à jour : Tam
Utilisateur : NT AUTHORITY\SYSTEM
Version actuelle du moteur : 1.1.23050.3
Version précédente du moteur : 1.1.20300.3
Code d’erreur : 0x80501102
Description de l’erreur : Beklenmeyen bir hata oluştu. Mevcut güncelleştirmelerin tümünü yükleyin, ardından programı yeniden başlatmayı deneyin. Güncelleştirmeleri yükleme hakkında bilgi için Yardım ve Destek'e bakın.
Date: 2023-06-16 02:28:20
Description:
Microsoft Defender Virüsten Koruma a rencontré une erreur lors de la mise à jour du moteur.
Nouvelle version du moteur : 1.1.23050.3
Version précédente du moteur : 1.1.20300.3
Utilisateur : NT AUTHORITY\SYSTEM
Code d’erreur : 0x80501102
Description de l’erreur : Beklenmeyen bir hata oluştu. Mevcut güncelleştirmelerin tümünü yükleyin, ardından programı yeniden başlatmayı deneyin. Güncelleştirmeleri yükleme hakkında bilgi için Yardım ve Destek'e bakın.
Date: 2023-05-20 09:38:17
Description:
Microsoft Defender Virüsten Koruma a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité : 1.389.1878.0
Version précédente de la veille de sécurité : 1.389.82.0
Source de mise à jour : Kullanıcı
Type de veille de sécurité : Casus Yazılım Önleme
Type de mise à jour : Farklar
Utilisateur : NT AUTHORITY\SYSTEM
Version actuelle du moteur : 1.1.20300.3
Version précédente du moteur : 1.1.20300.3
Code d’erreur : 0x80501102
Description de l’erreur : Beklenmeyen bir hata oluştu. Mevcut güncelleştirmelerin tümünü yükleyin, ardından programı yeniden başlatmayı deneyin. Güncelleştirmeleri yükleme hakkında bilgi için Yardım ve Destek'e bakın.
Date: 2023-05-20 09:38:17
Description:
Microsoft Defender Virüsten Koruma a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité : 1.389.1878.0
Version précédente de la veille de sécurité : 1.389.82.0
Source de mise à jour : Kullanıcı
Type de veille de sécurité : Virüsten Koruma
Type de mise à jour : Farklar
Utilisateur : NT AUTHORITY\SYSTEM
Version actuelle du moteur : 1.1.20300.3
Version précédente du moteur : 1.1.20300.3
Code d’erreur : 0x80501102
Description de l’erreur : Beklenmeyen bir hata oluştu. Mevcut güncelleştirmelerin tümünü yükleyin, ardından programı yeniden başlatmayı deneyin. Güncelleştirmeleri yükleme hakkında bilgi için Yardım ve Destek'e bakın.
CodeIntegrity:
===============
Date: 2023-12-11 13:09:44
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\360\Total Security\safemon\SafeWrapper.dll that did not meet the Microsoft signing level requirements.
==================== Infos Mémoire ===========================
BIOS: American Megatrends Inc. 3.70 06/09/2020
Carte mère: Micro-Star International Co., Ltd B450 TOMAHAWK MAX (MS-7C02)
Processeur: AMD Ryzen 5 3600 6-Core Processor
Pourcentage de mémoire utilisée: 34%
Mémoire physique - RAM - totale: 16334.87 MB
Mémoire physique - RAM - disponible: 10673.5 MB
Mémoire virtuelle totale: 18766.87 MB
Mémoire virtuelle disponible: 10851.41 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:222.97 GB) (Free:50.61 GB) (Model: CT240BX500SSD1) NTFS
Drive g: () (Fixed) (Total:931.5 GB) (Free:931.32 GB) (Model: ST1000DM010-2DM162) NTFS
\\?\Volume{2679d24d-0070-43ab-85fe-7eb3603aac68}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{7f312840-57d2-4b5d-b601-83e288aefbf4}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Fin de Addition.txt =======================
Exécuté par METİN AYAS (11-12-2023 13:10:00)
Exécuté depuis C:\Users\METİN AYAS\Downloads
Microsoft Windows 10 Home Version 22H2 19045.3758 (X64) (2021-10-11 11:06:14)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
Administrator (S-1-5-21-2591752007-528138199-2689751265-500 - Administrator - Disabled)
Guest (S-1-5-21-2591752007-528138199-2689751265-501 - Limited - Disabled)
