Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 13-09-2020
Exécuté par sowei (13-09-2020 11:58:24)
Exécuté depuis C:\Users\sowei\OneDrive\Bureau
Windows 10 Pro Version 1903 18362.1082 (X64) (2019-09-02 16:32:31)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-3318151192-1698313187-35287365-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3318151192-1698313187-35287365-503 - Limited - Disabled)
Invité (S-1-5-21-3318151192-1698313187-35287365-501 - Limited - Disabled)
sowei (S-1-5-21-3318151192-1698313187-35287365-1001 - Administrator - Enabled) => C:\Users\sowei
WDAGUtilityAccount (S-1-5-21-3318151192-1698313187-35287365-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Spybot - Search and Destroy (Enabled - Up to date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.1.0.407 - Adobe Systems Incorporated)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.51.1 - Asmedia Technology)
Backup and Sync from Google (HKLM\...\{01D33BEA-673C-439C-A7C7-DE5B236DB842}) (Version: 3.50.3166.0017 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
Dell ControlVault Host Components Installer 64 bit (HKLM\...\{AB1994E3-6CF8-4414-B51D-C54E5FD36520}) (Version: 4.9.24.58 - Broadcom Limited)
Dell Data Vault (64 bit) (HKLM\...\{7A64A717-AB74-4822-86A9-2DDD16B6E738}) (Version: 5.2.6.87 - Dell) Hidden
Dell Digital Delivery Service (HKLM-x32\...\{66E2407E-9001-483E-B2AA-7AEF97567143}) (Version: 3.6.1005.0 - Dell Products, LP)
Dell Precision Optimizer Application (HKLM-x32\...\{D66A3355-FEA4-4F60-8BAF-D6CBEDB396D8}) (Version: 5.1.11 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.215 - ALPSALPINE CO., LTD.)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC13154E5A00}) (Version: 19.021.20058 - Adobe Systems Incorporated)
G Suite Migration For Microsoft Outlook® 4.2.7.0 (HKLM-x32\...\{C3F8865F-04B4-406B-BE4F-5916867BDA2B}) (Version: 4.2.7.0 - Google, Inc.)
Glary Utilities 5.143 (HKLM-x32\...\Glary Utilities 5) (Version: 5.143.0.169 - Glarysoft Ltd)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.102 - Google LLC)
GoTo Opener (HKLM-x32\...\{665DF231-32BE-46BA-ABD2-B0D69F8314FF}) (Version: 1.0.494 - LogMeIn, Inc.)
GoToConnect 2.1.0 (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\{b5746384-3503-4fbf-824a-0a42d1bd0639}) (Version: 2.1.0 - LogMeIn, Inc. All rights reserved.)
GoToConnect 2.5.2 (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\b5746384-3503-4fbf-824a-0a42d1bd0639) (Version: 2.5.2 - LogMeIn, Inc. All rights reserved.)
GoToMeeting 10.13.0.18653 (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\GoToMeeting) (Version: 10.13.0.18653 - LogMeIn, Inc.)
HubSpot for Windows (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\9afbc8c9443d1363) (Version: 1.0.0.134 - Hubspot)
HubSpot Sales for Outlook (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\53945AAB78C7BE1D8B51DF62BA71EE58B9C07135) (Version: 3.0.1.241 - HubSpot, Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.4.10501.6067 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1829.12.0.1154 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.5037 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.2.1086 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.369.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{aa81bdf2-96a6-4400-a596-c7d1916ce9f7}) (Version: 1.50.369.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001060-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.60.1 - Intel Corporation)
IntelliJ IDEA 2019.2.4 (HKLM-x32\...\IntelliJ IDEA 2019.2.4) (Version: 192.7142.36 - JetBrains s.r.o.)
League of Legends (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Logiciel Intel® PROSet/Wireless (HKLM-x32\...\{cadd0828-f4db-462e-8562-3de7e2364b7e}) (Version: 20.100.0 - Intel Corporation)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.13029.20344 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.51 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft OneDrive (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\OneDriveSetup.exe) (Version: 20.052.0311.0011 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation)
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.60724 - Microsoft Corporation)
Molotov (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\Molotov) (Version: 4.2.3 - Molotov)
Mozilla Firefox 70.0.1 (x64 fr) (HKLM\...\Mozilla Firefox 70.0.1 (x64 fr)) (Version: 70.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0.2 - Mozilla)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.31.5.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{77DA107A-7AE4-497D-A84A-B143C3A21676}) (Version: 1.0.0 - NordVPN)
NVIDIA nView 148.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 148.92 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Pilote 3D Vision 389.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 389.08 - NVIDIA Corporation)
NVIDIA Pilote graphique 389.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 389.08 - NVIDIA Corporation)
NVIDIA Update 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA WMI 2.31.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.31.0 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13029.20200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13029.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.13029.20200 - Microsoft Corporation) Hidden
Panneau de configuration NVIDIA 389.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 389.08 - NVIDIA Corporation) Hidden
PaperCut MF Client (HKLM-x32\...\PaperCut MF Client_is1) (Version: 16.4.39754 - PaperCut Software International Pty Ltd)
partypoker (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\PartyPoker) (Version: - PartyGaming)
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version: - )
PostgreSQL 9.3 (HKLM\...\PostgreSQL 9.3) (Version: 9.3 - PostgreSQL Global Development Group)
ProRealTime (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\ProRealTime_is1) (Version: 1.18 - IT-Finance)
QuickBooks 4.1.2 (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\05fb5a8b-5c9d-57ac-a4b7-ecf271235d3f) (Version: 4.1.2 - Intuit Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8454 - Realtek Semiconductor Corp.)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.2172 - Realtek Semiconductor Corp.)
SharkScope Desktop 1.95 (HKLM-x32\...\1016-6073-5515-0204) (Version: 1.95 - CJM Solutions, LLC)
Shotcut (HKLM-x32\...\Shotcut) (Version: 19.08.16 - Meltytech, LLC)
Skype Meetings App (HKLM-x32\...\{893CD2E6-9458-4415-8934-A89C7E3AEA92}) (Version: 16.2.0.498 - Microsoft Corporation)
Slack (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\slack) (Version: 4.9.0 - Slack Technologies Inc.)
