Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 28-08-2023
Exécuté par MarieCavaglia (05-09-2023 13:02:46)
Exécuté depuis C:\Users\MarieCavaglia\Downloads
Microsoft Windows 10 Professionnel Version 22H2 19045.3324 (X64) (2021-09-21 20:59:43)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
Administrateur (S-1-5-21-4049836695-3199529620-3052850198-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4049836695-3199529620-3052850198-503 - Limited - Disabled)
Invité (S-1-5-21-4049836695-3199529620-3052850198-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4049836695-3199529620-3052850198-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Trend Micro Security Agent (Enabled - Up to date) {EA76EF9A-3837-6858-9C08-EF031F849204}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
64 Bit HP CIO Components Installer (HKLM\...\{5737101A-27C4-408A-8A57-D1DC78DF84B4}) (Version: 8.2.1 - Hewlett-Packard) Hidden
7-Zip 21.07 (x64) (HKLM\...\7-Zip) (Version: 21.07 - Igor Pavlov)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 21.011.20039 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Assistant Support et récupération de Microsoft (HKU\S-1-12-1-3219978988-1159810680-774954374-2540382389\...\4336df8a13b91f17) (Version: 17.1.268.3 - Microsoft Corporation)
Assistant Support et récupération de Microsoft (HKU\S-1-12-1-3219978988-1159810680-774954374-2540382389\...\a1a734b8150c1d83) (Version: 17.0.8433.11 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 6.15 - Piriform)
EPS Viewer (HKLM-x32\...\{32E05824-A0AC-4DFE-B965-5F52C28FBE9F}_is1) (Version: - IdeaMK)
Étude pour l'amélioration du produit HP ColorLaserJet MFP M178-M181 (HKLM\...\{6E4A7012-4387-43F6-B0CA-F3AD33A462D0}) (Version: 44.9.2759.21325 - HP Inc.)
Étude pour l'amélioration du produit HP OfficeJet Pro 7720 series (HKLM\...\{22B5D316-D1A8-4869-8404-FF91640FA23C}) (Version: 44.11.2778.22166 - HP Inc.)
FileZilla 3.62.2 (HKLM-x32\...\FileZilla Client) (Version: 3.62.2 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 116.0.5845.141 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 79.0.2.0 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden
HP Color LaserJet MFP M178-M181 Aide (HKLM-x32\...\{BC6B7CFE-E6DB-4965-B675-77F481CDD500}) (Version: 0.00.0005 - HP)
HP Dropbox Plugin (HKLM-x32\...\{52A85078-4C57-4CCE-B0BA-BAF9BD8D7280}) (Version: 44.5.501.81934 - HP)
HP EmailSMTP Plugin (HKLM\...\{0A11F581-35F4-442A-95EE-524333922755}) (Version: 56.0.480.0 - HP)
HP FTP Plugin (HKLM-x32\...\{637B84EC-424B-4327-B5CD-D0A7AF205A0F}) (Version: 44.5.0.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{A0F1CD58-A2CD-4B6B-9541-A05B795A1D0D}) (Version: 44.5.501.81934 - HP)
HP OCR (HKLM-x32\...\{F2B3C4A3-F865-4FE5-949E-23FABE90096D}) (Version: 1.0.1019.0 - HP Inc.)
HP OfficeJet Pro 7720 series Aide (HKLM-x32\...\{9C8D7EE1-7446-4D8B-91AC-D728CCA032D3}) (Version: 44.0.0 - HP)
HP OneDrive Plugin (HKLM-x32\...\{70B4FEAE-DC27-4EAA-8893-CCE4A2743C97}) (Version: 44.5.0.0 - HP)
HP SFTP Plugin (HKLM\...\{569528EF-1048-4922-8E83-21E67D337152}) (Version: 56.0.480.0 - HP Inc.)
HP SharePoint Plugin (HKLM\...\{5E534FDD-08F2-4DCD-B635-85BA1ACFAA17}) (Version: 56.0.480.0 - HP)
I.R.I.S OCR (HKLM-x32\...\{3024AD3F-2F9B-47FA-BF3E-D598D535A793}) (Version: 15.2.10.1114 - HP Inc.)
Java 8 Update 371 (HKLM-x32\...\{71124AE4-039E-4CA4-87B4-2F32180371F0}) (Version: 8.0.3710.11 - Oracle Corporation)
Ledger Live 2.64.2 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.64.2 - Ledger Live Team)
Logiciel de base du périphérique HP ColorLaserJet MFP M178-M181 (HKLM\...\{9DF460F1-2377-466E-BD05-8359EDB56A67}) (Version: 44.9.2759.21325 - HP Inc.)
Logiciel de base du périphérique HP OfficeJet Pro 7720 series (HKLM\...\{93820F39-E826-44B5-8F2A-8877DC955C00}) (Version: 44.11.2778.22166 - HP Inc.)
Logiciel de base du périphérique HP Scan (HKLM\...\{1E519205-EFA4-4734-9988-4872EFD57D0B}) (Version: 51.7.5628.22215 - HP Inc.)
Malwarebytes version 4.6.1.280 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.1.280 - Malwarebytes)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.16731.20170 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.16731.20170 - Microsoft Corporation)
Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.16731.20170 - Microsoft Corporation)
Microsoft 365 - it-it (HKLM\...\O365HomePremRetail - it-it) (Version: 16.0.16731.20170 - Microsoft Corporation)
Microsoft 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.16731.20170 - Microsoft Corporation)
Microsoft 365 Apps for business - fr-fr (HKLM\...\O365BusinessRetail - fr-fr) (Version: 16.0.16731.20170 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 116.0.1938.69 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 116.0.1938.69 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-12-1-3219978988-1159810680-774954374-2540382389\...\OneDriveSetup.exe) (Version: 23.174.0820.0003 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{C18B132E-4032-4425-826A-24B1CA9DFF0C}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{7ED2561C-FBC2-421E-A2B5-C7BEFD623145}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{CECCBAE9-1880-411E-9D28-8E562F6DAAE2}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-12-1-3219978988-1159810680-774954374-2540382389\...\Teams) (Version: 1.6.00.22378 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30139 (HKLM-x32\...\{2c673fb6-3e65-4751-965d-33d30b68a8a6}) (Version: 14.29.30139.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30139 (HKLM-x32\...\{8d5fdf81-7022-423f-bd8b-b513a1050ae1}) (Version: 14.29.30139.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30139 (HKLM\...\{7F4A9F52-173F-4B0D-B1EA-269C32EDA827}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30139 (HKLM\...\{A6D3F752-BF11-4D7C-B19C-F6F96A35CF50}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30139 (HKLM-x32\...\{1AEA8854-7597-4CD3-948F-8DE364D94E07}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30139 (HKLM-x32\...\{1679EF65-55F3-4248-B91E-6B3BE1A69CDF}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{7C0242A3-8B66-35D1-9FE0-13B426ACB609}) (Version: 10.0.60729 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation)
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.60724 - Microsoft Corporation)
Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 117.0 (x64 fr)) (Version: 117.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 95.0 - Mozilla)
Nitro Reader 5 (HKLM\...\{42BEF461-E91D-4C9E-94A2-790D973CE971}) (Version: 5.5.9.2 - Nitro)
NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation)
NVIDIA Graphics Driver 462.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 462.59 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.20.0221 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16731.20052 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16731.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.16731.20052 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.16731.20052 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0410-1000-0000000FF1CE}) (Version: 16.0.16731.20052 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.16731.20052 - Microsoft Corporation) Hidden
Sweet Home 3D version 6.6 (HKLM\...\Sweet Home 3D_is1) (Version: 6.6 - eTeks)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.22976 - Microsoft Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.29.4 - TeamViewer)
Trend Micro Security Agent (HKLM-x32\...\{BED0B8A2-2986-49F8-90D6-FA008D37A3D2}) (Version: 6.7.3595 - Trend Micro Inc.) Hidden
Trend Micro Security Agent (HKLM-x32\...\HostedAgent) (Version: 6.7.3595 - Trend Micro Inc.)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
Veeam Agent for Microsoft Windows (HKLM\...\{DFFC7AC4-96BE-45A5-87B2-7FA734A8FAB1}) (Version: 5.0.2.4680 - Veeam Software Group GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Packages:
=========
Centre de configuration des graphiques Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5180.0_x64__8j3eq9eme6ctt [2023-08-13] (INTEL CORP) [Startup Task]
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-01-05] (Microsoft Corporation)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-11] (Microsoft Corporation)
Deezer Music -> C:\Program Files\WindowsApps\Deezer.62021768415AF_5.30.610.0_x86__q7m17pa7q8kj0 [2023-08-21] (Deezer SA)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_148.2.1069.0_x64__v10z8vjag6ke6 [2023-08-09] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-12-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-12-08] (Microsoft Corporation) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10510.531.0_x64__8wekyb3d8bbwe [2023-08-03] (Microsoft Corporation)
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.23.0_x64__qmba6cd70vzyy [2023-07-27] (ASUSTeK COMPUTER INC.)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2023-08-14] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-10] (NVIDIA Corp.)