METİN AYAS (S-1-5-21-2591752007-528138199-2689751265-1001 - Administrator - Enabled) => C:\Users\METİN AYAS
VarsayılanHesap (S-1-5-21-2591752007-528138199-2689751265-503 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2591752007-528138199-2689751265-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: 360 Total Security (Enabled - Up to date) {FFDC234A-CE9B-08F9-406B-F876951CE066}
FW: Avira Security (Enabled) {BE55A40C-05CA-1096-36EB-CCA92DEAF539}
FW: firewall.tools.exe (Disabled) {1C715218-C920-E826-61C6-9757DD61D851}
FW: firewall.tools.exe (Enabled) {C23625D1-69FF-6539-D252-9C59FCE61F44}
FW: firewall.tools.exe (Enabled) {EC455612-A4AA-6402-45D6-DB9E6D29D254}
FW: firewall.tools.exe (Enabled) {C301BD72-1A68-FCF0-7438-70C67D82788F}
FW: firewall.tools.exe (Enabled) {2230FBD7-E019-6F49-94D9-88952527F446}
FW: firewall.tools.exe (Enabled) {099106F1-E7D0-AAA0-A006-5B67606DD9EB}
FW: firewall.tools.exe (Enabled) {584A1E3E-D555-02C4-01BA-D81B87038AEA}
FW: firewall.tools.exe (Enabled) {7345CA52-5FDB-32E9-091E-A25A5F605D90}
FW: firewall.tools.exe (Enabled) {A4140CEC-71C4-0D3F-075E-A57EB752B7CC}
FW: Avira Security (Enabled) {877B141C-E73B-9A54-223E-108CC963426A}
FW: firewall.tools.exe (Enabled) {4C92E45A-7416-54D2-AD04-C193F68EC8C0}
FW: Avira Security (Enabled) {6207A357-4A32-0B8C-12DB-C7111287446A}
FW: firewall.tools.exe (Enabled) {E2EE3342-AA78-B31E-B5E1-9EE1559AE96B}
FW: firewall.tools.exe (Enabled) {FE195218-FA5A-653B-CF2E-34A747823BDA}
FW: firewall.tools.exe (Enabled) {B8CDDC92-9ACE-829E-BE31-378580BD98EA}
FW: firewall.tools.exe (Disabled) {F3945FB6-2B3E-4CE3-7375-B5E2E67B2CCD}
FW: firewall.tools.exe (Enabled) {1A2A5BC2-8661-486A-E9A8-CDDB540A101F}
FW: firewall.tools.exe (Enabled) {DE8353B0-FA3B-1C97-A6F2-47E3086FE270}
FW: firewall.tools.exe (Enabled) {A6BFCB37-FD88-3169-9016-A19F8A583462}
FW: firewall.tools.exe (Enabled) {17E8CE47-42AD-C1F1-0700-B3410EE3DED6}
FW: firewall.tools.exe (Enabled) {47D4BDD8-0984-10EF-81DA-67DF50F9090C}
FW: firewall.tools.exe (Enabled) {D61C0689-D80C-09C3-9217-D404C4DB37CC}
FW: firewall.tools.exe (Enabled) {EABF72E2-9813-7346-E2F3-BB7D0B2AAFCB}
FW: firewall.tools.exe (Enabled) {0544AF26-4FE9-2BB0-F659-CE43883CF44F}
FW: Avira Security (Enabled) {71EC0A3F-391C-0E33-A103-0C8A6DF0EBF0}
FW: Avira Security (Enabled) {4EFB3EBA-D5BC-D311-F570-D3065B48D523}
FW: Avira Security (Enabled) {12CE3622-C811-64DE-1773-AA1774F2B8E1}
FW: Avira Security (Enabled) {76867038-CFEB-AE32-EFDA-5DE782F629FF}
FW: firewall.tools.exe (Enabled) {411C09FD-C895-2466-7CB2-4B121B959D78}
FW: firewall.tools.exe (Enabled) {568EC6DA-758B-F7DB-1DA3-0F92F0A311A4}
FW: firewall.tools.exe (Enabled) {192950A7-224C-7675-566D-ADC7513196AB}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
7-Zip 23.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2301-000001000000}) (Version: 23.01.00.0 - Igor Pavlov)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 119.1.23320.200 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1653.5 - AVAST Software) Hidden
Avira Fallback Updater (HKLM-x32\...\Avira Fallback Updater) (Version: - ) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.43.1.16819 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.26.0.18 - Avira Operations GmbH) Hidden
CrystalDiskInfo 9.2.0 Aoi Edition (HKLM\...\CrystalDiskInfo_is1) (Version: 9.2.0 - Crystal Dew World)
DCENT Bridge 1.3.0 (HKU\S-1-5-21-2591752007-528138199-2689751265-1001\...\{9edeef81-4cc9-577c-8458-71f3666e5007}) (Version: 1.3.0 - IoTrust)
Désinstallation de l'imprimante EPSON L3250 Series (HKLM\...\EPSON L3250 Series) (Version: - Seiko Epson Corporation)
Discord (HKU\S-1-5-21-2591752007-528138199-2689751265-1001\...\Discord) (Version: 1.0.9012 - Discord Inc.)