Slite 1.1.18 (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\894b9960-2e55-56ad-9446-18966dad7c7e) (Version: 1.1.18 - Slite team)
Solstice Client (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\Mersive SolsticeClient) (Version: 4.3.15176 - Mersive)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.8.67.0 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Thunderbolt™ Software (HKLM-x32\...\{6ECDE40C-4023-419A-8A4E-50FB71275876}) (Version: 17.3.73.350 - Intel Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.1 (HKLM\...\VulkanRT1.1.70.1) (Version: 1.1.70.1 - LunarG, Inc.) Hidden
WeWork Windows Member Driver Install and Configure (HKLM-x32\...\{A77E5707-989E-4FD7-84AD-ADE57B815B03}) (Version: 1.05.0000 - WeWork )
Winamax Installer (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\Winamax Installer 2.3.9.1545297276) (Version: 2.3.9.1545297276 - Winamax)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinRAS 2019.01 (HKLM-x32\...\WinRAS_2019.01_is1) (Version: - Revenu Québec)
WinRAS 2020.01 (HKLM-x32\...\WinRAS_2020.01_is1) (Version: - Revenu Québec)
Zoom (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)
ZoomInfo Contact Contributor (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\ZoomInfo Contact Contributor) (Version: 61 - )
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-07-22] (Adobe Systems Incorporated)
Bureau à distance Microsoft -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1215.0_x86__8wekyb3d8bbwe [2020-04-22] (Microsoft Corporation)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1851.4.0_x86__kgqvnymyfvs32 [2020-09-13] (king.com)
Centre de configuration des graphiques Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2765.0_x64__8j3eq9eme6ctt [2020-08-27] (INTEL CORP) [Startup Task]
Dell Command | Update -> C:\Program Files\WindowsApps\DellInc.DellCommandUpdate_3.0.122.0_x64__htrsf667h5kn2 [2018-10-31] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.52.0_x64__htrsf667h5kn2 [2020-05-28] (Dell Inc)
Dell Free Fall Data Protection -> C:\Program Files\WindowsApps\STMicroelectronicsMEMS.DellFreeFallDataProtection_1.0.10.0_x64__rp6h1c31mfy1y [2019-07-09] (STMICROELECTRONICS S.R.L.)
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.6.12.0_x64__htrsf667h5kn2 [2020-02-04] (Dell Inc)
Dell Precision Optimizer -> C:\Program Files\WindowsApps\DellInc.DellPrecisionOptimizer_6.4.5.0_x64__htrsf667h5kn2 [2020-08-11] (Dell Inc)
Dell PremierColor -> C:\Program Files\WindowsApps\PortraitDisplays.DellPremierColor_5.1.89.0_x64__2dgmkzkw4h30c [2020-08-07] (Portrait Displays) [Startup Task]
Dell Touchpad Assistant -> C:\Program Files\WindowsApps\C1E561A0.DellTouchpadAssistant_1.1.9.0_x64__ay1pycd334gd6 [2019-06-27] (ALPS Comm. Devices Tech. (SH) Co., Ltd)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.4.255.0_x64__rz1tebttyb220 [2020-09-03] (Dolby Laboratories)
Extension vidéo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-12-03] (Fitbit)
join.me Viewer -> C:\Program Files\WindowsApps\C236C1D5.join.meViewer_1.1.0.417_x64__n57vdvnj6e504 [2019-10-07] (LogMeIn, Inc.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-12-03] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-19] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-17] (Netflix, Inc.)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-01-20] (Adobe Systems Incorporated)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2018-12-03] (Waves Audio)
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-3318151192-1698313187-35287365-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-578902F2935D} -> [Creative Cloud Files] => C:\Users\sowei\Creative Cloud Files [2019-10-09 12:24]
CustomCLSID: HKU\S-1-5-21-3318151192-1698313187-35287365-1001_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\sowei\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.498\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3318151192-1698313187-35287365-1001_Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InprocServer32 -> 0x48D24BC7DDC0D5012C474CC7DDC0D501010000000400000000000000 => Pas de fichier
CustomCLSID: HKU\S-1-5-21-3318151192-1698313187-35287365-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_8d6ed1504b570116\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-3318151192-1698313187-35287365-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-07-30] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-06-15] (Google LLC -> Google)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-05-29] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-05-29] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-06-15] (Google LLC -> Google)
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2018-03-21] (NVIDIA Corporation -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-07-30] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-05-29] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Avec liste blanche) ====================
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
ShortcutWithArgument: C:\Users\sowei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\af4e6b99679bff19\Data Scraper - Easy Web Scraping.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nndknepjnldbdbepjfgmncbggmopgden
ShortcutWithArgument: C:\Users\sowei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Max (Maxime Soweif) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\sowei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6bc62714a51270ed\Datananas Connect.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=claekkfnhepphhinadlbhkhpgkjknkep
ShortcutWithArgument: C:\Users\sowei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Maxime (msoweiftrading) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\sowei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\GESTION Myriam (Immobilier) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"
==================== Modules chargés (Avec liste blanche) =============
2015-03-16 20:34 - 2015-03-16 20:34 - 000010240 _____ () [Fichier non signé] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\fr_fr\AcroTray.fra
2019-04-23 13:00 - 2017-05-09 00:59 - 000178688 _____ () [Fichier non signé] C:\Program Files\PostgreSQL\9.3\bin\LIBPQ.dll
2019-04-23 13:00 - 2016-08-02 06:40 - 002257408 _____ () [Fichier non signé] C:\Program Files\PostgreSQL\9.3\bin\libxml2.dll
2020-09-13 11:47 - 2020-09-13 11:47 - 000114176 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\_ctypes.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000172544 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\_elementtree.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 002250240 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\_hashlib.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000032256 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\_multiprocessing.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000046080 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\_psutil_windows.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000047616 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\_socket.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 002819584 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\_ssl.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000026112 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\_yappi.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000080896 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\bz2.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000016384 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\common.time34.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000007680 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\hashobjs_ext.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000301568 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\PIL._imaging.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000168448 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\pyexpat.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 001084416 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\pysqlite2._sqlite.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000548864 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\pythoncom27.dll
2020-09-13 11:47 - 2020-09-13 11:47 - 000137728 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\pywintypes27.dll
