Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 09-01-2021
Exécuté par Rotgers (14-01-2021 00:43:22)
Exécuté depuis E:\Users\Rotgers\Desktop
Windows 10 Pro Version 2004 19041.746 (X64) (2020-07-19 21:08:14)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================

Administrateur (S-1-5-21-3951996487-3353100462-3228458458-500 - Administrator - Enabled) => C:\Users\Administrateur
DefaultAccount (S-1-5-21-3951996487-3353100462-3228458458-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3951996487-3353100462-3228458458-1002 - Limited - Enabled)
Invité (S-1-5-21-3951996487-3353100462-3228458458-501 - Limited - Disabled)
Rotgers (S-1-5-21-3951996487-3353100462-3228458458-1000 - Administrator - Enabled) => C:\Users\Rotgers
WDAGUtilityAccount (S-1-5-21-3951996487-3353100462-3228458458-504 - Limited - Disabled)

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
FW: Bitdefender Pare-feu (Enabled) {362C5A58-E860-6396-9204-BEEEF20CA463}
FW: ZoneAlarm Free Firewall Firewall (Disabled) {8D637332-9C08-995E-98D7-8237936B0E9F}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
APP Center (HKLM-x32\...\{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.15.0916 - Gigabyte) Hidden
APP Center (HKLM-x32\...\InstallShield_{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.15.0916 - Gigabyte)
ASUS PCE-AC88 WLAN Card Driver (HKLM-x32\...\{735F545B-DEC1-475F-A8FA-1F39CAB6AF16}) (Version: 2.8.0.7 - ASUS)
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - )
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 23.0.8.132 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 23.0.16.72 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 24.0.4.702 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
Centre Souris et Claviers Microsoft (HKLM\...\{31209DE4-88BE-479D-80E3-C97B37A8A8EA}) (Version: 12.181.137.0 - Microsoft Corporation) Hidden
Centre Souris et Claviers Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 12.181.137.0 - Microsoft Corporation)
Check Point SBA (HKLM\...\{C8325D51-E514-475B-AFF2-550C3527E563}) (Version: 86.5.9511 - Check Point Software Technologies Ltd.) Hidden
Désinstallation de l'imprimante EPSON WF-3720 Series (HKLM\...\EPSON WF-3720 Series) (Version: - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{7E0261C4-8495-4365-BE48-647701D8B9BD}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{E244A764-EDD0-46B0-8689-661F6B28D9E5}) (Version: 3.10.0069 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 3.20.00 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
EPSON Scan PDF EXtensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.02 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.15.0.19228 (HKU\S-1-5-21-3951996487-3353100462-3228458458-1000\...\GoToMeeting) (Version: 10.15.0.19228 - LogMeIn, Inc.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1058 - Intel Corporation)
Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5126 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.139.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{fd62de85-bda9-4280-a95b-fa2f86e0dc58}) (Version: 1.48.139.0 - Intel Corporation) Hidden
Intel® Accelerated Storage Manager (HKLM\...\{A8ECB591-B77E-42D7-8041-B95669C06055}) (Version: 1.5.0.6 - Intel Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Logitech SetPoint 6.69 (HKLM\...\sp6) (Version: 6.69.126 - Logitech)
Manuels EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.60 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office Professionnel Plus 2016 - fr-fr (HKLM\...\ProPlusRetail - fr-fr) (Version: 16.0.13530.20316 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3951996487-3353100462-3228458458-1000\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3994d355-238a-4612-af93-26d13deddef1}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mises à jour NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.4 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Pilote graphique 460.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.89 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
Package de pilotes Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/27/2012 7.0.0000.00004) (HKLM\...\BE156A27AFEAEA39D6A7C9D25CFA8DAFAF91756B) (Version: 08/27/2012 7.0.0000.00004 - Google, Inc.)
Package de pilotes Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/27/2012 7.0.0000.00004) (HKLM\...\D43FD4059F47ACA9539247D6CF690AAEA503AF2D) (Version: 08/27/2012 7.0.0000.00004 - Google, Inc.)
Package de pilotes Windows - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (12/02/2015 2.12.1.0) (HKLM\...\85A33267F12961AF9ED9AE799DEDA5E62BEA236F) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
RAPID Mode (HKLM\...\{7B2F4116-7C42-4EB6-9B11-220F0FAA3567}) (Version: 1.0.1.105 - Samsung Electronics Co., Ltd.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.42.526.2020 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8454 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.2.1.260 - Samsung Electronics)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.8.3 - TeamViewer)
Technologie de stockage Intel(R) Rapid entreprise (HKLM-x32\...\{1a1a8962-f5a0-47f7-bb11-3eea93944169}) (Version: 5.5.0.1367 - Intel Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Wondershare PDFelement ( Version 8.0.12 ) (HKLM\...\{343A530C-4726-4091-87E0-F9CC41792CE2}_is1) (Version: 8.0.12 - Wondershare)
ZoneAlarm Anti-Ransomware (HKLM-x32\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.002.1006 - Check Point Software) Hidden

