Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 06-10-2023 Exécuté par theod (10-10-2023 15:37:16) Exécuté depuis C:\Users\theod\OneDrive\Bureau Microsoft Windows 11 Professionnel Version 22H2 22621.2283 (X64) (2023-03-06 10:23:14) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-47607643-4069735072-1164941092-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-47607643-4069735072-1164941092-503 - Limited - Disabled) Invité (S-1-5-21-47607643-4069735072-1164941092-501 - Limited - Disabled) theod (S-1-5-21-47607643-4069735072-1164941092-1001 - Administrator - Enabled) => C:\Users\theod WDAGUtilityAccount (S-1-5-21-47607643-4069735072-1164941092-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov) Ableton Live 11 Lite (HKLM\...\{3F4BD897-AB4B-4DA9-A6E9-E3444E0C4307}) (Version: 11.0.0.0 - Ableton) Hidden Ableton Live 11 Lite (HKLM-x32\...\{37af67eb-d14e-4645-b305-fb949a1497f3}) (Version: 11.0.0.0 - Ableton) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1036-1033-7760-BC15014EA700}) (Version: 23.006.20320 - Adobe) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601052}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden ArcGIS Pro (HKLM\...\{26C745E6-B3C1-467B-9523-727D1803EE07}) (Version: 2.8.29751 - Environmental Systems Research Institute, Inc.) Hidden ArcGIS Pro (HKLM\...\ArcGISPro) (Version: 2.8.29751 - Environmental Systems Research Institute, Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach) ASUS Business Manager (HKLM\...\{DCDB29A1-35C9-45F7-906D-2FEB456189FE}) (Version: 3.0.31.0 - ASUS) ASUS Business Utility (HKLM\...\{72D4185B-4B52-4EED-917E-4BB4D5A5A5D3}) (Version: 3.5.17.0 - ASUSTek COMPUTER INC.) ASUS SimPro Dock (HKLM-x32\...\{0035192A-DBE3-4097-AA73-ABB68DEB4FED}) (Version: 2.3.1.0 - ASUSTeK COMPUTER INC.) Audacity 3.2.0 (HKLM\...\Audacity_is1) (Version: 3.2.0 - Audacity Team) Cisco Webex Meetings (HKU\S-1-5-21-47607643-4069735072-1164941092-1001\...\ActiveTouchMeetingClient) (Version: 43.6.0 - Cisco Webex LLC) Contrôle d’intégrité du PC Windows (HKLM\...\{0150BDB3-AFFD-47A1-ADB8-DE06658EB3B2}) (Version: 3.2.2110.14001 - Microsoft Corporation) DeepL (HKU\S-1-5-21-47607643-4069735072-1164941092-1001\...\https%3a##appdownload.deepl.com#windows#0install#deepl.xml) (Version: - DeepL SE) Discord (HKU\S-1-5-21-47607643-4069735072-1164941092-1001\...\Discord) (Version: 1.0.9013 - Discord Inc.) Dynalist 1.0.6 (HKU\S-1-5-21-47607643-4069735072-1164941092-1001\...\1e78cdbc-7a18-5e02-93fd-c98dee19d9b8) (Version: 1.0.6 - Dynalist Inc.) Evernote 10.53.2 (HKU\S-1-5-21-47607643-4069735072-1164941092-1001\...\e4251011-875e-51f3-a464-121adaff5aaa) (Version: 10.53.2 - Evernote Corporation) FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line) FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line) Focusrite Audio Drivers 4.102.4.735 (HKLM\...\Focusrite Audio Drivers_is1) (Version: 4.102.4.735 - Focusrite Audio Engineering, Ltd.) GameRanger (HKU\S-1-5-21-47607643-4069735072-1164941092-1001\...\GameRanger) (Version: - GameRanger Technologies) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 117.0.5938.150 - Google LLC) Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft 365 - en-gb (HKLM\...\O365HomePremRetail - en-gb) (Version: 16.0.16827.20130 - Microsoft Corporation) Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.16827.20130 - Microsoft Corporation) Microsoft 365 Apps for enterprise - en-gb (HKLM\...\O365ProPlusRetail - en-gb) (Version: 16.0.16827.20130 - Microsoft Corporation) Microsoft 365 Apps for enterprise - fr-fr (HKLM\...\O365ProPlusRetail - fr-fr) (Version: 16.0.16827.20130 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.60 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.60 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.194.0917.0001 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-47607643-4069735072-1164941092-1001\...\Teams) (Version: 1.6.00.6754 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{AF47B488-9780-4AB5-A97E-762E28013CA6}) (Version: 5.71.0.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30037 (HKLM-x32\...\{4b2f3795-f407-415e-88d5-8c8ab322909d}) (Version: 14.29.30037.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30037 (HKLM-x32\...\{dfea0fad-88b2-4a1f-8536-3f8f9391f4ef}) (Version: 14.29.30037.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30037 (HKLM\...\{529D20E8-132A-4F1A-A25F-9211B8C943AC}) (Version: 14.29.30037 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30037 (HKLM\...\{C874FB5A-1C85-460A-A4A9-CBCC3FAE7880}) (Version: 14.29.30037 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30037 (HKLM-x32\...\{01FAEC41-B3BC-44F4-B185-5E8475AEB855}) (Version: 14.29.30037 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30037 (HKLM-x32\...\{7D75664A-6C04-424C-82A1-EE88913E5F16}) (Version: 14.29.30037 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM\...\{3C31CBA1-A0D9-4B95-A807-AD2313D12F47}) (Version: 40.68.31219 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM-x32\...