2020-09-13 11:47 - 2020-09-13 11:47 - 000010752 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\select.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000020992 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\thumbnails_ext.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000689664 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\unicodedata.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000119808 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\usb_ext.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000128512 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32api.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000438784 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32com.shell.shell.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000011776 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32crypt.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000023040 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32event.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000149504 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32file.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000223232 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32gui.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000048128 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32inet.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000029696 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32pdh.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000027648 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32pipe.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000044032 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32process.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000020480 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32profile.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000136192 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32security.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000026624 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32ts.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000034816 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\windows.conditional.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000038400 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\windows.connectivity.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000071680 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\windows.device_monitor.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000109056 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\windows.volumes.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000020480 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\windows.winwrap.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 001325056 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\wx._controls_.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 001489408 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\wx._core_.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 001007104 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\wx._gdi_.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000103424 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\wx._html2.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000916992 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\wx._misc_.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 001039872 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\wx._windows_.pyd
2019-12-02 18:29 - 2019-12-02 18:29 - 000021504 _____ (Adobe Systems Inc.) [Fichier non signé] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\fr_fr\Acrobat Elements\ContextMenuShim64.fra
2019-04-23 13:00 - 2011-01-10 11:16 - 000240862 _____ (Free Software Foundation) [Fichier non signé] C:\Program Files\PostgreSQL\9.3\bin\libintl-8.dll
2019-04-16 11:37 - 2019-02-21 12:00 - 000078336 _____ (Igor Pavlov) [Fichier non signé] C:\Program Files\7-Zip\7-zip.dll
2019-09-02 12:25 - 2018-02-27 18:08 - 000339072 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2020-09-13 11:47 - 2020-09-13 11:47 - 003043328 _____ (Python Software Foundation) [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\python27.dll
2019-04-23 13:00 - 2017-01-31 02:35 - 001662976 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files\PostgreSQL\9.3\bin\LIBEAY32.dll
2019-04-23 13:00 - 2017-01-31 02:35 - 000353280 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files\PostgreSQL\9.3\bin\SSLEAY32.dll
2020-09-13 11:47 - 2020-09-13 11:47 - 000202240 _____ (wxWidgets development team) [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\wxbase30u_net_vc90_x64.dll
2020-09-13 11:47 - 2020-09-13 11:47 - 002831872 _____ (wxWidgets development team) [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\wxbase30u_vc90_x64.dll
2020-09-13 11:47 - 2020-09-13 11:47 - 001654784 _____ (wxWidgets development team) [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\wxmsw30u_adv_vc90_x64.dll
2020-09-13 11:47 - 2020-09-13 11:47 - 006542336 _____ (wxWidgets development team) [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\wxmsw30u_core_vc90_x64.dll
2020-09-13 11:47 - 2020-09-13 11:47 - 000773632 _____ (wxWidgets development team) [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\wxmsw30u_html_vc90_x64.dll
2020-09-13 11:47 - 2020-09-13 11:47 - 000137216 _____ (wxWidgets development team) [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\wxmsw30u_webview_vc90_x64.dll
==================== Alternate Data Streams (Avec liste blanche) ========
==================== Mode sans échec (Avec liste blanche) ==================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) =================
==================== Internet Explorer (Avec liste blanche) ==========
HKU\S-1-5-21-3318151192-1698313187-35287365-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-3318151192-1698313187-35287365-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-3318151192-1698313187-35287365-1001 -> DefaultScope {E6C60A4E-E1B7-44DB-A080-7D7FD5EEA694} URL =
SearchScopes: HKU\S-1-5-21-3318151192-1698313187-35287365-1001 -> {E6C60A4E-E1B7-44DB-A080-7D7FD5EEA694} URL =
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-12-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-12-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-07-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-12-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-12-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-12-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-12-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3318151192-1698313187-35287365-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-12-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-08-08] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2018-04-11 19:38 - 2018-04-11 19:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2020-06-09 13:29 - 2020-06-09 14:03 - 000000513 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Google\Google Apps Migration\
HKU\S-1-5-21-3318151192-1698313187-35287365-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sowei\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img2.jpg
DNS Servers: 192.168.2.1 - 207.164.234.193
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu est activé.
Network Binding:
=============
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)
Wi-Fi: NordVPN LightWeight Firewall -> NordLwf (enabled)
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\StartupApproved\StartupFolder: => "Solstice.lnk"
HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\StartupApproved\StartupFolder: => "Aircall.lnk"
HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\StartupApproved\Run: => "NordVPN"
HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\StartupApproved\Run: => "Steam"
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [UDP Query User{67066A30-C5FA-4A49-AFD7-5851DD1ACA18}C:\users\sowei\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.498\pluginhost.exe] => (Allow) C:\users\sowei\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.498\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F3604B38-9C71-4611-BAA2-42869ACD9B8E}C:\users\sowei\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.498\pluginhost.exe] => (Allow) C:\users\sowei\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.498\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{741D47F9-6FA1-4718-9605-AA34AB6EFD44}] => (Allow) C:\Users\sowei\AppData\Roaming\Zoom\bin\airhost.exe => Pas de fichier
FirewallRules: [{812929B9-C009-4383-9F99-B008E657A346}] => (Allow) C:\Users\sowei\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C8DF0A5A-2DB8-4D0C-AB14-ACD65469786D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DBB49D4F-4F28-4657-8ABA-C758998FC1BD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AB7A7483-2C67-42DE-A5D5-0FD66631734C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16050.11029.20079.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{CB9A2588-8DF5-4689-B682-A2EADF54EB2F}C:\users\sowei\appdata\local\mersive\solsticeclient\solsticeclient.exe] => (Allow) C:\users\sowei\appdata\local\mersive\solsticeclient\solsticeclient.exe (Mersive Technologies, Inc. -> Mersive Technologies, Inc)
FirewallRules: [UDP Query User{7834D6D2-08EC-423A-B1B5-91BD17AA63EB}C:\users\sowei\appdata\local\mersive\solsticeclient\solsticeclient.exe] => (Allow) C:\users\sowei\appdata\local\mersive\solsticeclient\solsticeclient.exe (Mersive Technologies, Inc. -> Mersive Technologies, Inc)
FirewallRules: [TCP Query User{FC5C1A0E-EF0B-4A2E-B567-405045A18F6F}C:\users\sowei\appdata\local\programs\jive-desktop\gotoconnect.exe] => (Allow) C:\users\sowei\appdata\local\programs\jive-desktop\gotoconnect.exe (LogMeIn, Inc. -> LogMeIn, Inc. All rights reserved.)
FirewallRules: [UDP Query User{761E1603-B221-46C2-86A8-F29ACDC1189E}C:\users\sowei\appdata\local\programs\jive-desktop\gotoconnect.exe] => (Allow) C:\users\sowei\appdata\local\programs\jive-desktop\gotoconnect.exe (LogMeIn, Inc. -> LogMeIn, Inc. All rights reserved.)