Packages:
=========
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-12-16] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8042.0_x64__8wekyb3d8bbwe [2020-12-17] (Microsoft Studios) [MS Ad]
MSN Météo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-12-17] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.959.0_x64__56jybvy8sckqj [2021-01-05] (NVIDIA Corp.)

==================== Personnalisé CLSID (Avec liste blanche): ==============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-3951996487-3353100462-3228458458-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Rotgers\AppData\Local\GoToMeeting\18068\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-01-01] (Notepad++ -> )
ContextMenuHandlers1: [PDFelement.ContextMenu] -> {0b856263-ab76-3193-830d-9f212e3c5dad} => C:\Program Files (x86)\Wondershare\Wondershare PDFelement pour Windows (Français)\Addins\PEShellExtension.exe [2020-12-30] (Wondershare Technology Co.,Ltd -> Wondershare)
ContextMenuHandlers1: [PeContextMenuExtension] -> {098A124A-AA1C-38C8-A65E-D1199A14516A} => C:\Program Files (x86)\Common Files\Wondershare\PDFelement\AddIns\PEShellExt_x64.dll [2020-10-23] (Wondershare Technology Co.,Ltd -> Wondershare)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8f2c8fbddb2235\nvshext.dll [2020-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Avec liste blanche) ====================

==================== Raccourcis & WMI ========================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

ShortcutWithArgument: C:\Users\Rotgers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\VENUS RIS.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hcdjgfmolfkdhcnlmbcfnfhneehnejgi

