Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 19.04.2024 01
Exécuté par HP (28-04-2024 20:20:04)
Exécuté depuis C:\Users\HP\Desktop
Microsoft Windows 10 Entreprise Version 22H2 19045.4291 (X64) (2020-12-02 13:30:45)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
Administrator (S-1-5-21-1551542468-2884388448-3857473492-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1551542468-2884388448-3857473492-503 - Limited - Disabled)
Guest (S-1-5-21-1551542468-2884388448-3857473492-501 - Limited - Disabled)
HP (S-1-5-21-1551542468-2884388448-3857473492-1002 - Administrator - Enabled) => C:\Users\HP
WDAGUtilityAccount (S-1-5-21-1551542468-2884388448-3857473492-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: FortiClient AntiVirus (Disabled - Up to date) {5EEDDB8C-C27A-6714-3657-DBD811D1F1B7}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
64 Bit HP CIO Components Installer (HKLM\...\{50229C72-539F-4E65-BEB5-F0491C5074B7}) (Version: 22.2.1 - HP Inc.) Hidden
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1036-1033-7760-BC15014EA700}) (Version: 24.002.20687 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.414 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
A-Men Technologies USB-to-Serial (HKLM-x32\...\{1805BD6D-C441-4A1C-802D-AFF0232DAACD}) (Version: - )
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 8.0.9 - AnyDesk Software GmbH)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1189.1 - AVAST Software) Hidden
BitTorrent (HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\BitTorrent) (Version: 7.11.0.46823 - BitTorrent Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 7.35.344.10 - Broadcom Corporation)
CyberLink YouCam 5 (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.0909 - CyberLink Corp.) Hidden
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.0909 - CyberLink Corp.)
ELAN Touchpad 15.2.5.1_X64_WHQL (HKLM\...\Elantech) (Version: 15.2.5.1 - ELAN Microelectronic Corp.)
FortiClient (HKLM\...\{CF528CBD-062E-4543-AC77-6B44BBB3CF07}) (Version: 5.4.5.0891 - Fortinet Inc)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.5.0.20723 - Foxit Software Inc.)
Free Ping Tool (HKLM-x32\...\{77B7AA53-6F12-4286-B4A8-87BE60AFDEA0}) (Version: 3.0.0.13 - ZOHO Corp.)
Free Tools Launcher (HKLM-x32\...\{BB86BE84-4123-4967-9BA3-45F6648551E1}) (Version: 2.0.0 - ZOHO Corp.)
Free Windows SNMP Enabler (HKLM-x32\...\{58CE3557-5068-4105-8D2F-AD21EF4E3E68}) (Version: 1.0.8 - ZOHO Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 124.0.6367.91 - Google LLC)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5063 - Intel Corporation)
Microsoft Access MUI (French) 2013 (HKLM\...\{90150000-0015-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (French) 2013 (HKLM\...\{90150000-0090-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 124.0.2478.51 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 123.0.2420.97 - Microsoft Corporation)
Microsoft Excel MUI (French) 2013 (HKLM\...\{90150000-0016-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (French) 2013 (HKLM\...\{90150000-00BA-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (French) 2013 (HKLM\...\{90150000-0044-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Interop Forms Redistributable Package 2.0a (HKLM-x32\...\{76D1AA2B-A434-4D63-BE2C-80286F23C223}) (Version: 2.0.0 - Microsoft Corporation)
Microsoft Lync MUI (French) 2013 (HKLM\...\{90150000-012B-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft ODBC Driver 13 for SQL Server (HKLM\...\{F568A584-523B-4F16-917E-5742839B03CC}) (Version: 13.1.4413.46 - Microsoft Corporation)
Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2016 (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2016 – Deutsch (HKLM\...\{90160000-001F-0407-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (French) 2013 (HKLM\...\{90150000-00E1-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (French) 2016 (HKLM\...\{90160000-00E1-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (French) 2013 (HKLM\...\{90150000-00E2-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professionnel Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing (French) 2013 (HKLM\...\{90150000-002C-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (French) 2016 (HKLM\...\{90160000-002C-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM\...\{90150000-001F-0413-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - اللغة العربية (HKLM\...\{90150000-001F-0401-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2016 - English (HKLM\...\{90160000-001F-0409-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2016 - اللغة العربية (HKLM\...\{90160000-001F-0401-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (French) 2013 (HKLM\...\{90150000-00C1-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (French) 2016 (HKLM\...\{90160000-00C1-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (French) 2013 (HKLM\...\{90150000-006E-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (French) 2016 (HKLM\...\{90160000-006E-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft OLE DB Driver for SQL Server (HKLM\...\{23438EF7-40CA-483B-A22D-756407B7A503}) (Version: 18.0.2.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Microsoft OneNote MUI (French) 2013 (HKLM\...\{90150000-00A1-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (French) 2013 (HKLM\...\{90150000-001A-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (French) 2013 (HKLM\...\{90150000-0018-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (French) 2013 (HKLM\...\{90150000-0019-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Teams classic (HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\Teams) (Version: 1.7.00.3653 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visio MUI (French) 2016 (HKLM\...\{90160000-0054-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Visio Professional 2016 (HKLM\...\{90160000-0051-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Visio Professionnel 2016 (HKLM\...\Office16.VISPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Word MUI (French) 2013 (HKLM\...\{90150000-001B-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Mozilla Firefox 74.0 (x64 en-US) (HKLM\...\Mozilla Firefox 74.0 (x64 en-US)) (Version: 74.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 74.0 - Mozilla)
Npcap OEM (HKLM-x32\...\NpcapInst) (Version: 1.75 - Nmap Project)
Opera Stable 109.0.5097.68 (HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\Opera 109.0.5097.68) (Version: 109.0.5097.68 - Opera Software)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PCI Audio Star 1.4 (HKLM-x32\...\PCI Audio Star_is1) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0015-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0016-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0018-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0019-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001A-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001B-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0401-1000-0000000FF1CE}_Office15.PROPLUS_{C5DEA626-E7D2-4200-9B49-43E37BF21A7C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUS_{DABB9E2A-F054-4F97-9EB2-6992316C6EC7}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{835E4BED-E265-4103-AE14-0B4C70CF3FE8}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{1F7000D3-A917-4AD2-BA55-59E6FDAF062A}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0413-1000-0000000FF1CE}_Office15.PROPLUS_{2F03603E-9953-44F3-9608-2B61DE92F2F2}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{4BF13B26-3A95-4E42-900A-DEB16FDA75A0}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-002C-040C-1000-0000000FF1CE}_Office15.PROPLUS_{5B93071A-F8EF-4894-88C1-8B785A46D4C6}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0044-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-006E-040C-1000-0000000FF1CE}_Office15.PROPLUS_{96DAF4C0-7FCF-4B53-91FA-B12C7162D90E}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0090-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00A1-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00BA-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1931508C-C004-4983-81E3-70BE6252904B}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-040C-1000-0000000FF1CE}_Office15.PROPLUS_{DC0FD398-D15A-4351-B0D9-9F40612C5057}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E1-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E2-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-012B-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Snip (HKLM-x32\...\{1CF74000-36F5-4B78-A1C9-A33895D8AFA4}) (Version: 0.1.4814.0 - Microsoft) Hidden
Snip (HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\{29140599-94ec-407e-aceb-dfa848705777}) (Version: 0.1.4814.0 - Microsoft Corporation)
SolarWinds NetFlow Realtime (HKLM-x32\...\{BD8B6228-3EA7-4F03-B0DA-B72D5B700470}) (Version: 19.3.0.6001 - SolarWinds)
SolarWinds TFTP Server (HKLM-x32\...\{F0C566BF-DE83-42C1-B51B-0FA39FE0BE38}) (Version: 11.4.0.60017 - SolarWinds)
SolarWinds Toolset v2024.1.0 (HKLM-x32\...\{0AFF55C1-0A8F-45FC-AAF3-0BB5F7A49805}) (Version: 124.1.0.6398 - SolarWinds Worldwide, LLC.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Tera Term 4.100 (HKLM-x32\...\Tera Term_is1) (Version: 4.100 - TeraTerm Project)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-040C-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{0BAA0A93-3AD3-4B19-9105-4C8C3FA92A83}) (Version: 2.67.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.883 - McAfee, LLC)
Windows IPTV Player (HKLM-x32\...\{D1F0A04F-B987-4373-9E26-40DC6F1F9906}) (Version: 3.0.0.0 - Xtream Codes LTD)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinSCP 6.1.2 (HKLM-x32\...\winscp3_is1) (Version: 6.1.2 - Martin Prikryl)
YoutubeDownloader (HKLM-x32\...\C531132B-85F9-42CD-8EE9-C19AB95BFB38) (Version: 2.0.0.3156 - )
Zoom (HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\ZoomUMX) (Version: 5.16.2 (22807) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-03-14] ()
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-06] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6 [2024-03-18] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Copilot -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-04-02] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-21] (Microsoft Studios) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2413.1.0_x64__cv1g1gvanyjgm [2024-04-05] (WhatsApp Inc.) [Startup Task]
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23355.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{2EF7E390-2F7C-4F9A-9B7D-4A87B56B711D}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.173.51\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{38971E90-14FD-44F6-AA45-1447B653F873}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.173.45\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.185.29\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{608D599A-DCA6-4A7C-BED7-AFCD8465345A}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.175.29\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{64C6EFB9-8F79-4106-B975-067448DC768F}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{72726D01-426C-4B35-8266-B4496CAA889E}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.183.29\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{7C9A348D-C321-47AC-904F-150312A5430F}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.175.27\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.185.29\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{88B20FC8-EBD6-4181-B5F6-50F45BFF722E}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.167.21\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{997809F3-33FD-4FD6-A2ED-CEF50F3263B1}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.169.31\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{ABF66F82-B04C-4FE4-8272-661539463FE1}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.185.27\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{B29F5F83-90DF-479A-BDE7-8A9F4412E394}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.171.39\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{BFBE0943-74C5-40E0-9E80-0B808109E95D}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.163.19\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynTPCpl.dll",ShowDevicePropPage 1
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{CAE1760A-CB07-481B-8F9A-BC65510AF5D5}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.185.21\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20077.4\x64\Microsoft.Teams.AddinLoader.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\HP\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{D1CE12B0-2529-4B24-BE8E-189735EA0DC1}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.165.21\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{DAA7499A-B3AC-4419-A89B-124318504051}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.185.29\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{E3D57E77-FE71-4D06-BD34-D48820074909}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{E76F97B1-1AE9-497C-9FA4-F57BBABAD54A}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.185.17\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{E8791438-3525-48BF-A600-C577AD1674C2}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.173.49\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{F1CBF5EB-347F-4E4C-90AC-E43339FC34EC}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.173.55\psuser_64.dll => Pas de fichier
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Pas de fichier
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Pas de fichier
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Pas de fichier
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Pas de fichier
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2019-02-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Pas de fichier
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Avec liste blanche) ====================
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
==================== Modules chargés (Avec liste blanche) =============
0000-00-00 00:00 - 0000-00-00 00:00 - 000000000 _____ () [Accès refusé] C:\PROGRA~2\METADA~1\CETOIT~1\NGOWFF~1.DLL
==================== Alternate Data Streams (Avec liste blanche) ========
==================== Mode sans échec (Avec liste blanche) ==================
==================== Association (Avec liste blanche) =================
==================== Internet Explorer (Avec liste blanche) ==========
HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBfs_g9TIA-Abg5tX95mMukX1QQ3LoTt0UHNL19KmqLXEl3bPjrBU0GEEBa-cUzrtT-cs7EIa2kuhkJNxcOrjEA6ihrnSbsH-UnhpS6Tfq7QlEsTXfzulSPwLcSPgsJQ0RYTY8xUY_1QTdeRfVxl0G38GyVDuUNc119TXW_DVHBzocTlkqg&q={searchTerms}
HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COS2&ptag=D080319-N0690A251FF33716&form=CONMHP&conlogo=CT3334491
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBfs_g9TIA-Abg5tX95mMukX1QQ3LoTt0UHNL19KmqLXEl3bPjrBU0GEEBa-cUzrtT-cs7EIa2kuhkJNxcOrjEA6ihrnSbsH-UnhpS6Tfq7QlEsTXfzulSPwLcSPgsJQ0RYTY8xUY_1QTdeRfVxl0G38GyVDuUNc119TXW_DVHBzocTlkqg&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002 -> DefaultScope {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBfs_g9TIA-Abg5tX95mMukX1QQ3LoTt0UHNL19KmqLXEl3bPjrBU0GEEBa-cUzrtT-cs7EIa2kuhkJNxcOrjEA6ihrnSbsH-UnhpS6Tfq7QlEsTXfzulSPwLcSPgsJQ0RYTY8xUY_1QTdeRfVxl0G38GyVDuUNc119TXW_DVHBzocTlkqg&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBfs_g9TIA-Abg5tX95mMukX1QQ3LoTt0UHNL19KmqLXEl3bPjrBU0GEEBa-cUzrtT-cs7EIa2kuhkJNxcOrjEA6ihrnSbsH-UnhpS6Tfq7QlEsTXfzulSPwLcSPgsJQ0RYTY8xUY_1QTdeRfVxl0G38GyVDuUNc119TXW_DVHBzocTlkqg&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
IE trusted site: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2024-04-25 16:36 - 2024-04-25 16:36 - 000000356 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2023-01-13 12:30 - 2024-03-21 16:59 - 000000926 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
35
29 821
192.168.137.130 Elisabeth.mshome.net # 2023 2 4 23 12 32 25 75
192.168.137.4 Redmi-Note-11-4G.mshome.net # 2023 2 4 23 8 23 26 486
2 29 821
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.179.124
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Le Pare-feu est activé.
