Addition.txt

Document joint : MLrrx4NnQR2_Addition.txt

Cliquez pour partager vos propres fichiers

Commentaire : Rapport FRST

Format du document : text/plain

Prévisualisation

Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 16-12-2023
Exécuté par gabri (17-12-2023 18:21:10)
Exécuté depuis C:\Users\gabri\OneDrive\Bureau
Microsoft Windows 10 Professionnel Éducation Version 22H2 19045.3803 (X64) (2021-11-21 22:54:57)
Mode d'amorçage: Normal
==========================================================

==================== Comptes: =============================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

Administrateur (S-1-5-21-4030407711-1060188347-3593659480-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4030407711-1060188347-3593659480-503 - Limited - Disabled)
gabri (S-1-5-21-4030407711-1060188347-3593659480-1003 - Administrator - Enabled) => C:\Users\gabri
Invité (S-1-5-21-4030407711-1060188347-3593659480-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4030407711-1060188347-3593659480-504 - Limited - Disabled)

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

Adobe Premiere Pro 2021 (HKLM-x32\...\PPRO_15_0) (Version: 15.0 - Adobe Inc.)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1206.2 - AVAST Software) Hidden
BFME2 Patch Switcher (HKLM-x32\...\BFME2 Patch Switcher) (Version: - BFME2 Patch Switcher)
CurseForge (HKU\S-1-5-21-4030407711-1060188347-3593659480-1003\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.240.3.1 - Overwolf app)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.8.0.5521 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{643327aa-0d22-4bdd-82a4-d28be9d8fe50}) (Version: 13.8.0.5521 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{BE9FFAD2-2901-4F9B-8A0C-59EA51773212}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.109 - Google LLC)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.19.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP Notifications (HKLM-x32\...\{19F557DE-662A-4FEA-B635-1CACD56CC483}) (Version: 1.1.26.1 - HP)
HP Security Update Service (HKLM\...\{9A048711-9AAF-44FF-BA69-58835A75B01C}) (Version: 4.4.7.365 - HP Inc.)
HP System Default Settings (HKLM-x32\...\{B95E117F-2411-41AD-A9A5-77511F3040E4}) (Version: 1.4.16.3 - HP Inc.) Hidden
HP Wolf Security - Console (HKLM\...\{C5226D83-BF93-4F82-B026-37A41A01F9AA}) (Version: 11.1.2.639 - HP Inc.)
HP Wolf Security (HKLM\...\{AC954B70-4B7B-11EE-8585-3863BB3CB5A8}) (Version: 4.4.7.365 - HP Inc.)
HP Wolf Security Application Support for Chrome 118.0.5993.159 (HKLM\...\{534705EB-028B-4330-8DE5-1BC7C7A0A7B8}) (Version: 4.4.11.356 - HP Inc.) Hidden
HP Wolf Security Application Support for Sure Sense (HKLM\...\{C1D1E0B3-1E4F-4EBD-977A-0598133037A1}) (Version: 4.4.7.365 - HP Inc.) Hidden
HP Wolf Security Application Support for Windows (HKLM\...\{5621D48E-25BD-4A4A-B336-5C6D63ECC922}) (Version: 4.3.2.1711 - HP Inc.) Hidden
HP Wolf Security Application Support for Windows (HKLM\...\{A34EDE79-0A76-409F-B258-FF5D1CAE6B8F}) (Version: 4.4.7.581 - HP Inc.) Hidden
ICS (HKLM-x32\...\{9881592F-ADE0-430D-8E1E-31F363C1BA28}) (Version: 3.0.17.0 - HP Inc.)
Intel(R) Graphics Driver Software (HKLM-x32\...\{b4e016a7-e963-49d7-9b66-4d635026af31}) (Version: 3.11.1.0 - Intel) Hidden
Java 8 Update 321 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180321F0}) (Version: 8.0.3210.7 - Oracle Corporation)
Java(TM) SE Development Kit 16.0.2 (64-bit) (HKLM\...\{84539E3B-68B6-54F1-9CA3-EA920673C714}) (Version: 16.0.2.0 - Oracle Corporation)
JBL QuantumENGINE (HKU\S-1-5-21-4030407711-1060188347-3593659480-1003\...\{5ab7ca61-e503-4b88-a4c0-b50f8e1be40c}) (Version: 1.11.0.1511 - JBL)
La Bataille pour la Terre du Milieu™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