==================== Modules chargés (Avec liste blanche) =============

2019-09-23 14:52 - 2019-09-23 14:52 - 000059392 _____ () [Fichier non signé] C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\SA\dict-vectorizer.dll
2019-11-27 11:15 - 2019-11-27 11:15 - 000398336 _____ (Check Point Software Technologies Ltd.) [Fichier non signé] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider32.dll
2019-11-27 11:18 - 2019-11-27 11:18 - 000513536 _____ (Check Point Software Technologies Ltd.) [Fichier non signé] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll
2019-11-27 11:18 - 2019-11-27 11:18 - 000067072 _____ (Check Point Software Technologies Ltd.) [Fichier non signé] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphnt64.dll
2019-11-27 11:18 - 2019-11-27 11:18 - 000019968 _____ (Check Point Software Technologies Ltd.) [Fichier non signé] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphusr64.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [Fichier non signé] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [Fichier non signé] c:\windows\system32\hpzipm12.dll
2018-08-30 06:34 - 2018-08-30 06:34 - 001619968 _____ (Intel Corporation) [Fichier non signé] C:\Program Files\Intel\Intel Accelerated Storage Manager Plugins\RSTePlugin.dll
2014-09-18 18:15 - 2014-09-18 18:15 - 001124352 _____ (Robert Simpson, et al.) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\SQLite\System.Data.SQLite.dll
2019-11-27 11:27 - 2019-11-27 11:27 - 001189888 _____ (Robert Simpson, et al.) [Fichier non signé] C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\x86\SQLite.Interop.dll
2020-08-07 21:52 - 2020-11-06 01:00 - 000098304 _____ (Seiko Epson Corporation) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\EbpD4Fax.dll
2020-08-07 21:52 - 2020-11-06 01:00 - 000212992 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\FUADRFIL.dll
2020-08-07 21:52 - 2020-11-06 01:00 - 000286720 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXCFG.dll
2020-08-07 21:52 - 2020-11-06 01:00 - 000446464 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXCSR.DLL
2020-08-07 21:52 - 2020-11-06 01:00 - 000393216 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXLDB.dll
2020-08-07 21:52 - 2020-11-06 01:00 - 000651264 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXTIF.dll
2020-08-07 21:52 - 2020-11-06 01:00 - 000421888 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\FUIMGCDC.dll
2020-08-07 21:52 - 2020-11-06 01:00 - 000278528 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\FULEPP.dll
2020-08-07 21:52 - 2020-11-06 01:00 - 000077824 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\FUSTMMSG.dll
2020-08-07 21:52 - 2020-11-06 01:00 - 000356352 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\FUSVCCLT.dll
2020-08-07 21:52 - 2020-11-06 01:00 - 000065536 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\FUUSBHLP.dll
2020-08-07 21:52 - 2020-11-06 01:00 - 000258048 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\FUVERDLG.dll
2020-08-07 21:52 - 2020-11-06 01:00 - 000073728 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\Library\FUDEVCOM.dll
2020-08-07 21:52 - 2020-11-06 01:00 - 000135168 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\Library\FUDRVUTL.dll
2020-08-07 21:52 - 2020-11-06 01:00 - 000339968 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\Library\FUPRBDEV.dll
2020-08-07 21:52 - 2020-11-06 01:00 - 000286720 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\Library\FUSNMPUT.dll
2020-08-07 21:52 - 2020-11-05 17:00 - 000090112 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUCMNMSG.dll
2020-08-07 21:52 - 2020-11-05 17:00 - 000090112 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXCFGRes.dll
2020-08-07 21:52 - 2020-11-05 17:00 - 000245760 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXRCV.dll
2020-08-07 21:52 - 2020-11-05 17:00 - 000110592 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXSTM.dll
2020-08-07 21:52 - 2020-11-05 17:00 - 000022016 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FULEPPRes.dll
2020-08-07 21:52 - 2020-11-05 17:00 - 000077824 _____ (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUPRBDEVRes.dll
2019-02-22 17:01 - 2019-02-22 17:01 - 000704512 _____ (Seiko Epson Corporation) [Fichier non signé] C:\Program Files (x86)\EPSON\MyEpson Portal\Configration_00000171\MepCfg.dll
2020-04-17 09:15 - 2020-04-17 09:15 - 000577536 _____ (Seiko Epson Corporation) [Fichier non signé] C:\Program Files (x86)\EPSON\MyEpson Portal\MepUploader_00000542\MepUploader.dll
2019-02-22 15:09 - 2019-02-22 15:09 - 000475136 _____ (Seiko Epson Corporation) [Fichier non signé] C:\Program Files (x86)\EPSON\MyEpson Portal\Online Manual_00000013\MepFAQ.dll
2015-12-11 15:14 - 2015-12-11 15:14 - 004968448 _____ (Seiko Epson Corporation) [Fichier non signé] C:\Program Files\EpsonNet\EpsonNet Print\ENSTRMAPIe.dll
2016-09-14 13:31 - 2016-09-14 13:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Windows\System32\enppmon.dll
2020-08-07 21:52 - 2020-11-06 01:00 - 000786432 _____ (SEIKO EPSON) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\Library\ENCM.dll
2020-08-07 21:52 - 2020-11-06 01:00 - 000278528 _____ (SEIKO EPSON) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\Library\ENNW.dll
2020-08-07 21:52 - 2020-11-06 01:00 - 000299008 _____ (SEIKO EPSON) [Fichier non signé] C:\Program Files (x86)\Epson Software\FAX Utility\Library\ENUTIL.dll

==================== Alternate Data Streams (Avec liste blanche) ========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8 [338]
AlternateDataStreams: C:\ProgramData\TEMP:F9CFE070 [161]

