Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 20-09-2020
Exécuté par lucsd (21-09-2020 09:15:36)
Exécuté depuis C:\Users\lucsd\Downloads
Windows 10 Home Version 1903 18362.1082 (X64) (2019-07-05 05:20:49)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-3818357179-3018936402-1217380324-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3818357179-3018936402-1217380324-503 - Limited - Disabled)
Invité (S-1-5-21-3818357179-3018936402-1217380324-501 - Limited - Disabled)
lucsd (S-1-5-21-3818357179-3018936402-1217380324-1001 - Administrator - Enabled) => C:\Users\lucsd
WDAGUtilityAccount (S-1-5-21-3818357179-3018936402-1217380324-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Backup and Sync from Google (HKLM\...\{01D33BEA-673C-439C-A7C7-DE5B236DB842}) (Version: 3.50.3166.0017 - Google, Inc.)
Caesium version 1.7.0 (HKLM-x32\...\{88B0F0DE-6937-440D-B5CA-6E69003E55F7}_is1) (Version: 1.7.0 - Matteo Paonessa)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.0.19 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.3.1.4 - Canon Inc.)
Canon TS6000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS6000_series) (Version: 1.02 - Canon Inc.)
CAP FT (HKLM-x32\...\{823C39C1-E0BE-4EB4-87C7-C889BB1D3EF6}) (Version: 2.07 - Alpamayo)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.102 - Google LLC)
HP Audio Switch (HKLM-x32\...\{20A40E7C-E470-4E9F-9B5C-DDB2C205E856}) (Version: 1.0.154.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.12.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{016FBF6D-AEDE-4D33-87B4-DF6815EF674A}) (Version: 1.4.0.485 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{35556CCA-F14E-48F3-93F4-E29C4B3DBE30}) (Version: 1.4.485.0 - HP Inc.)
HP Software Framework (HKLM-x32\...\{71E18A14-1BDB-4B58-A67F-1BCDA12462FD}) (Version: 7.1.15.1 - HP)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1835.12.0.1162 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 24.20.100.6344 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.5.5.1040 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.369.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{aa81bdf2-96a6-4400-a596-c7d1916ce9f7}) (Version: 1.50.369.0 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{C8B9124C-2032-4645-96B5-25D1995DD514}) (Version: 16.5.5.1040 - Intel Corporation)
Logiciel Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Logiciel pour périphérique à chipset Intel® (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.13127.20408 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.51 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft OneDrive (HKU\S-1-5-21-3818357179-3018936402-1217380324-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3818357179-3018936402-1217380324-1001\...\Teams) (Version: 1.3.00.13565 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Mises à jour NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.164 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.164 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.38.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.34 - NVIDIA Corporation)
NVIDIA Pilote graphique 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20378 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Panneau de configuration NVIDIA 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 451.67 - NVIDIA Corporation) Hidden
Pulse Application Launcher (HKLM-x32\...\{87A137F6-F953-4840-9BD6-687C65D7D520}) (Version: 8.3.1991 - Pulse Secure, LLC)
Pulse Secure (HKLM\...\{A9FC219F-4A2C-416B-93A7-4C07801CFFD4}) (Version: 9.1.2525 - Pulse Secure, LLC) Hidden
Pulse Secure 9.1 (HKLM-x32\...\Pulse Secure 9.1) (Version: 9.1.2525 - Pulse Secure, LLC)
Pulse Secure Application Manager (HKLM-x32\...\Secure_Application_Manager) (Version: 8.3.7.65025 - Pulse Secure, LLC)
Pulse Secure Setup Client (HKU\S-1-5-21-3818357179-3018936402-1217380324-1001\...\Pulse_Setup_Client) (Version: 9.1.7.2525 - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Pulse_Setup_Client Activex Control) (Version: 3.1.1.1 - Pulse Secure, LLC)
Pulse Secure Setup Client Activex Control (HKLM-x32\...\Pulse_Setup_Client Activex Control) (Version: 3.1.1.1 - Pulse Secure, LLC)
Q-Dir (HKU\S-1-5-21-3818357179-3018936402-1217380324-1001\...\Q-Dir) (Version: - )
QGIS 2.18.28 'Las Palmas' (HKLM\...\QGIS 2.18) (Version: 2.18.28 - QGIS Development Team)
QGIS 3.4.15 'Madeira' (HKLM\...\QGIS 3.4) (Version: 3.4.15 - QGIS Development Team)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8656 - Realtek Semiconductor Corp.)