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.503.300_x64__8wekyb3d8bbwe [2023-05-04] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.28.255.0_x64__dt26b99r8h8gj [2022-01-04] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-22] (Microsoft Studios) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2334.2.0_x64__cv1g1gvanyjgm [2023-09-04] (WhatsApp Inc.) [Startup Task]
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-12-1-3219978988-1159810680-774954374-2540382389_Classes\CLSID\{04271989-C4D2-7D8D-E506-7596B925A381} -> [OneDrive - MARIE & LINDA] => C:\Users\MarieCavaglia\OneDrive - MARIE & LINDA [2021-12-08 21:41]
CustomCLSID: HKU\S-1-12-1-3219978988-1159810680-774954374-2540382389_Classes\CLSID\{04271989-C4D2-B637-95DD-C1A7F4BA5D55} -> [MARIE & LINDA] => C:\Users\MarieCavaglia\MARIE & LINDA [2021-12-08 21:43]
CustomCLSID: HKU\S-1-12-1-3219978988-1159810680-774954374-2540382389_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\MarieCavaglia\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23199.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-12-1-3219978988-1159810680-774954374-2540382389_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\MarieCavaglia\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-08-30] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_31733448c5c05828\nvshext.dll [2021-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-08-30] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Avec liste blanche) ====================
==================== Raccourcis & WMI ========================
==================== Modules chargés (Avec liste blanche) =============
2010-08-06 12:15 - 2010-08-06 12:15 - 000071680 _____ (Hewlett-Packard) [Fichier non signé] c:\windows\system32\hpzinw12.dll
2010-08-06 12:15 - 2010-08-06 12:15 - 000089600 _____ (Hewlett-Packard) [Fichier non signé] c:\windows\system32\hpzipm12.dll
2021-12-13 11:06 - 2021-12-26 16:00 - 000062976 _____ (Igor Pavlov) [Fichier non signé] C:\Program Files\7-Zip\7-zip32.dll
2020-11-21 14:44 - 2020-11-21 14:44 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll
2020-11-21 14:44 - 2020-11-21 14:44 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-11-21 14:44 - 2020-11-21 14:44 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Client\C2R64.dll
2020-11-21 14:44 - 2020-11-21 14:44 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2016-08-02 16:58 - 2016-08-02 16:58 - 001611776 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPAccessibility.npp
2016-08-02 16:59 - 2016-08-02 16:59 - 001568256 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPActions.npp
2016-08-02 17:02 - 2016-08-02 17:02 - 003361792 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPAnnotations.npp
2016-08-02 17:02 - 2016-08-02 17:02 - 001347584 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPAttachments.npp
2016-08-02 17:02 - 2016-08-02 17:02 - 001610752 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPBookmarks.npp
2016-08-02 17:07 - 2016-08-02 17:07 - 002403328 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPCreatePDF.npp
2016-08-02 17:02 - 2016-08-02 17:02 - 002405376 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPDigitalSignature.npp
2016-08-02 16:59 - 2016-08-02 16:59 - 001670656 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPEvernote.npp
2016-08-02 17:09 - 2016-08-02 17:09 - 001975808 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPExport.npp
2016-08-02 17:04 - 2016-08-02 17:04 - 003488256 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPForms.npp
2016-08-02 17:01 - 2016-08-02 17:01 - 001767424 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPJavaScript.npp
2016-08-02 16:59 - 2016-08-02 16:59 - 001145344 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPLayers.npp
2016-08-02 17:01 - 2016-08-02 17:01 - 001622528 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPLinks.npp
2016-08-02 17:01 - 2016-08-02 17:01 - 001637888 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPPageEdit.npp
2016-08-02 16:59 - 2016-08-02 16:59 - 002031616 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPPrint.npp
2016-08-02 16:59 - 2016-08-02 16:59 - 001936896 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPSetSecurity.npp
2016-08-02 17:02 - 2016-08-02 17:02 - 002301952 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPSignatureStamp.npp
2016-08-02 16:58 - 2016-08-02 16:58 - 001684480 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPWebDav.npp
==================== Alternate Data Streams (Avec liste blanche) ========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\Users\MarieCavaglia\Downloads\FRST64.exe:MBAM.Zone.Identifier [193]
AlternateDataStreams: C:\Users\MarieCavaglia\Downloads\ZHPCleaner.exe:MBAM.Zone.Identifier [147]
AlternateDataStreams: C:\Users\MarieCavaglia\Downloads\ZHPSuite.exe:MBAM.Zone.Identifier [145]
==================== Mode sans échec (Avec liste blanche) ==================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) =================
==================== Internet Explorer (Avec liste blanche) ==========
SearchScopes: HKU\S-1-12-1-3219978988-1159810680-774954374-2540382389 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-12-1-3219978988-1159810680-774954374-2540382389 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Trend Micro Osprey Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmopIEPlg.dll [2023-08-24] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre-1.8\bin\ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Trend Micro Osprey Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmopIEPlg32.dll [2023-08-24] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre-1.8\bin\jp2ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmopIEPlg.dll [2023-08-24] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmopIEPlg32.dll [2023-08-24] (Trend Micro, Inc. -> Trend Micro Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
IE trusted site: HKU\S-1-12-1-3219978988-1159810680-774954374-2540382389\...\sharepoint.com -> hxxps://marielinda-files.sharepoint.com
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\HP\IdrsOCR_15.2.10.1114\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files (x86)\HP\HP OCR\DB_Lib\;C:\Program Files\HP\Common\HPDestPlgIn\;C:\Program Files (x86)\HP\Common\HPDestPlgIn\
HKU\S-1-12-1-3219978988-1159810680-774954374-2540382389\Control Panel\Desktop\\Wallpaper -> C:\Users\MarieCavaglia\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Le Pare-feu est activé.