==================== Mode sans échec (Avec liste blanche) ==================

==================== Association (Avec liste blanche) =================

==================== Internet Explorer (Avec liste blanche) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3951996487-3353100462-3228458458-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&pc=UE00
HKU\S-1-5-21-3951996487-3353100462-3228458458-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://login.rxeye.net/?orgid=122
hxxps://keydiag.fr/login
SearchScopes: HKU\S-1-5-21-3951996487-3353100462-3228458458-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-3951996487-3353100462-3228458458-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2020-12-14] (Bitdefender SRL -> Bitdefender)
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2020-12-14] (Bitdefender SRL -> Bitdefender)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
BHO: Pas de nom -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> Pas de fichier
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2019-01-31] (Logitech Inc -> Logitech, Inc.)
BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [2020-12-14] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2020-12-14] (Bitdefender SRL -> Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Pas de nom -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> Pas de fichier
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2019-01-31] (Logitech Inc -> Logitech, Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2020-12-14] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2020-12-14] (Bitdefender SRL -> Bitdefender)
Toolbar: HKU\S-1-5-21-3951996487-3353100462-3228458458-1000 -> Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2020-12-14] (Bitdefender SRL -> Bitdefender)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts contenu: =========================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2018-01-19 23:29 - 2021-01-14 00:30 - 000000914 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 tools.avanquest.com
127.0.0.1 api.avanquest.com
127.0.0.1 aims.avanquest.com

==================== Autres zones ===========================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-3951996487-3353100462-3228458458-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Rotgers\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\IMG_9236.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "Nuance Power PDF Advanced-reminder"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "DNS7reminder"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-3951996487-3353100462-3228458458-1000\...\StartupApproved\Run: => "EPLTarget\P0000000000000001"
HKU\S-1-5-21-3951996487-3353100462-3228458458-1000\...\StartupApproved\Run: => "EPLTarget\P0000000000000002"
HKU\S-1-5-21-3951996487-3353100462-3228458458-1000\...\StartupApproved\Run: => "Application Restart #1"

==================== RèglesPare-feu (Avec liste blanche) ================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [{8F281548-85C6-4F35-A46D-B7E2726FB3B3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B0E6D8A6-A783-4F38-9A18-8A557A643E78}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5FF35CCD-8767-4D87-99F1-E9044491E2CE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{3A8457DF-79D9-41D7-B007-F6EA8E509DC0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7A9DCD81-E442-4BB8-BBD1-CBD14206DFEB}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{6B3FE749-1ED1-43A1-8AB0-0E64F2BCFD3A}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{160B179D-A845-41DE-8648-CEB6BD89F77A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{E4E72282-6646-41FB-A66B-C2A6D039145D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{DB95349E-4F0A-4791-B8C5-801696B04932}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A645F665-AC96-4E76-A6CA-B420991591C2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7BE7C09A-FC29-4004-9C7C-D478B9A3151A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{28447006-B201-43B2-ACC0-062BAD11B54C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DEAEEFE1-2424-4DB5-B84B-13F7132D6D22}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{12147851-B6DC-4D4B-8557-BBB901399685}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ED997F49-2B8E-4D0A-8F41-1240493899A9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B0374EF3-E9E1-4F93-8E59-635575DEC4DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{18FAEFFA-C208-443B-850A-72EF8E6759E6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0834F597-209D-48D7-891F-B63DE7CF98F1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8DC43221-2BCD-4E50-8D7C-33B32E39E603}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{16860EC2-4A22-454B-948F-6F1098768A62}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{23316D92-CCB1-4774-846E-D26E6817C176}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DD67F319-3BCB-4562-BFB0-ED3878481F9C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{870F4EA3-3464-4286-B7CE-154E871166D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5EC36C28-2DF8-4B0B-AB9A-3221BB088666}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BA0013BC-7E35-42D4-9A0E-EF06720DA405}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{53547CD0-C358-4EC5-BE47-092C43894546}] => (Allow) LPort=51001
FirewallRules: [{C023B698-7A66-4C6B-ABE4-8716CA76639B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Points de restauration =========================


==================== Éléments en erreur du Gestionnaire de périphériques ============

Name: Intel(R) HD Graphics 4600
Description: Intel(R) HD Graphics 4600
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Erreurs du Journal des événements: ========================