Endpoint Protection SDK (HKLM\...\{68E1CCB4-4965-4713-BDEB-77F6D6C9BF9D}_is1) (Version: 1.0.2209.3324 - Avira Operations GmbH & Co. KG) Hidden
Epic Games Launcher (HKLM-x32\...\{E8FDD9E1-BEB2-4E7F-A179-22962E4C377A}) (Version: 1.3.82.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{35905844-0610-427D-86A0-2103FABE3D4D}) (Version: 2.0.42.0 - Epic Games, Inc.)
Epson Event Manager (HKLM-x32\...\{DBC38C08-9FB5-43A5-B6BA-EB10AC7DA570}) (Version: 3.11.0053 - Seiko Epson Corporation)
Epson Manuals (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 2.0.4.0 - Seiko Epson Corporation)
Epson Photo+ (HKLM-x32\...\{82E09177-CD4D-412F-97B6-3C4763D6B0FA}) (Version: 3.7.2.0 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{DE32F90E-1A29-4D74-BCF1-E7DDB25D713A}) (Version: 3.4.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
EPSON Scan PDF EXtensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.02 - SEIKO EPSON Corp.)
Epson ScanSmart (HKLM-x32\...\{24D63D1B-83A2-4976-8D0D-8622D96B6B86}) (Version: 3.7.1 - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{711E8536-AB71-4455-A6C4-357FDBBEBF91}) (Version: 4.6.7 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Google Chrome (HKLM\...\{BC74D7B3-F268-3A05-926D-EBBE9E1340DC}) (Version: 120.0.6099.71 - Google LLC)
K-Lite Codec Pack 16.4.6 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.4.6 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-2591752007-528138199-2689751265-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Microsoft Edge (HKLM-x32\...\{71A45013-EA85-3748-B06C-73B6C069CBF7}) (Version: 120.0.2210.61 - Microsoft Corporation)
Microsoft Edge WebView2 Çalışma Zamanı (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.61 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2591752007-528138199-2689751265-1001\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30153 (HKLM-x32\...\{9057ceb3-ab14-4d3a-aa99-38d2d660e604}) (Version: 14.29.30153.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30153 (HKLM-x32\...\{e3aefa8b-a2ea-42b8-a384-95f2ff6df681}) (Version: 14.29.30153.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30153 (HKLM\...\{4EF122F4-F7DA-4F5B-A7A1-3FE7AE34850D}) (Version: 14.29.30153 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30153 (HKLM\...\{0F03096E-F81F-48D0-AEE0-9F8513CD883F}) (Version: 14.29.30153 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30153 (HKLM-x32\...\{F263DEED-F2D3-4AB2-9D1C-C47ED5AA8BFC}) (Version: 14.29.30153 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30153 (HKLM-x32\...\{F3E4AF00-C81D-4253-B947-67DD661932EC}) (Version: 14.29.30153 - Microsoft Corporation) Hidden
NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version: 1.4.0.132 - Nord Security)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 7.15.6.0 - Nord Security)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.7.0531.052416 - Razer Inc.)
Revo Uninstaller 2.3.8 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.8 - VS Revo Group, Ltd.)
Riot Client (HKU\S-1-5-21-2591752007-528138199-2689751265-1001\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc)
Telegram Desktop (HKU\S-1-5-21-2591752007-528138199-2689751265-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.12.2 - Telegram FZ-LLC)
TF Global Markets MetaTrader 5 Terminal (HKLM\...\TF Global Markets MetaTrader 5 Terminal) (Version: 5.00 - MetaQuotes Ltd.)