Network Binding:
=============
Wi-Fi: Trend Micro LightWeight Filter Driver -> tbimdsa (enabled)
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{6656383B-4BD6-40A7-9BBC-5A108FAAC316}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8203C944-94DC-4BF3-9F08-F8A32CB6B2EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{231E7414-0AFD-461B-A4F5-A4B0D13FD46B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D33B5ABB-B6C7-4207-87E2-070BD9A529E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3F65FD68-4E45-4834-A448-28E6169BBE9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3FFADD83-4052-417C-9C15-1377473BACD7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F7549BC0-65F1-44C3-9E5F-E83CFFA981CC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8623DCC0-EF63-4252-8AF6-B8703CF6E5A9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F73962C5-FC97-469A-8FC3-990571FCC4AE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F03BDA3B-A988-4569-9784-C4BDEA4F7262}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{76D5967D-2682-484F-85A4-BDDDD15A8EB8}] => (Allow) LPort=61119
FirewallRules: [{FD40029F-14D1-46A1-933D-FEBBC3E82C36}] => (Allow) LPort=61117
FirewallRules: [{28A83AEC-3C0D-475E-9A7D-B32D49530342}] => (Allow) LPort=61117
FirewallRules: [{1DB76A92-E4E2-4BDC-92C6-7A2DE079D16E}] => (Allow) LPort=61116
FirewallRules: [TCP Query User{105DF129-4BD5-4A63-8137-B5F78617D5CF}C:\users\mariecavaglia\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\mariecavaglia\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{BF89D834-D840-4AF6-BFB3-3C0EDD012A82}C:\users\mariecavaglia\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\mariecavaglia\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F78CF3C6-AEB2-4033-B831-BC4F8F9AA2AE}C:\users\mariecavaglia\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\mariecavaglia\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B3B7379C-4D98-40B5-97E8-93B2FAAD0BFC}C:\users\mariecavaglia\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\mariecavaglia\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8AA5408B-6E8F-402B-95B8-79AEF56ED3C6}] => (Allow) C:\Users\MarieCavaglia\AppData\Local\Temp\7zS58B1\HP.EasyStart.exe => Pas de fichier
FirewallRules: [TCP Query User{48DCB7F5-0615-45E4-B896-586F05DE0C22}C:\program files\microsoft onedrive\21.230.1107.0004\filecoauth.exe] => (Block) C:\program files\microsoft onedrive\21.230.1107.0004\filecoauth.exe => Pas de fichier
FirewallRules: [UDP Query User{2F964DB1-6379-43C1-81FB-916ED693CCBB}C:\program files\microsoft onedrive\21.230.1107.0004\filecoauth.exe] => (Block) C:\program files\microsoft onedrive\21.230.1107.0004\filecoauth.exe => Pas de fichier
FirewallRules: [{13EA2E9B-1618-40BF-AF4A-D6C4385C7CEB}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{D30B3A37-2608-4FF1-9C2C-A540A2ED7DC2}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{53DE7F26-0FB2-41C0-80D7-85B50716B374}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M178-M181\bin\EWSProxy.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5FD10D9D-865B-4120-87BE-62EA1F284735}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M178-M181\bin\DigitalWizards.exe (HP Inc. -> HP Inc.)
FirewallRules: [{2FFCEFD0-98F6-458F-B8ED-58454AF36745}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M178-M181\bin\FaxPrinterUtility.exe (HP Inc. -> HP Inc.)
FirewallRules: [{D58231D3-ED01-4ADD-B258-68826BDCE17A}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M178-M181\Bin\DeviceSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{C7FAC6E8-7664-4A38-89B8-F42667FDBD10}] => (Allow) LPort=5357
FirewallRules: [{C6707D23-FE65-4602-B013-C64F85197116}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M178-M181\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [{7F66C81B-510D-44E8-9A84-91AD58D70F95}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Recovery.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{BD75F749-9F1E-4F67-9E17-0F838279A606}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{2C6880B6-3AD2-4F40-B600-58A3FA852714}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{5CF5083D-4B81-469D-B01A-8DF3F3166762}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{9AF602FC-F13D-4B0D-8055-9AF882797356}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{5337BF0B-BB7A-4036-B579-6119A37232FC}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x86\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{4BB781C4-2F01-41E3-AF90-894C40C0E89D}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x86\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{36A8976A-1148-47EE-9B71-97DB7991EA8D}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{0C33CF8F-899E-4367-8269-D15593D50A08}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{B20FFA6F-2C7B-4CED-B1DB-70B33322B197}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CA2BA595-93B5-4E68-9E3A-A944B7870493}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9F083AEC-802A-4893-85D9-AE87A89F6A48}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A5F6B16A-7858-408C-B22D-CDAAACAC877A}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{63CC41DA-0353-491D-A184-0AC0CCE8019C}C:\users\mariecavaglia\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\mariecavaglia\appdata\roaming\zoom\bin\zoom.exe => Pas de fichier
FirewallRules: [UDP Query User{B07C794C-3A95-48F8-A7F3-CFE7E94D31B1}C:\users\mariecavaglia\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\mariecavaglia\appdata\roaming\zoom\bin\zoom.exe => Pas de fichier
FirewallRules: [{7017411E-CC9C-428C-A06C-BB4BF8864560}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{8F04BF3C-AF90-40F0-A980-AC61DC008171}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [TCP Query User{7BCA68D9-C7D5-42B3-A405-97370E86EE1D}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{97078E61-8737-4084-82E4-C617F5AF573E}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A819FAF6-444F-456B-85EC-DC6EA8605F16}] => (Allow) C:\Program Files (x86)\HP\HP Scan\bin\HPScan.exe (HP Inc. -> HP Inc.)
FirewallRules: [{783E6193-84E0-4B64-80AD-B158B504C82F}] => (Allow) C:\Program Files\HP\HP Scan\Bin\DeviceSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{137D9FD0-E5F1-4FB8-87E2-1C5C7AB141CA}] => (Allow) C:\Program Files\HP\HP Scan\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [{C2E7BD29-23AA-4D2A-8887-8546A1B016DD}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 7720 series\bin\FaxApplications.exe (HP Inc. -> HP Inc.)
FirewallRules: [{15378F0B-D32A-4671-A47E-A4D30FF1BE8B}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 7720 series\bin\DigitalWizards.exe (HP Inc. -> HP Inc.)
FirewallRules: [{CF98F966-71AD-403B-9804-524F3AF59D79}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 7720 series\bin\SendAFax.exe (HP Inc. -> HP Inc.)
FirewallRules: [{E85D738F-537F-4649-BCBD-F30AD922B448}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 7720 series\bin\FaxPrinterUtility.exe (HP Inc. -> HP Inc.)