FirewallRules: [TCP Query User{38B27CAF-A3FE-4AE7-96AC-4266FB9B2961}C:\users\sowei\appdata\local\slack\app-4.3.4\slack.exe] => (Allow) C:\users\sowei\appdata\local\slack\app-4.3.4\slack.exe => Pas de fichier
FirewallRules: [UDP Query User{5A9592F4-9A79-4211-9C4F-4C9110288B40}C:\users\sowei\appdata\local\slack\app-4.3.4\slack.exe] => (Allow) C:\users\sowei\appdata\local\slack\app-4.3.4\slack.exe => Pas de fichier
FirewallRules: [{CEA55C5E-2541-4FF1-8AC4-6F242D392573}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{2AA4C082-D3F5-4693-BF29-CAFCAF801465}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{2CD315E4-5BF3-425D-BD74-7275B01A531B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Pas de fichier
FirewallRules: [{229674F3-E7A3-4D28-B7D6-0B414E4C7552}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Pas de fichier
FirewallRules: [{27A6199C-AD83-490A-A1CD-4E66C1E9DBA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HER STORY\HerStory.exe (Unity Technologies SF -> ) [Fichier non signé]
FirewallRules: [{54F61012-55F8-46A6-8882-486E468F10AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HER STORY\HerStory.exe (Unity Technologies SF -> ) [Fichier non signé]
FirewallRules: [{5B86330E-6DCE-4837-BF75-4440F907FC5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Telling Lies\TellingLies.exe () [Fichier non signé]
FirewallRules: [{64505270-82C6-4222-9809-3150D3C7BE0E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Telling Lies\TellingLies.exe () [Fichier non signé]
FirewallRules: [{18F4D5D7-CAA0-447F-8ADB-D7C1CFBBAB98}] => (Allow) C:\Program Files\MetaTrader 5\metatester64.exe => Pas de fichier
FirewallRules: [{6E23E3C7-05EA-4E07-98EC-F40EEA457445}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D1B9539B-0FCA-4228-B348-03644769DC7D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5F242063-9F0B-4556-91F8-39B1F2CC1B31}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => Pas de fichier
FirewallRules: [{DE1E5E22-FF97-4545-A949-CC99BAB31782}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => Pas de fichier
FirewallRules: [{470C9D95-C639-4893-88C7-6760946FDB17}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{18854658-2D94-4B18-A842-906627C82B70}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1ADF498C-8503-4B9A-8840-5D101C20DEAE}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{A29BA499-527B-4A77-A755-1F2537EF4305}C:\program files (x86)\jamcast\jctray.exe] => (Allow) C:\program files (x86)\jamcast\jctray.exe => Pas de fichier
FirewallRules: [UDP Query User{BB54DB42-BCBD-4162-9DB3-C76610A368F0}C:\program files (x86)\jamcast\jctray.exe] => (Allow) C:\program files (x86)\jamcast\jctray.exe => Pas de fichier
FirewallRules: [{022B89D4-2602-4663-9502-484975EBD7A5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{95B27FE6-5CB7-42DE-813E-40C1C6D8D2FC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{94FB7DA8-BCB6-40C2-800D-3D337257A893}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{177653C1-7796-4467-8B17-5B4E8D2653BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{64E378DD-3E4A-4195-90CE-1375EC6B0DBA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9664241A-8CB3-4ADD-B01E-EE2149F2D299}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
==================== Points de restauration =========================
04-09-2020 09:06:14 Windows Update
09-09-2020 13:05:15 Windows Update
10-09-2020 12:54:08 AdwCleaner_BeforeCleaning_10/09/2020_12:54:07
10-09-2020 12:59:57 AdwCleaner_BeforeCleaning_10/09/2020_12:59:54
==================== Éléments en erreur du Gestionnaire de périphériques ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (09/13/2020 11:56:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme GoToConnect.exe version 2.5.2.330 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance.
ID de processus : 4db4
Heure de début : 01d689e541a25158
Heure d'arrêt : 4294967295
Chemin d'accès à l'application : C:\Users\sowei\AppData\Local\Programs\jive-desktop\GoToConnect.exe
ID de rapport : 0f10ef2d-5504-42f7-980f-0e478605864b
Nom complet du package défectueux :
ID de l'application relative à un package défectueux :
Type de blocage : Top level window is idle
Error: (09/13/2020 11:55:02 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15004,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/13/2020 02:05:45 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (22228,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/13/2020 01:05:45 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14340,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/13/2020 12:12:55 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (20844,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/13/2020 12:05:00 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7020,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/12/2020 11:05:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17268,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/12/2020 10:28:31 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (21336,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Erreurs système:
=============
Error: (09/13/2020 11:49:21 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-M2ESBCJ)
Description: Le serveur Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (09/13/2020 11:47:23 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-M2ESBCJ)
Description: Le serveur Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (09/12/2020 10:21:09 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-M2ESBCJ)
Description: Le serveur Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (09/12/2020 10:21:02 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : le contrôleur embarqué n’a pas répondu dans le délai imparti. Cette erreur peut indiquer que le matériel ou le microprogramme du contrôleur embarqué présente une erreur ou que le BIOS accède au contrôleur embarqué de manière incorrecte. Contactez le fabricant de votre ordinateur afin de savoir si un BIOS mis à niveau est disponible. Dans certains cas, cette erreur peut provoquer un fonctionnement incorrect de l’application.
Error: (09/12/2020 03:12:46 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-M2ESBCJ)
Description: Le serveur Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (09/12/2020 03:07:53 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-M2ESBCJ)
Description: Le serveur Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (09/11/2020 03:26:41 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (09/11/2020 02:53:47 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-M2ESBCJ)
Description: Le serveur Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Windows Defender:
===================================
Date: 2020-09-10 19:32:05.170
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {56049B36-CBE1-4B51-837D-6159C54A3DCF}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2020-09-10 19:15:29.047
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {33CF5D00-BDF2-4167-9575-7F03FEA710B1}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2020-09-10 15:10:56.581
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {E9DA9D3B-165F-448A-9782-D55298FC491A}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2020-09-09 13:05:24.771
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {B75F2F88-E0EF-4663-86C5-0FF3EF30579B}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2020-09-09 09:07:29.029
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {58031B8A-A6E7-4EBD-A24C-F9B8A4275BA5}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2020-08-29 13:00:31.788
Description:
Antivirus Windows Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.323.44.0
Source de mise à jour : Serveur Microsoft Update
Type de veille de sécurité : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.17400.5
Code d’erreur : 0x80240022
Description de l’erreur : Le programme ne peut pas rechercher les mises à jour de définitions.
Date: 2020-08-29 13:00:31.787
Description:
Antivirus Windows Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.323.44.0
Source de mise à jour : Serveur Microsoft Update
Type de veille de sécurité : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.17400.5
Code d’erreur : 0x80240022
Description de l’erreur : Le programme ne peut pas rechercher les mises à jour de définitions.
CodeIntegrity:
===================================
Date: 2020-09-11 08:32:44.504
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-09-11 08:32:42.405
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-11 08:32:31.044
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-09-10 18:35:08.406
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-09-10 18:35:00.640
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-09-10 13:01:54.640
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-09-10 13:01:37.277
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-09-10 12:56:28.768
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
==================== Infos Mémoire ===========================
BIOS: Dell Inc. 1.3.8 08/08/2018
Carte mère: Dell Inc. 0T36NT
Processeur: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Pourcentage de mémoire utilisée: 73%
Mémoire physique - RAM - totale: 7985.66 MB
Mémoire physique - RAM - disponible: 2127.34 MB
Mémoire virtuelle totale: 18737.66 MB
Mémoire virtuelle disponible: 8965.98 MB
==================== Lecteurs ================================
Drive c: (OS) (Fixed) (Total:236.73 GB) (Free:112.97 GB) NTFS
\\?\Volume{6b8d9758-02dd-4c23-b2d0-d0f47ab68da2}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.48 GB) NTFS
\\?\Volume{a9b5d194-009d-44af-b057-39646fbec9b8}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.59 GB) FAT32
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 71637086)
Partition: GPT.