\{20d5df4e-006c-4d6d-a0dc-490d009b9786}) (Version: 5.0.17.31219 - Microsoft Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16827.20130 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16827.20130 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.16827.20130 - Microsoft Corporation) Hidden Polar FlowSync version 3.0.0.1337 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 3.0.0.1337 - Polar Electro Oy) QDA Miner Lite 3.0 (HKLM-x32\...\QDAMiner Lite_is1) (Version: - Provalis Research) R for Windows 4.2.1 (HKLM\...\R for Windows 4.2.1_is1) (Version: 4.2.1 - R Core Team) Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.8.0731.072514 - Razer Inc.) Razer Virtual Ring Light (HKLM-x32\...\Razer Virtual Ring Light) (Version: 2.0.0.23 - Razer Inc.) RStudio (HKLM-x32\...\RStudio) (Version: 2022.07.1+554 - RStudio) Rtools 4.2 (4.2.0.1) (HKLM\...\Rtools42_is1) (Version: 4.2 - The R Foundation) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Taguette 1.4.1 (HKLM\...\{FB884879-1AE9-43D5-B4A3-8499A0B65E0E}_is1) (Version: 1.4.1 - Remi Rampin and Taguette contributors) Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.5.0.8070 - Microsoft Corporation) THX Spatial Audio (HKLM-x32\...\THX Spatial Audio) (Version: 2.0.1.6 - Razer Inc.) Webex (HKLM\...\{13E7AACC-0865-4F9B-8384-6B0424CBE06E}) (Version: 43.6.0.26407 - Cisco Systems, Inc) WinRAR 6.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.21.0 - win.rar GmbH) Zoom (HKU\S-1-5-21-47607643-4069735072-1164941092-1001\...\ZoomUMX) (Version: 5.14.11 (17466) - Zoom Video Communications, Inc.) Zotero (HKLM-x32\...\Zotero 6.0.23 (x86 en-US)) (Version: 6.0.23 - Corporation for Digital Scholarship) Packages: ========= 5A894077.McAfeeSecurity -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2023-07-17] (McAfee LLC.) AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5185.0_x64__8j3eq9eme6ctt [2023-09-13] (INTEL CORP) [Startup Task] ASUS Business Manager -> C:\Program Files\WindowsApps\B9ECED6F.ASUSBusinessManager_3.0.20.0_x64__qmba6cd70vzyy [2022-08-29] (ASUSTeK COMPUTER INC.) Centre de contrôle Thunderbolt™ -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.36.0_x64__8j3eq9eme6ctt [2022-10-22] (INTEL CORP) Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-10-12] (Microsoft Corporation) Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-17] (Microsoft Corporation) Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.62.8.0_x64__6rarf9sa4v8jt [2023-09-25] (Disney) DTS Audio Processing -> C:\Program Files\WindowsApps\DTSInc.DTSAudioProcessing_1.10.15.0_x64__t5j2fzbtdg37r [2023-09-01] (DTS, Inc.) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_149.1.1056.0_x64__v10z8vjag6ke6 [2023-09-08] (HP Inc.) Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10510.531.0_x64__8wekyb3d8bbwe [2023-06-26] (Microsoft Corporation) Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-09-18] (Microsoft Corporation) MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.26.0_x64__qmba6cd70vzyy [2023-09-22] (ASUSTeK COMPUTER INC.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.36.273.0_x64__dt26b99r8h8gj [2023-09-20] (Realtek Semiconductor Corp) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0 [2023-10-02] (Spotify AB) [Startup Task] WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2339.13.0_x64__cv1g1gvanyjgm [2023-10-10] (WhatsApp Inc.) [Startup Task] Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-09-18] (Microsoft Corporation) Windows Subsystem for Android™ -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2308.40000.3.0_x64__8wekyb3d8bbwe [2023-10-03] (Microsoft Corp.) [Startup Task] WinRAR -> C:\Program Files\WinRAR [2023-05-23] (win.rar GmbH) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-47607643-4069735072-1164941092-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-47607643-4069735072-1164941092-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\theod\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23061.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-47607643-4069735072-1164941092-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-47607643-4069735072-1164941092-1001_Classes\CLSID\{b72e6f5e-f6e0-a9eb-461b-6118363bd15c}\localserver32 -> C:\Users\theod\AppData\Local\0install.net\implementations\sha256new_IA5ZAWY5757G2CCVTIIUZMVSBYDGFXZAP22TDTFSS74QEP3GNCDA\DeepL.exe (DeepL SE -> DeepL SE) CustomCLSID: HKU\S-1-5-21-47607643-4069735072-1164941092-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\theod\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-07] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-07] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-07] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-07] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-07] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Fichier non signé] ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.) ShortcutWithArgument: C:\Users\theod\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Théo - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2" ShortcutWithArgument: C:\Users\theod\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Théo (Personne 2) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1" ==================== Modules