SHARP MX/MX-M/DX Series PCL/PS Printer Driver (HKLM-x32\...\SHARP MX-2310U PCL PS Printer Driver) (Version: 1.00.000 - SHARP)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.5.3 - TeamViewer)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Packages:
=========
HP CoolSense -> C:\Program Files\WindowsApps\AD2F1837.HPCoolSense_1.0.6.0_x64__v10z8vjag6ke6 [2019-01-30] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.6.6.0_x64__v10z8vjag6ke6 [2020-08-10] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.38.0_x64__v10z8vjag6ke6 [2019-11-08] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-28] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.21.0_x64__v10z8vjag6ke6 [2020-09-07] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-04-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-04-15] (Microsoft Corporation) [MS Ad]
Power Media Player 14 for HP Consumer PCs with DVD -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.PowerMediaPlayer14forHPConsumerPC_14.2.9528.0_x86__06qsbagp91rvg [2019-04-15] (CYBERLINKCOM CORP)
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-12] (Synaptics Incorporated)
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-3818357179-3018936402-1217380324-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\lucsd\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3818357179-3018936402-1217380324-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\lucsd\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-09-03] () [Fichier non signé] [Fichier en cours d'utilisation]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-06-15] (Google LLC -> Google)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL -> Pas de fichier
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-09-03] () [Fichier non signé] [Fichier en cours d'utilisation]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-06-15] (Google LLC -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_618947f7f882ca01\igfxDTCM.dll [2020-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-07-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Avec liste blanche) ====================
==================== Raccourcis & WMI ========================
==================== Modules chargés (Avec liste blanche) =============
2020-09-21 09:00 - 2020-09-21 09:00 - 000114176 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\_ctypes.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000172544 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\_elementtree.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 002250240 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\_hashlib.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000032256 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\_multiprocessing.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000046080 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\_psutil_windows.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000047616 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\_socket.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 002819584 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\_ssl.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000026112 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\_yappi.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000080896 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\bz2.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000016384 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\common.time34.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000007680 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\hashobjs_ext.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000301568 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\PIL._imaging.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000168448 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\pyexpat.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 001084416 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\pysqlite2._sqlite.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000548864 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\pythoncom27.dll
2020-09-21 09:00 - 2020-09-21 09:00 - 000137728 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\pywintypes27.dll
2020-09-21 09:00 - 2020-09-21 09:00 - 000010752 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\select.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000020992 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\thumbnails_ext.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000689664 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\unicodedata.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000119808 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\usb_ext.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000128512 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32api.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000438784 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32com.shell.shell.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000011776 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32crypt.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000023040 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32event.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000149504 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32file.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000223232 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32gui.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000048128 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32inet.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000029696 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32pdh.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000027648 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32pipe.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000044032 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32process.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000020480 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32profile.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000136192 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32security.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000026624 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32ts.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000034816 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\windows.conditional.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000038400 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\windows.connectivity.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000071680 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\windows.device_monitor.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000109056 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\windows.volumes.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000020480 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\windows.winwrap.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 001325056 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\wx._controls_.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 001489408 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\wx._core_.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 001007104 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\wx._gdi_.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000103424 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\wx._html2.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000916992 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\wx._misc_.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 001039872 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\wx._windows_.pyd
2020-09-17 12:15 - 2020-09-17 12:15 - 000160768 _____ () [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\2353baab00c73a1e7be668ba51f0503a\BRIDGECommon.ni.dll
2020-09-17 13:17 - 2020-09-17 13:17 - 000125440 _____ () [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\df01490e5333a735f667593590f7b738\BridgeExtension.ni.dll
2020-09-17 13:17 - 2020-09-17 13:17 - 000395264 _____ () [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\2f0cc123ad1d3ee944edf8815cc2b62e\CleanStartController.ni.dll
2020-09-17 13:18 - 2020-09-17 13:18 - 000138240 _____ () [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\bfcbb6a27b9f591d67fa38ab7a73991d\Interop.IWshRuntimeLibrary.ni.dll