==================== Fin de Addition.txt =======================
Exécuté par sowei (13-09-2020 11:58:24)
Exécuté depuis C:\Users\sowei\OneDrive\Bureau
Windows 10 Pro Version 1903 18362.1082 (X64) (2019-09-02 16:32:31)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-3318151192-1698313187-35287365-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3318151192-1698313187-35287365-503 - Limited - Disabled)
Invité (S-1-5-21-3318151192-1698313187-35287365-501 - Limited - Disabled)
sowei (S-1-5-21-3318151192-1698313187-35287365-1001 - Administrator - Enabled) => C:\Users\sowei
WDAGUtilityAccount (S-1-5-21-3318151192-1698313187-35287365-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Spybot - Search and Destroy (Enabled - Up to date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.1.0.407 - Adobe Systems Incorporated)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.51.1 - Asmedia Technology)
Backup and Sync from Google (HKLM\...\{01D33BEA-673C-439C-A7C7-DE5B236DB842}) (Version: 3.50.3166.0017 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
Dell ControlVault Host Components Installer 64 bit (HKLM\...\{AB1994E3-6CF8-4414-B51D-C54E5FD36520}) (Version: 4.9.24.58 - Broadcom Limited)
Dell Data Vault (64 bit) (HKLM\...\{7A64A717-AB74-4822-86A9-2DDD16B6E738}) (Version: 5.2.6.87 - Dell) Hidden
Dell Digital Delivery Service (HKLM-x32\...\{66E2407E-9001-483E-B2AA-7AEF97567143}) (Version: 3.6.1005.0 - Dell Products, LP)
Dell Precision Optimizer Application (HKLM-x32\...\{D66A3355-FEA4-4F60-8BAF-D6CBEDB396D8}) (Version: 5.1.11 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.215 - ALPSALPINE CO., LTD.)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC13154E5A00}) (Version: 19.021.20058 - Adobe Systems Incorporated)
G Suite Migration For Microsoft Outlook® 4.2.7.0 (HKLM-x32\...\{C3F8865F-04B4-406B-BE4F-5916867BDA2B}) (Version: 4.2.7.0 - Google, Inc.)
Glary Utilities 5.143 (HKLM-x32\...\Glary Utilities 5) (Version: 5.143.0.169 - Glarysoft Ltd)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.102 - Google LLC)
GoTo Opener (HKLM-x32\...\{665DF231-32BE-46BA-ABD2-B0D69F8314FF}) (Version: 1.0.494 - LogMeIn, Inc.)
GoToConnect 2.1.0 (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\{b5746384-3503-4fbf-824a-0a42d1bd0639}) (Version: 2.1.0 - LogMeIn, Inc. All rights reserved.)
GoToConnect 2.5.2 (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\b5746384-3503-4fbf-824a-0a42d1bd0639) (Version: 2.5.2 - LogMeIn, Inc. All rights reserved.)
GoToMeeting 10.13.0.18653 (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\GoToMeeting) (Version: 10.13.0.18653 - LogMeIn, Inc.)
HubSpot for Windows (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\9afbc8c9443d1363) (Version: 1.0.0.134 - Hubspot)
HubSpot Sales for Outlook (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\53945AAB78C7BE1D8B51DF62BA71EE58B9C07135) (Version: 3.0.1.241 - HubSpot, Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.4.10501.6067 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1829.12.0.1154 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.5037 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.2.1086 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.369.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{aa81bdf2-96a6-4400-a596-c7d1916ce9f7}) (Version: 1.50.369.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001060-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.60.1 - Intel Corporation)
IntelliJ IDEA 2019.2.4 (HKLM-x32\...\IntelliJ IDEA 2019.2.4) (Version: 192.7142.36 - JetBrains s.r.o.)
League of Legends (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Logiciel Intel® PROSet/Wireless (HKLM-x32\...\{cadd0828-f4db-462e-8562-3de7e2364b7e}) (Version: 20.100.0 - Intel Corporation)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.13029.20344 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.51 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft OneDrive (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\OneDriveSetup.exe) (Version: 20.052.0311.0011 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation)
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.60724 - Microsoft Corporation)
Molotov (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\Molotov) (Version: 4.2.3 - Molotov)
Mozilla Firefox 70.0.1 (x64 fr) (HKLM\...\Mozilla Firefox 70.0.1 (x64 fr)) (Version: 70.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0.2 - Mozilla)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.31.5.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{77DA107A-7AE4-497D-A84A-B143C3A21676}) (Version: 1.0.0 - NordVPN)
NVIDIA nView 148.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 148.92 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Pilote 3D Vision 389.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 389.08 - NVIDIA Corporation)
NVIDIA Pilote graphique 389.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 389.08 - NVIDIA Corporation)
NVIDIA Update 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA WMI 2.31.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.31.0 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13029.20200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13029.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.13029.20200 - Microsoft Corporation) Hidden
Panneau de configuration NVIDIA 389.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 389.08 - NVIDIA Corporation) Hidden
PaperCut MF Client (HKLM-x32\...\PaperCut MF Client_is1) (Version: 16.4.39754 - PaperCut Software International Pty Ltd)
partypoker (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\PartyPoker) (Version: - PartyGaming)
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version: - )
PostgreSQL 9.3 (HKLM\...\PostgreSQL 9.3) (Version: 9.3 - PostgreSQL Global Development Group)
ProRealTime (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\ProRealTime_is1) (Version: 1.18 - IT-Finance)
QuickBooks 4.1.2 (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\05fb5a8b-5c9d-57ac-a4b7-ecf271235d3f) (Version: 4.1.2 - Intuit Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8454 - Realtek Semiconductor Corp.)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.2172 - Realtek Semiconductor Corp.)
SharkScope Desktop 1.95 (HKLM-x32\...\1016-6073-5515-0204) (Version: 1.95 - CJM Solutions, LLC)
Shotcut (HKLM-x32\...\Shotcut) (Version: 19.08.16 - Meltytech, LLC)
Skype Meetings App (HKLM-x32\...\{893CD2E6-9458-4415-8934-A89C7E3AEA92}) (Version: 16.2.0.498 - Microsoft Corporation)
Slack (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\slack) (Version: 4.9.0 - Slack Technologies Inc.)