Network Binding:
=============
Bluetooth Network Connection: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 8: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 8: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet 2: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 2: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet 3: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 3: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Wi-Fi 4: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Wi-Fi 4: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run32: => "YouCam Service"
HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\StartupApproved\Run: => "ut"
HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\StartupApproved\Run: => "bt"
HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_AC3B7AF181558E407F159DB8A5D4AA84"
HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\StartupApproved\Run: => "Microsoft Edge Update"
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{1C64F373-3E5B-4E08-9096-0FFB58381EEB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => Pas de fichier
FirewallRules: [{17D6B0E8-405C-4FFA-ADD4-D6918BE72F1A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3F28319A-7BF3-49AA-8874-77B340E17726}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{21D5340A-464F-4C60-A664-47266EEE7304}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{24F49575-A3C6-43CF-8372-0FDE86631DA1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{D8CDE319-7DBB-4AF3-9C91-58750C80FBAE}C:\users\hp\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Allow) C:\users\hp\appdata\local\programs\opera\72.0.3815.186\opera.exe => Pas de fichier
FirewallRules: [TCP Query User{A2CAE77B-7262-422A-AAFC-3A4AD8D641A2}C:\users\hp\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Allow) C:\users\hp\appdata\local\programs\opera\72.0.3815.186\opera.exe => Pas de fichier
FirewallRules: [TCP Query User{442623C4-F8F0-4A81-8165-991D58A79232}C:\users\hp\desktop\winbox.exe] => (Allow) C:\users\hp\desktop\winbox.exe (SIA "Mikrotīkls" -> )
FirewallRules: [UDP Query User{FF9A6F37-24E6-4F04-8E13-EB8EF5088672}C:\users\hp\desktop\winbox.exe] => (Allow) C:\users\hp\desktop\winbox.exe (SIA "Mikrotīkls" -> )
FirewallRules: [TCP Query User{3534154D-0AA7-4E04-8471-8139B4ED0954}C:\users\hp\appdata\local\programs\opera\77.0.4054.277\opera.exe] => (Block) C:\users\hp\appdata\local\programs\opera\77.0.4054.277\opera.exe => Pas de fichier
FirewallRules: [UDP Query User{F9851609-C00B-4F4A-B896-946772749731}C:\users\hp\appdata\local\programs\opera\77.0.4054.277\opera.exe] => (Block) C:\users\hp\appdata\local\programs\opera\77.0.4054.277\opera.exe => Pas de fichier
FirewallRules: [TCP Query User{A3A24B87-0436-4BA6-96AC-872BC39562D9}C:\users\hp\appdata\local\programs\opera\78.0.4093.184\opera.exe] => (Block) C:\users\hp\appdata\local\programs\opera\78.0.4093.184\opera.exe => Pas de fichier
FirewallRules: [UDP Query User{FB54B812-879B-4C30-8ED5-7CC1BDCDB2E7}C:\users\hp\appdata\local\programs\opera\78.0.4093.184\opera.exe] => (Block) C:\users\hp\appdata\local\programs\opera\78.0.4093.184\opera.exe => Pas de fichier
FirewallRules: [{CFFBDE44-C637-43B8-9A3B-974177D48511}] => (Allow) C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe => Pas de fichier
FirewallRules: [{BB4E2ABF-DFC2-43C5-A41B-1033778F732B}] => (Allow) C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe => Pas de fichier
FirewallRules: [TCP Query User{97E933D8-3A7D-43F1-9FD7-FCDD50C15728}C:\users\hp\appdata\local\programs\opera\opera.exe] => (Block) C:\users\hp\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{B23C6786-B3EB-4FA7-BD05-9F12E0404C34}C:\users\hp\appdata\local\programs\opera\opera.exe] => (Block) C:\users\hp\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{7F09C4E4-04EB-4F11-AC31-B4D040329F9B}C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_46096.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_46096.exe => Pas de fichier
FirewallRules: [UDP Query User{FDF29657-5D50-4211-A1FA-E7C9CB98DC11}C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_46096.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_46096.exe => Pas de fichier
FirewallRules: [{C4FFF3F8-29AF-41F3-A5C4-5453EEA3D2F5}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{5C7AE336-B8FD-4E06-9349-0AE443C0A513}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{2DE2638C-5B3A-465B-9D94-8B394A4B9F15}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{A16DB0E5-3903-4990-A1F2-8367A088C9B8}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiProxy.exe (Fortinet Inc.) [Fichier non signé]
FirewallRules: [{3E008129-1133-4C32-ADED-4B476C3C88B4}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiProxy.exe (Fortinet Inc.) [Fichier non signé]
FirewallRules: [{3E956B50-985C-43D1-9536-BB1FD270E542}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\ipsec.exe (Fortinet Inc.) [Fichier non signé]
FirewallRules: [{54352483-637E-42B9-BC06-A305F2DC46BF}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiWad.exe (Fortinet Inc.) [Fichier non signé]
FirewallRules: [{04ACC175-5602-44D1-AD21-65C5CD5CA931}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortiesnac.exe (Fortinet Inc.) [Fichier non signé]
FirewallRules: [{56CE6D8F-7179-46CA-BD9F-74730BBD7C45}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortifws.exe (Fortinet Inc.) [Fichier non signé]
FirewallRules: [TCP Query User{4473E38D-3D85-41B8-A590-0FC59D280CBF}C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_46248.exe] => (Block) C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_46248.exe => Pas de fichier
FirewallRules: [UDP Query User{CC200333-5188-4901-AC42-91D569EAC59D}C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_46248.exe] => (Block) C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_46248.exe => Pas de fichier
FirewallRules: [TCP Query User{FD6A2C2F-C698-433A-8265-ED134B1AF223}C:\program files\cisco packet tracer 7.3.0\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.3.0\bin\packettracer7.exe => Pas de fichier
FirewallRules: [UDP Query User{F28F1A72-9AD5-4086-8632-375DC8166DCB}C:\program files\cisco packet tracer 7.3.0\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.3.0\bin\packettracer7.exe => Pas de fichier
FirewallRules: [{A0383923-DF37-4BB7-81D1-7C11C38C90E5}] => (Allow) C:\Users\HP\AppData\Local\Temp\bittorrent\bittorrent.exe => Pas de fichier
FirewallRules: [{FBA22F79-1DF2-4A18-9C20-5FBFC652277B}] => (Allow) C:\Users\HP\AppData\Local\Temp\bittorrent\bittorrent.exe => Pas de fichier
FirewallRules: [{86A58EA3-7214-42BB-9353-529BB77B9A17}] => (Allow) C:\Program Files (x86)\360\Total Security\360TsLiveUpd.exe => Pas de fichier
FirewallRules: [{627B430F-DE4B-4171-A481-C8A4EBC05B2E}] => (Allow) C:\Program Files (x86)\360\Total Security\360TsLiveUpd.exe => Pas de fichier
FirewallRules: [TCP Query User{4C018BCD-EF77-4427-913E-0AC0B137C6BB}C:\users\hp\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\hp\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{A86ACF0B-B8E5-4478-8F14-E662D60C985A}C:\users\hp\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\hp\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{A707CA3F-FD2B-4C20-9392-71DEF5A15A1C}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{9EF9B44E-D4C9-4EDD-81A6-3F6AD0C564EB}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{55DF461A-E889-4275-A89E-9E35B8EAD0CE}] => (Allow) C:\Users\HP\AppData\Roaming\BitTorrent\BitTorrent.exe => Pas de fichier
FirewallRules: [{82651A5E-F64D-44F2-85C5-DA690696D90E}] => (Allow) C:\Users\HP\AppData\Roaming\BitTorrent\BitTorrent.exe => Pas de fichier
FirewallRules: [TCP Query User{B4778836-D41E-4D3F-8D6B-8FFCBD6386D2}C:\users\hp\appdata\roaming\bittorrent\updates\bittorrent.exe] => (Allow) C:\users\hp\appdata\roaming\bittorrent\updates\bittorrent.exe => Pas de fichier
FirewallRules: [UDP Query User{0E697C66-9381-4C5F-8A6D-61A558EC38D1}C:\users\hp\appdata\roaming\bittorrent\updates\bittorrent.exe] => (Allow) C:\users\hp\appdata\roaming\bittorrent\updates\bittorrent.exe => Pas de fichier
FirewallRules: [TCP Query User{D79B70DC-BB32-4B07-A6F9-81DEC664B5A4}C:\users\hp\appdata\local\temp\scoped_dir11548_89678188\winbox64.exe] => (Allow) C:\users\hp\appdata\local\temp\scoped_dir11548_89678188\winbox64.exe => Pas de fichier
FirewallRules: [UDP Query User{755E552D-7A9E-4C3F-A26D-726EB57C21FF}C:\users\hp\appdata\local\temp\scoped_dir11548_89678188\winbox64.exe] => (Allow) C:\users\hp\appdata\local\temp\scoped_dir11548_89678188\winbox64.exe => Pas de fichier
FirewallRules: [{5A66566A-8A1D-4780-ADBD-376476A28BCB}] => (Block) C:\users\hp\appdata\local\temp\scoped_dir11548_89678188\winbox64.exe => Pas de fichier
FirewallRules: [{8EDA4124-0841-4922-9011-C318A876C554}] => (Block) C:\users\hp\appdata\local\temp\scoped_dir11548_89678188\winbox64.exe => Pas de fichier
FirewallRules: [TCP Query User{E490AEE4-F63F-45D7-B68A-4814B33BB68E}C:\users\hp\downloads\winbox64.exe] => (Allow) C:\users\hp\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{9C5787DF-CE45-4F4B-908B-6B3D7C23CB0A}C:\users\hp\downloads\winbox64.exe] => (Allow) C:\users\hp\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [{EB39C6AC-E9D9-4471-8054-5F818C5AFF1D}] => (Block) C:\users\hp\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [{07F495EE-771B-49C0-933E-8193C74377F5}] => (Block) C:\users\hp\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{1A02BE94-2CD0-476F-9806-AF2372566334}C:\users\hp\appdata\local\temp\scoped_dir2452_1613361954\winbox64.exe] => (Allow) C:\users\hp\appdata\local\temp\scoped_dir2452_1613361954\winbox64.exe => Pas de fichier
FirewallRules: [UDP Query User{820205E6-9E59-4ADA-8356-B79E603CC33B}C:\users\hp\appdata\local\temp\scoped_dir2452_1613361954\winbox64.exe] => (Allow) C:\users\hp\appdata\local\temp\scoped_dir2452_1613361954\winbox64.exe => Pas de fichier