2020-09-17 13:17 - 2020-09-17 13:17 - 000145920 _____ () [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Registratio4eabc192#\0d44d4da521c8ad44a9e021adbba9773\RegistrationUtilities.ni.dll
2019-07-10 11:13 - 2015-09-15 16:07 - 000318464 _____ (CANON INC) [Fichier non signé] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\scchmpm.dll
2019-07-10 11:13 - 2015-09-01 18:11 - 000194560 _____ (CANON INC.) [Fichier non signé] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnmpu2.dll
2019-07-10 11:13 - 2015-06-17 16:01 - 000008704 _____ (CANON INC.) [Fichier non signé] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_FRA.DLL
2019-07-10 11:13 - 2015-06-17 16:00 - 000104960 _____ (CANON INC.) [Fichier non signé] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2019-07-10 11:13 - 2015-05-26 09:44 - 000141312 _____ (CANON INC.) [Fichier non signé] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnwidsd.dll
2020-09-17 13:18 - 2020-09-17 13:18 - 000134656 _____ (hardcodet.net) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\9d2e1dee3f2b8484ebae18c6f09d594f\Hardcodet.Wpf.TaskbarNotification.ni.dll
2020-06-22 18:05 - 2020-06-22 18:05 - 000014336 _____ (HP Inc.) [Fichier non signé] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.21.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
2020-09-17 13:17 - 2020-09-17 13:17 - 000136192 _____ (HP Inc.) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\8acd68750c1a5a8edd9b534f08808fca\CommonPortable.ni.dll
2018-09-03 13:35 - 2018-09-03 13:35 - 000125952 _____ (Intel Corporation) [Fichier non signé] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2020-09-17 13:18 - 2020-09-17 13:18 - 001591808 _____ (Mark Heath) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\314542d34b337424520b8497df81615f\NAudio.ni.dll
2020-04-20 09:05 - 2020-04-20 09:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-04-20 09:05 - 2020-04-20 09:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2020-09-17 13:18 - 2020-09-17 13:18 - 003127808 _____ (Newtonsoft) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\7226f3c8170c670c6ed6a51152e4bad4\Newtonsoft.Json.ni.dll
2020-09-17 12:15 - 2020-09-17 12:15 - 002306560 _____ (Newtonsoft) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\daa0ded155e6d458d65c655739810b66\Newtonsoft.Json.ni.dll
2020-09-21 09:00 - 2020-09-21 09:00 - 003043328 _____ (Python Software Foundation) [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\python27.dll
2020-09-17 13:18 - 2020-09-17 13:18 - 000793088 _____ (The Apache Software Foundation) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\39c067a21025ad45e85d05b9d4ee5ca4\log4net.ni.dll
2020-09-21 09:00 - 2020-09-21 09:00 - 000202240 _____ (wxWidgets development team) [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\wxbase30u_net_vc90_x64.dll
2020-09-21 09:00 - 2020-09-21 09:00 - 002831872 _____ (wxWidgets development team) [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\wxbase30u_vc90_x64.dll
2020-09-21 09:00 - 2020-09-21 09:00 - 001654784 _____ (wxWidgets development team) [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\wxmsw30u_adv_vc90_x64.dll
2020-09-21 09:00 - 2020-09-21 09:00 - 006542336 _____ (wxWidgets development team) [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\wxmsw30u_core_vc90_x64.dll
2020-09-21 09:00 - 2020-09-21 09:00 - 000773632 _____ (wxWidgets development team) [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\wxmsw30u_html_vc90_x64.dll
2020-09-21 09:00 - 2020-09-21 09:00 - 000137216 _____ (wxWidgets development team) [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\wxmsw30u_webview_vc90_x64.dll
==================== Alternate Data Streams (Avec liste blanche) ========
==================== Mode sans échec (Avec liste blanche) ==================
==================== Association (Avec liste blanche) =================
==================== Internet Explorer (Avec liste blanche) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3818357179-3018936402-1217380324-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3818357179-3018936402-1217380324-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://metagate.site2.orange.com/dana-na/auth/url_1/welcome.cgi
SearchScopes: HKU\S-1-5-21-3818357179-3018936402-1217380324-1001 -> DefaultScope {7036700E-778B-4E0A-B4A3-41C5374827F5} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-3818357179-3018936402-1217380324-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-3818357179-3018936402-1217380324-1001 -> {7036700E-778B-4E0A-B4A3-41C5374827F5} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => Pas de fichier
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => Pas de fichier
DPF: HKLM {583C990C-2D38-410c-9A4A-0932D66A754F} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient64.cab
DPF: HKLM-x32 {8E375A63-C616-46F1-AC77-59DF78F3A826} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
IE trusted site: HKU\S-1-5-21-3818357179-3018936402-1217380324-1001\...\orange.com -> hxxps://metagate.site1.orange.com
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2018-09-15 09:31 - 2018-09-15 09:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3818357179-3018936402-1217380324-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\lucsd\Pictures\Capture.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Le Pare-feu est activé.
Network Binding:
=============
Wi-Fi: Juniper Network Service -> jnprns (enabled)
Ethernet: Juniper Network Service -> jnprns (enabled)
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
HKLM\...\StartupApproved\Run32: => "PulseSecure"
HKU\S-1-5-21-3818357179-3018936402-1217380324-1001\...\StartupApproved\StartupFolder: => "Outlook.lnk"
HKU\S-1-5-21-3818357179-3018936402-1217380324-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{DE486D16-3B28-497B-BEFA-0E48EB8A96D4}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => Pas de fichier
FirewallRules: [{2929E5A1-B142-4AFD-86D1-95D7B4C7EFEB}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => Pas de fichier
FirewallRules: [{B805057A-8E01-4BE9-B644-D7BD3BA3BE91}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{40990E54-867B-48C8-8077-18C83CC6B52D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{57FDA2E0-0A85-4EED-A76E-BA1EE117E9DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FE86BBEB-BD7F-435E-9625-1767A7735AF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{38A256F4-CE48-44FA-8FE9-C783CFD8DB79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{19570A88-EA16-48C9-90DA-957C7D48A8FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E4229CD0-1391-41DF-8AAA-200FF20C0290}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D4D55C44-E332-4827-B971-CFD02775A9FC}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe => Pas de fichier
FirewallRules: [{766A8781-0CC7-4D2A-B292-ACFEDF5CD3B5}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe => Pas de fichier
FirewallRules: [{9EE58781-85C2-4255-831E-D10F6C86E6E0}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe => Pas de fichier
FirewallRules: [{37AE023F-01DF-44B6-9CA9-B06AAB7F738E}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe => Pas de fichier
FirewallRules: [{A714D3AF-92F7-4639-B098-0A026694DAEB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D512835F-FE3F-48A2-B1C7-7AC4C5CE6DD8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{000A2618-CB8D-42C0-AC43-3487BD47534B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BAAB5EC1-CA33-481E-88C7-55548FEED51A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{2F523C57-4C95-4B01-8AE2-C9FF676A5338}C:\users\lucsd\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\lucsd\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{65C0BE87-2A61-460A-9F2C-B9AD4E916213}C:\users\lucsd\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\lucsd\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{39C24DF1-0B11-43F5-A1CD-2BA6590F7410}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DB094AD3-7C5C-458D-B18A-1DBB9CD2F8C4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B42677F2-DDD3-4F48-84AB-27F11B7A8C57}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{422CC4AA-E32A-4C8D-A271-E2DC99247491}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3DE13F0A-0E7C-4390-9CC6-FECEDEF3DA11}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{24C505E4-8E0D-4E9A-B3E4-CB3EEFC57447}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Points de restauration =========================
16-09-2020 10:41:19 Removed Adobe Acrobat Reader DC - Français.