Slite 1.1.18 (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\894b9960-2e55-56ad-9446-18966dad7c7e) (Version: 1.1.18 - Slite team)
Solstice Client (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\Mersive SolsticeClient) (Version: 4.3.15176 - Mersive)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.8.67.0 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Thunderbolt™ Software (HKLM-x32\...\{6ECDE40C-4023-419A-8A4E-50FB71275876}) (Version: 17.3.73.350 - Intel Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.1 (HKLM\...\VulkanRT1.1.70.1) (Version: 1.1.70.1 - LunarG, Inc.) Hidden
WeWork Windows Member Driver Install and Configure (HKLM-x32\...\{A77E5707-989E-4FD7-84AD-ADE57B815B03}) (Version: 1.05.0000 - WeWork )
Winamax Installer (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\Winamax Installer 2.3.9.1545297276) (Version: 2.3.9.1545297276 - Winamax)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinRAS 2019.01 (HKLM-x32\...\WinRAS_2019.01_is1) (Version: - Revenu Québec)
WinRAS 2020.01 (HKLM-x32\...\WinRAS_2020.01_is1) (Version: - Revenu Québec)
Zoom (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)
ZoomInfo Contact Contributor (HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\ZoomInfo Contact Contributor) (Version: 61 - )
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-07-22] (Adobe Systems Incorporated)
Bureau à distance Microsoft -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1215.0_x86__8wekyb3d8bbwe [2020-04-22] (Microsoft Corporation)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1851.4.0_x86__kgqvnymyfvs32 [2020-09-13] (king.com)
Centre de configuration des graphiques Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2765.0_x64__8j3eq9eme6ctt [2020-08-27] (INTEL CORP) [Startup Task]
Dell Command | Update -> C:\Program Files\WindowsApps\DellInc.DellCommandUpdate_3.0.122.0_x64__htrsf667h5kn2 [2018-10-31] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.52.0_x64__htrsf667h5kn2 [2020-05-28] (Dell Inc)
Dell Free Fall Data Protection -> C:\Program Files\WindowsApps\STMicroelectronicsMEMS.DellFreeFallDataProtection_1.0.10.0_x64__rp6h1c31mfy1y [2019-07-09] (STMICROELECTRONICS S.R.L.)
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.6.12.0_x64__htrsf667h5kn2 [2020-02-04] (Dell Inc)
Dell Precision Optimizer -> C:\Program Files\WindowsApps\DellInc.DellPrecisionOptimizer_6.4.5.0_x64__htrsf667h5kn2 [2020-08-11] (Dell Inc)
Dell PremierColor -> C:\Program Files\WindowsApps\PortraitDisplays.DellPremierColor_5.1.89.0_x64__2dgmkzkw4h30c [2020-08-07] (Portrait Displays) [Startup Task]
Dell Touchpad Assistant -> C:\Program Files\WindowsApps\C1E561A0.DellTouchpadAssistant_1.1.9.0_x64__ay1pycd334gd6 [2019-06-27] (ALPS Comm. Devices Tech. (SH) Co., Ltd)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.4.255.0_x64__rz1tebttyb220 [2020-09-03] (Dolby Laboratories)
Extension vidéo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-12-03] (Fitbit)
join.me Viewer -> C:\Program Files\WindowsApps\C236C1D5.join.meViewer_1.1.0.417_x64__n57vdvnj6e504 [2019-10-07] (LogMeIn, Inc.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-12-03] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-19] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-17] (Netflix, Inc.)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-01-20] (Adobe Systems Incorporated)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2018-12-03] (Waves Audio)
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-3318151192-1698313187-35287365-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-578902F2935D} -> [Creative Cloud Files] => C:\Users\sowei\Creative Cloud Files [2019-10-09 12:24]
CustomCLSID: HKU\S-1-5-21-3318151192-1698313187-35287365-1001_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\sowei\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.498\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3318151192-1698313187-35287365-1001_Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InprocServer32 -> 0x48D24BC7DDC0D5012C474CC7DDC0D501010000000400000000000000 => Pas de fichier
CustomCLSID: HKU\S-1-5-21-3318151192-1698313187-35287365-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_8d6ed1504b570116\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-3318151192-1698313187-35287365-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-07-30] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-06-15] (Google LLC -> Google)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-05-29] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-05-29] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-06-15] (Google LLC -> Google)
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2018-03-21] (NVIDIA Corporation -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-07-30] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-05-29] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Avec liste blanche) ====================
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
ShortcutWithArgument: C:\Users\sowei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\af4e6b99679bff19\Data Scraper - Easy Web Scraping.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nndknepjnldbdbepjfgmncbggmopgden
ShortcutWithArgument: C:\Users\sowei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Max (Maxime Soweif) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\sowei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6bc62714a51270ed\Datananas Connect.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=claekkfnhepphhinadlbhkhpgkjknkep
ShortcutWithArgument: C:\Users\sowei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Maxime (msoweiftrading) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\sowei\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\GESTION Myriam (Immobilier) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"
==================== Modules chargés (Avec liste blanche) =============
2015-03-16 20:34 - 2015-03-16 20:34 - 000010240 _____ () [Fichier non signé] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\fr_fr\AcroTray.fra
2019-04-23 13:00 - 2017-05-09 00:59 - 000178688 _____ () [Fichier non signé] C:\Program Files\PostgreSQL\9.3\bin\LIBPQ.dll
2019-04-23 13:00 - 2016-08-02 06:40 - 002257408 _____ () [Fichier non signé] C:\Program Files\PostgreSQL\9.3\bin\libxml2.dll
2020-09-13 11:47 - 2020-09-13 11:47 - 000114176 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\_ctypes.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000172544 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\_elementtree.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 002250240 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\_hashlib.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000032256 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\_multiprocessing.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000046080 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\_psutil_windows.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000047616 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\_socket.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 002819584 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\_ssl.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000026112 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\_yappi.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000080896 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\bz2.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000016384 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\common.time34.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000007680 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\hashobjs_ext.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000301568 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\PIL._imaging.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000168448 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\pyexpat.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 001084416 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\pysqlite2._sqlite.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000548864 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\pythoncom27.dll
2020-09-13 11:47 - 2020-09-13 11:47 - 000137728 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\pywintypes27.dll