FirewallRules: [TCP Query User{4BBBE5BD-E3D2-49F8-AE99-8923BAE4FFE6}C:\users\hp\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\hp\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{351856FF-B8D5-4780-AFBF-A048F3350CBC}C:\users\hp\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\hp\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6F7D79CA-F988-4BFD-910F-CE17E957AE6A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{45A346AD-2AB7-40C8-B6FB-C45B69B04D03}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0592E2C1-C207-44FC-9FBC-C7BD1B49270B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{511E9D31-060C-4A4E-8D32-A83CC505FBB7}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7A8EE89E-29BA-4D30-9304-49ABC83D8870}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{40B92064-FF01-4539-AE35-BEAEE0C21E09}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiProxy.exe (Fortinet Inc.) [Fichier non signé]
FirewallRules: [TCP Query User{D4458475-A226-48E5-B1F1-7CA59C57C615}C:\users\hp\appdata\local\temp\{838d1587-e5f9-4e05-9ab9-b4d716be7ee9}\manageengine_opmanager_64bit.exe] => (Allow) C:\users\hp\appdata\local\temp\{838d1587-e5f9-4e05-9ab9-b4d716be7ee9}\manageengine_opmanager_64bit.exe => Pas de fichier
FirewallRules: [UDP Query User{B87EFD78-AD68-4A62-BDD3-704696074FCD}C:\users\hp\appdata\local\temp\{838d1587-e5f9-4e05-9ab9-b4d716be7ee9}\manageengine_opmanager_64bit.exe] => (Allow) C:\users\hp\appdata\local\temp\{838d1587-e5f9-4e05-9ab9-b4d716be7ee9}\manageengine_opmanager_64bit.exe => Pas de fichier
FirewallRules: [TCP Query User{701D434A-6CEE-41D9-A5B9-B42ADCDA5367}C:\users\hp\appdata\local\temp\{9a131024-a608-4c83-875e-5b00c1c48d61}\manageengine_opmanager_central_64bit.exe] => (Allow) C:\users\hp\appdata\local\temp\{9a131024-a608-4c83-875e-5b00c1c48d61}\manageengine_opmanager_central_64bit.exe => Pas de fichier
FirewallRules: [UDP Query User{E878EFAC-43A1-452E-9620-A7256F9E064B}C:\users\hp\appdata\local\temp\{9a131024-a608-4c83-875e-5b00c1c48d61}\manageengine_opmanager_central_64bit.exe] => (Allow) C:\users\hp\appdata\local\temp\{9a131024-a608-4c83-875e-5b00c1c48d61}\manageengine_opmanager_central_64bit.exe => Pas de fichier
FirewallRules: [TCP Query User{072A545E-3124-446B-98FF-72AA727C048B}C:\program files\manageengine\opmanagercentral\jre\bin\javaw.exe] => (Allow) C:\program files\manageengine\opmanagercentral\jre\bin\javaw.exe => Pas de fichier
FirewallRules: [UDP Query User{68D80900-EB37-408A-8F99-74658C924B12}C:\program files\manageengine\opmanagercentral\jre\bin\javaw.exe] => (Allow) C:\program files\manageengine\opmanagercentral\jre\bin\javaw.exe => Pas de fichier
FirewallRules: [TCP Query User{8D83B98B-666C-4F73-8AD7-235C3FC6C654}C:\program files\manageengine\opmanagercentral\jre\bin\java.exe] => (Allow) C:\program files\manageengine\opmanagercentral\jre\bin\java.exe => Pas de fichier
FirewallRules: [UDP Query User{2D7FC2C5-4BE8-4F04-A14B-49F10045A81C}C:\program files\manageengine\opmanagercentral\jre\bin\java.exe] => (Allow) C:\program files\manageengine\opmanagercentral\jre\bin\java.exe => Pas de fichier
FirewallRules: [TCP Query User{F8D6528B-8A06-400A-A4DA-2EA2A725699B}C:\users\hp\appdata\local\temp\{9de894a0-e6ad-436d-8458-4c797b84d12f}\manageengine_opmanager_64bit.exe] => (Allow) C:\users\hp\appdata\local\temp\{9de894a0-e6ad-436d-8458-4c797b84d12f}\manageengine_opmanager_64bit.exe => Pas de fichier
FirewallRules: [UDP Query User{B3F78792-9448-4F9E-B930-3BCA523A31AF}C:\users\hp\appdata\local\temp\{9de894a0-e6ad-436d-8458-4c797b84d12f}\manageengine_opmanager_64bit.exe] => (Allow) C:\users\hp\appdata\local\temp\{9de894a0-e6ad-436d-8458-4c797b84d12f}\manageengine_opmanager_64bit.exe => Pas de fichier
FirewallRules: [{FBFE88BF-0521-43C1-B373-D0142E517DBB}] => (Allow) LPort=22
FirewallRules: [{F2208D1A-89A0-48C6-9F31-AFA37F162001}] => (Allow) LPort=69
FirewallRules: [TCP Query User{A87A3C67-0218-4077-B80D-2DE8174592A0}C:\program files\manageengine\opmanager\jre\bin\java.exe] => (Allow) C:\program files\manageengine\opmanager\jre\bin\java.exe => Pas de fichier
FirewallRules: [UDP Query User{94714152-414F-4220-9CEC-5C2355D1BAC5}C:\program files\manageengine\opmanager\jre\bin\java.exe] => (Allow) C:\program files\manageengine\opmanager\jre\bin\java.exe => Pas de fichier
FirewallRules: [TCP Query User{3E1688F7-D433-4FDF-9240-52599D61DDAC}C:\program files\manageengine\opmanager\jre\bin\javaw.exe] => (Allow) C:\program files\manageengine\opmanager\jre\bin\javaw.exe => Pas de fichier
FirewallRules: [UDP Query User{0E66BD87-BE22-4514-8A9A-AD2425D7B446}C:\program files\manageengine\opmanager\jre\bin\javaw.exe] => (Allow) C:\program files\manageengine\opmanager\jre\bin\javaw.exe => Pas de fichier
FirewallRules: [TCP Query User{C021EF82-DB60-48BF-B361-C7E2DD755EF2}C:\users\hp\appdata\local\temp\{94e79144-f558-4088-b9bc-62837f83758e}\manageengine_opmanager_64bit.exe] => (Allow) C:\users\hp\appdata\local\temp\{94e79144-f558-4088-b9bc-62837f83758e}\manageengine_opmanager_64bit.exe => Pas de fichier
FirewallRules: [UDP Query User{34FAC3C2-4ACF-42E1-B76B-D39DF8EAF915}C:\users\hp\appdata\local\temp\{94e79144-f558-4088-b9bc-62837f83758e}\manageengine_opmanager_64bit.exe] => (Allow) C:\users\hp\appdata\local\temp\{94e79144-f558-4088-b9bc-62837f83758e}\manageengine_opmanager_64bit.exe => Pas de fichier
FirewallRules: [{D05D9CEA-5A82-4631-A255-D880134D97BA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.115.3217.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2D2316BC-DFE5-4860-8F91-7750C12C7DD7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.115.3217.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{61CA7EF6-D117-4996-8ECD-97D959DC626D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.115.3217.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{69AEBCEE-80E0-4DB8-B4E5-1DEA20FD0E7B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.115.3217.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{1276BBF4-A22D-4519-B249-1ADBF249D723}C:\users\hp\appdata\local\temp\{b3dfaea5-437b-4713-a278-e156700e47b1}\manageengine_netflowanalyzer_64bit(1).exe] => (Allow) C:\users\hp\appdata\local\temp\{b3dfaea5-437b-4713-a278-e156700e47b1}\manageengine_netflowanalyzer_64bit(1).exe => Pas de fichier
FirewallRules: [UDP Query User{DCCDA204-206A-4C81-883C-978F3A659755}C:\users\hp\appdata\local\temp\{b3dfaea5-437b-4713-a278-e156700e47b1}\manageengine_netflowanalyzer_64bit(1).exe] => (Allow) C:\users\hp\appdata\local\temp\{b3dfaea5-437b-4713-a278-e156700e47b1}\manageengine_netflowanalyzer_64bit(1).exe => Pas de fichier
FirewallRules: [TCP Query User{13C3B669-9C38-475E-BF03-00DE79E39914}C:\users\hp\appdata\local\temp\{5ca629ca-b206-4546-8484-43efcffd44b3}\manageengine_netflowanalyzer_64bit(1).exe] => (Allow) C:\users\hp\appdata\local\temp\{5ca629ca-b206-4546-8484-43efcffd44b3}\manageengine_netflowanalyzer_64bit(1).exe => Pas de fichier
FirewallRules: [UDP Query User{38EF12DB-6C7D-4BBD-A308-EA220DADAC26}C:\users\hp\appdata\local\temp\{5ca629ca-b206-4546-8484-43efcffd44b3}\manageengine_netflowanalyzer_64bit(1).exe] => (Allow) C:\users\hp\appdata\local\temp\{5ca629ca-b206-4546-8484-43efcffd44b3}\manageengine_netflowanalyzer_64bit(1).exe => Pas de fichier
FirewallRules: [{B9727161-15D7-492C-893B-FF0AF2ADA9BA}] => (Allow) C:\WINDOWS\rss\csrss.exe (522a29533d3f200e2d1728300c141021081631313626321023042b113f2d26353224 -> ) [Fichier non signé]
FirewallRules: [{E3D5CE83-4F74-4C53-9BCD-14A70030CE3C}] => (Allow) C:\WINDOWS\rss\csrss.exe (522a29533d3f200e2d1728300c141021081631313626321023042b113f2d26353224 -> ) [Fichier non signé]
FirewallRules: [{3ADB4A8B-11BC-4D24-BC88-A217F865B50E}] => (Allow) C:\WINDOWS\rss\csrss.exe (522a29533d3f200e2d1728300c141021081631313626321023042b113f2d26353224 -> ) [Fichier non signé]
FirewallRules: [{E2FAA280-8DED-421A-9F51-1AC5369AEF0B}] => (Allow) C:\WINDOWS\rss\csrss.exe (522a29533d3f200e2d1728300c141021081631313626321023042b113f2d26353224 -> ) [Fichier non signé]
FirewallRules: [{97752C85-C58D-46E6-96C2-53ADB344AA39}] => (Allow) C:\WINDOWS\rss\csrss.exe (522a29533d3f200e2d1728300c141021081631313626321023042b113f2d26353224 -> ) [Fichier non signé]
FirewallRules: [{3E5EB29D-E81C-4742-9B1A-C1CCBEF520FD}] => (Allow) C:\WINDOWS\rss\csrss.exe (522a29533d3f200e2d1728300c141021081631313626321023042b113f2d26353224 -> ) [Fichier non signé]
FirewallRules: [{5C416382-B769-4F1B-9774-47E392F6938A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7735701A-1477-4E52-8016-274DE5678D9B}] => (Allow) C:\WINDOWS\rss\csrss.exe (522a29533d3f200e2d1728300c141021081631313626321023042b113f2d26353224 -> ) [Fichier non signé]
FirewallRules: [{34F210A8-8C0E-448F-AC81-09F2B98BB5DB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{137ABB5B-FE74-42D8-B19A-B1A1D6A861EF}C:\program files (x86)\solarwinds\netflowrealtime\netflowrealtime.exe] => (Allow) C:\program files (x86)\solarwinds\netflowrealtime\netflowrealtime.exe (Solarwinds Worldwide, LLC -> SolarWinds)
FirewallRules: [UDP Query User{C315BB27-E184-44E2-A866-4B559A070CBA}C:\program files (x86)\solarwinds\netflowrealtime\netflowrealtime.exe] => (Allow) C:\program files (x86)\solarwinds\netflowrealtime\netflowrealtime.exe (Solarwinds Worldwide, LLC -> SolarWinds)
FirewallRules: [{3CADEECE-B582-4038-B152-5C7033DB018E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{1B499D8C-82FC-4F8A-AE85-9C2C4AE28FC6}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{344B6F7D-E229-4949-8066-ED358F823659}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{13CFB0D9-0D5B-42AE-AE3A-49570E123834}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{FA112869-0D9A-4C6B-916F-221064DAF391}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{FED66119-D98A-432E-8CEE-3E77FA34280F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
==================== Points de restauration =========================
25-04-2024 13:35:17 {a0067477-1cb8-490d-a523-e79c452a4f5a}
26-04-2024 10:22:33 Installed SolarWinds Toolset v2024.1.0
==================== Éléments en erreur du Gestionnaire de périphériques ============
Name: Fortinet SSL VPN Virtual Ethernet Adapter
Description: Fortinet SSL VPN Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Fortinet Inc.