True Proprietary Funds MT4 Terminal (HKLM-x32\...\True Proprietary Funds MT4 Terminal) (Version: 4.00 - MetaQuotes Ltd.)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Windows PC Sistem Durumu Denetimi (HKLM\...\{069FF0BE-DDC4-41D8-8799-CEAA1A506840}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 6.24 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)
Wondershare Filmora 13(Build 13.0.51.4714) (HKU\S-1-5-21-2591752007-528138199-2689751265-1001\...\Wondershare Filmora 13_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare NativePush(Build 1.0.1.0) (HKU\S-1-5-21-2591752007-528138199-2689751265-1001\...\Wondershare NativePush_is1) (Version: - Wondershare Software)
Packages:
=========
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-11-23] (Microsoft Corporation)
Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-12-13] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-10-16] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-07] (Microsoft Studios) [MS Ad]
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-2591752007-528138199-2689751265-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\METİN AYAS\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
CustomCLSID: HKU\S-1-5-21-2591752007-528138199-2689751265-1001_Classes\CLSID\{4e6f7264-5650-4e00-0000-000000000000}\localserver32 -> C:\Program Files\NordVPN\NordVPN.exe (nordvpn s.a. -> nordvpn S.A.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-12-08] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-12-08] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll -> Pas de fichier
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2023-09-22] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Pas de fichier
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Pas de fichier
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll -> Pas de fichier
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2023-09-22] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0905d5f86c27c241\nvshext.dll [2023-10-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2023-09-22] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll -> Pas de fichier
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Avec liste blanche) ====================
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
ShortcutWithArgument: C:\Users\METİN AYAS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d76736477ba15566\Xrp - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 10"
ShortcutWithArgument: C:\Users\METİN AYAS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d755e1040e5d38ac\dalskdas - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 8"
ShortcutWithArgument: C:\Users\METİN AYAS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b42be1c9c51179ef\dsad - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 7"
ShortcutWithArgument: C:\Users\METİN AYAS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Xrp - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\METİN AYAS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\603d61d7b578f489\Xrp - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 11"
ShortcutWithArgument: C:\Users\METİN AYAS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\2b054a3d8e89c41e\XrpAdaFan - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 13"
ShortcutWithArgument: C:\Users\METİN AYAS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Cosmos - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"
==================== Modules chargés (Avec liste blanche) =============
2023-12-11 13:06 - 2023-12-11 13:06 - 000235520 _____ () [Fichier non signé] \\?\C:\Users\METİN AYAS\AppData\Local\Temp\c353dc2c-e847-42b1-a7f9-81d6b5d8c2d4.tmp.node
2023-12-08 21:50 - 2016-07-21 10:54 - 000137728 _____ () [Fichier non signé] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2023-12-08 21:50 - 2017-09-12 10:34 - 001506304 _____ () [Fichier non signé] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2023-01-12 18:23 - 2022-10-06 04:09 - 001945600 _____ () [Fichier non signé] C:\Users\METİN AYAS\AppData\Local\Programs\dcent-bridge\ffmpeg.dll
2023-01-12 18:23 - 2022-10-06 04:09 - 000017408 _____ () [Fichier non signé] C:\Users\METİN AYAS\AppData\Local\Programs\dcent-bridge\libegl.dll
2023-01-12 18:23 - 2022-10-06 04:09 - 003424256 _____ () [Fichier non signé] C:\Users\METİN AYAS\AppData\Local\Programs\dcent-bridge\libglesv2.dll
2023-01-12 18:23 - 2022-10-06 04:09 - 017888768 _____ (Node.js) [Fichier non signé] C:\Users\METİN AYAS\AppData\Local\Programs\dcent-bridge\node.dll
2020-02-07 17:20 - 2020-02-07 17:20 - 000132096 _____ (Seiko Epson Corporation) [Fichier non signé] C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll
2018-03-05 16:41 - 2018-03-05 16:41 - 000057856 _____ (Seiko Epson Corporation) [Fichier non signé] C:\Program Files (x86)\Epson Software\Event Manager\EPNWPSHDevFinder.DLL
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Windows\System32\enppmon.dll