2020-09-13 11:47 - 2020-09-13 11:47 - 000010752 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\select.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000020992 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\thumbnails_ext.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000689664 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\unicodedata.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000119808 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\usb_ext.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000128512 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32api.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000438784 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32com.shell.shell.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000011776 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32crypt.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000023040 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32event.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000149504 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32file.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000223232 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32gui.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000048128 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32inet.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000029696 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32pdh.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000027648 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32pipe.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000044032 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32process.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000020480 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32profile.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000136192 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32security.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000026624 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\win32ts.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000034816 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\windows.conditional.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000038400 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\windows.connectivity.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000071680 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\windows.device_monitor.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000109056 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\windows.volumes.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000020480 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\windows.winwrap.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 001325056 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\wx._controls_.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 001489408 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\wx._core_.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 001007104 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\wx._gdi_.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000103424 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\wx._html2.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 000916992 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\wx._misc_.pyd
2020-09-13 11:47 - 2020-09-13 11:47 - 001039872 _____ () [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\wx._windows_.pyd
2019-12-02 18:29 - 2019-12-02 18:29 - 000021504 _____ (Adobe Systems Inc.) [Fichier non signé] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\fr_fr\Acrobat Elements\ContextMenuShim64.fra
2019-04-23 13:00 - 2011-01-10 11:16 - 000240862 _____ (Free Software Foundation) [Fichier non signé] C:\Program Files\PostgreSQL\9.3\bin\libintl-8.dll
2019-04-16 11:37 - 2019-02-21 12:00 - 000078336 _____ (Igor Pavlov) [Fichier non signé] C:\Program Files\7-Zip\7-zip.dll
2019-09-02 12:25 - 2018-02-27 18:08 - 000339072 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2020-09-13 11:47 - 2020-09-13 11:47 - 003043328 _____ (Python Software Foundation) [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\python27.dll
2019-04-23 13:00 - 2017-01-31 02:35 - 001662976 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files\PostgreSQL\9.3\bin\LIBEAY32.dll
2019-04-23 13:00 - 2017-01-31 02:35 - 000353280 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Fichier non signé] C:\Program Files\PostgreSQL\9.3\bin\SSLEAY32.dll
2020-09-13 11:47 - 2020-09-13 11:47 - 000202240 _____ (wxWidgets development team) [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\wxbase30u_net_vc90_x64.dll
2020-09-13 11:47 - 2020-09-13 11:47 - 002831872 _____ (wxWidgets development team) [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\wxbase30u_vc90_x64.dll
2020-09-13 11:47 - 2020-09-13 11:47 - 001654784 _____ (wxWidgets development team) [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\wxmsw30u_adv_vc90_x64.dll
2020-09-13 11:47 - 2020-09-13 11:47 - 006542336 _____ (wxWidgets development team) [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\wxmsw30u_core_vc90_x64.dll
2020-09-13 11:47 - 2020-09-13 11:47 - 000773632 _____ (wxWidgets development team) [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\wxmsw30u_html_vc90_x64.dll
2020-09-13 11:47 - 2020-09-13 11:47 - 000137216 _____ (wxWidgets development team) [Fichier non signé] C:\Users\sowei\AppData\Local\Temp\_MEI102842\wxmsw30u_webview_vc90_x64.dll
==================== Alternate Data Streams (Avec liste blanche) ========
==================== Mode sans échec (Avec liste blanche) ==================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) =================
==================== Internet Explorer (Avec liste blanche) ==========
HKU\S-1-5-21-3318151192-1698313187-35287365-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-3318151192-1698313187-35287365-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-3318151192-1698313187-35287365-1001 -> DefaultScope {E6C60A4E-E1B7-44DB-A080-7D7FD5EEA694} URL =
SearchScopes: HKU\S-1-5-21-3318151192-1698313187-35287365-1001 -> {E6C60A4E-E1B7-44DB-A080-7D7FD5EEA694} URL =
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-12-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-12-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-07-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-12-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-12-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-12-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-12-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3318151192-1698313187-35287365-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-12-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-08-08] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2018-04-11 19:38 - 2018-04-11 19:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2020-06-09 13:29 - 2020-06-09 14:03 - 000000513 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Google\Google Apps Migration\
HKU\S-1-5-21-3318151192-1698313187-35287365-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sowei\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img2.jpg
DNS Servers: 192.168.2.1 - 207.164.234.193
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu est activé.
Network Binding:
=============
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)
Wi-Fi: NordVPN LightWeight Firewall -> NordLwf (enabled)
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\StartupApproved\StartupFolder: => "Solstice.lnk"
HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\StartupApproved\StartupFolder: => "Aircall.lnk"
HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\StartupApproved\Run: => "NordVPN"
HKU\S-1-5-21-3318151192-1698313187-35287365-1001\...\StartupApproved\Run: => "Steam"
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [UDP Query User{67066A30-C5FA-4A49-AFD7-5851DD1ACA18}C:\users\sowei\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.498\pluginhost.exe] => (Allow) C:\users\sowei\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.498\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F3604B38-9C71-4611-BAA2-42869ACD9B8E}C:\users\sowei\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.498\pluginhost.exe] => (Allow) C:\users\sowei\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.498\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{741D47F9-6FA1-4718-9605-AA34AB6EFD44}] => (Allow) C:\Users\sowei\AppData\Roaming\Zoom\bin\airhost.exe => Pas de fichier
FirewallRules: [{812929B9-C009-4383-9F99-B008E657A346}] => (Allow) C:\Users\sowei\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C8DF0A5A-2DB8-4D0C-AB14-ACD65469786D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DBB49D4F-4F28-4657-8ABA-C758998FC1BD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AB7A7483-2C67-42DE-A5D5-0FD66631734C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16050.11029.20079.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{CB9A2588-8DF5-4689-B682-A2EADF54EB2F}C:\users\sowei\appdata\local\mersive\solsticeclient\solsticeclient.exe] => (Allow) C:\users\sowei\appdata\local\mersive\solsticeclient\solsticeclient.exe (Mersive Technologies, Inc. -> Mersive Technologies, Inc)
FirewallRules: [UDP Query User{7834D6D2-08EC-423A-B1B5-91BD17AA63EB}C:\users\sowei\appdata\local\mersive\solsticeclient\solsticeclient.exe] => (Allow) C:\users\sowei\appdata\local\mersive\solsticeclient\solsticeclient.exe (Mersive Technologies, Inc. -> Mersive Technologies, Inc)
FirewallRules: [TCP Query User{FC5C1A0E-EF0B-4A2E-B567-405045A18F6F}C:\users\sowei\appdata\local\programs\jive-desktop\gotoconnect.exe] => (Allow) C:\users\sowei\appdata\local\programs\jive-desktop\gotoconnect.exe (LogMeIn, Inc. -> LogMeIn, Inc. All rights reserved.)
FirewallRules: [UDP Query User{761E1603-B221-46C2-86A8-F29ACDC1189E}C:\users\sowei\appdata\local\programs\jive-desktop\gotoconnect.exe] => (Allow) C:\users\sowei\appdata\local\programs\jive-desktop\gotoconnect.exe (LogMeIn, Inc. -> LogMeIn, Inc. All rights reserved.)