Service: ftsvnic
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (04/28/2024 08:09:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante eRJfTzjCV5loGK7fZq6BTMqc.exe, version : 23.0.0.0, horodatage : 0x66295e3a
Nom du module défaillant : eRJfTzjCV5loGK7fZq6BTMqc.exe, version : 23.0.0.0, horodatage : 0x66295e3a
Code d’exception : 0x4000001f
Décalage d’erreur : 0x000098a5
ID du processus défaillant : 0x47c
Heure de début de l’application défaillante : 0x01da9998d33b9591
Chemin d’accès de l’application défaillante : C:\Users\HP\Pictures\eRJfTzjCV5loGK7fZq6BTMqc.exe
Chemin d’accès du module défaillant: C:\Users\HP\Pictures\eRJfTzjCV5loGK7fZq6BTMqc.exe
ID de rapport : abae0f96-dd31-4f3a-ab76-791a989320c0
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (04/28/2024 08:09:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante pW0zH85MgITZ4YB8zGgbpIWx.exe, version : 23.0.0.0, horodatage : 0x66295e3a
Nom du module défaillant : pW0zH85MgITZ4YB8zGgbpIWx.exe, version : 23.0.0.0, horodatage : 0x66295e3a
Code d’exception : 0x4000001f
Décalage d’erreur : 0x000098a5
ID du processus défaillant : 0x272c
Heure de début de l’application défaillante : 0x01da999c906943f6
Chemin d’accès de l’application défaillante : C:\Users\HP\Pictures\pW0zH85MgITZ4YB8zGgbpIWx.exe
Chemin d’accès du module défaillant: C:\Users\HP\Pictures\pW0zH85MgITZ4YB8zGgbpIWx.exe
ID de rapport : 8156063b-a4b6-401e-9907-2eb6b379d196
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (04/28/2024 08:09:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante SVEWmeddC29DwRqGm7g3DInD.exe, version : 23.0.0.0, horodatage : 0x66295e3a
Nom du module défaillant : SVEWmeddC29DwRqGm7g3DInD.exe, version : 23.0.0.0, horodatage : 0x66295e3a
Code d’exception : 0x4000001f
Décalage d’erreur : 0x000098a5
ID du processus défaillant : 0x1c70
Heure de début de l’application défaillante : 0x01da999b1c7b0e5a
Chemin d’accès de l’application défaillante : C:\Users\HP\Pictures\SVEWmeddC29DwRqGm7g3DInD.exe
Chemin d’accès du module défaillant: C:\Users\HP\Pictures\SVEWmeddC29DwRqGm7g3DInD.exe
ID de rapport : e610ce55-3b79-4e03-8e21-67a55a55b8e8
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (04/28/2024 08:01:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante P6ejChPYN7qDlOnPhaQvLFgO.exe, version : 23.0.0.0, horodatage : 0x66295e3a
Nom du module défaillant : P6ejChPYN7qDlOnPhaQvLFgO.exe, version : 23.0.0.0, horodatage : 0x66295e3a
Code d’exception : 0x4000001f
Décalage d’erreur : 0x000098a5
ID du processus défaillant : 0x398c
Heure de début de l’application défaillante : 0x01da999e5637e485
Chemin d’accès de l’application défaillante : C:\Users\HP\Pictures\P6ejChPYN7qDlOnPhaQvLFgO.exe
Chemin d’accès du module défaillant: C:\Users\HP\Pictures\P6ejChPYN7qDlOnPhaQvLFgO.exe
ID de rapport : 0b9cba46-95ab-4308-9233-b514ef8458ef
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (04/28/2024 07:51:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante u7qk.0.exe, version : 23.0.0.0, horodatage : 0x662e450c
Nom du module défaillant : u7qk.0.exe, version : 23.0.0.0, horodatage : 0x662e450c
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00016d56
ID du processus défaillant : 0x3ed4
Heure de début de l’application défaillante : 0x01da999cf8db748a
Chemin d’accès de l’application défaillante : C:\Users\HP\AppData\Local\Temp\u7qk.0.exe
Chemin d’accès du module défaillant: C:\Users\HP\AppData\Local\Temp\u7qk.0.exe
ID de rapport : bf132701-aa57-44dc-96b7-fc4d22123662
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (04/28/2024 07:42:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante u5m8.0.exe, version : 23.0.0.0, horodatage : 0x662e450c
Nom du module défaillant : u5m8.0.exe, version : 23.0.0.0, horodatage : 0x662e450c
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00016d56
ID du processus défaillant : 0x3ebc
Heure de début de l’application défaillante : 0x01da999bbb2dada7
Chemin d’accès de l’application défaillante : C:\Users\HP\AppData\Local\Temp\u5m8.0.exe
Chemin d’accès du module défaillant: C:\Users\HP\AppData\Local\Temp\u5m8.0.exe
ID de rapport : d081ef73-df6a-47a4-9363-9e6388f80d9a
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (04/28/2024 07:34:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante wL4hlUxYxQClEYl7z7V95nUQ.exe, version : 23.0.0.0, horodatage : 0x66295e3a
Nom du module défaillant : wL4hlUxYxQClEYl7z7V95nUQ.exe, version : 23.0.0.0, horodatage : 0x66295e3a
Code d’exception : 0x4000001f
Décalage d’erreur : 0x000098a5
ID du processus défaillant : 0x3ae8
Heure de début de l’application défaillante : 0x01da999989c21406
Chemin d’accès de l’application défaillante : C:\Users\HP\Pictures\wL4hlUxYxQClEYl7z7V95nUQ.exe
Chemin d’accès du module défaillant: C:\Users\HP\Pictures\wL4hlUxYxQClEYl7z7V95nUQ.exe
ID de rapport : 2ab1a9bf-e874-4b92-b9f2-5b8568b97d0e
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (04/28/2024 07:29:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante ubmw.0.exe, version : 23.0.0.0, horodatage : 0x662e450c
Nom du module défaillant : ubmw.0.exe, version : 23.0.0.0, horodatage : 0x662e450c
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00016d56
ID du processus défaillant : 0x24d0
Heure de début de l’application défaillante : 0x01da9999e77cf899
Chemin d’accès de l’application défaillante : C:\Users\HP\AppData\Local\Temp\ubmw.0.exe
Chemin d’accès du module défaillant: C:\Users\HP\AppData\Local\Temp\ubmw.0.exe
ID de rapport : feea9cb8-d2ec-495b-b704-25eba32dd048
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Erreurs système:
=============
Error: (04/28/2024 08:10:03 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Une erreur irrécupérable s'est produite lors de la création des informations d'identification client pour TLS. État d'erreur interne : 10013.
Error: (04/28/2024 08:09:07 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Le miniport Remote NDIS based Internet Sharing Device #2, {3ee91d84-fd5c-479c-a063-3680b1e81838}, a eu l’événement 76
Error: (04/28/2024 03:11:42 PM) (Source: DCOM) (EventID: 10010) (User: CAMTEL-DRS)
Description: Le serveur {283EDD52-69B2-473D-BEB6-2C0B4C01FD73} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (04/28/2024 03:08:46 PM) (Source: DCOM) (EventID: 10010) (User: CAMTEL-DRS)
Description: Le serveur {4991D34B-80A1-4291-83B6-3328366B9097} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (04/28/2024 03:08:30 PM) (Source: DCOM) (EventID: 10010) (User: CAMTEL-DRS)
Description: Le serveur microsoft.windowscommunicationsapps_16005.14326.21854.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (04/28/2024 03:06:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Windows Camera Frame Server n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (04/28/2024 03:06:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Windows Camera Frame Server.
Error: (04/28/2024 03:01:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Le service MessagingService_2d5ca4 s’est arrêté avec l’erreur :
Le périphérique n’est pas prêt.
Windows Defender:
================
Date: 2023-09-04 08:25:55
Description:
L’analyse Microsoft Defender Antivirus a été arrêtée avant la fin.
ID de l’analyse : {0AD82C1C-2615-489D-B66D-02E575470D16}
Type de l’analyse : Antimalware
Paramètres de l’analyse : Quick Scan
Utilisateur : NT AUTHORITY\SYSTEM
Date: 2023-09-04 08:12:13
Description:
L’analyse Microsoft Defender Antivirus a été arrêtée avant la fin.
ID de l’analyse : {2DF0D118-08FD-4EA6-9492-47DDFA2769F8}
Type de l’analyse : Antimalware
Paramètres de l’analyse : Quick Scan
Utilisateur : NT AUTHORITY\SYSTEM
Date: 2023-09-01 14:12:24
Description:
Microsoft Defender Antivirus a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKms&threatid=2147723334&enterprise=0
Nom : HackTool:Win64/AutoKms
ID : 2147723334
Gravité : High
Catégorie : Tool
Chemin : file:_C:\WINDOWS\SECOH-QAD.dll
Origine de la détection : Local machine
Type de détection : Concrete
Source de détection : System
Utilisateur : NT AUTHORITY\SYSTEM
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.397.139.0, AS: 1.397.139.0, NIS: 1.397.139.0
Version du moteur : AM: 1.1.23080.2005, NIS: 1.1.23080.2005
Date: 2023-09-01 10:49:16
Description:
L’analyse Microsoft Defender Antivirus a été arrêtée avant la fin.
ID de l’analyse : {0629C818-1D68-4C00-9112-EC0AF48E0BF7}
Type de l’analyse : Antimalware
Paramètres de l’analyse : Quick Scan
Utilisateur : NT AUTHORITY\SYSTEM
Date: 2023-09-01 10:23:02
Description:
L’analyse Microsoft Defender Antivirus a été arrêtée avant la fin.
ID de l’analyse : {20EF27B4-9F4B-4944-8C7D-D5C2DD73B676}
Type de l’analyse : Antimalware
Paramètres de l’analyse : Quick Scan
Utilisateur : NT AUTHORITY\SYSTEM
Event[0]:
Date: 2022-03-21 12:54:55
Description:
Microsoft Defender Antivirus a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.359.1928.0
Source de mise à jour : Microsoft Malware Protection Center
Type de veille de sécurité : AntiVirus
Type de mise à jour : Full
Utilisateur : NT AUTHORITY\NETWORK SERVICE
Version actuelle du moteur :
Version précédente du moteur : 1.1.18900.3
Code d’erreur : 0x80070102
Description de l’erreur : The wait operation timed out.
Date: 2022-03-13 09:40:04
Description:
Microsoft Defender Antivirus a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.359.1693.0
Source de mise à jour : Microsoft Malware Protection Center
Type de veille de sécurité : AntiVirus
Type de mise à jour : Full
Utilisateur : NT AUTHORITY\NETWORK SERVICE
Version actuelle du moteur :
Version précédente du moteur : 1.1.18900.3
Code d’erreur : 0x80070102
Description de l’erreur : The wait operation timed out.
Date: 2022-03-10 08:56:36
Description:
Microsoft Defender Antivirus a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.359.1693.0
Source de mise à jour : Microsoft Malware Protection Center
Type de veille de sécurité : AntiVirus
Type de mise à jour : Full
Utilisateur : NT AUTHORITY\NETWORK SERVICE
Version actuelle du moteur :
Version précédente du moteur : 1.1.18900.3
Code d’erreur : 0x8050a003
Description de l’erreur : This package does not contain up-to-date definition files for this program. For more information, see Help and Support.
Date: 2022-03-10 08:56:36
Description:
Microsoft Defender Antivirus a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.359.1693.0
Source de mise à jour : Microsoft Malware Protection Center
Type de veille de sécurité : AntiSpyware
Type de mise à jour : Full
Utilisateur : NT AUTHORITY\NETWORK SERVICE
Version actuelle du moteur :
Version précédente du moteur : 1.1.18900.3
Code d’erreur : 0x8050a003
Description de l’erreur : This package does not contain up-to-date definition files for this program. For more information, see Help and Support.
Date: 2022-03-10 08:56:36
Description:
Microsoft Defender Antivirus a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.359.1693.0
Source de mise à jour : Microsoft Malware Protection Center
Type de veille de sécurité : AntiVirus
Type de mise à jour : Full
Utilisateur : NT AUTHORITY\NETWORK SERVICE
Version actuelle du moteur :
Version précédente du moteur : 1.1.18900.3
Code d’erreur : 0x8050a003
Description de l’erreur : This package does not contain up-to-date definition files for this program. For more information, see Help and Support.
CodeIntegrity:
===============
Date: 2023-09-04 08:04:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-09-01 09:15:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-08 10:36:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ReasonLabs\EPP\rsEngineSvc.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Outlook\15.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-08 10:36:31
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ReasonLabs\EPP\rsEngineSvc.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC_MSIL\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-08 08:51:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ReasonLabs\EPP\rsEngineSvc.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\Office15\OLMAPI32.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-08 08:28:48
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MRT-KB890830.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2023-06-07 14:53:56
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\114.0.1823.37\prefs_enclave_x64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2023-06-07 14:53:52
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\114.0.1823.37\dual_engine_adapter_x64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2023-06-07 14:52:40
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Fortinet\FortiClient\FCWscD7.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Infos Mémoire ===========================
BIOS: Insyde F.21 10/27/2016
Carte mère: HP 81F1
Processeur: Intel(R) Celeron(R) CPU N3060 @ 1.60GHz
Pourcentage de mémoire utilisée: 70%
Mémoire physique - RAM - totale: 3944.36 MB
Mémoire physique - RAM - disponible: 1169.1 MB
Mémoire virtuelle totale: 7557.63 MB
Mémoire virtuelle disponible: 2982.86 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:233.39 GB) (Free:47.46 GB) (Model: ST500LT012-1DG142) NTFS
Drive e: (DATA) (Fixed) (Total:230.15 GB) (Free:73.55 GB) (Model: ST500LT012-1DG142) NTFS
\\?\Volume{0dbda390-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{0dbda390-0000-0000-0000-a0783a000000}\ () (Fixed) (Total:1.73 GB) (Free:0.85 GB) NTFS
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0DBDA390)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1.7 GB) - (Type=27)
Partition 4: (Not Active) - (Size=230.1 GB) - (Type=07 NTFS)
==================== Fin de Addition.txt =======================
Exécuté par HP (28-04-2024 20:20:04)
Exécuté depuis C:\Users\HP\Desktop
Microsoft Windows 10 Entreprise Version 22H2 19045.4291 (X64) (2020-12-02 13:30:45)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
Administrator (S-1-5-21-1551542468-2884388448-3857473492-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1551542468-2884388448-3857473492-503 - Limited - Disabled)
Guest (S-1-5-21-1551542468-2884388448-3857473492-501 - Limited - Disabled)
HP (S-1-5-21-1551542468-2884388448-3857473492-1002 - Administrator - Enabled) => C:\Users\HP
WDAGUtilityAccount (S-1-5-21-1551542468-2884388448-3857473492-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: FortiClient AntiVirus (Disabled - Up to date) {5EEDDB8C-C27A-6714-3657-DBD811D1F1B7}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
64 Bit HP CIO Components Installer (HKLM\...\{50229C72-539F-4E65-BEB5-F0491C5074B7}) (Version: 22.2.1 - HP Inc.) Hidden
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1036-1033-7760-BC15014EA700}) (Version: 24.002.20687 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.414 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
A-Men Technologies USB-to-Serial (HKLM-x32\...\{1805BD6D-C441-4A1C-802D-AFF0232DAACD}) (Version: - )
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 8.0.9 - AnyDesk Software GmbH)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1189.1 - AVAST Software) Hidden
BitTorrent (HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\BitTorrent) (Version: 7.11.0.46823 - BitTorrent Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 7.35.344.10 - Broadcom Corporation)
CyberLink YouCam 5 (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.0909 - CyberLink Corp.) Hidden
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.0909 - CyberLink Corp.)