chargés (Avec liste blanche) ============= 0000-00-00 00:00 - 0000-00-00 00:00 - 000000000 _____ () [Accès refusé] C:\Program Files (x86)\Common Files\ControllerHist\LockExtensiqas\cnbMBaidgeZTRAPI.dll 2023-05-17 12:50 - 2023-02-27 21:39 - 001393152 _____ () [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.Runtime.dll 2022-11-22 15:19 - 2022-08-21 03:44 - 001160192 _____ () [Fichier non signé] [Fichier en cours d'utilisation] C:\Users\theod\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\CefSharp.BrowserSubprocess.Core.dll 2022-04-27 09:21 - 2018-09-17 03:26 - 001348096 _____ () [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\polar20.dll 2022-04-27 09:21 - 2018-05-29 01:27 - 000071168 _____ () [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\zlib.dll 2022-11-22 15:19 - 2022-08-19 09:38 - 175591424 _____ () [Fichier non signé] C:\Users\theod\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libcef.dll 2022-11-22 15:19 - 2022-08-19 08:11 - 000442880 _____ () [Fichier non signé] C:\Users\theod\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libEGL.dll 2022-11-22 15:20 - 2022-08-19 08:10 - 006480384 _____ () [Fichier non signé] C:\Users\theod\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libGLESv2.dll 2022-11-22 15:20 - 2022-08-19 08:07 - 004077568 _____ () [Fichier non signé] C:\Users\theod\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\vk_swiftshader.dll 2022-11-22 15:19 - 2022-08-19 08:10 - 000828928 _____ () [Fichier non signé] C:\Users\theod\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\vulkan-1.dll 2023-09-15 10:12 - 2021-09-28 09:17 - 002679296 _____ () [Fichier non signé] C:\Users\theod\AppData\Local\Dynalist\ffmpeg.dll 2023-09-15 10:12 - 2021-09-28 09:17 - 000439296 _____ () [Fichier non signé] C:\Users\theod\AppData\Local\Dynalist\libegl.dll 2023-09-15 10:12 - 2021-09-28 09:17 - 007938048 _____ () [Fichier non signé] C:\Users\theod\AppData\Local\Dynalist\libglesv2.dll 2022-11-03 10:21 - 2022-07-15 16:00 - 000094720 _____ (Igor Pavlov) [Fichier non signé] C:\Program Files\7-Zip\7-zip.dll 2020-11-21 14:44 - 2020-11-21 14:44 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll 2020-11-21 14:44 - 2020-11-21 14:44 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll 2020-11-21 14:44 - 2020-11-21 14:44 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Client\C2R64.dll 2020-11-21 14:44 - 2020-11-21 14:44 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll 2020-11-21 14:44 - 2020-11-21 14:44 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\c2r64.dll 2022-04-27 09:21 - 2018-09-17 03:27 - 000381440 _____ (Polar Electro Oy) [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\wslib.dll 2022-11-22 15:20 - 2022-08-19 08:16 - 001231872 _____ (The Chromium Authors) [Fichier non signé] C:\Users\theod\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\chrome_elf.dll 2022-04-27 09:21 - 2015-04-30 02:20 - 025338368 _____ (The ICU Project) [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\icudt54.dll 2022-04-27 09:21 - 2015-04-30 02:20 - 002056704 _____ (The ICU Project) [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\icuin54.dll 2022-04-27 09:21 - 2015-04-30 02:20 - 001425408 _____ (The ICU Project) [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\icuuc54.dll 2022-04-27 09:21 - 2015-10-12 12:20 - 000991232 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\platforms\qwindows.dll 2022-04-27 09:21 - 2018-05-29 08:46 - 004621312 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Core.dll 2022-04-27 09:21 - 2015-10-12 12:15 - 004860928 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Gui.dll 2022-04-27 09:21 - 2015-10-12 12:32 - 000563712 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Multimedia.dll 2022-04-27 09:21 - 2015-10-12 12:34 - 000082432 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5MultimediaWidgets.dll 2022-04-27 09:21 - 2015-10-12 12:14 - 000845312 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Network.dll 2022-04-27 09:21 - 2015-10-12 12:19 - 000272896 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5OpenGL.dll 2022-04-27 09:21 - 2015-10-12 12:34 - 000166400 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Positioning.dll 2022-04-27 09:21 - 2015-10-12 12:19 - 000267264 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5PrintSupport.dll 2022-04-27 09:21 - 2015-10-12 12:24 - 002588672 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Qml.dll 2022-04-27 09:21 - 2015-10-12 12:26 - 002430976 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Quick.dll 2022-04-27 09:21 - 2015-10-12 16:03 - 001144832 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Script.dll 2022-04-27 09:21 - 2015-10-12 12:31 - 000148480 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Sensors.dll 2022-04-27 09:21 - 2015-10-12 12:13 - 000154112 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Sql.dll 2022-04-27 09:21 - 2015-10-12 12:39 - 000080384 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5WebChannel.dll 2022-04-27 09:21 - 2015-10-12 13:55 - 017406464 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5WebKit.dll 