Erreurs Application:
==================
Error: (01/14/2021 12:40:41 AM) (Source: LocalCacheLoaderService-LocalCacheLoaderService_eee6f8c9-6d81-e611-80d3-005056954efc) (EventID: 0) (User: )
Description: Error starting the Local Cache loader. Reason: System.UnauthorizedAccessException: L'accès au chemin d'accès 'C:\Users\Rotgers\AppData\Local\Sectra\Workstation\22.1.3.4652\LocalCacheLoaderService_eee6f8c9-6d81-e611-80d3-005056954efc' est refusé.
à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
à System.IO.FileSystemEnumerableIterator`1.CommonInit()
à System.IO.FileSystemEnumerableIterator`1..ctor(String path, String originalUserPath, String searchPattern, SearchOption searchOption, SearchResultHandler`1 resultHandler, Boolean checkHost)
à System.IO.Directory.GetFiles(String path)
à Sectra.Utilities.Addins.AssemblyFileStorage.AddAllEntries(ICollection`1 target, String directory)
à Sectra.Utilities.Addins.AssemblyFileStorage.GetAllEntries(IList`1 identifiers)
à Sectra.Utilities.Addins.AssemblyRegister.AttachStorage(IAssemblyStorage storage)
à Sectra.Diagnostics.DownloadManager.AttachStorage(IAssemblyStorage additionalStorage)
à Sectra.Diagnostics.DownloadManager..ctor(String componentsDir, IEnumerable`1 additionalStorages, Boolean cacheAssemblyInfo)
à Sectra.Client.Workstation.Service.LocalCacheLoaderRunner.InitDownloadManager()
à Sectra.Client.Workstation.Service.LocalCacheLoaderRunner.Initialize()
à Sectra.Client.Workstation.Service.LocalCacheLoaderRunner.Start()

Error: (01/14/2021 12:35:41 AM) (Source: LocalCacheLoaderService-LocalCacheLoaderService_eee6f8c9-6d81-e611-80d3-005056954efc) (EventID: 0) (User: )
Description: Error starting the Local Cache loader. Reason: System.UnauthorizedAccessException: L'accès au chemin d'accès 'C:\Users\Rotgers\AppData\Local\Sectra\Workstation\22.1.3.4652\LocalCacheLoaderService_eee6f8c9-6d81-e611-80d3-005056954efc' est refusé.
à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
à System.IO.FileSystemEnumerableIterator`1.CommonInit()
à System.IO.FileSystemEnumerableIterator`1..ctor(String path, String originalUserPath, String searchPattern, SearchOption searchOption, SearchResultHandler`1 resultHandler, Boolean checkHost)
à System.IO.Directory.GetFiles(String path)
à Sectra.Utilities.Addins.AssemblyFileStorage.AddAllEntries(ICollection`1 target, String directory)
à Sectra.Utilities.Addins.AssemblyFileStorage.GetAllEntries(IList`1 identifiers)
à Sectra.Utilities.Addins.AssemblyRegister.AttachStorage(IAssemblyStorage storage)
à Sectra.Diagnostics.DownloadManager.AttachStorage(IAssemblyStorage additionalStorage)
à Sectra.Diagnostics.DownloadManager..ctor(String componentsDir, IEnumerable`1 additionalStorages, Boolean cacheAssemblyInfo)
à Sectra.Client.Workstation.Service.LocalCacheLoaderRunner.InitDownloadManager()
à Sectra.Client.Workstation.Service.LocalCacheLoaderRunner.Initialize()
à Sectra.Client.Workstation.Service.LocalCacheLoaderRunner.Start()

Error: (01/14/2021 12:30:41 AM) (Source: LocalCacheLoaderService-LocalCacheLoaderService_eee6f8c9-6d81-e611-80d3-005056954efc) (EventID: 0) (User: )
Description: Error starting the Local Cache loader. Reason: System.UnauthorizedAccessException: L'accès au chemin d'accès 'C:\Users\Rotgers\AppData\Local\Sectra\Workstation\22.1.3.4652\LocalCacheLoaderService_eee6f8c9-6d81-e611-80d3-005056954efc' est refusé.
à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
à System.IO.FileSystemEnumerableIterator`1.CommonInit()
à System.IO.FileSystemEnumerableIterator`1..ctor(String path, String originalUserPath, String searchPattern, SearchOption searchOption, SearchResultHandler`1 resultHandler, Boolean checkHost)
à System.IO.Directory.GetFiles(String path)
à Sectra.Utilities.Addins.AssemblyFileStorage.AddAllEntries(ICollection`1 target, String directory)
à Sectra.Utilities.Addins.AssemblyFileStorage.GetAllEntries(IList`1 identifiers)
à Sectra.Utilities.Addins.AssemblyRegister.AttachStorage(IAssemblyStorage storage)
à Sectra.Diagnostics.DownloadManager.AttachStorage(IAssemblyStorage additionalStorage)
à Sectra.Diagnostics.DownloadManager..ctor(String componentsDir, IEnumerable`1 additionalStorages, Boolean cacheAssemblyInfo)
à Sectra.Client.Workstation.Service.LocalCacheLoaderRunner.InitDownloadManager()
à Sectra.Client.Workstation.Service.LocalCacheLoaderRunner.Initialize()
à Sectra.Client.Workstation.Service.LocalCacheLoaderRunner.Start()