2023-12-08 21:50 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [Fichier non signé] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
==================== Alternate Data Streams (Avec liste blanche) ========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\ProgramData:err [2010]
AlternateDataStreams: C:\Windows\system32\.tmp:9765A70062 [3442]
AlternateDataStreams: C:\Users\All Users:err [2010]
AlternateDataStreams: C:\ProgramData\Application Data:err [2010]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [3442]
AlternateDataStreams: C:\Users\METİN AYAS\Desktop\FVG2.png:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Desktop\lesson 02 .mov:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Desktop\Monthl.png:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Desktop\RB2.png:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Desktop\Week.png:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\2022 ICT Mentorship Episode 3 (1).pdf:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\490016-1364623600.jpg:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\5EvTtXZPWXf9FnSBmQWDE9t89N17ztehRfECGUgKtAQa8hSL (2).json:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\5EvTtXZPWXf9FnSBmQWDE9t89N17ztehRfECGUgKtAQa8hSL (3).json:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\c4304a87926b83bb6c727e7f79906657.jpg:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\Dealing ranges.pdf:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\DiscordSetup (1).exe:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\dotNetFx45_Full_setup.exe:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\Ep 2_ Elements of Trade Setup dosyasının kopyası (1).docx:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\Epson_L3250_Series_EM_10_Web (1).exe:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\f9a447af886c5126e9795d51e45e921d.jpg:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\message (1).txt:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\Neoo.jpg:shield [57]
AlternateDataStreams: C:\Users\METİN AYAS\Downloads\ZoomInstaller.exe:shield [57]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [9264]
==================== Mode sans échec (Avec liste blanche) ==================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SophosVirusRemovalTool => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SophosVirusRemovalTool => ""="Service"
==================== Association (Avec liste blanche) =================
==================== Internet Explorer (Avec liste blanche) ==========
SearchScopes: HKU\S-1-5-21-2591752007-528138199-2689751265-1001 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.com.tr/search/?text={searchTerms}&clid=2233630
SearchScopes: HKU\S-1-5-21-2591752007-528138199-2689751265-1001 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.com.tr/search/?text={searchTerms}&clid=2233630
Toolbar: HKU\S-1-5-21-2591752007-528138199-2689751265-1001 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2019-12-07 12:14 - 2022-04-29 02:38 - 000000822 ____N C:\Windows\system32\drivers\etc\hosts
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-2591752007-528138199-2689751265-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\METİN AYAS\Pictures\carte.jpeg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [TCP Query User{1A0DC0F4-C94D-45B2-9C1C-C5B473D2737D}C:\users\metİn ayas\appdata\local\programs\dcent-bridge\dcent bridge.exe] => (Allow) C:\users\metİn ayas\appdata\local\programs\dcent-bridge\dcent bridge.exe (IoTrust Co., Ltd. -> IoTrust)
FirewallRules: [UDP Query User{27629CA9-F129-4FE3-8027-3F2CEBB1C738}C:\users\metİn ayas\appdata\local\programs\dcent-bridge\dcent bridge.exe] => (Allow) C:\users\metİn ayas\appdata\local\programs\dcent-bridge\dcent bridge.exe (IoTrust Co., Ltd. -> IoTrust)
FirewallRules: [TCP Query User{748D77E0-552C-416F-8DBE-9CE44F561FDF}C:\users\metİn ayas\appdata\local\programs\nordpass\nordpass.exe] => (Allow) C:\users\metİn ayas\appdata\local\programs\nordpass\nordpass.exe => Pas de fichier
FirewallRules: [UDP Query User{DC8F5F7B-2746-4830-8A1C-1E089B25C78E}C:\users\metİn ayas\appdata\local\programs\nordpass\nordpass.exe] => (Allow) C:\users\metİn ayas\appdata\local\programs\nordpass\nordpass.exe => Pas de fichier
FirewallRules: [{AFC17CB9-F517-46CA-B9DA-BB7E48228442}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{FB252747-0C8C-4F13-B1D7-06D5384B47E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{AAEFC89C-3066-49EA-8EA3-C4EA1834BB53}C:\users\metİn ayas\appdata\local\discord\app-1.0.9003\discord.exe] => (Allow) C:\users\metİn ayas\appdata\local\discord\app-1.0.9003\discord.exe => Pas de fichier
FirewallRules: [UDP Query User{9665AB44-2570-4AC4-AC5D-165D583657CE}C:\users\metİn ayas\appdata\local\discord\app-1.0.9003\discord.exe] => (Allow) C:\users\metİn ayas\appdata\local\discord\app-1.0.9003\discord.exe => Pas de fichier