2022-04-27 09:21 - 2015-10-12 14:10 - 000198656 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5WebKitWidgets.dll 2022-04-27 09:21 - 2015-10-12 12:17 - 004420096 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Widgets.dll 2022-04-27 09:21 - 2015-10-12 12:13 - 000150016 _____ (The Qt Company Ltd) [Fichier non signé] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Xml.dll ==================== Alternate Data Streams (Avec liste blanche) ======== ==================== Mode sans échec (Avec liste blanche) ================== ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-10-05] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-10-05] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-05] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-05] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-05] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-05] (Microsoft Corporation -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.) IE trusted site: HKU\S-1-5-21-47607643-4069735072-1164941092-1001\...\sharepoint.com -> hxxps://agroparistechfr-files.sharepoint.com ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-47607643-4069735072-1164941092-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\theod\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img_20200816_111756.jpg DNS Servers: 10.100.2.10 - 10.100.2.11 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1) Le Pare-feu est activé. ==================== MSCONFIG/TASK MANAGER éléments désactivés == (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) HKLM\...\StartupApproved\Run: => "RZTHXHelper" HKLM\...\StartupApproved\Run: => "Focusrite Notifier" HKLM\...\StartupApproved\Run: => "ASUSDetectDVD" HKU\S-1-5-21-47607643-4069735072-1164941092-1001\...\StartupApproved\StartupFolder: => "DeepL auto-start.lnk" HKU\S-1-5-21-47607643-4069735072-1164941092-1001\...\StartupApproved\Run: => "Synapse3" HKU\S-1-5-21-47607643-4069735072-1164941092-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-47607643-4069735072-1164941092-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" HKU\S-1-5-21-47607643-4069735072-1164941092-1001\...\StartupApproved\Run: => "Polar FlowSync" HKU\S-1-5-21-47607643-4069735072-1164941092-1001\...\StartupApproved\Run: => "CiscoMeetingDaemon" HKU\S-1-5-21-47607643-4069735072-1164941092-1001\...\StartupApproved\Run: => "Discord" ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [{BAC79534-6026-4C26-8839-1C8ABEAF53C8}] => (Allow) C:\Program Files\ASUS\ASUS Business Utility\cceventapp.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) FirewallRules: [{08EDFD9C-0AAB-42E8-9442-CB7C8FB4B114}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{DB192849-C1D3-4C9E-A2D1-AD17B7C01C61}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{9130B04F-15DF-4B04-94AA-11073A16464A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{7C8EC36E-3B2F-4F00-BCED-CCC1E8C2D971}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [UDP Query User{FB83EDE4-03E7-413F-B31A-F402B26FF83D}C:\program files\rstudio\bin\rsession-utf8.exe] => (Allow) C:\program files\rstudio\bin\rsession-utf8.exe (RStudio, PBC) [Fichier non signé] FirewallRules: [TCP Query User{02677428-2BAD-4BF7-9411-7760264DFDA2}C:\program files\rstudio\bin\rsession-utf8.exe] => (Allow) C:\program files\rstudio\bin\rsession-utf8.exe (RStudio, PBC) [Fichier non signé] FirewallRules: [{FB1327CA-FF6D-4E52-B0C5-DA302FE06EBC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{227A6FB2-A2D3-482B-956A-B07732418D68}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{8B863010-E409-433D-92CD-03217E1778B3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{2B0E2269-6FC3-4FCE-B632-C807928F7F2B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier FirewallRules: [{5C7EBF2D-57AA-469E-B569-B24AADFC0024}] => (Allow) C:\Users\theod\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{F06548EF-9D5E-4A11-8B5E-3A2E958442B1}] => (Allow) C:\Users\theod\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{E4D4AD33-BB57-4313-85F4-A9983A3C7244}] => (Allow) C:\Users\theod\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{8137D814-6810-452E-880C-A6A2B3295CEC}] => (Allow) LPort=5354 FirewallRules: [{DF5B76CF-D89C-4F67-8811-16225CEEFD5E}] => (Allow) LPort=5354 FirewallRules: [{92891CF5-8F95-4478-A597-371CE92E086E}] => (Allow) LPort=5354 FirewallRules: [{96995E16-3578-47D8-ACB4-7DE83C18F02B}] => (Allow) LPort=5354 FirewallRules: [{1036D54D-799A-4365-946B-D993F76925DC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{88762F7B-0181-4514-8C47-898D22FCF8CC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{BD6365B3-2030-420D-8F57-87CBA0C87973}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{8B909C49-510D-481B-BD84-904429210CD0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{21302CA0-F95C-47BD-B22D-F2B964A42203}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [Fichier non signé] FirewallRules: [{985717A3-1039-4315-AE5B-3ACF03A33310}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [Fichier non signé] FirewallRules: [{EA4AFD1F-A279-4C34-8038-F1A694912174}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe (Valve Corp. -> ) [Fichier non signé] FirewallRules: [{DC021166-5EE7-4819-9291-46479A4B5544}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe (Valve Corp. -> ) [Fichier non signé] FirewallRules: [{B81C5342-5A1D-4120-9626-AC22EE75E161}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe (Activision Publishing Inc -> ) FirewallRules: [{57211690-1E7F-46E9-A9BA-32D0EDDCBCBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe (Activision Publishing Inc -> ) FirewallRules: [{09F424BA-C437-411E-8B7E-E70CBF8175A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Wicked Witch Software Pty Ltd -> Microsoft Corporation) FirewallRules: [{47C35F3F-CB96-4822-926A-CFD3E86CE1AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Wicked Witch Software Pty Ltd -> Microsoft Corporation) FirewallRules: [{D0B1DB98-D152-41E3-A5A3-1D99370D543B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe (TODO: ) [Fichier non signé] FirewallRules: [{46BEDB75-12BE-485C-941A-6A032EB2961D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe (TODO: ) [Fichier non signé] FirewallRules: [{BCA13537-491C-4177-9A62-740E0C43D9A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\AoMX.exe (Microsoft Corp) [Fichier non signé] FirewallRules: [{DD138C6C-B0AF-467C-AEA5-F68D97C592D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\AoMX.exe (Microsoft Corp) [Fichier non signé] FirewallRules: [{E0AED3F3-6FB4-45BD-A67F-ED3561C80A20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: ) [Fichier non signé] FirewallRules: [{3106853E-6842-4AC2-BDF8-7153BD775D48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: ) [Fichier non signé] FirewallRules: [{4B399F24-603F-4DAA-B850-516FCEAF88CE}] => (Allow) C:\Program Files\Razer\RzAppEngine\rzappengine.exe (Razer USA Ltd. -> Razer Inc.) FirewallRules: [TCP Query User{54131096-2185-4A07-A8FE-0B63043FA6F8}C:\users\theod\appdata\local\programs\evernote\evernote.exe] => (Allow) C:\users\theod\appdata\local\programs\evernote\evernote.exe (Evernote Corporation -> Evernote Corporation) FirewallRules: [UDP Query User{B009866E-9598-4AFD-846E-2A40BED735E0}C:\users\theod\appdata\local\programs\evernote\evernote.exe] => (Allow) C:\users\theod\appdata\local\programs\evernote\evernote.exe (Evernote Corporation -> Evernote Corporation) FirewallRules: [{884C21ED-1B1E-497B-88B6-7696F5430D27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\BattleServer\BattleServer.exe () [Fichier non signé] FirewallRules: [{3F22FA19-7484-4490-B2CD-620936ABF46C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\BattleServer\BattleServer.exe () [Fichier non signé] FirewallRules: [TCP Query User{200C86F7-18E5-41DC-ACEB-22D5E8E20D52}C:\users\theod\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\theod\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{41C565F4-CB3D-4260-863E-8BEBFA65F414}C:\users\theod\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\theod\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A17446BA-89DC-4D63-BA28-AC122D064C90}] => (Block) C:\users\theod\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6104CC93-D9E6-4321-9B95-CBA4626F32ED}] => (Block) C:\users\theod\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{7E4287EE-4969-4082-8570-CB025AB7A704}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{3DC01731-DCA8-49F9-BCD1-4053A28EFE7D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6ABB7616-7C08-4B08-8181-E0E3C05DCF24}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{2914584A-4E22-438D-94FF-3874F3765D84}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{02580396-3FA2-4B9F-9170-FDFD1FA8297E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{84C82D35-87D8-405C-960C-7561D3741D40}] => (Allow) C:\Users\theod\AppData\Local\Temp\7zS496B\HP.EasyStart.exe => Pas de fichier FirewallRules: [{B40F99A8-1772-4B37-9A8F-C0354B26D689}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23231.411.2342.9597_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{204C154A-DFB9-41FD-AD77-541E55806104}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23231.411.2342.9597_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5EE469F5-2706-4BFF-AF49-6CF67708CFD4}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.31\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8DF4BE63-A77E-40A5-802C-B74D4A7003DF}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkNear\AsusLinkNear.exe => Pas de fichier FirewallRules: [{9DC33CBA-FFCF-4C79-8CF0-69A4BC8A1D5B}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.26.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.) FirewallRules: [{14331C4B-ADAF-42F7-A1AE-FF34E6E2457B}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.26.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.) FirewallRules: [{AE84E290-C7EE-4AD1-9901-7C157286C755}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.26.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.) FirewallRules: [{84203180-401D-4952-B615-2CBA81B8F2A2}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.26.