Error: (01/14/2021 12:25:41 AM) (Source: LocalCacheLoaderService-LocalCacheLoaderService_eee6f8c9-6d81-e611-80d3-005056954efc) (EventID: 0) (User: )
Description: Error starting the Local Cache loader. Reason: System.UnauthorizedAccessException: L'accès au chemin d'accès 'C:\Users\Rotgers\AppData\Local\Sectra\Workstation\22.1.3.4652\LocalCacheLoaderService_eee6f8c9-6d81-e611-80d3-005056954efc' est refusé.
à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
à System.IO.FileSystemEnumerableIterator`1.CommonInit()
à System.IO.FileSystemEnumerableIterator`1..ctor(String path, String originalUserPath, String searchPattern, SearchOption searchOption, SearchResultHandler`1 resultHandler, Boolean checkHost)
à System.IO.Directory.GetFiles(String path)
à Sectra.Utilities.Addins.AssemblyFileStorage.AddAllEntries(ICollection`1 target, String directory)
à Sectra.Utilities.Addins.AssemblyFileStorage.GetAllEntries(IList`1 identifiers)
à Sectra.Utilities.Addins.AssemblyRegister.AttachStorage(IAssemblyStorage storage)
à Sectra.Diagnostics.DownloadManager.AttachStorage(IAssemblyStorage additionalStorage)
à Sectra.Diagnostics.DownloadManager..ctor(String componentsDir, IEnumerable`1 additionalStorages, Boolean cacheAssemblyInfo)
à Sectra.Client.Workstation.Service.LocalCacheLoaderRunner.InitDownloadManager()
à Sectra.Client.Workstation.Service.LocalCacheLoaderRunner.Initialize()
à Sectra.Client.Workstation.Service.LocalCacheLoaderRunner.Start()

Error: (01/14/2021 12:20:41 AM) (Source: LocalCacheLoaderService-LocalCacheLoaderService_eee6f8c9-6d81-e611-80d3-005056954efc) (EventID: 0) (User: )
Description: Error starting the Local Cache loader. Reason: System.UnauthorizedAccessException: L'accès au chemin d'accès 'C:\Users\Rotgers\AppData\Local\Sectra\Workstation\22.1.3.4652\LocalCacheLoaderService_eee6f8c9-6d81-e611-80d3-005056954efc' est refusé.
à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
à System.IO.FileSystemEnumerableIterator`1.CommonInit()
à System.IO.FileSystemEnumerableIterator`1..ctor(String path, String originalUserPath, String searchPattern, SearchOption searchOption, SearchResultHandler`1 resultHandler, Boolean checkHost)
à System.IO.Directory.GetFiles(String path)
à Sectra.Utilities.Addins.AssemblyFileStorage.AddAllEntries(ICollection`1 target, String directory)
à Sectra.Utilities.Addins.AssemblyFileStorage.GetAllEntries(IList`1 identifiers)
à Sectra.Utilities.Addins.AssemblyRegister.AttachStorage(IAssemblyStorage storage)
à Sectra.Diagnostics.DownloadManager.AttachStorage(IAssemblyStorage additionalStorage)
à Sectra.Diagnostics.DownloadManager..ctor(String componentsDir, IEnumerable`1 additionalStorages, Boolean cacheAssemblyInfo)
à Sectra.Client.Workstation.Service.LocalCacheLoaderRunner.InitDownloadManager()
à Sectra.Client.Workstation.Service.LocalCacheLoaderRunner.Initialize()
à Sectra.Client.Workstation.Service.LocalCacheLoaderRunner.Start()