FirewallRules: [{9E2F22E2-BB4E-440E-BB35-FC1726D5DCDC}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 7720 series\Bin\DeviceSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{C29DBAB7-263B-4F45-BF1F-8F15188A31D7}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 7720 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [TCP Query User{C0D5B865-3827-46EF-8520-1A25BC6CFB96}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [UDP Query User{23FBF413-D9E6-4C73-B85B-69459CEF66CB}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [TCP Query User{A6FDD06A-23AE-45A2-9F05-85417ACB6120}C:\program files\microsoft onedrive\23.043.0226.0001\filecoauth.exe] => (Block) C:\program files\microsoft onedrive\23.043.0226.0001\filecoauth.exe => Pas de fichier
FirewallRules: [UDP Query User{D871AF0E-FDAA-4DF7-9C44-3A8BB1134B96}C:\program files\microsoft onedrive\23.043.0226.0001\filecoauth.exe] => (Block) C:\program files\microsoft onedrive\23.043.0226.0001\filecoauth.exe => Pas de fichier
FirewallRules: [{5DE2BA90-A0A7-4B31-B508-A31E45E697CF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{64EE875B-6A8D-4168-A8BA-42F409701EB1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DD277B78-D85D-4875-BA75-A73ABA2B2777}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F753EE01-BBA3-4288-B77A-035113311DC1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA1EA9BF-FDBE-4EFC-B3BB-92EA74C8CEC3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1827DBC8-8A01-4F29-A6A8-145D04FC9BDD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{27FD1D9E-F9D1-40DD-827E-F6E91A7AEBCA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BE51A68C-ED62-447C-808C-72377C68083A}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.23.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{B1B10BE5-391D-4D39-AA71-A0B1EB747BAA}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.23.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{5681E1CE-8ACD-4DEB-8221-27FE0D1617B8}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.23.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{C95B201B-726C-4E9B-9454-32EDE9D889D6}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.23.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{BD6F7038-FEED-4194-BE2F-0246F5241703}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{8A6E870D-53C3-42C4-8D4D-B8E3CFAD769B}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{325E84D2-7CF9-46BC-A3F6-91C7205816EC}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{99BFB4D7-B573-416B-BEEA-0EBF088F1877}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSwitch\AsusSwitchNet.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{3EF51878-2AF2-41A3-8F18-2CC5D4167E1C}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSwitch\AsusSwitchNetMDNS.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{E2C4181E-3999-4519-81A0-2A90B3E92406}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CBB29081-ED7F-4706-B5F6-BCDA0E9E2987}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\116.0.1938.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ED6A7DC2-414E-488E-BCFB-EF3A0162F7A5}] => (Allow) LPort=21112
FirewallRules: [{C8DBC301-4C17-4FAA-8327-7F0D641E6C0B}] => (Allow) LPort=61117
FirewallRules: [{55DB30A6-887D-4B83-84C7-D7F9397B8F3B}] => (Allow) LPort=61116
==================== Points de restauration =========================
30-08-2023 18:44:51 Programme d’installation pour les modules Windows
==================== Éléments en erreur du Gestionnaire de périphériques ============
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (09/05/2023 12:14:45 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center n'a pas pu valider l'appelant. Erreur %1.
Error: (09/05/2023 12:03:16 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center n'a pas pu valider l'appelant. Erreur %1.
Error: (09/05/2023 11:12:14 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center n'a pas pu valider l'appelant. Erreur %1.
Error: (09/05/2023 11:00:44 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center n'a pas pu valider l'appelant. Erreur %1.
Error: (09/05/2023 10:47:51 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (09/05/2023 10:09:15 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center n'a pas pu valider l'appelant. Erreur %1.
Error: (09/05/2023 09:58:12 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center n'a pas pu valider l'appelant. Erreur %1.
Error: (09/05/2023 09:06:43 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center n'a pas pu valider l'appelant. Erreur %1.
Erreurs système:
=============
Error: (09/04/2023 09:13:19 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: AUTORITE NT)
Description: Le miniport Microsoft Wi-Fi Direct Virtual Adapter #2, {e3353edc-039b-4fcc-9363-4ea803416965}, a eu l’événement 74
Error: (09/01/2023 05:54:58 PM) (Source: DCOM) (EventID: 10010) (User: AzureAD)
Description: Le serveur Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (09/01/2023 05:54:58 PM) (Source: DCOM) (EventID: 10010) (User: AzureAD)
Description: Le serveur Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (09/01/2023 02:56:08 PM) (Source: DCOM) (EventID: 10005) (User: AzureAD)
Description: DCOM a reçu l’erreur « 87 » lors de la tentative de démarrage du service GamingServices avec les arguments « Non disponible » pour exécuter le serveur :
{3E8C9ABE-9226-4609-BF5B-60288A391DEE}
Error: (09/01/2023 02:56:08 PM) (Source: DCOM) (EventID: 10005) (User: AzureAD)
Description: DCOM a reçu l’erreur « 87 » lors de la tentative de démarrage du service GamingServices avec les arguments « Non disponible » pour exécuter le serveur :
{3E8C9ABE-9226-4609-BF5B-60288A391DEE}
Error: (09/01/2023 09:19:40 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Le miniport Microsoft Wi-Fi Direct Virtual Adapter #2, {e3353edc-039b-4fcc-9363-4ea803416965}, a eu l’événement 74
Error: (08/31/2023 08:09:30 PM) (Source: DCOM) (EventID: 10010) (User: AzureAD)
Description: Le serveur Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (08/31/2023 08:09:30 PM) (Source: DCOM) (EventID: 10010) (User: AzureAD)
Description: Le serveur Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Windows Defender:
================
Date: 2023-09-04 11:52:27
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {8CC714AA-C3DC-4F83-B014-3CC24A654199}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2023-09-01 12:27:23
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {FFB38E79-AF54-46B4-B44C-AFC457C4FDB9}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2023-08-31 11:06:56
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {C2C46147-AC17-4D86-971F-029E545AC1DB}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2023-08-30 18:59:08
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {DFB03178-F110-45B1-8B4A-E0D5A4CDB503}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2023-08-30 18:45:42
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {849A9063-F20C-4841-9A78-645170E5A7A4}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
CodeIntegrity:
===============
Date: 2023-09-05 12:18:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Trend Micro\Client Server Security Agent\AMSI\TmAMSIProvider64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-09-05 12:14:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Trend Micro\Client Server Security Agent\AMSI\TmAMSIProvider64.dll that did not meet the Windows signing level requirements.
==================== Infos Mémoire ===========================
BIOS: American Megatrends International, LLC. X3500PH.302 08/08/2022
Carte mère: ASUSTeK COMPUTER INC. X3500PH
Processeur: 11th Gen Intel(R) Core(TM) i7-11370H @ 3.30GHz
Pourcentage de mémoire utilisée: 55%
Mémoire physique - RAM - totale: 16075.34 MB
Mémoire physique - RAM - disponible: 7138.51 MB
Mémoire virtuelle totale: 24011.34 MB
Mémoire virtuelle disponible: 10395.91 MB
==================== Lecteurs ================================
Drive c: (OS) (Fixed) (Total:475.45 GB) (Free:70.58 GB) (Model: NVMe INTEL SSDPEKNU512GZ) (Protected) NTFS
Drive g: (Google Drive) (Fixed) (Total:15 GB) (Free:13.93 GB) (Model: NVMe INTEL SSDPEKNU512GZ) FAT32
\\?\Volume{5dcf66d5-0f38-434a-841d-014a29e08204}\ (RECOVERY) (Fixed) (Total:1.03 GB) (Free:0.14 GB) NTFS
\\?\Volume{fe02c081-bae1-4a0c-b22b-17e488030da1}\ (MYASUS) (Fixed) (Total:0.19 GB) (Free:0.13 GB) FAT32
\\?\Volume{387a7a91-08e5-452a-88f7-260e23995a20}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 8AF94B3D)
Partition: GPT.