FirewallRules: [TCP Query User{3D100BD7-CC3D-4A4F-99E1-551AA3C8F917}C:\users\metİn ayas\appdata\local\discord\app-1.0.9004\discord.exe] => (Block) C:\users\metİn ayas\appdata\local\discord\app-1.0.9004\discord.exe => Pas de fichier
FirewallRules: [UDP Query User{F362A208-ADAE-4969-925F-EA8E7970896B}C:\users\metİn ayas\appdata\local\discord\app-1.0.9004\discord.exe] => (Block) C:\users\metİn ayas\appdata\local\discord\app-1.0.9004\discord.exe => Pas de fichier
FirewallRules: [TCP Query User{FC3C58C9-D2F5-43BE-9A7A-5AAD4E8D3F6B}C:\users\metİn ayas\appdata\local\programs\dcent-bridge\dcent bridge.exe] => (Allow) C:\users\metİn ayas\appdata\local\programs\dcent-bridge\dcent bridge.exe (IoTrust Co., Ltd. -> IoTrust)
FirewallRules: [UDP Query User{87831E20-8BD2-4CC5-8103-E63EED7DACDF}C:\users\metİn ayas\appdata\local\programs\dcent-bridge\dcent bridge.exe] => (Allow) C:\users\metİn ayas\appdata\local\programs\dcent-bridge\dcent bridge.exe (IoTrust Co., Ltd. -> IoTrust)
FirewallRules: [TCP Query User{819508BA-F505-4E71-9372-C6B6E583E064}C:\users\metİn ayas\appdata\roaming\telegram desktop\telegram.exe] => (Block) C:\users\metİn ayas\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [UDP Query User{5807648D-8FF9-4C2C-B677-9C32FA413D64}C:\users\metİn ayas\appdata\roaming\telegram desktop\telegram.exe] => (Block) C:\users\metİn ayas\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [TCP Query User{7BD50010-483B-45FD-80E5-08133C0E4146}C:\users\metİn ayas\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\metİn ayas\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [UDP Query User{CF054DD7-F7AE-461D-A3B9-DA38EEC0ADC6}C:\users\metİn ayas\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\metİn ayas\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{78DAFECF-65B7-46C7-B015-000525DEEF36}] => (Allow) C:\Program Files\TF Global Markets MetaTrader 5 Terminal\metatester64.exe (MetaQuotes Ltd -> MetaQuotes Ltd.)
FirewallRules: [{738535B9-767E-4EE9-90BA-A613FBF0AAA5}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (Seiko Epson Corporation) [Fichier non signé]
FirewallRules: [{ED5799A6-D4DE-4070-8EEA-AF84FE4C9935}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (Seiko Epson Corporation) [Fichier non signé]
FirewallRules: [{1EFA3D52-256A-4250-9656-50C3087F9877}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0EA7D813-B563-407C-9FEF-281B4A435FB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{CBBEE77B-A69C-4A0F-B980-CCB5A6718925}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B30272D2-8648-483E-8AFB-E6ABFB6A3FEE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{EDB01DBF-8C13-47A9-8CFB-F7130D5DDEA0}C:\users\metİn ayas\appdata\local\avira\browser\application\avirabrowser.exe] => (Block) C:\users\metİn ayas\appdata\local\avira\browser\application\avirabrowser.exe => Pas de fichier
FirewallRules: [UDP Query User{D584C1A3-2ADB-46CD-B336-85D04B5516D3}C:\users\metİn ayas\appdata\local\avira\browser\application\avirabrowser.exe] => (Block) C:\users\metİn ayas\appdata\local\avira\browser\application\avirabrowser.exe => Pas de fichier
FirewallRules: [{63348C4E-6AB2-4ACE-BA53-8940B5C02061}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A7C10F77-FFDE-4C78-AEE0-2014C02DE684}] => (Allow) C:\Users\METİN AYAS\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [{2E2D368D-D7FA-4303-9BD6-156C4A2A7D17}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{095A54AD-B63C-41AC-B382-8E0DCBB6F004}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.61\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F0EB838F-56CE-4DEB-AF6C-F5AE6773F232}] => (Allow) C:\Program Files\NordVPN\nordvpn-service.exe (nordvpn s.a. -> nordvpn S.A.)
FirewallRules: [{C1A6E0C5-26B7-43FE-8D84-AF9A62DB28E5}] => (Allow) C:\Program Files\NordVPN\nordvpn-service.exe (nordvpn s.a. -> nordvpn S.A.)
FirewallRules: [{D9844BE2-52E9-478D-8C27-E10B25055596}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
FirewallRules: [{5F314429-06C8-4E1F-9167-A206DB07A984}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
==================== Points de restauration =========================
09-12-2023 12:18:55 TRON v12.0.6: Pre-run checkpoint
==================== Éléments en erreur du Gestionnaire de périphériques ============
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (12/11/2023 01:06:26 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Le service Centre de sécurité Windows n'a pas pu charger les instances de FirewallProduct à partir du magasin de services.
Error: (12/11/2023 01:05:41 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Sistem kapatma işlemi sürüyor.
]
Error: (12/11/2023 01:04:08 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x8007001f, Sisteme bağlı bir aygıt çalışmıyor.
.
İşlem:
Zaman Uyumsuz İşlem Yapılıyor
Bağlam:
Geçerli Durum: DoSnapshotSet
Error: (12/11/2023 01:03:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service QHProtected since QueryServiceConfig API failed
System Error:
Sistem belirtilen dosyayı bulamıyor.