ELAN Touchpad 15.2.5.1_X64_WHQL (HKLM\...\Elantech) (Version: 15.2.5.1 - ELAN Microelectronic Corp.)
FortiClient (HKLM\...\{CF528CBD-062E-4543-AC77-6B44BBB3CF07}) (Version: 5.4.5.0891 - Fortinet Inc)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.5.0.20723 - Foxit Software Inc.)
Free Ping Tool (HKLM-x32\...\{77B7AA53-6F12-4286-B4A8-87BE60AFDEA0}) (Version: 3.0.0.13 - ZOHO Corp.)
Free Tools Launcher (HKLM-x32\...\{BB86BE84-4123-4967-9BA3-45F6648551E1}) (Version: 2.0.0 - ZOHO Corp.)
Free Windows SNMP Enabler (HKLM-x32\...\{58CE3557-5068-4105-8D2F-AD21EF4E3E68}) (Version: 1.0.8 - ZOHO Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 124.0.6367.91 - Google LLC)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5063 - Intel Corporation)
Microsoft Access MUI (French) 2013 (HKLM\...\{90150000-0015-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (French) 2013 (HKLM\...\{90150000-0090-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 124.0.2478.51 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 123.0.2420.97 - Microsoft Corporation)
Microsoft Excel MUI (French) 2013 (HKLM\...\{90150000-0016-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (French) 2013 (HKLM\...\{90150000-00BA-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (French) 2013 (HKLM\...\{90150000-0044-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Interop Forms Redistributable Package 2.0a (HKLM-x32\...\{76D1AA2B-A434-4D63-BE2C-80286F23C223}) (Version: 2.0.0 - Microsoft Corporation)
Microsoft Lync MUI (French) 2013 (HKLM\...\{90150000-012B-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft ODBC Driver 13 for SQL Server (HKLM\...\{F568A584-523B-4F16-917E-5742839B03CC}) (Version: 13.1.4413.46 - Microsoft Corporation)
Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2016 (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2016 – Deutsch (HKLM\...\{90160000-001F-0407-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (French) 2013 (HKLM\...\{90150000-00E1-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (French) 2016 (HKLM\...\{90160000-00E1-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (French) 2013 (HKLM\...\{90150000-00E2-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professionnel Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing (French) 2013 (HKLM\...\{90150000-002C-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (French) 2016 (HKLM\...\{90160000-002C-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM\...\{90150000-001F-0413-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - اللغة العربية (HKLM\...\{90150000-001F-0401-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2016 - English (HKLM\...\{90160000-001F-0409-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2016 - اللغة العربية (HKLM\...\{90160000-001F-0401-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (French) 2013 (HKLM\...\{90150000-00C1-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (French) 2016 (HKLM\...\{90160000-00C1-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (French) 2013 (HKLM\...\{90150000-006E-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (French) 2016 (HKLM\...\{90160000-006E-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft OLE DB Driver for SQL Server (HKLM\...\{23438EF7-40CA-483B-A22D-756407B7A503}) (Version: 18.0.2.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Microsoft OneNote MUI (French) 2013 (HKLM\...\{90150000-00A1-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (French) 2013 (HKLM\...\{90150000-001A-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (French) 2013 (HKLM\...\{90150000-0018-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (French) 2013 (HKLM\...\{90150000-0019-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Teams classic (HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\Teams) (Version: 1.7.00.3653 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visio MUI (French) 2016 (HKLM\...\{90160000-0054-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Visio Professional 2016 (HKLM\...\{90160000-0051-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Visio Professionnel 2016 (HKLM\...\Office16.VISPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Word MUI (French) 2013 (HKLM\...\{90150000-001B-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Mozilla Firefox 74.0 (x64 en-US) (HKLM\...\Mozilla Firefox 74.0 (x64 en-US)) (Version: 74.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 74.0 - Mozilla)
Npcap OEM (HKLM-x32\...\NpcapInst) (Version: 1.75 - Nmap Project)
Opera Stable 109.0.5097.68 (HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\Opera 109.0.5097.68) (Version: 109.0.5097.68 - Opera Software)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PCI Audio Star 1.4 (HKLM-x32\...\PCI Audio Star_is1) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0015-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0016-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0018-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0019-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001A-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001B-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0401-1000-0000000FF1CE}_Office15.PROPLUS_{C5DEA626-E7D2-4200-9B49-43E37BF21A7C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUS_{DABB9E2A-F054-4F97-9EB2-6992316C6EC7}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{835E4BED-E265-4103-AE14-0B4C70CF3FE8}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{1F7000D3-A917-4AD2-BA55-59E6FDAF062A}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0413-1000-0000000FF1CE}_Office15.PROPLUS_{2F03603E-9953-44F3-9608-2B61DE92F2F2}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{4BF13B26-3A95-4E42-900A-DEB16FDA75A0}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-002C-040C-1000-0000000FF1CE}_Office15.PROPLUS_{5B93071A-F8EF-4894-88C1-8B785A46D4C6}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0044-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-006E-040C-1000-0000000FF1CE}_Office15.PROPLUS_{96DAF4C0-7FCF-4B53-91FA-B12C7162D90E}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0090-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00A1-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00BA-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1931508C-C004-4983-81E3-70BE6252904B}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-040C-1000-0000000FF1CE}_Office15.PROPLUS_{DC0FD398-D15A-4351-B0D9-9F40612C5057}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E1-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E2-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-012B-040C-1000-0000000FF1CE}_Office15.PROPLUS_{0003B8F5-660C-4E15-A05D-7A53D2314419}) (Version: - Microsoft) Hidden
Snip (HKLM-x32\...\{1CF74000-36F5-4B78-A1C9-A33895D8AFA4}) (Version: 0.1.4814.0 - Microsoft) Hidden
Snip (HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\{29140599-94ec-407e-aceb-dfa848705777}) (Version: 0.1.4814.0 - Microsoft Corporation)
SolarWinds NetFlow Realtime (HKLM-x32\...\{BD8B6228-3EA7-4F03-B0DA-B72D5B700470}) (Version: 19.3.0.6001 - SolarWinds)
SolarWinds TFTP Server (HKLM-x32\...\{F0C566BF-DE83-42C1-B51B-0FA39FE0BE38}) (Version: 11.4.0.60017 - SolarWinds)
SolarWinds Toolset v2024.1.0 (HKLM-x32\...\{0AFF55C1-0A8F-45FC-AAF3-0BB5F7A49805}) (Version: 124.1.0.6398 - SolarWinds Worldwide, LLC.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Tera Term 4.100 (HKLM-x32\...\Tera Term_is1) (Version: 4.100 - TeraTerm Project)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-040C-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{0BAA0A93-3AD3-4B19-9105-4C8C3FA92A83}) (Version: 2.67.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.883 - McAfee, LLC)
Windows IPTV Player (HKLM-x32\...\{D1F0A04F-B987-4373-9E26-40DC6F1F9906}) (Version: 3.0.0.0 - Xtream Codes LTD)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinSCP 6.1.2 (HKLM-x32\...\winscp3_is1) (Version: 6.1.2 - Martin Prikryl)
YoutubeDownloader (HKLM-x32\...\C531132B-85F9-42CD-8EE9-C19AB95BFB38) (Version: 2.0.0.3156 - )
Zoom (HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\ZoomUMX) (Version: 5.16.2 (22807) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-03-14] ()
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-06] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6 [2024-03-18] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Copilot -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-04-02] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-21] (Microsoft Studios) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2413.1.0_x64__cv1g1gvanyjgm [2024-04-05] (WhatsApp Inc.) [Startup Task]
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23355.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{2EF7E390-2F7C-4F9A-9B7D-4A87B56B711D}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.173.51\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{38971E90-14FD-44F6-AA45-1447B653F873}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.173.45\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.185.29\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{608D599A-DCA6-4A7C-BED7-AFCD8465345A}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.175.29\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{64C6EFB9-8F79-4106-B975-067448DC768F}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{72726D01-426C-4B35-8266-B4496CAA889E}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.183.29\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{7C9A348D-C321-47AC-904F-150312A5430F}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.175.27\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.185.29\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{88B20FC8-EBD6-4181-B5F6-50F45BFF722E}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.167.21\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{997809F3-33FD-4FD6-A2ED-CEF50F3263B1}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.169.31\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{ABF66F82-B04C-4FE4-8272-661539463FE1}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.185.27\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{B29F5F83-90DF-479A-BDE7-8A9F4412E394}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.171.39\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{BFBE0943-74C5-40E0-9E80-0B808109E95D}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.163.19\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynTPCpl.dll",ShowDevicePropPage 1
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{CAE1760A-CB07-481B-8F9A-BC65510AF5D5}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.185.21\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20077.4\x64\Microsoft.Teams.AddinLoader.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\HP\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{D1CE12B0-2529-4B24-BE8E-189735EA0DC1}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.165.21\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{DAA7499A-B3AC-4419-A89B-124318504051}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.185.29\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{E3D57E77-FE71-4D06-BD34-D48820074909}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{E76F97B1-1AE9-497C-9FA4-F57BBABAD54A}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.185.17\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{E8791438-3525-48BF-A600-C577AD1674C2}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.173.49\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002_Classes\CLSID\{F1CBF5EB-347F-4E4C-90AC-E43339FC34EC}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\EdgeUpdate\1.3.173.55\psuser_64.dll => Pas de fichier
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Pas de fichier
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Pas de fichier
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Pas de fichier
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Pas de fichier
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2019-02-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Pas de fichier
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Avec liste blanche) ====================
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
==================== Modules chargés (Avec liste blanche) =============
0000-00-00 00:00 - 0000-00-00 00:00 - 000000000 _____ () [Accès refusé] C:\PROGRA~2\METADA~1\CETOIT~1\NGOWFF~1.DLL
==================== Alternate Data Streams (Avec liste blanche) ========
==================== Mode sans échec (Avec liste blanche) ==================
==================== Association (Avec liste blanche) =================
==================== Internet Explorer (Avec liste blanche) ==========
HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBfs_g9TIA-Abg5tX95mMukX1QQ3LoTt0UHNL19KmqLXEl3bPjrBU0GEEBa-cUzrtT-cs7EIa2kuhkJNxcOrjEA6ihrnSbsH-UnhpS6Tfq7QlEsTXfzulSPwLcSPgsJQ0RYTY8xUY_1QTdeRfVxl0G38GyVDuUNc119TXW_DVHBzocTlkqg&q={searchTerms}
HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COS2&ptag=D080319-N0690A251FF33716&form=CONMHP&conlogo=CT3334491
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBfs_g9TIA-Abg5tX95mMukX1QQ3LoTt0UHNL19KmqLXEl3bPjrBU0GEEBa-cUzrtT-cs7EIa2kuhkJNxcOrjEA6ihrnSbsH-UnhpS6Tfq7QlEsTXfzulSPwLcSPgsJQ0RYTY8xUY_1QTdeRfVxl0G38GyVDuUNc119TXW_DVHBzocTlkqg&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002 -> DefaultScope {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBfs_g9TIA-Abg5tX95mMukX1QQ3LoTt0UHNL19KmqLXEl3bPjrBU0GEEBa-cUzrtT-cs7EIa2kuhkJNxcOrjEA6ihrnSbsH-UnhpS6Tfq7QlEsTXfzulSPwLcSPgsJQ0RYTY8xUY_1QTdeRfVxl0G38GyVDuUNc119TXW_DVHBzocTlkqg&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBfs_g9TIA-Abg5tX95mMukX1QQ3LoTt0UHNL19KmqLXEl3bPjrBU0GEEBa-cUzrtT-cs7EIa2kuhkJNxcOrjEA6ihrnSbsH-UnhpS6Tfq7QlEsTXfzulSPwLcSPgsJQ0RYTY8xUY_1QTdeRfVxl0G38GyVDuUNc119TXW_DVHBzocTlkqg&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
IE trusted site: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2024-04-25 16:36 - 2024-04-25 16:36 - 000000356 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2023-01-13 12:30 - 2024-03-21 16:59 - 000000926 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
35
29 821
192.168.137.130 Elisabeth.mshome.net # 2023 2 4 23 12 32 25 75
192.168.137.4 Redmi-Note-11-4G.mshome.net # 2023 2 4 23 8 23 26 486
2 29 821
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.179.124
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Le Pare-feu est activé.