==================== Fin de Addition.txt =======================
Exécuté par MarieCavaglia (05-09-2023 13:02:46)
Exécuté depuis C:\Users\MarieCavaglia\Downloads
Microsoft Windows 10 Professionnel Version 22H2 19045.3324 (X64) (2021-09-21 20:59:43)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
Administrateur (S-1-5-21-4049836695-3199529620-3052850198-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4049836695-3199529620-3052850198-503 - Limited - Disabled)
Invité (S-1-5-21-4049836695-3199529620-3052850198-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4049836695-3199529620-3052850198-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Trend Micro Security Agent (Enabled - Up to date) {EA76EF9A-3837-6858-9C08-EF031F849204}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
64 Bit HP CIO Components Installer (HKLM\...\{5737101A-27C4-408A-8A57-D1DC78DF84B4}) (Version: 8.2.1 - Hewlett-Packard) Hidden
7-Zip 21.07 (x64) (HKLM\...\7-Zip) (Version: 21.07 - Igor Pavlov)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 21.011.20039 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Assistant Support et récupération de Microsoft (HKU\S-1-12-1-3219978988-1159810680-774954374-2540382389\...\4336df8a13b91f17) (Version: 17.1.268.3 - Microsoft Corporation)
Assistant Support et récupération de Microsoft (HKU\S-1-12-1-3219978988-1159810680-774954374-2540382389\...\a1a734b8150c1d83) (Version: 17.0.8433.11 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 6.15 - Piriform)
EPS Viewer (HKLM-x32\...\{32E05824-A0AC-4DFE-B965-5F52C28FBE9F}_is1) (Version: - IdeaMK)
Étude pour l'amélioration du produit HP ColorLaserJet MFP M178-M181 (HKLM\...\{6E4A7012-4387-43F6-B0CA-F3AD33A462D0}) (Version: 44.9.2759.21325 - HP Inc.)
Étude pour l'amélioration du produit HP OfficeJet Pro 7720 series (HKLM\...\{22B5D316-D1A8-4869-8404-FF91640FA23C}) (Version: 44.11.2778.22166 - HP Inc.)
FileZilla 3.62.2 (HKLM-x32\...\FileZilla Client) (Version: 3.62.2 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 116.0.5845.141 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 79.0.2.0 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden
HP Color LaserJet MFP M178-M181 Aide (HKLM-x32\...\{BC6B7CFE-E6DB-4965-B675-77F481CDD500}) (Version: 0.00.0005 - HP)
HP Dropbox Plugin (HKLM-x32\...\{52A85078-4C57-4CCE-B0BA-BAF9BD8D7280}) (Version: 44.5.501.81934 - HP)
HP EmailSMTP Plugin (HKLM\...\{0A11F581-35F4-442A-95EE-524333922755}) (Version: 56.0.480.0 - HP)
HP FTP Plugin (HKLM-x32\...\{637B84EC-424B-4327-B5CD-D0A7AF205A0F}) (Version: 44.5.0.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{A0F1CD58-A2CD-4B6B-9541-A05B795A1D0D}) (Version: 44.5.501.81934 - HP)
HP OCR (HKLM-x32\...\{F2B3C4A3-F865-4FE5-949E-23FABE90096D}) (Version: 1.0.1019.0 - HP Inc.)
HP OfficeJet Pro 7720 series Aide (HKLM-x32\...\{9C8D7EE1-7446-4D8B-91AC-D728CCA032D3}) (Version: 44.0.0 - HP)
HP OneDrive Plugin (HKLM-x32\...\{70B4FEAE-DC27-4EAA-8893-CCE4A2743C97}) (Version: 44.5.0.0 - HP)
HP SFTP Plugin (HKLM\...\{569528EF-1048-4922-8E83-21E67D337152}) (Version: 56.0.480.0 - HP Inc.)
HP SharePoint Plugin (HKLM\...\{5E534FDD-08F2-4DCD-B635-85BA1ACFAA17}) (Version: 56.0.480.0 - HP)
I.R.I.S OCR (HKLM-x32\...\{3024AD3F-2F9B-47FA-BF3E-D598D535A793}) (Version: 15.2.10.1114 - HP Inc.)
Java 8 Update 371 (HKLM-x32\...\{71124AE4-039E-4CA4-87B4-2F32180371F0}) (Version: 8.0.3710.11 - Oracle Corporation)
Ledger Live 2.64.2 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.64.2 - Ledger Live Team)
Logiciel de base du périphérique HP ColorLaserJet MFP M178-M181 (HKLM\...\{9DF460F1-2377-466E-BD05-8359EDB56A67}) (Version: 44.9.2759.21325 - HP Inc.)
Logiciel de base du périphérique HP OfficeJet Pro 7720 series (HKLM\...\{93820F39-E826-44B5-8F2A-8877DC955C00}) (Version: 44.11.2778.22166 - HP Inc.)
Logiciel de base du périphérique HP Scan (HKLM\...\{1E519205-EFA4-4734-9988-4872EFD57D0B}) (Version: 51.7.5628.22215 - HP Inc.)
Malwarebytes version 4.6.1.280 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.1.280 - Malwarebytes)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.16731.20170 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.16731.20170 - Microsoft Corporation)
Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.16731.20170 - Microsoft Corporation)
Microsoft 365 - it-it (HKLM\...\O365HomePremRetail - it-it) (Version: 16.0.16731.20170 - Microsoft Corporation)
Microsoft 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.16731.20170 - Microsoft Corporation)
Microsoft 365 Apps for business - fr-fr (HKLM\...\O365BusinessRetail - fr-fr) (Version: 16.0.16731.20170 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 116.0.1938.69 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 116.0.1938.69 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-12-1-3219978988-1159810680-774954374-2540382389\...\OneDriveSetup.exe) (Version: 23.174.0820.0003 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{C18B132E-4032-4425-826A-24B1CA9DFF0C}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{7ED2561C-FBC2-421E-A2B5-C7BEFD623145}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{CECCBAE9-1880-411E-9D28-8E562F6DAAE2}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-12-1-3219978988-1159810680-774954374-2540382389\...\Teams) (Version: 1.6.00.22378 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30139 (HKLM-x32\...\{2c673fb6-3e65-4751-965d-33d30b68a8a6}) (Version: 14.29.30139.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30139 (HKLM-x32\...\{8d5fdf81-7022-423f-bd8b-b513a1050ae1}) (Version: 14.29.30139.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30139 (HKLM\...\{7F4A9F52-173F-4B0D-B1EA-269C32EDA827}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30139 (HKLM\...\{A6D3F752-BF11-4D7C-B19C-F6F96A35CF50}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30139 (HKLM-x32\...\{1AEA8854-7597-4CD3-948F-8DE364D94E07}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30139 (HKLM-x32\...\{1679EF65-55F3-4248-B91E-6B3BE1A69CDF}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{7C0242A3-8B66-35D1-9FE0-13B426ACB609}) (Version: 10.0.60729 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation)
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.60724 - Microsoft Corporation)
Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 117.0 (x64 fr)) (Version: 117.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 95.0 - Mozilla)
Nitro Reader 5 (HKLM\...\{42BEF461-E91D-4C9E-94A2-790D973CE971}) (Version: 5.5.9.2 - Nitro)
NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation)
NVIDIA Graphics Driver 462.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 462.59 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.20.0221 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16731.20052 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16731.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.16731.20052 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.16731.20052 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0410-1000-0000000FF1CE}) (Version: 16.0.16731.20052 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.16731.20052 - Microsoft Corporation) Hidden
Sweet Home 3D version 6.6 (HKLM\...\Sweet Home 3D_is1) (Version: 6.6 - eTeks)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.22976 - Microsoft Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.29.4 - TeamViewer)
Trend Micro Security Agent (HKLM-x32\...\{BED0B8A2-2986-49F8-90D6-FA008D37A3D2}) (Version: 6.7.3595 - Trend Micro Inc.) Hidden
Trend Micro Security Agent (HKLM-x32\...\HostedAgent) (Version: 6.7.3595 - Trend Micro Inc.)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
Veeam Agent for Microsoft Windows (HKLM\...\{DFFC7AC4-96BE-45A5-87B2-7FA734A8FAB1}) (Version: 5.0.2.4680 - Veeam Software Group GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Packages:
=========
Centre de configuration des graphiques Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5180.0_x64__8j3eq9eme6ctt [2023-08-13] (INTEL CORP) [Startup Task]
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-01-05] (Microsoft Corporation)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-11] (Microsoft Corporation)
Deezer Music -> C:\Program Files\WindowsApps\Deezer.62021768415AF_5.30.610.0_x86__q7m17pa7q8kj0 [2023-08-21] (Deezer SA)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_148.2.1069.0_x64__v10z8vjag6ke6 [2023-08-09] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-12-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-12-08] (Microsoft Corporation) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10510.531.0_x64__8wekyb3d8bbwe [2023-08-03] (Microsoft Corporation)
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.23.0_x64__qmba6cd70vzyy [2023-07-27] (ASUSTeK COMPUTER INC.)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2023-08-14] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-10] (NVIDIA Corp.)