.
Error: (12/11/2023 12:58:51 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x8007001f, Sisteme bağlı bir aygıt çalışmıyor.
.
İşlem:
Zaman Uyumsuz İşlem Yapılıyor
Bağlam:
Geçerli Durum: DoSnapshotSet
Error: (12/11/2023 12:58:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service QHProtected since QueryServiceConfig API failed
System Error:
Sistem belirtilen dosyayı bulamıyor.
.
Error: (12/11/2023 12:51:12 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x8007001f, Sisteme bağlı bir aygıt çalışmıyor.
.
İşlem:
Zaman Uyumsuz İşlem Yapılıyor
Bağlam:
Geçerli Durum: DoSnapshotSet
Error: (12/11/2023 12:50:49 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005, Erişim engellendi.
.
Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur.
İşlem:
Yazıcı Verileri Toplanıyor
Bağlam:
Yazıcı Sınıf Kimliği: {e8132975-6f93-4464-a53e-1050253ae220}
Yazıcı Adı: System Writer
Yazıcı Örnek Kimliği: {a1902526-6f10-4e78-86be-63f5acf08624}
Erreurs système:
=============
Error: (12/11/2023 01:05:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Avira Security s’est terminé de façon inattendue pour la 1ème fois.
Error: (12/10/2023 08:22:00 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RL0QLOL)
Description: Le serveur Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/10/2023 03:46:23 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RL0QLOL)
Description: Le serveur Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/10/2023 03:44:59 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RL0QLOL)
Description: Le serveur Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (12/10/2023 12:01:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Avira Security Updater n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (12/10/2023 12:01:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Avira Security Updater.
Error: (12/10/2023 11:56:05 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 20:37:18 le 9.12.2023 n’était pas prévu.
Error: (12/09/2023 08:37:18 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 20:20:44 le 9.12.2023 n’était pas prévu.
Windows Defender:
================
Date: 2022-05-12 15:44:12
Description:
L’analyse Microsoft Defender Virüsten Koruma a été arrêtée avant la fin.
ID de l’analyse : {C44B0C85-43DD-44CE-B3A0-A60B8B6997A3}
Type de l’analyse : Kötü Amaçlı Yazılımdan Koruma
Paramètres de l’analyse : Hızlı Tarama
Utilisateur : NT AUTHORITY\SYSTEM
Date: 2022-05-11 15:44:12
Description:
L’analyse Microsoft Defender Virüsten Koruma a été arrêtée avant la fin.
ID de l’analyse : {067C5770-6F0D-4C18-8E5E-B60035179589}
Type de l’analyse : Kötü Amaçlı Yazılımdan Koruma
Paramètres de l’analyse : Hızlı Tarama
Utilisateur : NT AUTHORITY\SYSTEM
Date: 2022-05-10 15:44:12
Description:
L’analyse Microsoft Defender Virüsten Koruma a été arrêtée avant la fin.
ID de l’analyse : {A491CA4F-BCE1-4349-8D41-BDCDC7538FEA}
Type de l’analyse : Kötü Amaçlı Yazılımdan Koruma
Paramètres de l’analyse : Hızlı Tarama
Utilisateur : NT AUTHORITY\SYSTEM
Date: 2022-05-09 15:15:50
Description:
L’analyse Microsoft Defender Virüsten Koruma a été arrêtée avant la fin.
ID de l’analyse : {FDDCA2C0-CECF-4D5D-ABB0-79103FFD380E}
Type de l’analyse : Kötü Amaçlı Yazılımdan Koruma
Paramètres de l’analyse : Hızlı Tarama
Utilisateur : NT AUTHORITY\SYSTEM
Date: 2022-05-08 15:22:17
Description:
L’analyse Microsoft Defender Virüsten Koruma a été arrêtée avant la fin.
ID de l’analyse : {C8BE7B54-10C3-4EFD-8226-F54C724E6CDD}
Type de l’analyse : Kötü Amaçlı Yazılımdan Koruma
Paramètres de l’analyse : Hızlı Tarama
Utilisateur : NT AUTHORITY\SYSTEM
Event[0]:
Date: 2023-06-16 02:28:20
Description:
Microsoft Defender Virüsten Koruma a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité : 1.391.1582.0
Version précédente de la veille de sécurité : 1.389.82.0
Source de mise à jour : Kullanıcı
Type de veille de sécurité : Casus Yazılım Önleme
Type de mise à jour : Tam
Utilisateur : NT AUTHORITY\SYSTEM
Version actuelle du moteur : 1.1.23050.3
Version précédente du moteur : 1.1.20300.3
Code d’erreur : 0x80501102
Description de l’erreur : Beklenmeyen bir hata oluştu. Mevcut güncelleştirmelerin tümünü yükleyin, ardından programı yeniden başlatmayı deneyin. Güncelleştirmeleri yükleme hakkında bilgi için Yardım ve Destek'e bakın.