Network Binding:
=============
Bluetooth Network Connection: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 8: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 8: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet 2: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 2: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet 3: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 3: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Wi-Fi 4: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Wi-Fi 4: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run32: => "YouCam Service"
HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\StartupApproved\Run: => "ut"
HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\StartupApproved\Run: => "bt"
HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_AC3B7AF181558E407F159DB8A5D4AA84"
HKU\S-1-5-21-1551542468-2884388448-3857473492-1002\...\StartupApproved\Run: => "Microsoft Edge Update"
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{1C64F373-3E5B-4E08-9096-0FFB58381EEB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => Pas de fichier
FirewallRules: [{17D6B0E8-405C-4FFA-ADD4-D6918BE72F1A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3F28319A-7BF3-49AA-8874-77B340E17726}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{21D5340A-464F-4C60-A664-47266EEE7304}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{24F49575-A3C6-43CF-8372-0FDE86631DA1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{D8CDE319-7DBB-4AF3-9C91-58750C80FBAE}C:\users\hp\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Allow) C:\users\hp\appdata\local\programs\opera\72.0.3815.186\opera.exe => Pas de fichier
FirewallRules: [TCP Query User{A2CAE77B-7262-422A-AAFC-3A4AD8D641A2}C:\users\hp\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Allow) C:\users\hp\appdata\local\programs\opera\72.0.3815.186\opera.exe => Pas de fichier
FirewallRules: [TCP Query User{442623C4-F8F0-4A81-8165-991D58A79232}C:\users\hp\desktop\winbox.exe] => (Allow) C:\users\hp\desktop\winbox.exe (SIA "Mikrotīkls" -> )
FirewallRules: [UDP Query User{FF9A6F37-24E6-4F04-8E13-EB8EF5088672}C:\users\hp\desktop\winbox.exe] => (Allow) C:\users\hp\desktop\winbox.exe (SIA "Mikrotīkls" -> )
FirewallRules: [TCP Query User{3534154D-0AA7-4E04-8471-8139B4ED0954}C:\users\hp\appdata\local\programs\opera\77.0.4054.277\opera.exe] => (Block) C:\users\hp\appdata\local\programs\opera\77.0.4054.277\opera.exe => Pas de fichier
FirewallRules: [UDP Query User{F9851609-C00B-4F4A-B896-946772749731}C:\users\hp\appdata\local\programs\opera\77.0.4054.277\opera.exe] => (Block) C:\users\hp\appdata\local\programs\opera\77.0.4054.277\opera.exe => Pas de fichier
FirewallRules: [TCP Query User{A3A24B87-0436-4BA6-96AC-872BC39562D9}C:\users\hp\appdata\local\programs\opera\78.0.4093.184\opera.exe] => (Block) C:\users\hp\appdata\local\programs\opera\78.0.4093.184\opera.exe => Pas de fichier
FirewallRules: [UDP Query User{FB54B812-879B-4C30-8ED5-7CC1BDCDB2E7}C:\users\hp\appdata\local\programs\opera\78.0.4093.184\opera.exe] => (Block) C:\users\hp\appdata\local\programs\opera\78.0.4093.184\opera.exe => Pas de fichier
FirewallRules: [{CFFBDE44-C637-43B8-9A3B-974177D48511}] => (Allow) C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe => Pas de fichier
FirewallRules: [{BB4E2ABF-DFC2-43C5-A41B-1033778F732B}] => (Allow) C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe => Pas de fichier
FirewallRules: [TCP Query User{97E933D8-3A7D-43F1-9FD7-FCDD50C15728}C:\users\hp\appdata\local\programs\opera\opera.exe] => (Block) C:\users\hp\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{B23C6786-B3EB-4FA7-BD05-9F12E0404C34}C:\users\hp\appdata\local\programs\opera\opera.exe] => (Block) C:\users\hp\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{7F09C4E4-04EB-4F11-AC31-B4D040329F9B}C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_46096.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_46096.exe => Pas de fichier
FirewallRules: [UDP Query User{FDF29657-5D50-4211-A1FA-E7C9CB98DC11}C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_46096.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_46096.exe => Pas de fichier
FirewallRules: [{C4FFF3F8-29AF-41F3-A5C4-5453EEA3D2F5}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{5C7AE336-B8FD-4E06-9349-0AE443C0A513}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{2DE2638C-5B3A-465B-9D94-8B394A4B9F15}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{A16DB0E5-3903-4990-A1F2-8367A088C9B8}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiProxy.exe (Fortinet Inc.) [Fichier non signé]
FirewallRules: [{3E008129-1133-4C32-ADED-4B476C3C88B4}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiProxy.exe (Fortinet Inc.) [Fichier non signé]
FirewallRules: [{3E956B50-985C-43D1-9536-BB1FD270E542}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\ipsec.exe (Fortinet Inc.) [Fichier non signé]
FirewallRules: [{54352483-637E-42B9-BC06-A305F2DC46BF}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiWad.exe (Fortinet Inc.) [Fichier non signé]
FirewallRules: [{04ACC175-5602-44D1-AD21-65C5CD5CA931}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortiesnac.exe (Fortinet Inc.) [Fichier non signé]
FirewallRules: [{56CE6D8F-7179-46CA-BD9F-74730BBD7C45}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortifws.exe (Fortinet Inc.) [Fichier non signé]
FirewallRules: [TCP Query User{4473E38D-3D85-41B8-A590-0FC59D280CBF}C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_46248.exe] => (Block) C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_46248.exe => Pas de fichier
FirewallRules: [UDP Query User{CC200333-5188-4901-AC42-91D569EAC59D}C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_46248.exe] => (Block) C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_46248.exe => Pas de fichier
FirewallRules: [TCP Query User{FD6A2C2F-C698-433A-8265-ED134B1AF223}C:\program files\cisco packet tracer 7.3.0\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.3.0\bin\packettracer7.exe => Pas de fichier
FirewallRules: [UDP Query User{F28F1A72-9AD5-4086-8632-375DC8166DCB}C:\program files\cisco packet tracer 7.3.0\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.3.0\bin\packettracer7.exe => Pas de fichier
FirewallRules: [{A0383923-DF37-4BB7-81D1-7C11C38C90E5}] => (Allow) C:\Users\HP\AppData\Local\Temp\bittorrent\bittorrent.exe => Pas de fichier
FirewallRules: [{FBA22F79-1DF2-4A18-9C20-5FBFC652277B}] => (Allow) C:\Users\HP\AppData\Local\Temp\bittorrent\bittorrent.exe => Pas de fichier
FirewallRules: [{86A58EA3-7214-42BB-9353-529BB77B9A17}] => (Allow) C:\Program Files (x86)\360\Total Security\360TsLiveUpd.exe => Pas de fichier
FirewallRules: [{627B430F-DE4B-4171-A481-C8A4EBC05B2E}] => (Allow) C:\Program Files (x86)\360\Total Security\360TsLiveUpd.exe => Pas de fichier
FirewallRules: [TCP Query User{4C018BCD-EF77-4427-913E-0AC0B137C6BB}C:\users\hp\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\hp\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{A86ACF0B-B8E5-4478-8F14-E662D60C985A}C:\users\hp\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\hp\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{A707CA3F-FD2B-4C20-9392-71DEF5A15A1C}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{9EF9B44E-D4C9-4EDD-81A6-3F6AD0C564EB}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{55DF461A-E889-4275-A89E-9E35B8EAD0CE}] => (Allow) C:\Users\HP\AppData\Roaming\BitTorrent\BitTorrent.exe => Pas de fichier
FirewallRules: [{82651A5E-F64D-44F2-85C5-DA690696D90E}] => (Allow) C:\Users\HP\AppData\Roaming\BitTorrent\BitTorrent.exe => Pas de fichier
FirewallRules: [TCP Query User{B4778836-D41E-4D3F-8D6B-8FFCBD6386D2}C:\users\hp\appdata\roaming\bittorrent\updates\bittorrent.exe] => (Allow) C:\users\hp\appdata\roaming\bittorrent\updates\bittorrent.exe => Pas de fichier
FirewallRules: [UDP Query User{0E697C66-9381-4C5F-8A6D-61A558EC38D1}C:\users\hp\appdata\roaming\bittorrent\updates\bittorrent.exe] => (Allow) C:\users\hp\appdata\roaming\bittorrent\updates\bittorrent.exe => Pas de fichier
FirewallRules: [TCP Query User{D79B70DC-BB32-4B07-A6F9-81DEC664B5A4}C:\users\hp\appdata\local\temp\scoped_dir11548_89678188\winbox64.exe] => (Allow) C:\users\hp\appdata\local\temp\scoped_dir11548_89678188\winbox64.exe => Pas de fichier
FirewallRules: [UDP Query User{755E552D-7A9E-4C3F-A26D-726EB57C21FF}C:\users\hp\appdata\local\temp\scoped_dir11548_89678188\winbox64.exe] => (Allow) C:\users\hp\appdata\local\temp\scoped_dir11548_89678188\winbox64.exe => Pas de fichier
FirewallRules: [{5A66566A-8A1D-4780-ADBD-376476A28BCB}] => (Block) C:\users\hp\appdata\local\temp\scoped_dir11548_89678188\winbox64.exe => Pas de fichier
FirewallRules: [{8EDA4124-0841-4922-9011-C318A876C554}] => (Block) C:\users\hp\appdata\local\temp\scoped_dir11548_89678188\winbox64.exe => Pas de fichier
FirewallRules: [TCP Query User{E490AEE4-F63F-45D7-B68A-4814B33BB68E}C:\users\hp\downloads\winbox64.exe] => (Allow) C:\users\hp\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{9C5787DF-CE45-4F4B-908B-6B3D7C23CB0A}C:\users\hp\downloads\winbox64.exe] => (Allow) C:\users\hp\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [{EB39C6AC-E9D9-4471-8054-5F818C5AFF1D}] => (Block) C:\users\hp\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [{07F495EE-771B-49C0-933E-8193C74377F5}] => (Block) C:\users\hp\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{1A02BE94-2CD0-476F-9806-AF2372566334}C:\users\hp\appdata\local\temp\scoped_dir2452_1613361954\winbox64.exe] => (Allow) C:\users\hp\appdata\local\temp\scoped_dir2452_1613361954\winbox64.exe => Pas de fichier
FirewallRules: [UDP Query User{820205E6-9E59-4ADA-8356-B79E603CC33B}C:\users\hp\appdata\local\temp\scoped_dir2452_1613361954\winbox64.exe] => (Allow) C:\users\hp\appdata\local\temp\scoped_dir2452_1613361954\winbox64.exe => Pas de fichier