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.503.300_x64__8wekyb3d8bbwe [2023-05-04] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.28.255.0_x64__dt26b99r8h8gj [2022-01-04] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-22] (Microsoft Studios) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2334.2.0_x64__cv1g1gvanyjgm [2023-09-04] (WhatsApp Inc.) [Startup Task]
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-12-1-3219978988-1159810680-774954374-2540382389_Classes\CLSID\{04271989-C4D2-7D8D-E506-7596B925A381} -> [OneDrive - MARIE & LINDA] => C:\Users\MarieCavaglia\OneDrive - MARIE & LINDA [2021-12-08 21:41]
CustomCLSID: HKU\S-1-12-1-3219978988-1159810680-774954374-2540382389_Classes\CLSID\{04271989-C4D2-B637-95DD-C1A7F4BA5D55} -> [MARIE & LINDA] => C:\Users\MarieCavaglia\MARIE & LINDA [2021-12-08 21:43]
CustomCLSID: HKU\S-1-12-1-3219978988-1159810680-774954374-2540382389_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\MarieCavaglia\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23199.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-12-1-3219978988-1159810680-774954374-2540382389_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\MarieCavaglia\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-08-30] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\79.0.2.0\drivefsext.dll [2023-08-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_31733448c5c05828\nvshext.dll [2021-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-08-30] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Avec liste blanche) ====================
==================== Raccourcis & WMI ========================
==================== Modules chargés (Avec liste blanche) =============
2010-08-06 12:15 - 2010-08-06 12:15 - 000071680 _____ (Hewlett-Packard) [Fichier non signé] c:\windows\system32\hpzinw12.dll
2010-08-06 12:15 - 2010-08-06 12:15 - 000089600 _____ (Hewlett-Packard) [Fichier non signé] c:\windows\system32\hpzipm12.dll
2021-12-13 11:06 - 2021-12-26 16:00 - 000062976 _____ (Igor Pavlov) [Fichier non signé] C:\Program Files\7-Zip\7-zip32.dll
2020-11-21 14:44 - 2020-11-21 14:44 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll
2020-11-21 14:44 - 2020-11-21 14:44 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-11-21 14:44 - 2020-11-21 14:44 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Client\C2R64.dll
2020-11-21 14:44 - 2020-11-21 14:44 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2016-08-02 16:58 - 2016-08-02 16:58 - 001611776 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPAccessibility.npp
2016-08-02 16:59 - 2016-08-02 16:59 - 001568256 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPActions.npp
2016-08-02 17:02 - 2016-08-02 17:02 - 003361792 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPAnnotations.npp
2016-08-02 17:02 - 2016-08-02 17:02 - 001347584 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPAttachments.npp
2016-08-02 17:02 - 2016-08-02 17:02 - 001610752 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPBookmarks.npp
2016-08-02 17:07 - 2016-08-02 17:07 - 002403328 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPCreatePDF.npp
2016-08-02 17:02 - 2016-08-02 17:02 - 002405376 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPDigitalSignature.npp
2016-08-02 16:59 - 2016-08-02 16:59 - 001670656 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPEvernote.npp
2016-08-02 17:09 - 2016-08-02 17:09 - 001975808 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPExport.npp
2016-08-02 17:04 - 2016-08-02 17:04 - 003488256 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPForms.npp
2016-08-02 17:01 - 2016-08-02 17:01 - 001767424 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPJavaScript.npp
2016-08-02 16:59 - 2016-08-02 16:59 - 001145344 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPLayers.npp
2016-08-02 17:01 - 2016-08-02 17:01 - 001622528 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPLinks.npp
2016-08-02 17:01 - 2016-08-02 17:01 - 001637888 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPPageEdit.npp
2016-08-02 16:59 - 2016-08-02 16:59 - 002031616 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPPrint.npp
2016-08-02 16:59 - 2016-08-02 16:59 - 001936896 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPSetSecurity.npp
2016-08-02 17:02 - 2016-08-02 17:02 - 002301952 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPSignatureStamp.npp
2016-08-02 16:58 - 2016-08-02 16:58 - 001684480 _____ (Nitro PDF) [Fichier non signé] C:\Program Files\Nitro\Reader 5\plug_ins\NPWebDav.npp
==================== Alternate Data Streams (Avec liste blanche) ========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\Users\MarieCavaglia\Downloads\FRST64.exe:MBAM.Zone.Identifier [193]
AlternateDataStreams: C:\Users\MarieCavaglia\Downloads\ZHPCleaner.exe:MBAM.Zone.Identifier [147]
AlternateDataStreams: C:\Users\MarieCavaglia\Downloads\ZHPSuite.exe:MBAM.Zone.Identifier [145]
==================== Mode sans échec (Avec liste blanche) ==================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) =================
==================== Internet Explorer (Avec liste blanche) ==========
SearchScopes: HKU\S-1-12-1-3219978988-1159810680-774954374-2540382389 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-12-1-3219978988-1159810680-774954374-2540382389 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Trend Micro Osprey Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmopIEPlg.dll [2023-08-24] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre-1.8\bin\ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Trend Micro Osprey Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmopIEPlg32.dll [2023-08-24] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre-1.8\bin\jp2ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmopIEPlg.dll [2023-08-24] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmopIEPlg32.dll [2023-08-24] (Trend Micro, Inc. -> Trend Micro Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
IE trusted site: HKU\S-1-12-1-3219978988-1159810680-774954374-2540382389\...\sharepoint.com -> hxxps://marielinda-files.sharepoint.com
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\HP\IdrsOCR_15.2.10.1114\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files (x86)\HP\HP OCR\DB_Lib\;C:\Program Files\HP\Common\HPDestPlgIn\;C:\Program Files (x86)\HP\Common\HPDestPlgIn\
HKU\S-1-12-1-3219978988-1159810680-774954374-2540382389\Control Panel\Desktop\\Wallpaper -> C:\Users\MarieCavaglia\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Le Pare-feu est activé.