Date: 2023-06-16 02:28:20
Description:
Microsoft Defender Virüsten Koruma a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité : 1.391.1582.0
Version précédente de la veille de sécurité : 1.389.82.0
Source de mise à jour : Kullanıcı
Type de veille de sécurité : Virüsten Koruma
Type de mise à jour : Tam
Utilisateur : NT AUTHORITY\SYSTEM
Version actuelle du moteur : 1.1.23050.3
Version précédente du moteur : 1.1.20300.3
Code d’erreur : 0x80501102
Description de l’erreur : Beklenmeyen bir hata oluştu. Mevcut güncelleştirmelerin tümünü yükleyin, ardından programı yeniden başlatmayı deneyin. Güncelleştirmeleri yükleme hakkında bilgi için Yardım ve Destek'e bakın.
Date: 2023-06-16 02:28:20
Description:
Microsoft Defender Virüsten Koruma a rencontré une erreur lors de la mise à jour du moteur.
Nouvelle version du moteur : 1.1.23050.3
Version précédente du moteur : 1.1.20300.3
Utilisateur : NT AUTHORITY\SYSTEM
Code d’erreur : 0x80501102
Description de l’erreur : Beklenmeyen bir hata oluştu. Mevcut güncelleştirmelerin tümünü yükleyin, ardından programı yeniden başlatmayı deneyin. Güncelleştirmeleri yükleme hakkında bilgi için Yardım ve Destek'e bakın.
Date: 2023-05-20 09:38:17
Description:
Microsoft Defender Virüsten Koruma a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité : 1.389.1878.0
Version précédente de la veille de sécurité : 1.389.82.0
Source de mise à jour : Kullanıcı
Type de veille de sécurité : Casus Yazılım Önleme
Type de mise à jour : Farklar
Utilisateur : NT AUTHORITY\SYSTEM
Version actuelle du moteur : 1.1.20300.3
Version précédente du moteur : 1.1.20300.3
Code d’erreur : 0x80501102
Description de l’erreur : Beklenmeyen bir hata oluştu. Mevcut güncelleştirmelerin tümünü yükleyin, ardından programı yeniden başlatmayı deneyin. Güncelleştirmeleri yükleme hakkında bilgi için Yardım ve Destek'e bakın.
Date: 2023-05-20 09:38:17
Description:
Microsoft Defender Virüsten Koruma a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité : 1.389.1878.0
Version précédente de la veille de sécurité : 1.389.82.0
Source de mise à jour : Kullanıcı
Type de veille de sécurité : Virüsten Koruma
Type de mise à jour : Farklar
Utilisateur : NT AUTHORITY\SYSTEM
Version actuelle du moteur : 1.1.20300.3
Version précédente du moteur : 1.1.20300.3
Code d’erreur : 0x80501102
Description de l’erreur : Beklenmeyen bir hata oluştu. Mevcut güncelleştirmelerin tümünü yükleyin, ardından programı yeniden başlatmayı deneyin. Güncelleştirmeleri yükleme hakkında bilgi için Yardım ve Destek'e bakın.
CodeIntegrity:
===============
Date: 2023-12-11 13:09:44
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\360\Total Security\safemon\SafeWrapper.dll that did not meet the Microsoft signing level requirements.
==================== Infos Mémoire ===========================
BIOS: American Megatrends Inc. 3.70 06/09/2020
Carte mère: Micro-Star International Co., Ltd B450 TOMAHAWK MAX (MS-7C02)
Processeur: AMD Ryzen 5 3600 6-Core Processor
Pourcentage de mémoire utilisée: 34%
Mémoire physique - RAM - totale: 16334.87 MB
Mémoire physique - RAM - disponible: 10673.5 MB
Mémoire virtuelle totale: 18766.87 MB
Mémoire virtuelle disponible: 10851.41 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:222.97 GB) (Free:50.61 GB) (Model: CT240BX500SSD1) NTFS
Drive g: () (Fixed) (Total:931.5 GB) (Free:931.32 GB) (Model: ST1000DM010-2DM162) NTFS
\\?\Volume{2679d24d-0070-43ab-85fe-7eb3603aac68}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{7f312840-57d2-4b5d-b601-83e288aefbf4}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Fin de Addition.txt =======================