Error: (01/14/2021 12:15:41 AM) (Source: LocalCacheLoaderService-LocalCacheLoaderService_eee6f8c9-6d81-e611-80d3-005056954efc) (EventID: 0) (User: )
Description: Error starting the Local Cache loader. Reason: System.UnauthorizedAccessException: L'accès au chemin d'accès 'C:\Users\Rotgers\AppData\Local\Sectra\Workstation\22.1.3.4652\LocalCacheLoaderService_eee6f8c9-6d81-e611-80d3-005056954efc' est refusé.
à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
à System.IO.FileSystemEnumerableIterator`1.CommonInit()
à System.IO.FileSystemEnumerableIterator`1..ctor(String path, String originalUserPath, String searchPattern, SearchOption searchOption, SearchResultHandler`1 resultHandler, Boolean checkHost)
à System.IO.Directory.GetFiles(String path)
à Sectra.Utilities.Addins.AssemblyFileStorage.AddAllEntries(ICollection`1 target, String directory)
à Sectra.Utilities.Addins.AssemblyFileStorage.GetAllEntries(IList`1 identifiers)
à Sectra.Utilities.Addins.AssemblyRegister.AttachStorage(IAssemblyStorage storage)
à Sectra.Diagnostics.DownloadManager.AttachStorage(IAssemblyStorage additionalStorage)
à Sectra.Diagnostics.DownloadManager..ctor(String componentsDir, IEnumerable`1 additionalStorages, Boolean cacheAssemblyInfo)
à Sectra.Client.Workstation.Service.LocalCacheLoaderRunner.InitDownloadManager()
à Sectra.Client.Workstation.Service.LocalCacheLoaderRunner.Initialize()
à Sectra.Client.Workstation.Service.LocalCacheLoaderRunner.Start()

Error: (01/14/2021 12:10:41 AM) (Source: LocalCacheLoaderService-LocalCacheLoaderService_eee6f8c9-6d81-e611-80d3-005056954efc) (EventID: 0) (User: )
Description: Error starting the Local Cache loader. Reason: System.UnauthorizedAccessException: L'accès au chemin d'accès 'C:\Users\Rotgers\AppData\Local\Sectra\Workstation\22.1.3.4652\LocalCacheLoaderService_eee6f8c9-6d81-e611-80d3-005056954efc' est refusé.
à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
à System.IO.FileSystemEnumerableIterator`1.CommonInit()
à System.IO.FileSystemEnumerableIterator`1..ctor(String path, String originalUserPath, String searchPattern, SearchOption searchOption, SearchResultHandler`1 resultHandler, Boolean checkHost)
à System.IO.Directory.GetFiles(String path)
à Sectra.Utilities.Addins.AssemblyFileStorage.AddAllEntries(ICollection`1 target, String directory)
à Sectra.Utilities.Addins.AssemblyFileStorage.GetAllEntries(IList`1 identifiers)
à Sectra.Utilities.Addins.AssemblyRegister.AttachStorage(IAssemblyStorage storage)
à Sectra.Diagnostics.DownloadManager.AttachStorage(IAssemblyStorage additionalStorage)
à Sectra.Diagnostics.DownloadManager..ctor(String componentsDir, IEnumerable`1 additionalStorages, Boolean cacheAssemblyInfo)
à Sectra.Client.Workstation.Service.LocalCacheLoaderRunner.InitDownloadManager()
à Sectra.Client.Workstation.Service.LocalCacheLoaderRunner.Initialize()
à Sectra.Client.Workstation.Service.LocalCacheLoaderRunner.Start()