L'Avènement du Roi-sorcier™ (HKLM-x32\...\{B931FB80-537A-4600-00AD-AC5DEDB6C25B}) (Version: - )
Malwarebytes version 4.6.7.301 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.7.301 - Malwarebytes)
MCreator 2022.3 (HKLM-x32\...\MCreator) (Version: 2022.3.45616 - Pylo)
Microsoft .NET Core Host - 3.1.21 (x86) (HKLM-x32\...\{0B608A0C-860A-42AC-868D-B7333D37888D}) (Version: 24.84.30622 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.21 (x86) (HKLM-x32\...\{327CE905-AEB9-435C-A402-3B631122C4EE}) (Version: 24.84.30622 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.21 (x86) (HKLM-x32\...\{DEB99C7D-471C-49C5-AE30-4E166160BF03}) (Version: 24.84.30622 - Microsoft Corporation) Hidden
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.17029.20068 - Microsoft Corporation)
Microsoft 365 Apps for enterprise - fr-fr (HKLM\...\O365ProPlusRetail - fr-fr) (Version: 16.0.17029.20068 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.77 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.77 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Teams classic (HKU\S-1-5-21-4030407711-1060188347-3593659480-1003\...\Teams) (Version: 1.6.00.29964 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.21 (x86) (HKLM-x32\...\{C415FE88-46BC-475B-BC30-DAF6687EEF1F}) (Version: 24.84.30622 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.21 (x86) (HKLM-x32\...\{d1c9f155-e14a-4486-b545-dde658719aac}) (Version: 3.1.21.30622 - Microsoft Corporation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.1.9.3 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20068 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden
OneBrowser (HKLM-x32\...\OneBrowser) (Version: 115.0.5790.171 - OneBrowser)
Opera Stable 105.0.4970.48 (HKU\S-1-5-21-4030407711-1060188347-3593659480-1003\...\Opera 105.0.4970.48) (Version: 105.0.4970.48 - Opera Software)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.236.2.2 - Overwolf Ltd.)
paint.net (HKLM\...\{4858C924-AFBF-4A35-AA64-27A6A56EE372}) (Version: 5.0.12 - dotPDN LLC)
Paradox Launcher v2 (HKLM\...\{A92DB5D9-A24D-4678-9F91-B4FA6D895718}) (Version: 2.0.4.0 - Paradox Interactive)
Patch for BFME 1 version 1.05 (HKLM-x32\...\PATCH105_is1) (Version: 1.05 - )
QuadriSpace TxText Control (HKLM-x32\...\{2760D4C4-CAB4-4F3E-9156-52A5C4AF3A6A}) (Version: 2.0.0 - QuadriSpace)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.250 - Realtek Semiconductor Corp.)
Rise of the Witch-King 2.02 (HKLM-x32\...\GameReplaysRotWK) (Version: - RotWK 2.02 Team)
Roblox Player for gabri (HKU\S-1-5-21-4030407711-1060188347-3593659480-1003\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for gabri (HKU\S-1-5-21-4030407711-1060188347-3593659480-1003\...\roblox-studio) (Version: - Roblox Corporation)
T3A Patch for BFME 1 (all-in-one) version 1.06 (HKLM-x32\...\T3APATCH106AIO_is1) (Version: 1.06 - )
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.22976 - Microsoft Corporation)
TLauncher (HKLM-x32\...\TLauncher2.83) (Version: 2.83 - TLauncher Inc.)
WebAdvisor par McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.851 - McAfee, LLC)
Windows 7 Games for Windows 10 and 8 (HKLM\...\Win7Games) (Version: 2.0 - hxxp://winaero.com)
Windows Driver Package - HP Inc. BrCow_4_4_7_365 ActivityMonitor (09/04/2023 4.4.7.365) (HKLM\...\CF9ABC2A802A8493925870E490D7A60BB50EFC71) (Version: 09/04/2023 4.4.7.365 - HP Inc.) Hidden
Windows Driver Package - HP Inc. BrFilter_4_4_7_365 ActivityMonitor (09/04/2023 4.4.7.365) (HKLM\...\18F6FEEFFD16CD293E94DD54614349AB37F2FC2B) (Version: 09/04/2023 4.4.7.365 - HP Inc.) Hidden
Windows Driver Package - HP Inc. sselam_4_4_2_453 AntiVirus (11/01/2022 4.4.2.453) (HKLM\...\BDBD69992F8A0840034757B5415332414E97A191) (Version: 11/01/2022 4.4.2.453 - HP Inc.) Hidden
WinRAR 6.02 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)