Network Binding:
=============
Wi-Fi: Trend Micro LightWeight Filter Driver -> tbimdsa (enabled)
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{6656383B-4BD6-40A7-9BBC-5A108FAAC316}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8203C944-94DC-4BF3-9F08-F8A32CB6B2EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{231E7414-0AFD-461B-A4F5-A4B0D13FD46B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D33B5ABB-B6C7-4207-87E2-070BD9A529E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3F65FD68-4E45-4834-A448-28E6169BBE9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3FFADD83-4052-417C-9C15-1377473BACD7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F7549BC0-65F1-44C3-9E5F-E83CFFA981CC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8623DCC0-EF63-4252-8AF6-B8703CF6E5A9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F73962C5-FC97-469A-8FC3-990571FCC4AE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F03BDA3B-A988-4569-9784-C4BDEA4F7262}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{76D5967D-2682-484F-85A4-BDDDD15A8EB8}] => (Allow) LPort=61119
FirewallRules: [{FD40029F-14D1-46A1-933D-FEBBC3E82C36}] => (Allow) LPort=61117
FirewallRules: [{28A83AEC-3C0D-475E-9A7D-B32D49530342}] => (Allow) LPort=61117
FirewallRules: [{1DB76A92-E4E2-4BDC-92C6-7A2DE079D16E}] => (Allow) LPort=61116
FirewallRules: [TCP Query User{105DF129-4BD5-4A63-8137-B5F78617D5CF}C:\users\mariecavaglia\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\mariecavaglia\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{BF89D834-D840-4AF6-BFB3-3C0EDD012A82}C:\users\mariecavaglia\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\mariecavaglia\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F78CF3C6-AEB2-4033-B831-BC4F8F9AA2AE}C:\users\mariecavaglia\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\mariecavaglia\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B3B7379C-4D98-40B5-97E8-93B2FAAD0BFC}C:\users\mariecavaglia\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\mariecavaglia\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8AA5408B-6E8F-402B-95B8-79AEF56ED3C6}] => (Allow) C:\Users\MarieCavaglia\AppData\Local\Temp\7zS58B1\HP.EasyStart.exe => Pas de fichier
FirewallRules: [TCP Query User{48DCB7F5-0615-45E4-B896-586F05DE0C22}C:\program files\microsoft onedrive\21.230.1107.0004\filecoauth.exe] => (Block) C:\program files\microsoft onedrive\21.230.1107.0004\filecoauth.exe => Pas de fichier
FirewallRules: [UDP Query User{2F964DB1-6379-43C1-81FB-916ED693CCBB}C:\program files\microsoft onedrive\21.230.1107.0004\filecoauth.exe] => (Block) C:\program files\microsoft onedrive\21.230.1107.0004\filecoauth.exe => Pas de fichier
FirewallRules: [{13EA2E9B-1618-40BF-AF4A-D6C4385C7CEB}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{D30B3A37-2608-4FF1-9C2C-A540A2ED7DC2}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{53DE7F26-0FB2-41C0-80D7-85B50716B374}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M178-M181\bin\EWSProxy.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5FD10D9D-865B-4120-87BE-62EA1F284735}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M178-M181\bin\DigitalWizards.exe (HP Inc. -> HP Inc.)
FirewallRules: [{2FFCEFD0-98F6-458F-B8ED-58454AF36745}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M178-M181\bin\FaxPrinterUtility.exe (HP Inc. -> HP Inc.)
FirewallRules: [{D58231D3-ED01-4ADD-B258-68826BDCE17A}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M178-M181\Bin\DeviceSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{C7FAC6E8-7664-4A38-89B8-F42667FDBD10}] => (Allow) LPort=5357
FirewallRules: [{C6707D23-FE65-4602-B013-C64F85197116}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M178-M181\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [{7F66C81B-510D-44E8-9A84-91AD58D70F95}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Recovery.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{BD75F749-9F1E-4F67-9E17-0F838279A606}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{2C6880B6-3AD2-4F40-B600-58A3FA852714}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{5CF5083D-4B81-469D-B01A-8DF3F3166762}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{9AF602FC-F13D-4B0D-8055-9AF882797356}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{5337BF0B-BB7A-4036-B579-6119A37232FC}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x86\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{4BB781C4-2F01-41E3-AF90-894C40C0E89D}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x86\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{36A8976A-1148-47EE-9B71-97DB7991EA8D}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{0C33CF8F-899E-4367-8269-D15593D50A08}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{B20FFA6F-2C7B-4CED-B1DB-70B33322B197}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CA2BA595-93B5-4E68-9E3A-A944B7870493}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9F083AEC-802A-4893-85D9-AE87A89F6A48}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A5F6B16A-7858-408C-B22D-CDAAACAC877A}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{63CC41DA-0353-491D-A184-0AC0CCE8019C}C:\users\mariecavaglia\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\mariecavaglia\appdata\roaming\zoom\bin\zoom.exe => Pas de fichier
FirewallRules: [UDP Query User{B07C794C-3A95-48F8-A7F3-CFE7E94D31B1}C:\users\mariecavaglia\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\mariecavaglia\appdata\roaming\zoom\bin\zoom.exe => Pas de fichier
FirewallRules: [{7017411E-CC9C-428C-A06C-BB4BF8864560}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{8F04BF3C-AF90-40F0-A980-AC61DC008171}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [TCP Query User{7BCA68D9-C7D5-42B3-A405-97370E86EE1D}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{97078E61-8737-4084-82E4-C617F5AF573E}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A819FAF6-444F-456B-85EC-DC6EA8605F16}] => (Allow) C:\Program Files (x86)\HP\HP Scan\bin\HPScan.exe (HP Inc. -> HP Inc.)
FirewallRules: [{783E6193-84E0-4B64-80AD-B158B504C82F}] => (Allow) C:\Program Files\HP\HP Scan\Bin\DeviceSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{137D9FD0-E5F1-4FB8-87E2-1C5C7AB141CA}] => (Allow) C:\Program Files\HP\HP Scan\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [{C2E7BD29-23AA-4D2A-8887-8546A1B016DD}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 7720 series\bin\FaxApplications.exe (HP Inc. -> HP Inc.)
FirewallRules: [{15378F0B-D32A-4671-A47E-A4D30FF1BE8B}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 7720 series\bin\DigitalWizards.exe (HP Inc. -> HP Inc.)
FirewallRules: [{CF98F966-71AD-403B-9804-524F3AF59D79}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 7720 series\bin\SendAFax.exe (HP Inc. -> HP Inc.)
FirewallRules: [{E85D738F-537F-4649-BCBD-F30AD922B448}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 7720 series\bin\FaxPrinterUtility.exe (HP Inc. -> HP Inc.)