Error: (01/14/2021 12:05:41 AM) (Source: LocalCacheLoaderService-LocalCacheLoaderService_eee6f8c9-6d81-e611-80d3-005056954efc) (EventID: 0) (User: )
Description: Error starting the Local Cache loader. Reason: System.UnauthorizedAccessException: L'accès au chemin d'accès 'C:\Users\Rotgers\AppData\Local\Sectra\Workstation\22.1.3.4652\LocalCacheLoaderService_eee6f8c9-6d81-e611-80d3-005056954efc' est refusé.
à System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
à System.IO.FileSystemEnumerableIterator`1.CommonInit()
à System.IO.FileSystemEnumerableIterator`1..ctor(String path, String originalUserPath, String searchPattern, SearchOption searchOption, SearchResultHandler`1 resultHandler, Boolean checkHost)
à System.IO.Directory.GetFiles(String path)
à Sectra.Utilities.Addins.AssemblyFileStorage.AddAllEntries(ICollection`1 target, String directory)
à Sectra.Utilities.Addins.AssemblyFileStorage.GetAllEntries(IList`1 identifiers)
à Sectra.Utilities.Addins.AssemblyRegister.AttachStorage(IAssemblyStorage storage)
à Sectra.Diagnostics.DownloadManager.AttachStorage(IAssemblyStorage additionalStorage)
à Sectra.Diagnostics.DownloadManager..ctor(String componentsDir, IEnumerable`1 additionalStorages, Boolean cacheAssemblyInfo)
à Sectra.Client.Workstation.Service.LocalCacheLoaderRunner.InitDownloadManager()
à Sectra.Client.Workstation.Service.LocalCacheLoaderRunner.Initialize()
à Sectra.Client.Workstation.Service.LocalCacheLoaderRunner.Start()


Erreurs système:
=============
Error: (01/13/2021 04:35:04 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service CPEFR.

Error: (01/13/2021 02:31:24 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service CPEFR.

Error: (01/13/2021 02:30:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service DragonSvc n’a pas pu démarrer en raison de l’erreur :
Le fichier spécifié est introuvable.

Error: (01/13/2021 02:29:27 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Le service Check Point Endpoint EFR ne s’est pas fermé correctement après avoir reçu une commande d’anticipation de fermeture.

Error: (01/12/2021 04:06:33 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service CPEFR.

Error: (01/11/2021 12:06:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service CPEFR.

Error: (01/10/2021 12:06:13 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service CPEFR.

Error: (01/07/2021 10:06:14 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service CPEFR.


CodeIntegrity:
===================================

Date: 2021-01-13 20:31:04.4530000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll that did not meet the Windows signing level requirements.

Date: 2021-01-13 20:31:04.4470000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll that did not meet the Windows signing level requirements.

Date: 2021-01-13 20:31:04.4380000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll that did not meet the Windows signing level requirements.

Date: 2021-01-13 20:31:04.4310000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll that did not meet the Windows signing level requirements.

Date: 2021-01-13 20:31:04.4170000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll that did not meet the Windows signing level requirements.

Date: 2021-01-13 20:31:02.0380000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll that did not meet the Windows signing level requirements.

Date: 2021-01-13 20:31:02.0330000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll that did not meet the Windows signing level requirements.

Date: 2021-01-13 20:31:02.0250000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll that did not meet the Windows signing level requirements.

==================== Infos Mémoire ===========================

BIOS: American Megatrends Inc. F9 08/25/2014
Carte mère: Gigabyte Technology Co., Ltd. Z87X-D3H-CF
Processeur: Intel(R) Core(TM) i5-4570S CPU @ 2.90GHz
Pourcentage de mémoire utilisée: 23%
Mémoire physique - RAM - totale: 32646.06 MB
Mémoire physique - RAM - disponible: 24982.48 MB
Mémoire virtuelle totale: 37510.06 MB
Mémoire virtuelle disponible: 28336.38 MB

==================== Lecteurs ================================

Drive c: () (Fixed) (Total:476.45 GB) (Free:336.56 GB) NTFS
Drive e: (Réservé au système) (Fixed) (Total:2048 GB) (Free:289.95 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
Drive f: (Nouveau nom) (Fixed) (Total:931.39 GB) (Free:99.76 GB) NTFS

\\?\Volume{a027d32b-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS

==================== MBR & Table des partitions ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 2794.5 GB) (Disk ID: B54BBA08)
Partition 1: (Active) - (Size=2048 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 476.9 GB) (Disk ID: A027D32B)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476.5 GB) - (Type=07 NTFS)

==================== Fin de Addition.txt =======================