Packages:
=========
Extension vidéo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-10-03] (Microsoft Corporation)
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_2.47.308.0_x64__dt26b99r8h8gj [2023-12-17] (Realtek Semiconductor Corp)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.3.2.0_x64__v10z8vjag6ke6 [2023-09-02] (HP Inc.)
HP Power Manager -> C:\Program Files\WindowsApps\AD2F1837.HPPowerManager_3.0.18.0_x64__v10z8vjag6ke6 [2022-11-18] (HP Inc.)
HP Programmable Key -> C:\Program Files\WindowsApps\AD2F1837.HPProgrammableKey_1.0.17.0_x64__v10z8vjag6ke6 [2023-07-10] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.30.18.0_x64__v10z8vjag6ke6 [2023-10-24] (HP Inc.)
Intel(R) Management and Security Status -> C:\Program Files\WindowsApps\AppUp.IntelManagementandSecurityStatus_2316.5.0.0_x64__8j3eq9eme6ctt [2023-12-17] (INTEL CORP) [Startup Task]
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5237.0_x64__8j3eq9eme6ctt [2023-12-13] (INTEL CORP) [Startup Task]
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1037.0_x64__8j3eq9eme6ctt [2023-12-17] (INTEL CORP)
Microsoft Teams (work or school) -> C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe [2023-12-13] (Microsoft) [Startup Task]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-12-17] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-10-02] (Microsoft Studios) [MS Ad]

==================== Personnalisé CLSID (Avec liste blanche): ==============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-4030407711-1060188347-3593659480-1003_Classes\CLSID\{041F9391-C79D-44EE-AA4E-AF4E029C4B47}\InprocServer32 -> C:\Users\gabri\AppData\Local\Google\Update\1.3.36.113\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-4030407711-1060188347-3593659480-1003_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\gabri\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23270.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4030407711-1060188347-3593659480-1003_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> C:\Users\gabri\AppData\Roaming\7zip\\7-zip.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-4030407711-1060188347-3593659480-1003_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> "C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe" -ToastActivated => Pas de fichier
CustomCLSID: HKU\S-1-5-21-4030407711-1060188347-3593659480-1003_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\gabri\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_651bb78e61d538aa\OptaneShellExt.dll [2021-08-26] (Intel Corporation -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2021-12-08] (Notepad++ -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-12-17] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_651bb78e61d538aa\OptaneShellExt.dll [2021-08-26] (Intel Corporation -> )
ContextMenuHandlers3: [SureSense_ScanFile_4_4_7_365] -> {1003406D-B16C-4A93-B2F0-13CCAACF54E0} => C:\Program Files\HP\Sure Click\ApplicationSupport\sure_sense\4.4.7.365\SureSenseShellExt.dll [2023-09-04] (Bromium, Inc. -> HP)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-12-17] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-4030407711-1060188347-3593659480-1003: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Users\gabri\AppData\Roaming\7zip\7-zip.dll -> Pas de fichier
ContextMenuHandlers4_S-1-5-21-4030407711-1060188347-3593659480-1003: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Users\gabri\AppData\Roaming\7zip\7-zip.dll -> Pas de fichier
ContextMenuHandlers6_S-1-5-21-4030407711-1060188347-3593659480-1003: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Users\gabri\AppData\Roaming\7zip\7-zip.dll -> Pas de fichier