==================== Éléments en erreur du Gestionnaire de périphériques ============
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (09/21/2020 09:12:38 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3352,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/21/2020 09:06:47 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/20/2020 05:00:44 PM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (5340,D,23) SRUJet: Base de données C:\WINDOWS\system32\SRU\SRUDB.dat : l’index UserIdTimeStamp de la table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} est endommagé (0).
Error: (09/20/2020 03:12:00 PM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (5340,D,23) SRUJet: Base de données C:\WINDOWS\system32\SRU\SRUDB.dat : l’index UserIdTimeStamp de la table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} est endommagé (0).
Error: (09/20/2020 02:29:47 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13140,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/20/2020 02:12:03 PM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (5340,D,23) SRUJet: Base de données C:\WINDOWS\system32\SRU\SRUDB.dat : l’index UserIdTimeStamp de la table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} est endommagé (0).
Error: (09/20/2020 09:40:04 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (5340,D,23) SRUJet: Base de données C:\WINDOWS\system32\SRU\SRUDB.dat : l’index UserIdTimeStamp de la table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} est endommagé (0).
Error: (09/20/2020 08:57:56 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4112,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Erreurs système:
=============
Error: (09/21/2020 09:11:21 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-S4NS7MU7)
Description: Le serveur Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (09/21/2020 09:04:23 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-S4NS7MU7)
Description: Le serveur Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (09/21/2020 09:02:52 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Le service Optimisation de livraison est en attente de démarrage.
Error: (09/21/2020 09:00:22 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-S4NS7MU7)
Description: Le serveur Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (09/21/2020 08:58:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Sentinel64 n’a pas pu démarrer en raison de l’erreur :
Le périphérique spécifié est introuvable.
Error: (09/21/2020 08:58:03 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 15:24:02 le 20/09/2020 n’était pas prévu.
Error: (09/21/2020 08:57:19 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: AUTORITE NT)
Description: 3221225684Une erreur irrécupérable s’est produite pendant le traitement des données de restauration.
Error: (09/20/2020 02:12:32 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-S4NS7MU7)
Description: Le serveur Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Windows Defender:
===================================
Date: 2020-09-20 08:37:11.130
Description:
Antivirus Windows Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.297.466.0
Source de mise à jour : Serveur Microsoft Update
Type de veille de sécurité : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.16100.4
Code d’erreur : 0x80240022
Description de l’erreur : Le programme ne peut pas rechercher les mises à jour de définitions.
CodeIntegrity:
===================================
Date: 2020-09-20 08:31:40.704
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-20 08:31:23.312
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-20 08:31:20.607
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-20 08:30:58.095
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-09-20 08:30:58.074
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-09-20 08:30:58.050
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-09-20 08:30:58.028
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-09-20 08:30:58.001
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Infos Mémoire ===========================
BIOS: AMI F.22 11/29/2018
Carte mère: HP 84ED
Processeur: Intel(R) Core(TM) i5-8300H CPU @ 2.30GHz
Pourcentage de mémoire utilisée: 60%
Mémoire physique - RAM - totale: 8000.51 MB
Mémoire physique - RAM - disponible: 3137.41 MB
Mémoire virtuelle totale: 13120.51 MB
Mémoire virtuelle disponible: 6851.34 MB
==================== Lecteurs ================================
Drive c: (Windows) (Fixed) (Total:930.28 GB) (Free:848.37 GB) NTFS
\\?\Volume{7b0119c4-b3b8-4333-bd40-a6a8817167ff}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.48 GB) NTFS
\\?\Volume{88bde41a-d59b-48e1-b6b8-76d8d8aafd55}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DF2E1105)
Partition: GPT.