FirewallRules: [TCP Query User{4BBBE5BD-E3D2-49F8-AE99-8923BAE4FFE6}C:\users\hp\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\hp\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{351856FF-B8D5-4780-AFBF-A048F3350CBC}C:\users\hp\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\hp\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6F7D79CA-F988-4BFD-910F-CE17E957AE6A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{45A346AD-2AB7-40C8-B6FB-C45B69B04D03}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0592E2C1-C207-44FC-9FBC-C7BD1B49270B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{511E9D31-060C-4A4E-8D32-A83CC505FBB7}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7A8EE89E-29BA-4D30-9304-49ABC83D8870}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{40B92064-FF01-4539-AE35-BEAEE0C21E09}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiProxy.exe (Fortinet Inc.) [Fichier non signé]
FirewallRules: [TCP Query User{D4458475-A226-48E5-B1F1-7CA59C57C615}C:\users\hp\appdata\local\temp\{838d1587-e5f9-4e05-9ab9-b4d716be7ee9}\manageengine_opmanager_64bit.exe] => (Allow) C:\users\hp\appdata\local\temp\{838d1587-e5f9-4e05-9ab9-b4d716be7ee9}\manageengine_opmanager_64bit.exe => Pas de fichier
FirewallRules: [UDP Query User{B87EFD78-AD68-4A62-BDD3-704696074FCD}C:\users\hp\appdata\local\temp\{838d1587-e5f9-4e05-9ab9-b4d716be7ee9}\manageengine_opmanager_64bit.exe] => (Allow) C:\users\hp\appdata\local\temp\{838d1587-e5f9-4e05-9ab9-b4d716be7ee9}\manageengine_opmanager_64bit.exe => Pas de fichier
FirewallRules: [TCP Query User{701D434A-6CEE-41D9-A5B9-B42ADCDA5367}C:\users\hp\appdata\local\temp\{9a131024-a608-4c83-875e-5b00c1c48d61}\manageengine_opmanager_central_64bit.exe] => (Allow) C:\users\hp\appdata\local\temp\{9a131024-a608-4c83-875e-5b00c1c48d61}\manageengine_opmanager_central_64bit.exe => Pas de fichier
FirewallRules: [UDP Query User{E878EFAC-43A1-452E-9620-A7256F9E064B}C:\users\hp\appdata\local\temp\{9a131024-a608-4c83-875e-5b00c1c48d61}\manageengine_opmanager_central_64bit.exe] => (Allow) C:\users\hp\appdata\local\temp\{9a131024-a608-4c83-875e-5b00c1c48d61}\manageengine_opmanager_central_64bit.exe => Pas de fichier
FirewallRules: [TCP Query User{072A545E-3124-446B-98FF-72AA727C048B}C:\program files\manageengine\opmanagercentral\jre\bin\javaw.exe] => (Allow) C:\program files\manageengine\opmanagercentral\jre\bin\javaw.exe => Pas de fichier
FirewallRules: [UDP Query User{68D80900-EB37-408A-8F99-74658C924B12}C:\program files\manageengine\opmanagercentral\jre\bin\javaw.exe] => (Allow) C:\program files\manageengine\opmanagercentral\jre\bin\javaw.exe => Pas de fichier
FirewallRules: [TCP Query User{8D83B98B-666C-4F73-8AD7-235C3FC6C654}C:\program files\manageengine\opmanagercentral\jre\bin\java.exe] => (Allow) C:\program files\manageengine\opmanagercentral\jre\bin\java.exe => Pas de fichier
FirewallRules: [UDP Query User{2D7FC2C5-4BE8-4F04-A14B-49F10045A81C}C:\program files\manageengine\opmanagercentral\jre\bin\java.exe] => (Allow) C:\program files\manageengine\opmanagercentral\jre\bin\java.exe => Pas de fichier
FirewallRules: [TCP Query User{F8D6528B-8A06-400A-A4DA-2EA2A725699B}C:\users\hp\appdata\local\temp\{9de894a0-e6ad-436d-8458-4c797b84d12f}\manageengine_opmanager_64bit.exe] => (Allow) C:\users\hp\appdata\local\temp\{9de894a0-e6ad-436d-8458-4c797b84d12f}\manageengine_opmanager_64bit.exe => Pas de fichier
FirewallRules: [UDP Query User{B3F78792-9448-4F9E-B930-3BCA523A31AF}C:\users\hp\appdata\local\temp\{9de894a0-e6ad-436d-8458-4c797b84d12f}\manageengine_opmanager_64bit.exe] => (Allow) C:\users\hp\appdata\local\temp\{9de894a0-e6ad-436d-8458-4c797b84d12f}\manageengine_opmanager_64bit.exe => Pas de fichier
FirewallRules: [{FBFE88BF-0521-43C1-B373-D0142E517DBB}] => (Allow) LPort=22
FirewallRules: [{F2208D1A-89A0-48C6-9F31-AFA37F162001}] => (Allow) LPort=69
FirewallRules: [TCP Query User{A87A3C67-0218-4077-B80D-2DE8174592A0}C:\program files\manageengine\opmanager\jre\bin\java.exe] => (Allow) C:\program files\manageengine\opmanager\jre\bin\java.exe => Pas de fichier
FirewallRules: [UDP Query User{94714152-414F-4220-9CEC-5C2355D1BAC5}C:\program files\manageengine\opmanager\jre\bin\java.exe] => (Allow) C:\program files\manageengine\opmanager\jre\bin\java.exe => Pas de fichier
FirewallRules: [TCP Query User{3E1688F7-D433-4FDF-9240-52599D61DDAC}C:\program files\manageengine\opmanager\jre\bin\javaw.exe] => (Allow) C:\program files\manageengine\opmanager\jre\bin\javaw.exe => Pas de fichier
FirewallRules: [UDP Query User{0E66BD87-BE22-4514-8A9A-AD2425D7B446}C:\program files\manageengine\opmanager\jre\bin\javaw.exe] => (Allow) C:\program files\manageengine\opmanager\jre\bin\javaw.exe => Pas de fichier
FirewallRules: [TCP Query User{C021EF82-DB60-48BF-B361-C7E2DD755EF2}C:\users\hp\appdata\local\temp\{94e79144-f558-4088-b9bc-62837f83758e}\manageengine_opmanager_64bit.exe] => (Allow) C:\users\hp\appdata\local\temp\{94e79144-f558-4088-b9bc-62837f83758e}\manageengine_opmanager_64bit.exe => Pas de fichier
FirewallRules: [UDP Query User{34FAC3C2-4ACF-42E1-B76B-D39DF8EAF915}C:\users\hp\appdata\local\temp\{94e79144-f558-4088-b9bc-62837f83758e}\manageengine_opmanager_64bit.exe] => (Allow) C:\users\hp\appdata\local\temp\{94e79144-f558-4088-b9bc-62837f83758e}\manageengine_opmanager_64bit.exe => Pas de fichier
FirewallRules: [{D05D9CEA-5A82-4631-A255-D880134D97BA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.115.3217.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2D2316BC-DFE5-4860-8F91-7750C12C7DD7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.115.3217.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{61CA7EF6-D117-4996-8ECD-97D959DC626D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.115.3217.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{69AEBCEE-80E0-4DB8-B4E5-1DEA20FD0E7B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.115.3217.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{1276BBF4-A22D-4519-B249-1ADBF249D723}C:\users\hp\appdata\local\temp\{b3dfaea5-437b-4713-a278-e156700e47b1}\manageengine_netflowanalyzer_64bit(1).exe] => (Allow) C:\users\hp\appdata\local\temp\{b3dfaea5-437b-4713-a278-e156700e47b1}\manageengine_netflowanalyzer_64bit(1).exe => Pas de fichier
FirewallRules: [UDP Query User{DCCDA204-206A-4C81-883C-978F3A659755}C:\users\hp\appdata\local\temp\{b3dfaea5-437b-4713-a278-e156700e47b1}\manageengine_netflowanalyzer_64bit(1).exe] => (Allow) C:\users\hp\appdata\local\temp\{b3dfaea5-437b-4713-a278-e156700e47b1}\manageengine_netflowanalyzer_64bit(1).exe => Pas de fichier
FirewallRules: [TCP Query User{13C3B669-9C38-475E-BF03-00DE79E39914}C:\users\hp\appdata\local\temp\{5ca629ca-b206-4546-8484-43efcffd44b3}\manageengine_netflowanalyzer_64bit(1).exe] => (Allow) C:\users\hp\appdata\local\temp\{5ca629ca-b206-4546-8484-43efcffd44b3}\manageengine_netflowanalyzer_64bit(1).exe => Pas de fichier
FirewallRules: [UDP Query User{38EF12DB-6C7D-4BBD-A308-EA220DADAC26}C:\users\hp\appdata\local\temp\{5ca629ca-b206-4546-8484-43efcffd44b3}\manageengine_netflowanalyzer_64bit(1).exe] => (Allow) C:\users\hp\appdata\local\temp\{5ca629ca-b206-4546-8484-43efcffd44b3}\manageengine_netflowanalyzer_64bit(1).exe => Pas de fichier
FirewallRules: [{B9727161-15D7-492C-893B-FF0AF2ADA9BA}] => (Allow) C:\WINDOWS\rss\csrss.exe (522a29533d3f200e2d1728300c141021081631313626321023042b113f2d26353224 -> ) [Fichier non signé]
FirewallRules: [{E3D5CE83-4F74-4C53-9BCD-14A70030CE3C}] => (Allow) C:\WINDOWS\rss\csrss.exe (522a29533d3f200e2d1728300c141021081631313626321023042b113f2d26353224 -> ) [Fichier non signé]
FirewallRules: [{3ADB4A8B-11BC-4D24-BC88-A217F865B50E}] => (Allow) C:\WINDOWS\rss\csrss.exe (522a29533d3f200e2d1728300c141021081631313626321023042b113f2d26353224 -> ) [Fichier non signé]
FirewallRules: [{E2FAA280-8DED-421A-9F51-1AC5369AEF0B}] => (Allow) C:\WINDOWS\rss\csrss.exe (522a29533d3f200e2d1728300c141021081631313626321023042b113f2d26353224 -> ) [Fichier non signé]
FirewallRules: [{97752C85-C58D-46E6-96C2-53ADB344AA39}] => (Allow) C:\WINDOWS\rss\csrss.exe (522a29533d3f200e2d1728300c141021081631313626321023042b113f2d26353224 -> ) [Fichier non signé]
FirewallRules: [{3E5EB29D-E81C-4742-9B1A-C1CCBEF520FD}] => (Allow) C:\WINDOWS\rss\csrss.exe (522a29533d3f200e2d1728300c141021081631313626321023042b113f2d26353224 -> ) [Fichier non signé]
FirewallRules: [{5C416382-B769-4F1B-9774-47E392F6938A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7735701A-1477-4E52-8016-274DE5678D9B}] => (Allow) C:\WINDOWS\rss\csrss.exe (522a29533d3f200e2d1728300c141021081631313626321023042b113f2d26353224 -> ) [Fichier non signé]
FirewallRules: [{34F210A8-8C0E-448F-AC81-09F2B98BB5DB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{137ABB5B-FE74-42D8-B19A-B1A1D6A861EF}C:\program files (x86)\solarwinds\netflowrealtime\netflowrealtime.exe] => (Allow) C:\program files (x86)\solarwinds\netflowrealtime\netflowrealtime.exe (Solarwinds Worldwide, LLC -> SolarWinds)
FirewallRules: [UDP Query User{C315BB27-E184-44E2-A866-4B559A070CBA}C:\program files (x86)\solarwinds\netflowrealtime\netflowrealtime.exe] => (Allow) C:\program files (x86)\solarwinds\netflowrealtime\netflowrealtime.exe (Solarwinds Worldwide, LLC -> SolarWinds)
FirewallRules: [{3CADEECE-B582-4038-B152-5C7033DB018E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{1B499D8C-82FC-4F8A-AE85-9C2C4AE28FC6}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{344B6F7D-E229-4949-8066-ED358F823659}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{13CFB0D9-0D5B-42AE-AE3A-49570E123834}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{FA112869-0D9A-4C6B-916F-221064DAF391}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{FED66119-D98A-432E-8CEE-3E77FA34280F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
==================== Points de restauration =========================
25-04-2024 13:35:17 {a0067477-1cb8-490d-a523-e79c452a4f5a}
26-04-2024 10:22:33 Installed SolarWinds Toolset v2024.1.0
==================== Éléments en erreur du Gestionnaire de périphériques ============
Name: Fortinet SSL VPN Virtual Ethernet Adapter
Description: Fortinet SSL VPN Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Fortinet Inc.