==================== Codecs (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2023-08-01] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2023-08-01] (Electronic Arts -> On2.com)

==================== Raccourcis & WMI ========================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

ShortcutWithArgument: C:\Users\gabri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ver. d'essai.lnk -> C:\Program Files (x86)\Online Services\Adobe\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?type=203&RedeemCode=r5%2bKKUtG9Kh6dCT7fj2uaptjHovwe1jpxRr0WQ2h%2bYsHSOpqmi%2fgqoqNZTglECqTHyRuMEczTLrGwtlTVDDLDZdEIZVzFgAITLA2ihGNsSsdvKkYDFjkF4w5tWuYUmT3ob6dTY9ALEbLNmyLyhsU7EPv5NXh%2fU8FnEmoE%2f2gABw%3d

==================== Modules chargés (Avec liste blanche) =============

2022-02-10 10:31 - 2022-02-10 10:31 - 000182784 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\_cffi_backend.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 000012288 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\_win32sysloader.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 000031232 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\bcrypt\_bcrypt.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 000116224 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\kiwisolver.pyd
2022-02-10 10:33 - 2022-02-10 10:33 - 034413408 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\libopenblas.GK7GX5KEQ4F6UYO3P26ULGBQYHGQO7J4.gfortran-win_amd64.dll
2022-02-10 10:31 - 2022-02-10 10:31 - 000012288 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\matplotlib\_c_internal_utils.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 000189952 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\matplotlib\_image.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 000159744 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\matplotlib\_path.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 000231424 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\matplotlib\backends\_backend_agg.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 000012800 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\matplotlib\backends\_tkagg.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 000605696 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\matplotlib\ft2font.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 000110592 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\numpy\core\_multiarray_tests.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 002818048 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\numpy\core\_multiarray_umath.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 000112640 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\numpy\fft\_pocketfft_internal.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 000155648 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\numpy\linalg\_umath_linalg.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 000022016 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\numpy\linalg\lapack_lite.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 000239616 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\numpy\random\_bounded_integers.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 000181760 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\numpy\random\_common.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 000666112 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\numpy\random\_generator.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 000079360 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\numpy\random\_mt19937.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 000065536 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\numpy\random\_pcg64.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 000072704 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\numpy\random\_philox.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 000053248 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\numpy\random\_sfc64.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 000152576 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\numpy\random\bit_generator.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 000564224 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\numpy\random\mtrand.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 002672128 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\PIL\_imaging.pyd
2022-02-10 10:33 - 2022-02-10 10:33 - 000140800 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\pywintypes39.dll
2022-02-10 10:31 - 2022-02-10 10:31 - 000134144 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\win32api.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 000155648 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\win32file.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 000026624 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\win32pipe.pyd
2022-02-10 10:31 - 2022-02-10 10:31 - 000141312 _____ () [Fichier non signé] C:\Program Files (x86)\HP\HP ICS\win32security.pyd
2022-12-10 17:20 - 2022-12-10 17:20 - 000423936 _____ () [Fichier non signé] C:\Program Files\JBL\QuantumENGINE\FreespaceDeviceProvider.dll
2022-12-10 17:20 - 2022-12-10 17:20 - 000045056 _____ () [Fichier non signé] C:\Program Files\JBL\QuantumENGINE\quantumcrashhandler.dll
2022-12-10 17:20 - 2022-12-10 17:20 - 000651776 _____ (JBL) [Fichier non signé] C:\Program Files\JBL\QuantumENGINE\DeviceProvider.dll
2022-12-10 17:20 - 2022-12-10 17:20 - 000465408 _____ (The curl library, hxxps://curl.se/) [Fichier non signé] C:\Program Files\JBL\QuantumENGINE\libcurl.dll

==================== Alternate Data Streams (Avec liste blanche) ========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)

AlternateDataStreams: C:\Users\gabri\OneDrive\Bureau\FRST64.exe:MBAM.Zone.Identifier [240]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [4954]

==================== Mode sans échec (Avec liste blanche) ==================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Avec liste blanche) =================