==================== Fin de Addition.txt =======================
Exécuté par lucsd (21-09-2020 09:15:36)
Exécuté depuis C:\Users\lucsd\Downloads
Windows 10 Home Version 1903 18362.1082 (X64) (2019-07-05 05:20:49)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-3818357179-3018936402-1217380324-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3818357179-3018936402-1217380324-503 - Limited - Disabled)
Invité (S-1-5-21-3818357179-3018936402-1217380324-501 - Limited - Disabled)
lucsd (S-1-5-21-3818357179-3018936402-1217380324-1001 - Administrator - Enabled) => C:\Users\lucsd
WDAGUtilityAccount (S-1-5-21-3818357179-3018936402-1217380324-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Backup and Sync from Google (HKLM\...\{01D33BEA-673C-439C-A7C7-DE5B236DB842}) (Version: 3.50.3166.0017 - Google, Inc.)
Caesium version 1.7.0 (HKLM-x32\...\{88B0F0DE-6937-440D-B5CA-6E69003E55F7}_is1) (Version: 1.7.0 - Matteo Paonessa)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.0.19 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.3.1.4 - Canon Inc.)
Canon TS6000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS6000_series) (Version: 1.02 - Canon Inc.)
CAP FT (HKLM-x32\...\{823C39C1-E0BE-4EB4-87C7-C889BB1D3EF6}) (Version: 2.07 - Alpamayo)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.102 - Google LLC)
HP Audio Switch (HKLM-x32\...\{20A40E7C-E470-4E9F-9B5C-DDB2C205E856}) (Version: 1.0.154.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.12.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{016FBF6D-AEDE-4D33-87B4-DF6815EF674A}) (Version: 1.4.0.485 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{35556CCA-F14E-48F3-93F4-E29C4B3DBE30}) (Version: 1.4.485.0 - HP Inc.)
HP Software Framework (HKLM-x32\...\{71E18A14-1BDB-4B58-A67F-1BCDA12462FD}) (Version: 7.1.15.1 - HP)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1835.12.0.1162 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 24.20.100.6344 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.5.5.1040 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.369.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{aa81bdf2-96a6-4400-a596-c7d1916ce9f7}) (Version: 1.50.369.0 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{C8B9124C-2032-4645-96B5-25D1995DD514}) (Version: 16.5.5.1040 - Intel Corporation)
Logiciel Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Logiciel pour périphérique à chipset Intel® (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.13127.20408 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.51 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft OneDrive (HKU\S-1-5-21-3818357179-3018936402-1217380324-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3818357179-3018936402-1217380324-1001\...\Teams) (Version: 1.3.00.13565 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Mises à jour NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.164 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.164 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.38.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.34 - NVIDIA Corporation)
NVIDIA Pilote graphique 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20378 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Panneau de configuration NVIDIA 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 451.67 - NVIDIA Corporation) Hidden
Pulse Application Launcher (HKLM-x32\...\{87A137F6-F953-4840-9BD6-687C65D7D520}) (Version: 8.3.1991 - Pulse Secure, LLC)
Pulse Secure (HKLM\...\{A9FC219F-4A2C-416B-93A7-4C07801CFFD4}) (Version: 9.1.2525 - Pulse Secure, LLC) Hidden
Pulse Secure 9.1 (HKLM-x32\...\Pulse Secure 9.1) (Version: 9.1.2525 - Pulse Secure, LLC)
Pulse Secure Application Manager (HKLM-x32\...\Secure_Application_Manager) (Version: 8.3.7.65025 - Pulse Secure, LLC)
Pulse Secure Setup Client (HKU\S-1-5-21-3818357179-3018936402-1217380324-1001\...\Pulse_Setup_Client) (Version: 9.1.7.2525 - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Pulse_Setup_Client Activex Control) (Version: 3.1.1.1 - Pulse Secure, LLC)
Pulse Secure Setup Client Activex Control (HKLM-x32\...\Pulse_Setup_Client Activex Control) (Version: 3.1.1.1 - Pulse Secure, LLC)
Q-Dir (HKU\S-1-5-21-3818357179-3018936402-1217380324-1001\...\Q-Dir) (Version: - )
QGIS 2.18.28 'Las Palmas' (HKLM\...\QGIS 2.18) (Version: 2.18.28 - QGIS Development Team)
QGIS 3.4.15 'Madeira' (HKLM\...\QGIS 3.4) (Version: 3.4.15 - QGIS Development Team)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8656 - Realtek Semiconductor Corp.)