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.) FirewallRules: [{81E702C9-9823-469D-992F-8FC9DDAC71E9}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23247.1113.2398.2671_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{85325233-FDF7-4001-B072-98617B4C61F9}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23247.1113.2398.2671_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{7FBFBA25-39BF-4B72-81CB-02B7F57A7B01}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0599a970f71746fa\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) FirewallRules: [{BEDD117A-508F-4D44-B47C-ACABC2359738}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0599a970f71746fa\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) FirewallRules: [{E5C3D1D8-0000-49DC-A8F9-E8D92C0CEC56}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0599a970f71746fa\ASUSSwitch\AsusSwitchNet.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) FirewallRules: [{87FD8531-1EEE-4A40-A3C6-E8369CB2F29B}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0599a970f71746fa\ASUSSwitch\AsusSwitchNetMDNS.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) FirewallRules: [{2A0B64E6-71F2-4751-A67E-5668E457FC3A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{E488A27D-124E-4BF5-B4E9-A584A2D55E88}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{EDF0469A-90AD-4D85-A022-9D0216C9BC39}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{8B6126C8-246F-4A88-92B6-D25A93E701D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{0D1160DC-EC7B-4FE1-80C3-9CC87D49A0A3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{772C01E9-7B14-4EB9-B9A7-3BE3CD5A580D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{05005494-1880-4382-A571-DAB5F1E220D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{6008EF65-6824-4E6D-B860-42E58E106C76}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{FEA0542A-7D40-4ADA-BBFB-5CA9F1179A45}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{3CB10159-F5ED-4E8C-91E1-818B170D1783}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{328A0748-0A16-4F5F-B590-C7A3E8DFEB26}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E3EB1B8B-4FC2-430A-B860-10EBC972F6B2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{5A3E372F-6170-4502-AE0B-A3656537CFD2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{F9C08BEF-4E2A-4DE6-994D-E316A079B993}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{BDF0BF09-DDEF-4D19-BC69-14A8DF740A11}] => (Allow) C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2308.40000.3.0_x64__8wekyb3d8bbwe\WsaClient\WsaClient.exe (Microsoft Corporation -> ) FirewallRules: [{5B7C82FC-C9CB-4878-BF86-35FB2732BFE4}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.60\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{772968ED-5CC5-40E7-94E7-FB0AF96D8C9E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{22DF3852-1B3A-40DC-B166-D2B50D27A733}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{D6925CBD-51F3-4B2B-99E8-0D508AC8AA18}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{5E481086-0652-4516-80D5-EA9CE156E6F9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{429752AB-71AD-41AB-8E6F-84E9B7ABC7B6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) ==================== Points de restauration ========================= 09-10-2023 16:29:17 {D6D2A749-1758-42E9-8CD4-96D3856DC3C6} ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Erreurs système: ============= Error: (10/10/2023 03:31:37 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-B0JAI2J) Description: Impossible de démarrer un serveur DCOM : 5319275A.WhatsAppDesktop_2.2339.13.0_x64__cv1g1gvanyjgm!App.AppXagyrmpyx1bhhy2gjpvcnfecxpg298mss.mca en tant que Non disponible/Non disponible. L’erreur « 2147942402 » s’est produite lors du démarrage de la commande : "C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2339.13.0_x64__cv1g1gvanyjgm\WhatsApp.exe" -ServerName:App.AppXkf4yh0averk473g9chjmra34tgccdh3d.mca Error: (10/10/2023 03:17:26 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-B0JAI2J) Description: Impossible de démarrer un serveur DCOM : 5319275A.WhatsAppDesktop_2.2339.13.0_x64__cv1g1gvanyjgm!App.AppXagyrmpyx1bhhy2gjpvcnfecxpg298mss.mca en tant que Non disponible/Non disponible. L’erreur « 2147942402 » s’est produite lors du démarrage de la commande : "C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2339.13.0_x64__cv1g1gvanyjgm\WhatsApp.exe" -ServerName:App.AppXkf4yh0averk473g9chjmra34tgccdh3d.mca Error: (10/10/2023 03:14:39 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-B0JAI2J) Description: Impossible de démarrer un serveur DCOM : 5319275A.WhatsAppDesktop_2.2339.13.0_x64__cv1g1gvanyjgm!App.AppXagyrmpyx1bhhy2gjpvcnfecxpg298mss.mca en tant que Non disponible/Non disponible. L’erreur « 2147942402 » s’est produite lors du démarrage de la commande : "C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2339.13.0_x64__cv1g1gvanyjgm\WhatsApp.exe" -ServerName:App.AppXkf4yh0averk473g9chjmra34tgccdh3d.mca Error: (10/10/2023 03:01:29 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-B0JAI2J) Description: Impossible de démarrer un serveur DCOM : 