==================== Internet Explorer (Avec liste blanche) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_321\bin\ssv.dll [2022-02-11] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_321\bin\jp2ssv.dll [2022-02-11] (Oracle America, Inc. -> Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-10-26] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-10-26] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)

IE trusted site: HKU\S-1-5-21-4030407711-1060188347-3593659480-1003\...\sharepoint.com -> hxxps://stcharlesstecroixorg-files.sharepoint.com

==================== Hosts contenu: =========================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2019-12-07 10:14 - 2023-12-17 10:57 - 000000947 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Autres zones ===========================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\dotnet\
HKU\S-1-5-21-4030407711-1060188347-3593659480-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\gabri\OneDrive\Documents\Sacre de Napoléon Jacques Louis David.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

HKU\S-1-5-21-4030407711-1060188347-3593659480-1003\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-4030407711-1060188347-3593659480-1003\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-4030407711-1060188347-3593659480-1003\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4030407711-1060188347-3593659480-1003\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_E366E5E6AF98057EB6410578BC1FD47F"
HKU\S-1-5-21-4030407711-1060188347-3593659480-1003\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-4030407711-1060188347-3593659480-1003\...\StartupApproved\Run: => "Opera Stable"

==================== RèglesPare-feu (Avec liste blanche) ================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [TCP Query User{983CE9D8-48FD-4905-8366-EE59EBDB470A}C:\users\gabri\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\gabri\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{19556CC0-EA72-4AE1-9086-FA201D530156}C:\users\gabri\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\gabri\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [{43164ADA-2640-49C0-A748-39006EAB3E92}] => (Allow) C:\Program Files (x86)\Electronic Arts\La Bataille pour la Terre du Milieu II\game.dat (*DEV!ANCE*) [Fichier non signé]
FirewallRules: [{D187A183-5C0D-40BA-A4C5-77F1140BFE57}] => (Allow) C:\Program Files (x86)\Electronic Arts\La Bataille pour la Terre du Milieu II\game.dat (*DEV!ANCE*) [Fichier non signé]
FirewallRules: [TCP Query User{491C0518-2780-4B67-BAD9-2113F9AF16AE}C:\users\gabri\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\users\gabri\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{C4EB102B-76A0-43DF-935F-0272AFD58C98}C:\users\gabri\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\users\gabri\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{E600619A-DEC9-4AAF-A5B2-3727D0336C5F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => Pas de fichier
FirewallRules: [{15B39D9F-6C9C-4FBA-A31F-BF87099999C3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => Pas de fichier
FirewallRules: [{EEF206C7-B192-48E3-800E-812509DB1A5B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Pas de fichier
FirewallRules: [{AFFA65E1-A0F1-4A6D-925A-59D2EAFE1D55}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Pas de fichier
FirewallRules: [TCP Query User{06D8DD01-750B-41E6-9259-C7DE65C26D08}C:\users\gabri\appdata\local\temp\rar$exa1296.7273\bus simulator 18 by stg gege\bussimulator18\binaries\win64\bussimulator18-win64-shipping.exe] => (Allow) C:\users\gabri\appdata\local\temp\rar$exa1296.7273\bus simulator 18 by stg gege\bussimulator18\binaries\win64\bussimulator18-win64-shipping.exe => Pas de fichier