SHARP MX/MX-M/DX Series PCL/PS Printer Driver (HKLM-x32\...\SHARP MX-2310U PCL PS Printer Driver) (Version: 1.00.000 - SHARP)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.5.3 - TeamViewer)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Packages:
=========
HP CoolSense -> C:\Program Files\WindowsApps\AD2F1837.HPCoolSense_1.0.6.0_x64__v10z8vjag6ke6 [2019-01-30] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.6.6.0_x64__v10z8vjag6ke6 [2020-08-10] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.38.0_x64__v10z8vjag6ke6 [2019-11-08] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-28] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.21.0_x64__v10z8vjag6ke6 [2020-09-07] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-04-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-04-15] (Microsoft Corporation) [MS Ad]
Power Media Player 14 for HP Consumer PCs with DVD -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.PowerMediaPlayer14forHPConsumerPC_14.2.9528.0_x86__06qsbagp91rvg [2019-04-15] (CYBERLINKCOM CORP)
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-12] (Synaptics Incorporated)
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-3818357179-3018936402-1217380324-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\lucsd\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3818357179-3018936402-1217380324-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\lucsd\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-09-03] () [Fichier non signé] [Fichier en cours d'utilisation]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-06-15] (Google LLC -> Google)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL -> Pas de fichier
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-09-03] () [Fichier non signé] [Fichier en cours d'utilisation]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-06-15] (Google LLC -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_618947f7f882ca01\igfxDTCM.dll [2020-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-07-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Avec liste blanche) ====================
==================== Raccourcis & WMI ========================
==================== Modules chargés (Avec liste blanche) =============
2020-09-21 09:00 - 2020-09-21 09:00 - 000114176 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\_ctypes.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000172544 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\_elementtree.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 002250240 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\_hashlib.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000032256 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\_multiprocessing.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000046080 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\_psutil_windows.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000047616 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\_socket.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 002819584 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\_ssl.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000026112 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\_yappi.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000080896 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\bz2.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000016384 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\common.time34.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000007680 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\hashobjs_ext.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000301568 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\PIL._imaging.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000168448 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\pyexpat.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 001084416 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\pysqlite2._sqlite.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000548864 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\pythoncom27.dll
2020-09-21 09:00 - 2020-09-21 09:00 - 000137728 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\pywintypes27.dll
2020-09-21 09:00 - 2020-09-21 09:00 - 000010752 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\select.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000020992 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\thumbnails_ext.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000689664 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\unicodedata.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000119808 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\usb_ext.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000128512 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32api.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000438784 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32com.shell.shell.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000011776 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32crypt.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000023040 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32event.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000149504 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32file.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000223232 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32gui.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000048128 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32inet.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000029696 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32pdh.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000027648 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32pipe.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000044032 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32process.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000020480 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32profile.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000136192 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32security.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000026624 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\win32ts.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000034816 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\windows.conditional.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000038400 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\windows.connectivity.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000071680 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\windows.device_monitor.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000109056 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\windows.volumes.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000020480 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\windows.winwrap.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 001325056 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\wx._controls_.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 001489408 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\wx._core_.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 001007104 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\wx._gdi_.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000103424 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\wx._html2.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 000916992 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\wx._misc_.pyd
2020-09-21 09:00 - 2020-09-21 09:00 - 001039872 _____ () [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\wx._windows_.pyd
2020-09-17 12:15 - 2020-09-17 12:15 - 000160768 _____ () [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\2353baab00c73a1e7be668ba51f0503a\BRIDGECommon.ni.dll
2020-09-17 13:17 - 2020-09-17 13:17 - 000125440 _____ () [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\df01490e5333a735f667593590f7b738\BridgeExtension.ni.dll
2020-09-17 13:17 - 2020-09-17 13:17 - 000395264 _____ () [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\2f0cc123ad1d3ee944edf8815cc2b62e\CleanStartController.ni.dll
2020-09-17 13:18 - 2020-09-17 13:18 - 000138240 _____ () [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\bfcbb6a27b9f591d67fa38ab7a73991d\Interop.IWshRuntimeLibrary.ni.dll