Service: ftsvnic
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (04/28/2024 08:09:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante eRJfTzjCV5loGK7fZq6BTMqc.exe, version : 23.0.0.0, horodatage : 0x66295e3a
Nom du module défaillant : eRJfTzjCV5loGK7fZq6BTMqc.exe, version : 23.0.0.0, horodatage : 0x66295e3a
Code d’exception : 0x4000001f
Décalage d’erreur : 0x000098a5
ID du processus défaillant : 0x47c
Heure de début de l’application défaillante : 0x01da9998d33b9591
Chemin d’accès de l’application défaillante : C:\Users\HP\Pictures\eRJfTzjCV5loGK7fZq6BTMqc.exe
Chemin d’accès du module défaillant: C:\Users\HP\Pictures\eRJfTzjCV5loGK7fZq6BTMqc.exe
ID de rapport : abae0f96-dd31-4f3a-ab76-791a989320c0
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (04/28/2024 08:09:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante pW0zH85MgITZ4YB8zGgbpIWx.exe, version : 23.0.0.0, horodatage : 0x66295e3a
Nom du module défaillant : pW0zH85MgITZ4YB8zGgbpIWx.exe, version : 23.0.0.0, horodatage : 0x66295e3a
Code d’exception : 0x4000001f
Décalage d’erreur : 0x000098a5
ID du processus défaillant : 0x272c
Heure de début de l’application défaillante : 0x01da999c906943f6
Chemin d’accès de l’application défaillante : C:\Users\HP\Pictures\pW0zH85MgITZ4YB8zGgbpIWx.exe
Chemin d’accès du module défaillant: C:\Users\HP\Pictures\pW0zH85MgITZ4YB8zGgbpIWx.exe
ID de rapport : 8156063b-a4b6-401e-9907-2eb6b379d196
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (04/28/2024 08:09:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante SVEWmeddC29DwRqGm7g3DInD.exe, version : 23.0.0.0, horodatage : 0x66295e3a
Nom du module défaillant : SVEWmeddC29DwRqGm7g3DInD.exe, version : 23.0.0.0, horodatage : 0x66295e3a
Code d’exception : 0x4000001f
Décalage d’erreur : 0x000098a5
ID du processus défaillant : 0x1c70
Heure de début de l’application défaillante : 0x01da999b1c7b0e5a
Chemin d’accès de l’application défaillante : C:\Users\HP\Pictures\SVEWmeddC29DwRqGm7g3DInD.exe
Chemin d’accès du module défaillant: C:\Users\HP\Pictures\SVEWmeddC29DwRqGm7g3DInD.exe
ID de rapport : e610ce55-3b79-4e03-8e21-67a55a55b8e8
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (04/28/2024 08:01:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante P6ejChPYN7qDlOnPhaQvLFgO.exe, version : 23.0.0.0, horodatage : 0x66295e3a
Nom du module défaillant : P6ejChPYN7qDlOnPhaQvLFgO.exe, version : 23.0.0.0, horodatage : 0x66295e3a
Code d’exception : 0x4000001f
Décalage d’erreur : 0x000098a5
ID du processus défaillant : 0x398c
Heure de début de l’application défaillante : 0x01da999e5637e485
Chemin d’accès de l’application défaillante : C:\Users\HP\Pictures\P6ejChPYN7qDlOnPhaQvLFgO.exe
Chemin d’accès du module défaillant: C:\Users\HP\Pictures\P6ejChPYN7qDlOnPhaQvLFgO.exe
ID de rapport : 0b9cba46-95ab-4308-9233-b514ef8458ef
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (04/28/2024 07:51:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante u7qk.0.exe, version : 23.0.0.0, horodatage : 0x662e450c
Nom du module défaillant : u7qk.0.exe, version : 23.0.0.0, horodatage : 0x662e450c
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00016d56
ID du processus défaillant : 0x3ed4
Heure de début de l’application défaillante : 0x01da999cf8db748a
Chemin d’accès de l’application défaillante : C:\Users\HP\AppData\Local\Temp\u7qk.0.exe
Chemin d’accès du module défaillant: C:\Users\HP\AppData\Local\Temp\u7qk.0.exe
ID de rapport : bf132701-aa57-44dc-96b7-fc4d22123662
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (04/28/2024 07:42:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante u5m8.0.exe, version : 23.0.0.0, horodatage : 0x662e450c
Nom du module défaillant : u5m8.0.exe, version : 23.0.0.0, horodatage : 0x662e450c
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00016d56
ID du processus défaillant : 0x3ebc
Heure de début de l’application défaillante : 0x01da999bbb2dada7
Chemin d’accès de l’application défaillante : C:\Users\HP\AppData\Local\Temp\u5m8.0.exe
Chemin d’accès du module défaillant: C:\Users\HP\AppData\Local\Temp\u5m8.0.exe
ID de rapport : d081ef73-df6a-47a4-9363-9e6388f80d9a
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (04/28/2024 07:34:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante wL4hlUxYxQClEYl7z7V95nUQ.exe, version : 23.0.0.0, horodatage : 0x66295e3a
Nom du module défaillant : wL4hlUxYxQClEYl7z7V95nUQ.exe, version : 23.0.0.0, horodatage : 0x66295e3a
Code d’exception : 0x4000001f
Décalage d’erreur : 0x000098a5
ID du processus défaillant : 0x3ae8
Heure de début de l’application défaillante : 0x01da999989c21406
Chemin d’accès de l’application défaillante : C:\Users\HP\Pictures\wL4hlUxYxQClEYl7z7V95nUQ.exe
Chemin d’accès du module défaillant: C:\Users\HP\Pictures\wL4hlUxYxQClEYl7z7V95nUQ.exe
ID de rapport : 2ab1a9bf-e874-4b92-b9f2-5b8568b97d0e
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (04/28/2024 07:29:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante ubmw.0.exe, version : 23.0.0.0, horodatage : 0x662e450c
Nom du module défaillant : ubmw.0.exe, version : 23.0.0.0, horodatage : 0x662e450c
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00016d56
ID du processus défaillant : 0x24d0
Heure de début de l’application défaillante : 0x01da9999e77cf899
Chemin d’accès de l’application défaillante : C:\Users\HP\AppData\Local\Temp\ubmw.0.exe
Chemin d’accès du module défaillant: C:\Users\HP\AppData\Local\Temp\ubmw.0.exe
ID de rapport : feea9cb8-d2ec-495b-b704-25eba32dd048
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Erreurs système:
=============
Error: (04/28/2024 08:10:03 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Une erreur irrécupérable s'est produite lors de la création des informations d'identification client pour TLS. État d'erreur interne : 10013.
Error: (04/28/2024 08:09:07 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Le miniport Remote NDIS based Internet Sharing Device #2, {3ee91d84-fd5c-479c-a063-3680b1e81838}, a eu l’événement 76
Error: (04/28/2024 03:11:42 PM) (Source: DCOM) (EventID: 10010) (User: CAMTEL-DRS)
Description: Le serveur {283EDD52-69B2-473D-BEB6-2C0B4C01FD73} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (04/28/2024 03:08:46 PM) (Source: DCOM) (EventID: 10010) (User: CAMTEL-DRS)
Description: Le serveur {4991D34B-80A1-4291-83B6-3328366B9097} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (04/28/2024 03:08:30 PM) (Source: DCOM) (EventID: 10010) (User: CAMTEL-DRS)
Description: Le serveur microsoft.windowscommunicationsapps_16005.14326.21854.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (04/28/2024 03:06:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Windows Camera Frame Server n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (04/28/2024 03:06:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Windows Camera Frame Server.
Error: (04/28/2024 03:01:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Le service MessagingService_2d5ca4 s’est arrêté avec l’erreur :
Le périphérique n’est pas prêt.
Windows Defender:
================
Date: 2023-09-04 08:25:55
Description:
L’analyse Microsoft Defender Antivirus a été arrêtée avant la fin.
ID de l’analyse : {0AD82C1C-2615-489D-B66D-02E575470D16}
Type de l’analyse : Antimalware
Paramètres de l’analyse : Quick Scan
Utilisateur : NT AUTHORITY\SYSTEM
Date: 2023-09-04 08:12:13
Description:
L’analyse Microsoft Defender Antivirus a été arrêtée avant la fin.
ID de l’analyse : {2DF0D118-08FD-4EA6-9492-47DDFA2769F8}
Type de l’analyse : Antimalware
Paramètres de l’analyse : Quick Scan
Utilisateur : NT AUTHORITY\SYSTEM
Date: 2023-09-01 14:12:24
Description:
Microsoft Defender Antivirus a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKms&threatid=2147723334&enterprise=0
Nom : HackTool:Win64/AutoKms
ID : 2147723334
Gravité : High
Catégorie : Tool
Chemin : file:_C:\WINDOWS\SECOH-QAD.dll
Origine de la détection : Local machine
Type de détection : Concrete
Source de détection : System
Utilisateur : NT AUTHORITY\SYSTEM
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.397.139.0, AS: 1.397.139.0, NIS: 1.397.139.0
Version du moteur : AM: 1.1.23080.2005, NIS: 1.1.23080.2005
Date: 2023-09-01 10:49:16
Description:
L’analyse Microsoft Defender Antivirus a été arrêtée avant la fin.
ID de l’analyse : {0629C818-1D68-4C00-9112-EC0AF48E0BF7}
Type de l’analyse : Antimalware
Paramètres de l’analyse : Quick Scan
Utilisateur : NT AUTHORITY\SYSTEM
Date: 2023-09-01 10:23:02
Description:
L’analyse Microsoft Defender Antivirus a été arrêtée avant la fin.
ID de l’analyse : {20EF27B4-9F4B-4944-8C7D-D5C2DD73B676}
Type de l’analyse : Antimalware
Paramètres de l’analyse : Quick Scan
Utilisateur : NT AUTHORITY\SYSTEM
Event[0]:
Date: 2022-03-21 12:54:55
Description:
Microsoft Defender Antivirus a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.359.1928.0
Source de mise à jour : Microsoft Malware Protection Center
Type de veille de sécurité : AntiVirus
Type de mise à jour : Full
Utilisateur : NT AUTHORITY\NETWORK SERVICE
Version actuelle du moteur :
Version précédente du moteur : 1.1.18900.3
Code d’erreur : 0x80070102
Description de l’erreur : The wait operation timed out.
Date: 2022-03-13 09:40:04
Description:
Microsoft Defender Antivirus a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.359.1693.0
Source de mise à jour : Microsoft Malware Protection Center
Type de veille de sécurité : AntiVirus
Type de mise à jour : Full
Utilisateur : NT AUTHORITY\NETWORK SERVICE
Version actuelle du moteur :
Version précédente du moteur : 1.1.18900.3
Code d’erreur : 0x80070102
Description de l’erreur : The wait operation timed out.
Date: 2022-03-10 08:56:36
Description:
Microsoft Defender Antivirus a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.359.1693.0
Source de mise à jour : Microsoft Malware Protection Center
Type de veille de sécurité : AntiVirus
Type de mise à jour : Full
Utilisateur : NT AUTHORITY\NETWORK SERVICE
Version actuelle du moteur :
Version précédente du moteur : 1.1.18900.3
Code d’erreur : 0x8050a003
Description de l’erreur : This package does not contain up-to-date definition files for this program. For more information, see Help and Support.
Date: 2022-03-10 08:56:36
Description:
Microsoft Defender Antivirus a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.359.1693.0
Source de mise à jour : Microsoft Malware Protection Center
Type de veille de sécurité : AntiSpyware
Type de mise à jour : Full
Utilisateur : NT AUTHORITY\NETWORK SERVICE
Version actuelle du moteur :
Version précédente du moteur : 1.1.18900.3
Code d’erreur : 0x8050a003
Description de l’erreur : This package does not contain up-to-date definition files for this program. For more information, see Help and Support.
Date: 2022-03-10 08:56:36
Description:
Microsoft Defender Antivirus a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.359.1693.0
Source de mise à jour : Microsoft Malware Protection Center
Type de veille de sécurité : AntiVirus
Type de mise à jour : Full
Utilisateur : NT AUTHORITY\NETWORK SERVICE
Version actuelle du moteur :
Version précédente du moteur : 1.1.18900.3
Code d’erreur : 0x8050a003
Description de l’erreur : This package does not contain up-to-date definition files for this program. For more information, see Help and Support.
CodeIntegrity:
===============
Date: 2023-09-04 08:04:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-09-01 09:15:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-08 10:36:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ReasonLabs\EPP\rsEngineSvc.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Outlook\15.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-08 10:36:31
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ReasonLabs\EPP\rsEngineSvc.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC_MSIL\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-08 08:51:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ReasonLabs\EPP\rsEngineSvc.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\Office15\OLMAPI32.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-08 08:28:48
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MRT-KB890830.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2023-06-07 14:53:56
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\114.0.1823.37\prefs_enclave_x64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2023-06-07 14:53:52
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\114.0.1823.37\dual_engine_adapter_x64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2023-06-07 14:52:40
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Fortinet\FortiClient\FCWscD7.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Infos Mémoire ===========================
BIOS: Insyde F.21 10/27/2016
Carte mère: HP 81F1
Processeur: Intel(R) Celeron(R) CPU N3060 @ 1.60GHz
Pourcentage de mémoire utilisée: 70%
Mémoire physique - RAM - totale: 3944.36 MB
Mémoire physique - RAM - disponible: 1169.1 MB
Mémoire virtuelle totale: 7557.63 MB
Mémoire virtuelle disponible: 2982.86 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:233.39 GB) (Free:47.46 GB) (Model: ST500LT012-1DG142) NTFS
Drive e: (DATA) (Fixed) (Total:230.15 GB) (Free:73.55 GB) (Model: ST500LT012-1DG142) NTFS
\\?\Volume{0dbda390-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{0dbda390-0000-0000-0000-a0783a000000}\ () (Fixed) (Total:1.73 GB) (Free:0.85 GB) NTFS
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0DBDA390)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1.7 GB) - (Type=27)
Partition 4: (Not Active) - (Size=230.1 GB) - (Type=07 NTFS)
==================== Fin de Addition.txt =======================