FirewallRules: [{9E2F22E2-BB4E-440E-BB35-FC1726D5DCDC}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 7720 series\Bin\DeviceSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{C29DBAB7-263B-4F45-BF1F-8F15188A31D7}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 7720 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [TCP Query User{C0D5B865-3827-46EF-8520-1A25BC6CFB96}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [UDP Query User{23FBF413-D9E6-4C73-B85B-69459CEF66CB}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [TCP Query User{A6FDD06A-23AE-45A2-9F05-85417ACB6120}C:\program files\microsoft onedrive\23.043.0226.0001\filecoauth.exe] => (Block) C:\program files\microsoft onedrive\23.043.0226.0001\filecoauth.exe => Pas de fichier
FirewallRules: [UDP Query User{D871AF0E-FDAA-4DF7-9C44-3A8BB1134B96}C:\program files\microsoft onedrive\23.043.0226.0001\filecoauth.exe] => (Block) C:\program files\microsoft onedrive\23.043.0226.0001\filecoauth.exe => Pas de fichier
FirewallRules: [{5DE2BA90-A0A7-4B31-B508-A31E45E697CF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{64EE875B-6A8D-4168-A8BA-42F409701EB1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DD277B78-D85D-4875-BA75-A73ABA2B2777}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F753EE01-BBA3-4288-B77A-035113311DC1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA1EA9BF-FDBE-4EFC-B3BB-92EA74C8CEC3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1827DBC8-8A01-4F29-A6A8-145D04FC9BDD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{27FD1D9E-F9D1-40DD-827E-F6E91A7AEBCA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BE51A68C-ED62-447C-808C-72377C68083A}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.23.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{B1B10BE5-391D-4D39-AA71-A0B1EB747BAA}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.23.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{5681E1CE-8ACD-4DEB-8221-27FE0D1617B8}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.23.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{C95B201B-726C-4E9B-9454-32EDE9D889D6}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.23.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{BD6F7038-FEED-4194-BE2F-0246F5241703}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{8A6E870D-53C3-42C4-8D4D-B8E3CFAD769B}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{325E84D2-7CF9-46BC-A3F6-91C7205816EC}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{99BFB4D7-B573-416B-BEEA-0EBF088F1877}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSwitch\AsusSwitchNet.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{3EF51878-2AF2-41A3-8F18-2CC5D4167E1C}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSwitch\AsusSwitchNetMDNS.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{E2C4181E-3999-4519-81A0-2A90B3E92406}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CBB29081-ED7F-4706-B5F6-BCDA0E9E2987}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\116.0.1938.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ED6A7DC2-414E-488E-BCFB-EF3A0162F7A5}] => (Allow) LPort=21112
FirewallRules: [{C8DBC301-4C17-4FAA-8327-7F0D641E6C0B}] => (Allow) LPort=61117
FirewallRules: [{55DB30A6-887D-4B83-84C7-D7F9397B8F3B}] => (Allow) LPort=61116
==================== Points de restauration =========================
30-08-2023 18:44:51 Programme d’installation pour les modules Windows
==================== Éléments en erreur du Gestionnaire de périphériques ============
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (09/05/2023 12:14:45 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center n'a pas pu valider l'appelant. Erreur %1.
Error: (09/05/2023 12:03:16 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center n'a pas pu valider l'appelant. Erreur %1.
Error: (09/05/2023 11:12:14 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center n'a pas pu valider l'appelant. Erreur %1.
Error: (09/05/2023 11:00:44 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center n'a pas pu valider l'appelant. Erreur %1.
Error: (09/05/2023 10:47:51 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (09/05/2023 10:09:15 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center n'a pas pu valider l'appelant. Erreur %1.
Error: (09/05/2023 09:58:12 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center n'a pas pu valider l'appelant. Erreur %1.
Error: (09/05/2023 09:06:43 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center n'a pas pu valider l'appelant. Erreur %1.
Erreurs système:
=============
Error: (09/04/2023 09:13:19 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: AUTORITE NT)
Description: Le miniport Microsoft Wi-Fi Direct Virtual Adapter #2, {e3353edc-039b-4fcc-9363-4ea803416965}, a eu l’événement 74
Error: (09/01/2023 05:54:58 PM) (Source: DCOM) (EventID: 10010) (User: AzureAD)
Description: Le serveur Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (09/01/2023 05:54:58 PM) (Source: DCOM) (EventID: 10010) (User: AzureAD)
Description: Le serveur Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (09/01/2023 02:56:08 PM) (Source: DCOM) (EventID: 10005) (User: AzureAD)
Description: DCOM a reçu l’erreur « 87 » lors de la tentative de démarrage du service GamingServices avec les arguments « Non disponible » pour exécuter le serveur :
{3E8C9ABE-9226-4609-BF5B-60288A391DEE}
Error: (09/01/2023 02:56:08 PM) (Source: DCOM) (EventID: 10005) (User: AzureAD)
Description: DCOM a reçu l’erreur « 87 » lors de la tentative de démarrage du service GamingServices avec les arguments « Non disponible » pour exécuter le serveur :
{3E8C9ABE-9226-4609-BF5B-60288A391DEE}
Error: (09/01/2023 09:19:40 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Le miniport Microsoft Wi-Fi Direct Virtual Adapter #2, {e3353edc-039b-4fcc-9363-4ea803416965}, a eu l’événement 74
Error: (08/31/2023 08:09:30 PM) (Source: DCOM) (EventID: 10010) (User: AzureAD)
Description: Le serveur Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (08/31/2023 08:09:30 PM) (Source: DCOM) (EventID: 10010) (User: AzureAD)
Description: Le serveur Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Windows Defender:
================
Date: 2023-09-04 11:52:27
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {8CC714AA-C3DC-4F83-B014-3CC24A654199}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2023-09-01 12:27:23
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {FFB38E79-AF54-46B4-B44C-AFC457C4FDB9}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2023-08-31 11:06:56
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {C2C46147-AC17-4D86-971F-029E545AC1DB}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2023-08-30 18:59:08
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {DFB03178-F110-45B1-8B4A-E0D5A4CDB503}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Date: 2023-08-30 18:45:42
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {849A9063-F20C-4841-9A78-645170E5A7A4}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
CodeIntegrity:
===============
Date: 2023-09-05 12:18:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Trend Micro\Client Server Security Agent\AMSI\TmAMSIProvider64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-09-05 12:14:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Trend Micro\Client Server Security Agent\AMSI\TmAMSIProvider64.dll that did not meet the Windows signing level requirements.
==================== Infos Mémoire ===========================
BIOS: American Megatrends International, LLC. X3500PH.302 08/08/2022
Carte mère: ASUSTeK COMPUTER INC. X3500PH
Processeur: 11th Gen Intel(R) Core(TM) i7-11370H @ 3.30GHz
Pourcentage de mémoire utilisée: 55%
Mémoire physique - RAM - totale: 16075.34 MB
Mémoire physique - RAM - disponible: 7138.51 MB
Mémoire virtuelle totale: 24011.34 MB
Mémoire virtuelle disponible: 10395.91 MB
==================== Lecteurs ================================
Drive c: (OS) (Fixed) (Total:475.45 GB) (Free:70.58 GB) (Model: NVMe INTEL SSDPEKNU512GZ) (Protected) NTFS
Drive g: (Google Drive) (Fixed) (Total:15 GB) (Free:13.93 GB) (Model: NVMe INTEL SSDPEKNU512GZ) FAT32
\\?\Volume{5dcf66d5-0f38-434a-841d-014a29e08204}\ (RECOVERY) (Fixed) (Total:1.03 GB) (Free:0.14 GB) NTFS
\\?\Volume{fe02c081-bae1-4a0c-b22b-17e488030da1}\ (MYASUS) (Fixed) (Total:0.19 GB) (Free:0.13 GB) FAT32
\\?\Volume{387a7a91-08e5-452a-88f7-260e23995a20}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 8AF94B3D)
Partition: GPT.
==================== Fin de Addition.txt =======================