2020-09-17 13:17 - 2020-09-17 13:17 - 000145920 _____ () [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Registratio4eabc192#\0d44d4da521c8ad44a9e021adbba9773\RegistrationUtilities.ni.dll
2019-07-10 11:13 - 2015-09-15 16:07 - 000318464 _____ (CANON INC) [Fichier non signé] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\scchmpm.dll
2019-07-10 11:13 - 2015-09-01 18:11 - 000194560 _____ (CANON INC.) [Fichier non signé] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnmpu2.dll
2019-07-10 11:13 - 2015-06-17 16:01 - 000008704 _____ (CANON INC.) [Fichier non signé] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_FRA.DLL
2019-07-10 11:13 - 2015-06-17 16:00 - 000104960 _____ (CANON INC.) [Fichier non signé] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2019-07-10 11:13 - 2015-05-26 09:44 - 000141312 _____ (CANON INC.) [Fichier non signé] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnwidsd.dll
2020-09-17 13:18 - 2020-09-17 13:18 - 000134656 _____ (hardcodet.net) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\9d2e1dee3f2b8484ebae18c6f09d594f\Hardcodet.Wpf.TaskbarNotification.ni.dll
2020-06-22 18:05 - 2020-06-22 18:05 - 000014336 _____ (HP Inc.) [Fichier non signé] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.21.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
2020-09-17 13:17 - 2020-09-17 13:17 - 000136192 _____ (HP Inc.) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\8acd68750c1a5a8edd9b534f08808fca\CommonPortable.ni.dll
2018-09-03 13:35 - 2018-09-03 13:35 - 000125952 _____ (Intel Corporation) [Fichier non signé] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2020-09-17 13:18 - 2020-09-17 13:18 - 001591808 _____ (Mark Heath) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\314542d34b337424520b8497df81615f\NAudio.ni.dll
2020-04-20 09:05 - 2020-04-20 09:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-04-20 09:05 - 2020-04-20 09:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2020-09-17 13:18 - 2020-09-17 13:18 - 003127808 _____ (Newtonsoft) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\7226f3c8170c670c6ed6a51152e4bad4\Newtonsoft.Json.ni.dll
2020-09-17 12:15 - 2020-09-17 12:15 - 002306560 _____ (Newtonsoft) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\daa0ded155e6d458d65c655739810b66\Newtonsoft.Json.ni.dll
2020-09-21 09:00 - 2020-09-21 09:00 - 003043328 _____ (Python Software Foundation) [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\python27.dll
2020-09-17 13:18 - 2020-09-17 13:18 - 000793088 _____ (The Apache Software Foundation) [Fichier non signé] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\39c067a21025ad45e85d05b9d4ee5ca4\log4net.ni.dll
2020-09-21 09:00 - 2020-09-21 09:00 - 000202240 _____ (wxWidgets development team) [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\wxbase30u_net_vc90_x64.dll
2020-09-21 09:00 - 2020-09-21 09:00 - 002831872 _____ (wxWidgets development team) [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\wxbase30u_vc90_x64.dll
2020-09-21 09:00 - 2020-09-21 09:00 - 001654784 _____ (wxWidgets development team) [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\wxmsw30u_adv_vc90_x64.dll
2020-09-21 09:00 - 2020-09-21 09:00 - 006542336 _____ (wxWidgets development team) [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\wxmsw30u_core_vc90_x64.dll
2020-09-21 09:00 - 2020-09-21 09:00 - 000773632 _____ (wxWidgets development team) [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\wxmsw30u_html_vc90_x64.dll
2020-09-21 09:00 - 2020-09-21 09:00 - 000137216 _____ (wxWidgets development team) [Fichier non signé] C:\Users\lucsd\AppData\Local\Temp\_MEI57802\wxmsw30u_webview_vc90_x64.dll
==================== Alternate Data Streams (Avec liste blanche) ========
==================== Mode sans échec (Avec liste blanche) ==================
==================== Association (Avec liste blanche) =================
==================== Internet Explorer (Avec liste blanche) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3818357179-3018936402-1217380324-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3818357179-3018936402-1217380324-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://metagate.site2.orange.com/dana-na/auth/url_1/welcome.cgi
SearchScopes: HKU\S-1-5-21-3818357179-3018936402-1217380324-1001 -> DefaultScope {7036700E-778B-4E0A-B4A3-41C5374827F5} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-3818357179-3018936402-1217380324-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-3818357179-3018936402-1217380324-1001 -> {7036700E-778B-4E0A-B4A3-41C5374827F5} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => Pas de fichier
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => Pas de fichier
DPF: HKLM {583C990C-2D38-410c-9A4A-0932D66A754F} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient64.cab
DPF: HKLM-x32 {8E375A63-C616-46F1-AC77-59DF78F3A826} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
IE trusted site: HKU\S-1-5-21-3818357179-3018936402-1217380324-1001\...\orange.com -> hxxps://metagate.site1.orange.com
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2018-09-15 09:31 - 2018-09-15 09:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3818357179-3018936402-1217380324-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\lucsd\Pictures\Capture.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Le Pare-feu est activé.
Network Binding:
=============
Wi-Fi: Juniper Network Service -> jnprns (enabled)
Ethernet: Juniper Network Service -> jnprns (enabled)
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
HKLM\...\StartupApproved\Run32: => "PulseSecure"
HKU\S-1-5-21-3818357179-3018936402-1217380324-1001\...\StartupApproved\StartupFolder: => "Outlook.lnk"
HKU\S-1-5-21-3818357179-3018936402-1217380324-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{DE486D16-3B28-497B-BEFA-0E48EB8A96D4}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => Pas de fichier
FirewallRules: [{2929E5A1-B142-4AFD-86D1-95D7B4C7EFEB}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => Pas de fichier
FirewallRules: [{B805057A-8E01-4BE9-B644-D7BD3BA3BE91}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{40990E54-867B-48C8-8077-18C83CC6B52D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{57FDA2E0-0A85-4EED-A76E-BA1EE117E9DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FE86BBEB-BD7F-435E-9625-1767A7735AF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{38A256F4-CE48-44FA-8FE9-C783CFD8DB79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{19570A88-EA16-48C9-90DA-957C7D48A8FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E4229CD0-1391-41DF-8AAA-200FF20C0290}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D4D55C44-E332-4827-B971-CFD02775A9FC}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe => Pas de fichier
FirewallRules: [{766A8781-0CC7-4D2A-B292-ACFEDF5CD3B5}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe => Pas de fichier
FirewallRules: [{9EE58781-85C2-4255-831E-D10F6C86E6E0}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe => Pas de fichier
FirewallRules: [{37AE023F-01DF-44B6-9CA9-B06AAB7F738E}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe => Pas de fichier
FirewallRules: [{A714D3AF-92F7-4639-B098-0A026694DAEB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D512835F-FE3F-48A2-B1C7-7AC4C5CE6DD8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{000A2618-CB8D-42C0-AC43-3487BD47534B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BAAB5EC1-CA33-481E-88C7-55548FEED51A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{2F523C57-4C95-4B01-8AE2-C9FF676A5338}C:\users\lucsd\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\lucsd\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{65C0BE87-2A61-460A-9F2C-B9AD4E916213}C:\users\lucsd\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\lucsd\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{39C24DF1-0B11-43F5-A1CD-2BA6590F7410}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DB094AD3-7C5C-458D-B18A-1DBB9CD2F8C4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B42677F2-DDD3-4F48-84AB-27F11B7A8C57}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{422CC4AA-E32A-4C8D-A271-E2DC99247491}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3DE13F0A-0E7C-4390-9CC6-FECEDEF3DA11}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{24C505E4-8E0D-4E9A-B3E4-CB3EEFC57447}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Points de restauration =========================
16-09-2020 10:41:19 Removed Adobe Acrobat Reader DC - Français.