5319275A.WhatsAppDesktop_2.2339.13.0_x64__cv1g1gvanyjgm!App.AppXagyrmpyx1bhhy2gjpvcnfecxpg298mss.mca en tant que Non disponible/Non disponible. L’erreur « 2147942402 » s’est produite lors du démarrage de la commande : "C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2339.13.0_x64__cv1g1gvanyjgm\WhatsApp.exe" -ServerName:App.AppXkf4yh0averk473g9chjmra34tgccdh3d.mca Error: (10/10/2023 02:54:19 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-B0JAI2J) Description: Impossible de démarrer un serveur DCOM : 5319275A.WhatsAppDesktop_2.2339.13.0_x64__cv1g1gvanyjgm!App en tant que Non disponible/Non disponible. L’erreur « 2147942402 » s’est produite lors du démarrage de la commande : "C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2339.13.0_x64__cv1g1gvanyjgm\WhatsApp.exe" -ServerName:App.AppXkf4yh0averk473g9chjmra34tgccdh3d.mca Error: (10/10/2023 02:54:18 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-B0JAI2J) Description: Impossible de démarrer un serveur DCOM : 5319275A.WhatsAppDesktop_2.2339.13.0_x64__cv1g1gvanyjgm!App en tant que Non disponible/Non disponible. L’erreur « 2147942402 » s’est produite lors du démarrage de la commande : "C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2339.13.0_x64__cv1g1gvanyjgm\WhatsApp.exe" -ServerName:App.AppXkf4yh0averk473g9chjmra34tgccdh3d.mca Error: (10/10/2023 02:54:18 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-B0JAI2J) Description: Impossible de démarrer un serveur DCOM : 5319275A.WhatsAppDesktop_2.2339.13.0_x64__cv1g1gvanyjgm!App en tant que Non disponible/Non disponible. L’erreur « 2147942402 » s’est produite lors du démarrage de la commande : "C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2339.13.0_x64__cv1g1gvanyjgm\WhatsApp.exe" -ServerName:App.AppXkf4yh0averk473g9chjmra34tgccdh3d.mca Error: (10/10/2023 02:54:17 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-B0JAI2J) Description: Impossible de démarrer un serveur DCOM : 5319275A.WhatsAppDesktop_2.2339.13.0_x64__cv1g1gvanyjgm!App en tant que Non disponible/Non disponible. L’erreur « 2147942402 » s’est produite lors du démarrage de la commande : "C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2339.13.0_x64__cv1g1gvanyjgm\WhatsApp.exe" -ServerName:App.AppXkf4yh0averk473g9chjmra34tgccdh3d.mca Windows Defender: ================ Date: 2023-10-09 16:29:41 Description: Antivirus Microsoft Defender a détecté un comportement suspect. Nom : Behavior:Win32/DroppedKnownMalware ID : 3653660345 Gravité : Faible Catégorie : Comportement suspect Chemin trouvé : file:_C:\Users\theod\OneDrive\Bureau\FNS_MI\QDA.Miner.v1.0.15.keygen\QDA.Miner.v1.0.15.keygen.exe; process:_13128 Origine de la détection : Ordinateur local Type de détection : Suspect Source de détection : Protection en temps réel État : Exécution Utilisateur : DESKTOP-B0JAI2J\theod Nom du processus : C:\Users\theod\OneDrive\Bureau\FNS_MI\QDA.Miner.v1.0.15.keygen\QDA.Miner.v1.0.15.keygen.exe ID de veille de sécurité : 41453692543830 Version de la veille de sécurité : AV: 1.399.300.0, AS: 1.399.300.0 Version du moteur : 1.1.23090.2007 Étiquette de fidélité : Bas Nom du fichier cible : C:\Users\theod\AppData\Local\Temp\RarSFX2\keygen-pj.exe Date: 2023-10-09 16:29:40 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Leonem&threatid=2147828166&enterprise=0 Nom : Trojan:Win32/Leonem ID : 2147828166 Gravité : Grave Catégorie : Cheval de Troie Chemin : file:_C:\Users\theod\AppData\Local\Temp\RarSFX2\keygen-step-3.exe Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : DESKTOP-B0JAI2J\theod Nom du processus : C:\Users\theod\OneDrive\Bureau\FNS_MI\QDA.Miner.v1.0.15.keygen\QDA.Miner.v1.0.15.keygen.exe Version de la veille de sécurité : AV: 1.399.300.0, AS: 1.399.300.0, NIS: 1.399.300.0 Version du moteur : AM: 1.1.23090.2007, NIS: 1.1.23090.2007 Date: 2023-10-09 16:29:40 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Stimilina&threatid=2147749218&enterprise=0 Nom : Trojan:Win32/Stimilina ID : 2147749218 Gravité : Grave Catégorie : Cheval de Troie Chemin : file:_C:\Users\theod\AppData\Local\Temp\RarSFX2\keygen-step-1.exe Origine de la détection : Ordinateur local Type de détection : Concret Source de détection : Protection en temps réel Utilisateur : DESKTOP-B0JAI2J\theod Nom du processus : C:\Users\theod\OneDrive\Bureau\FNS_MI\QDA.Miner.v1.0.15.keygen\QDA.Miner.v1.0.15.keygen.exe Version de la veille de sécurité : AV: 1.399.300.0, AS: 1.399.300.0, NIS: 1.399.300.0 Version du moteur : AM: 1.1.23090.2007, NIS: 1.1.23090.2007 Date: 2023-10-09 16:29:40 Description: Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable. Pour plus d’informations, reportez-vous aux éléments suivants : https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Malgent!MTB&threatid=2147836816&enterprise=0 Nom : Trojan:Win32/Malgent!MTB ID : 2147836816 Gravité : Grave Catégorie : Cheval de Troie Chemin : file:_C:\Users\theod\AppData\Local\Temp\RarSFX2\keygen-pj.exe Origine de la détection : Ordinateur local Type de détection : Chemin rapide Source de détection : Protection en temps réel Utilisateur : DESKTOP-B0JAI2J\theod Nom du processus : C:\Users\theod\OneDrive\Bureau\FNS_MI\QDA.Miner.v1.0.15.keygen\QDA.Miner.v1.0.15.keygen.exe