FirewallRules: [TCP Query User{38B27CAF-A3FE-4AE7-96AC-4266FB9B2961}C:\users\sowei\appdata\local\slack\app-4.3.4\slack.exe] => (Allow) C:\users\sowei\appdata\local\slack\app-4.3.4\slack.exe => Pas de fichier
FirewallRules: [UDP Query User{5A9592F4-9A79-4211-9C4F-4C9110288B40}C:\users\sowei\appdata\local\slack\app-4.3.4\slack.exe] => (Allow) C:\users\sowei\appdata\local\slack\app-4.3.4\slack.exe => Pas de fichier
FirewallRules: [{CEA55C5E-2541-4FF1-8AC4-6F242D392573}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{2AA4C082-D3F5-4693-BF29-CAFCAF801465}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{2CD315E4-5BF3-425D-BD74-7275B01A531B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Pas de fichier
FirewallRules: [{229674F3-E7A3-4D28-B7D6-0B414E4C7552}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Pas de fichier
FirewallRules: [{27A6199C-AD83-490A-A1CD-4E66C1E9DBA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HER STORY\HerStory.exe (Unity Technologies SF -> ) [Fichier non signé]
FirewallRules: [{54F61012-55F8-46A6-8882-486E468F10AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HER STORY\HerStory.exe (Unity Technologies SF -> ) [Fichier non signé]
FirewallRules: [{5B86330E-6DCE-4837-BF75-4440F907FC5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Telling Lies\TellingLies.exe () [Fichier non signé]
FirewallRules: [{64505270-82C6-4222-9809-3150D3C7BE0E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Telling Lies\TellingLies.exe () [Fichier non signé]
FirewallRules: [{18F4D5D7-CAA0-447F-8ADB-D7C1CFBBAB98}] => (Allow) C:\Program Files\MetaTrader 5\metatester64.exe => Pas de fichier
FirewallRules: [{6E23E3C7-05EA-4E07-98EC-F40EEA457445}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D1B9539B-0FCA-4228-B348-03644769DC7D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5F242063-9F0B-4556-91F8-39B1F2CC1B31}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => Pas de fichier
FirewallRules: [{DE1E5E22-FF97-4545-A949-CC99BAB31782}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => Pas de fichier
FirewallRules: [{470C9D95-C639-4893-88C7-6760946FDB17}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{18854658-2D94-4B18-A842-906627C82B70}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1ADF498C-8503-4B9A-8840-5D101C20DEAE}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{A29BA499-527B-4A77-A755-1F2537EF4305}C:\program files (x86)\jamcast\jctray.exe] => (Allow) C:\program files (x86)\jamcast\jctray.exe => Pas de fichier
FirewallRules: [UDP Query User{BB54DB42-BCBD-4162-9DB3-C76610A368F0}C:\program files (x86)\jamcast\jctray.exe] => (Allow) C:\program files (x86)\jamcast\jctray.exe => Pas de fichier
FirewallRules: [{022B89D4-2602-4663-9502-484975EBD7A5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{95B27FE6-5CB7-42DE-813E-40C1C6D8D2FC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{94FB7DA8-BCB6-40C2-800D-3D337257A893}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{177653C1-7796-4467-8B17-5B4E8D2653BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{64E378DD-3E4A-4195-90CE-1375EC6B0DBA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9664241A-8CB3-4ADD-B01E-EE2149F2D299}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
==================== Points de restauration =========================
04-09-2020 09:06:14 Windows Update
09-09-2020 13:05:15 Windows Update
10-09-2020 12:54:08 AdwCleaner_BeforeCleaning_10/09/2020_12:54:07
10-09-2020 12:59:57 AdwCleaner_BeforeCleaning_10/09/2020_12:59:54
==================== Éléments en erreur du Gestionnaire de périphériques ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (09/13/2020 11:56:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme GoToConnect.exe version 2.5.2.330 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance.
ID de processus : 4db4
Heure de début : 01d689e541a25158
Heure d'arrêt : 4294967295
Chemin d'accès à l'application : C:\Users\sowei\AppData\Local\Programs\jive-desktop\GoToConnect.exe
ID de rapport : 0f10ef2d-5504-42f7-980f-0e478605864b
Nom complet du package défectueux :
ID de l'application relative à un package défectueux :
Type de blocage : Top level window is idle
Error: (09/13/2020 11:55:02 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15004,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/13/2020 02:05:45 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (22228,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/13/2020 01:05:45 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14340,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/13/2020 12:12:55 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (20844,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/13/2020 12:05:00 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7020,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/12/2020 11:05:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17268,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/12/2020 10:28:31 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (21336,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Erreurs système:
=============
Error: (09/13/2020 11:49:21 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-M2ESBCJ)
Description: Le serveur Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (09/13/2020 11:47:23 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-M2ESBCJ)
Description: Le serveur Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (09/12/2020 10:21:09 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-M2ESBCJ)
Description: Le serveur Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (09/12/2020 10:21:02 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : le contrôleur embarqué n’a pas répondu dans le délai imparti. Cette erreur peut indiquer que le matériel ou le microprogramme du contrôleur embarqué présente une erreur ou que le BIOS accède au contrôleur embarqué de manière incorrecte. Contactez le fabricant de votre ordinateur afin de savoir si un BIOS mis à niveau est disponible. Dans certains cas, cette erreur peut provoquer un fonctionnement incorrect de l’application.
Error: (09/12/2020 03:12:46 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-M2ESBCJ)
Description: Le serveur Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (09/12/2020 03:07:53 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-M2ESBCJ)
Description: Le serveur Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (09/11/2020 03:26:41 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (09/11/2020 02:53:47 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-M2ESBCJ)
Description: Le serveur Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Windows Defender:
===================================
Date: 2020-09-10 19:32:05.170
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {56049B36-CBE1-4B51-837D-6159C54A3DCF}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2020-09-10 19:15:29.047
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {33CF5D00-BDF2-4167-9575-7F03FEA710B1}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2020-09-10 15:10:56.581
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {E9DA9D3B-165F-448A-9782-D55298FC491A}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2020-09-09 13:05:24.771
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {B75F2F88-E0EF-4663-86C5-0FF3EF30579B}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2020-09-09 09:07:29.029
Description:
L’analyse Antivirus Windows Defender a été arrêtée avant la fin.
ID de l’analyse : {58031B8A-A6E7-4EBD-A24C-F9B8A4275BA5}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2020-08-29 13:00:31.788
Description:
Antivirus Windows Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.323.44.0
Source de mise à jour : Serveur Microsoft Update
Type de veille de sécurité : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.17400.5
Code d’erreur : 0x80240022
Description de l’erreur : Le programme ne peut pas rechercher les mises à jour de définitions.
Date: 2020-08-29 13:00:31.787
Description:
Antivirus Windows Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.323.44.0
Source de mise à jour : Serveur Microsoft Update
Type de veille de sécurité : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.17400.5
Code d’erreur : 0x80240022
Description de l’erreur : Le programme ne peut pas rechercher les mises à jour de définitions.
CodeIntegrity:
===================================
Date: 2020-09-11 08:32:44.504
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-09-11 08:32:42.405
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-11 08:32:31.044
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-09-10 18:35:08.406
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-09-10 18:35:00.640
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-09-10 13:01:54.640
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
Date: 2020-09-10 13:01:37.277
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-09-10 12:56:28.768
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.
==================== Infos Mémoire ===========================
BIOS: Dell Inc. 1.3.8 08/08/2018
Carte mère: Dell Inc. 0T36NT
Processeur: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Pourcentage de mémoire utilisée: 73%
Mémoire physique - RAM - totale: 7985.66 MB
Mémoire physique - RAM - disponible: 2127.34 MB
Mémoire virtuelle totale: 18737.66 MB
Mémoire virtuelle disponible: 8965.98 MB
==================== Lecteurs ================================
Drive c: (OS) (Fixed) (Total:236.73 GB) (Free:112.97 GB) NTFS
\\?\Volume{6b8d9758-02dd-4c23-b2d0-d0f47ab68da2}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.48 GB) NTFS
\\?\Volume{a9b5d194-009d-44af-b057-39646fbec9b8}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.59 GB) FAT32
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 71637086)
Partition: GPT.
==================== Fin de Addition.txt =======================