==================== Éléments en erreur du Gestionnaire de périphériques ============
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (09/21/2020 09:12:38 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3352,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/21/2020 09:06:47 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/20/2020 05:00:44 PM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (5340,D,23) SRUJet: Base de données C:\WINDOWS\system32\SRU\SRUDB.dat : l’index UserIdTimeStamp de la table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} est endommagé (0).
Error: (09/20/2020 03:12:00 PM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (5340,D,23) SRUJet: Base de données C:\WINDOWS\system32\SRU\SRUDB.dat : l’index UserIdTimeStamp de la table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} est endommagé (0).
Error: (09/20/2020 02:29:47 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13140,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/20/2020 02:12:03 PM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (5340,D,23) SRUJet: Base de données C:\WINDOWS\system32\SRU\SRUDB.dat : l’index UserIdTimeStamp de la table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} est endommagé (0).
Error: (09/20/2020 09:40:04 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (5340,D,23) SRUJet: Base de données C:\WINDOWS\system32\SRU\SRUDB.dat : l’index UserIdTimeStamp de la table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} est endommagé (0).
Error: (09/20/2020 08:57:56 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4112,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Erreurs système:
=============
Error: (09/21/2020 09:11:21 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-S4NS7MU7)
Description: Le serveur Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (09/21/2020 09:04:23 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-S4NS7MU7)
Description: Le serveur Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (09/21/2020 09:02:52 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Le service Optimisation de livraison est en attente de démarrage.
Error: (09/21/2020 09:00:22 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-S4NS7MU7)
Description: Le serveur Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (09/21/2020 08:58:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Sentinel64 n’a pas pu démarrer en raison de l’erreur :
Le périphérique spécifié est introuvable.
Error: (09/21/2020 08:58:03 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 15:24:02 le 20/09/2020 n’était pas prévu.
Error: (09/21/2020 08:57:19 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: AUTORITE NT)
Description: 3221225684Une erreur irrécupérable s’est produite pendant le traitement des données de restauration.
Error: (09/20/2020 02:12:32 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-S4NS7MU7)
Description: Le serveur Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Windows Defender:
===================================
Date: 2020-09-20 08:37:11.130
Description:
Antivirus Windows Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.297.466.0
Source de mise à jour : Serveur Microsoft Update
Type de veille de sécurité : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.16100.4
Code d’erreur : 0x80240022
Description de l’erreur : Le programme ne peut pas rechercher les mises à jour de définitions.
CodeIntegrity:
===================================
Date: 2020-09-20 08:31:40.704
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-20 08:31:23.312
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-20 08:31:20.607
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-20 08:30:58.095
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-09-20 08:30:58.074
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-09-20 08:30:58.050
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-09-20 08:30:58.028
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-09-20 08:30:58.001
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Infos Mémoire ===========================
BIOS: AMI F.22 11/29/2018
Carte mère: HP 84ED
Processeur: Intel(R) Core(TM) i5-8300H CPU @ 2.30GHz
Pourcentage de mémoire utilisée: 60%
Mémoire physique - RAM - totale: 8000.51 MB
Mémoire physique - RAM - disponible: 3137.41 MB
Mémoire virtuelle totale: 13120.51 MB
Mémoire virtuelle disponible: 6851.34 MB
==================== Lecteurs ================================
Drive c: (Windows) (Fixed) (Total:930.28 GB) (Free:848.37 GB) NTFS
\\?\Volume{7b0119c4-b3b8-4333-bd40-a6a8817167ff}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.48 GB) NTFS
\\?\Volume{88bde41a-d59b-48e1-b6b8-76d8d8aafd55}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DF2E1105)
Partition: GPT.
==================== Fin de Addition.txt =======================