Version de la veille de sécurité : AV: 1.399.300.0, AS: 1.399.300.0, NIS: 1.399.300.0 Version du moteur : AM: 1.1.23090.2007, NIS: 1.1.23090.2007 Date: 2023-10-09 16:28:57 Description: Antivirus Microsoft Defender a détecté un comportement suspect. Nom : Behavior:Win32/DroppedKnownMalware ID : 1558057284 Gravité : Faible Catégorie : Comportement suspect Chemin trouvé : file:_C:\Users\theod\OneDrive\Bureau\FNS_MI\QDA.Miner.v1.0.15.crack\QDA.Miner.v1.0.15.crack.exe; process:_40084 Origine de la détection : Ordinateur local Type de détection : Suspect Source de détection : Protection en temps réel État : Exécution Utilisateur : DESKTOP-B0JAI2J\theod Nom du processus : C:\Users\theod\OneDrive\Bureau\FNS_MI\QDA.Miner.v1.0.15.crack\QDA.Miner.v1.0.15.crack.exe ID de veille de sécurité : 41453692543830 Version de la veille de sécurité : AV: 1.399.300.0, AS: 1.399.300.0 Version du moteur : 1.1.23090.2007 Étiquette de fidélité : Bas Nom du fichier cible : C:\Users\theod\AppData\Local\Temp\RarSFX1\keygen-pj.exe Event[0] Date: 2023-07-25 12:36:30 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité. Nouvelle version de la veille de sécurité : Version précédente de la veille de sécurité : 1.393.1262.0 Source de mise à jour : Serveur Microsoft Update Type de veille de sécurité : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\Système Version actuelle du moteur : Version précédente du moteur : 1.1.23060.1005 Code d’erreur : 0x80240016 Description de l’erreur : Un problème inattendu s’est produit lors de la vérification des mises à jour. Pour plus d’informations sur l’installation ou la résolution des problèmes de mise à jour, voir Aide et support. Date: 2023-07-14 18:31:17 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité. Nouvelle version de la veille de sécurité : Version précédente de la veille de sécurité : 1.393.68.0 Source de mise à jour : Serveur Microsoft Update Type de veille de sécurité : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\Système Version actuelle du moteur : Version précédente du moteur : 1.1.23060.1005 Code d’erreur : 0x80240438 Description de l’erreur : Un problème inattendu s’est produit lors de la vérification des mises à jour. Pour plus d’informations sur l’installation ou la résolution des problèmes de mise à jour, voir Aide et support. Date: 2023-05-22 11:55:44 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité. Nouvelle version de la veille de sécurité : Version précédente de la veille de sécurité : 1.389.2067.0 Source de mise à jour : Serveur Microsoft Update Type de veille de sécurité : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\Système Version actuelle du moteur : Version précédente du moteur : 1.1.20300.3 Code d’erreur : 0x8024402f Description de l’erreur : Un problème inattendu s’est produit lors de la vérification des mises à jour. Pour plus d’informations sur l’installation ou la résolution des problèmes de mise à jour, voir Aide et support. Date: 2023-03-21 09:56:36 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité. Nouvelle version de la veille de sécurité : Version précédente de la veille de sécurité : 1.385.162.0 Source de mise à jour : Serveur Microsoft Update Type de veille de sécurité : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\Système Version actuelle du moteur : Version précédente du moteur : 1.1.20100.6 Code d’erreur : 0x80240016 Description de l’erreur : Un problème inattendu s’est produit lors de la vérification des mises à jour. Pour plus d’informations sur l’installation ou la résolution des problèmes de mise à jour, voir Aide et support. CodeIntegrity: =============== Date: 2023-10-06 10:24:30 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-09-19 14:49:03 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-08-17 22:52:51 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-07-26 20:53:08 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system. Date: 2023-07-26 20:51:47 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-07-20 17:31:06 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Infos Mémoire =========================== BIOS: American Megatrends International, LLC. B3302FEA.306 02/24/2022 Carte mère: ASUSTeK COMPUTER INC. B3302FEA Processeur: 11th Gen Intel(R) Core(TM) i7-1165G7 @ 2.80GHz Pourcentage de mémoire utilisée: 86% Mémoire physique - RAM - totale: 16079.6 MB Mémoire physique - RAM - disponible: 2195.35 MB Mémoire virtuelle totale: 34560.77 MB Mémoire virtuelle disponible: 7000.72 MB ==================== Lecteurs ================================ Drive c: (OS) (Fixed) (Total:952.43 GB) (Free:745.74 GB) (Model: NVMe WDC PC SN530 SDBPNPZ-1T00-1002) (Protected) NTFS \\?\Volume{e7d613ef-2cbc-493d-ba69-9bd27218db55}\ (RECOVERY) (Fixed) (Total:0.98 GB) (Free:0.15 GB) NTFS \\?\Volume{cb37fd74-f23d-42c0-b5eb-3f9fac39e571}\ (MYASUS) (Fixed) (Total:0.19 GB) (Free:0.13 GB) FAT32 \\?\Volume{403ae048-a614-4538-8ebf-c7abd3763215}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Size: 953.9 GB) (Disk ID: 00620DD1) Partition: GPT. ==================== Fin de Addition.txt =======================