FirewallRules: [UDP Query User{5199F9E0-681D-42E1-B846-56042E9DA753}C:\users\gabri\appdata\local\temp\rar$exa1296.7273\bus simulator 18 by stg gege\bussimulator18\binaries\win64\bussimulator18-win64-shipping.exe] => (Allow) C:\users\gabri\appdata\local\temp\rar$exa1296.7273\bus simulator 18 by stg gege\bussimulator18\binaries\win64\bussimulator18-win64-shipping.exe => Pas de fichier
FirewallRules: [TCP Query User{317BC19B-8E68-414B-B3BF-F936896235B3}C:\users\gabri\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\gabri\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{5E4B23F4-A794-4562-8349-F605A8985A7C}C:\users\gabri\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\gabri\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{8526D6E0-67A7-47B3-8766-0A22858AB6DD}C:\users\gabri\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\gabri\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{2E7E085A-E461-479A-A99D-2900769CF5ED}C:\users\gabri\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\gabri\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe
FirewallRules: [{C0E90759-413A-41BA-B661-3884F8E36543}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3C0AE53A-7877-4814-B11D-C1E8162AB428}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{05F40029-6AB5-4093-BB29-990BF8840EE5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier
FirewallRules: [{E8C06AB6-18D3-4F68-9803-551BAF419D8A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier
FirewallRules: [{BFA65767-290F-45C9-B9F7-9073DB514599}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier
FirewallRules: [{67F0DCED-4A9B-43DB-9312-555FB2FD19F5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier
FirewallRules: [TCP Query User{70CDA92C-D2B1-40E4-8AF2-D0B4BD6C3B57}C:\users\gabri\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\gabri\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{FBA8E0CF-54A8-4818-B935-D70389993A4D}C:\users\gabri\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\gabri\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{98FC9BC9-84B3-4F9F-B210-0EE17DBA61A9}C:\program files\az-launcher\az-launcher.exe] => (Allow) C:\program files\az-launcher\az-launcher.exe => Pas de fichier
FirewallRules: [UDP Query User{91D0FC34-4860-4FB6-8836-42145D0ED231}C:\program files\az-launcher\az-launcher.exe] => (Allow) C:\program files\az-launcher\az-launcher.exe => Pas de fichier
FirewallRules: [{D48F83E1-EEFA-48C4-9B31-D92481872A20}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => Pas de fichier
FirewallRules: [TCP Query User{070E9688-2DC7-45E6-A28F-79120239C65D}C:\users\gabri\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\gabri\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{DE9756B8-9785-4317-B36A-66F10A2A59B5}C:\users\gabri\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\gabri\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{8FB79D4C-E439-4129-ACD8-6BEF49D1530A}C:\users\gabri\appdata\local\programs\blockbench\blockbench.exe] => (Block) C:\users\gabri\appdata\local\programs\blockbench\blockbench.exe => Pas de fichier
FirewallRules: [UDP Query User{BBAB768F-1EB2-4C3D-ADDA-0DF35629F7EE}C:\users\gabri\appdata\local\programs\blockbench\blockbench.exe] => (Block) C:\users\gabri\appdata\local\programs\blockbench\blockbench.exe => Pas de fichier
FirewallRules: [{8EE8AB09-07F5-4D2E-9124-B6EBCE0A2AC4}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => Pas de fichier
FirewallRules: [TCP Query User{3AA8E895-6E58-470F-8D05-DE22BF1A4179}C:\program files\microsoft onedrive\22.012.0117.0003\filecoauth.exe] => (Block) C:\program files\microsoft onedrive\22.012.0117.0003\filecoauth.exe => Pas de fichier
FirewallRules: [UDP Query User{07620B9F-3BA6-4959-AF5E-BF4DA80F3670}C:\program files\microsoft onedrive\22.012.0117.0003\filecoauth.exe] => (Block) C:\program files\microsoft onedrive\22.012.0117.0003\filecoauth.exe => Pas de fichier
FirewallRules: [{A517F0A1-8ACD-4AE8-A800-33CE1CD398E2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier
FirewallRules: [{100C23A6-3562-4193-855B-E3636834F3CF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier
FirewallRules: [{902F4C3A-C23C-4A83-BF90-F212CE45B23C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier
FirewallRules: [{E55E4353-B3A6-49E2-86A0-660ACD32C074}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier
FirewallRules: [TCP Query User{513C4E0B-53B4-4A1B-B17E-442A7CEFC3A4}C:\users\gabri\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\gabri\appdata\local\programs\opera gx\opera.exe => Pas de fichier
FirewallRules: [UDP Query User{3D49BFB1-E0C7-4F25-8A13-746ACA35A795}C:\users\gabri\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\gabri\appdata\local\programs\opera gx\opera.exe => Pas de fichier
FirewallRules: [{9B00E01B-B111-4A90-A7F6-6CE01D41AC3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe => Pas de fichier
FirewallRules: [{B22B96D9-08D4-454D-ADC9-281272038662}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe => Pas de fichier
FirewallRules: [TCP Query User{26C1BE00-432F-484A-8D85-E4CF90BE99BC}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{EE4CC311-A797-419A-AA3B-8D8DB3F73F8C}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{C15B6BCC-8DA9-4002-89B0-ED2957B26638}C:\users\gabri\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\gabri\appdata\local\programs\opera gx\opera.exe => Pas de fichier
FirewallRules: [UDP Query User{E9914405-27C2-4126-9176-F413D4A804BB}C:\users\gabri\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\gabri\appdata\local\programs\opera gx\opera.exe => Pas de fichier
FirewallRules: [{ABB18528-ECB2-41C5-A219-CF4DF7D17704}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier
FirewallRules: [{F3E458E3-5ABE-45C0-AC6D-C35910D1D3CE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier
FirewallRules: [{4301DD18-0E9C-4468-87CE-C8FD072FC324}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier
FirewallRules: [{891EE9ED-7184-4D8A-A018-DAE810A9DEEC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier
FirewallRules: [TCP Query User{B5C192B4-74E1-49DE-8B5A-E981BC7F89AA}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{6E72D5A0-13C5-4920-93B7-A7CED0ECFEFF}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{694594CF-4D10-4B97-B456-AB4DCB150266}C:\users\gabri\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Block) C:\users\gabri\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{2DB10453-F0D5-4F79-A4D4-2C7D96372AA9}C:\users\gabri\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Block) C:\users\gabri\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [{5EF9D122-4539-4C6E-86DA-5C60DBA9A46B}] => (Allow) C:\Program Files (x86)\EA GAMES\La Bataille pour la Terre du Milieu(tm)\game.dat => Pas de fichier
FirewallRules: [{3E9FE094-3764-43F8-B799-93826F6ED0B0}] => (Allow) C:\Program Files (x86)\EA GAMES\La Bataille pour la Terre du Milieu(tm)\game.dat => Pas de fichier
FirewallRules: [{4EE191D0-975D-46B7-91F6-B59831959708}] => (Allow) C:\Program Files (x86)\Electronic Arts\L'Avènement du Roi-sorcier\game.dat (Electronic Arts Inc.) [Fichier non signé]
FirewallRules: [{0A607CC2-402D-4E1F-9F19-8F96B77A5DED}] => (Allow) C:\Program Files (x86)\Electronic Arts\L'Avènement du Roi-sorcier\game.dat (Electronic Arts Inc.) [Fichier non signé]
FirewallRules: [TCP Query User{5DA01DCD-C0B9-4ADE-84C9-D5ABB8C76718}C:\users\gabri\appdata\local\nationsglory\java\bin\java.exe] => (Allow) C:\users\gabri\appdata\local\nationsglory\java\bin\java.exe => Pas de fichier
FirewallRules: [UDP Query User{8BC3B5DF-8745-421B-BCBD-8E8B748E7310}C:\users\gabri\appdata\local\nationsglory\java\bin\java.exe] => (Allow) C:\users\gabri\appdata\local\nationsglory\java\bin\java.exe => Pas de fichier
FirewallRules: [{0A03EDBC-B209-4C52-969A-EB59D9C964BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier
FirewallRules: [{76A69437-0FBF-4020-8A3E-90EA25F2B444}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier
FirewallRules: [{0F95A1F0-3F55-45E1-9303-8D47DDB57B56}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier
FirewallRules: [{7DDF2A4F-B1D2-4C25-BCF0-152CC55FC9DE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Pas de fichier
FirewallRules: [TCP Query User{576B71B5-654C-46B6-AFA7-AC8ECD807410}C:\program files (x86)\standingstonegames\le seigneur des anneaux online\lotroclient.exe] => (Allow) C:\program files (x86)\standingstonegames\le seigneur des anneaux online\lotroclient.exe => Pas de fichier
FirewallRules: [UDP Query User{BB61714C-9145-4428-B0EA-9E9E7D448378}C:\program files (x86)\standingstonegames\le seigneur des anneaux online\lotroclient.exe] => (Allow) C:\program files (x86)\standingstonegames\le seigneur des anneaux online\lotroclient.exe => Pas de fichier
FirewallRules: [{40E288B9-A5C9-4425-BFE0-941314937C2B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7173BAEF-EBC0-47F5-A23C-F0B9AD99119C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B420C2F5-28C8-4B08-A2AA-F7FE6D610C47}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E9A4F614-06AA-437E-9D4D-081065E216AD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{237F331F-1BB7-45F7-8797-E9B3393CBBE8}C:\users\gabri\appdata\local\nationsglory\java\bin\java.exe] => (Allow) C:\users\gabri\appdata\local\nationsglory\java\bin\java.exe => Pas de fichier
FirewallRules: [UDP Query User{6012DC7C-05EE-45C0-A97D-7D19A6699D4B}C:\users\gabri\appdata\local\nationsglory\java\bin\java.exe] => (Allow) C:\users\gabri\appdata\local\nationsglory\java\bin\java.exe => Pas de fichier
FirewallRules: [{EBBC30C6-F10F-4066-A541-4BF69BB8E241}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stumble Guys\Stumble Guys.exe => Pas de fichier
FirewallRules: [{9E88B534-A14C-4642-BF33-707E51486844}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stumble Guys\Stumble Guys.exe => Pas de fichier
FirewallRules: [TCP Query User{9B50F28A-8597-41B5-8262-7797C0B44EF2}C:\users\gabri\onedrive\bureau\hearts.of.iron.iv.v1.11.11\hearts of iron iv\hoi4.exe] => (Allow) C:\users\gabri\onedrive\bureau\hearts.of.iron.iv.v1.11.11\hearts of iron iv\hoi4.exe => Pas de fichier
FirewallRules: [UDP Query User{86D51997-C379-4960-A3D5-1D962C3A814F}C:\users\gabri\onedrive\bureau\hearts.of.iron.iv.v1.11.11\hearts of iron iv\hoi4.exe] => (Allow) C:\users\gabri\onedrive\bureau\hearts.of.iron.iv.v1.11.11\hearts of iron iv\hoi4.exe => Pas de fichier
FirewallRules: [TCP Query User{1BECD2D3-ABFB-4DCB-A708-BB5C6EDD7E76}C:\users\gabri\onedrive\bureau\hearts.of.iron.iv.v1.11.11\hearts of iron iv\hoi4.exe] => (Allow) C:\users\gabri\onedrive\bureau\hearts.of.iron.iv.v1.11.11\hearts of iron iv\hoi4.exe => Pas de fichier
FirewallRules: [UDP Query User{45AC483D-464F-4E69-A558-B5505CCEB680}C:\users\gabri\onedrive\bureau\hearts.of.iron.iv.v1.11.11\hearts of iron iv\hoi4.exe] => (Allow) C:\users\gabri\onedrive\bureau\hearts.of.iron.iv.v1.11.11\hearts of iron iv\hoi4.exe => Pas de fichier
FirewallRules: [TCP Query User{F249C040-44E0-45AE-B2D3-6A60720717AA}C:\users\gabri\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\gabri\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{FBAF644D-76E6-4ED8-A0F8-4B94A10A8591}C:\users\gabri\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\gabri\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{995A07AA-E5CF-46E9-9706-DBEF93EF1927}C:\users\gabri\appdata\local\temp\rar$exa8088.13131\among us\among us.exe] => (Allow) C:\users\gabri\appdata\local\temp\rar$exa8088.13131\among us\among us.exe => Pas de fichier
FirewallRules: [UDP Query User{30E84626-CE60-4922-AACB-E4CF7593C70E}C:\users\gabri\appdata\local\temp\rar$exa8088.13131\among us\among us.exe] => (Allow) C:\users\gabri\appdata\local\temp\rar$exa8088.13131\among us\among us.exe => Pas de fichier
FirewallRules: [TCP Query User{916CBDC1-575D-4B5E-98DE-24864578443D}C:\users\gabri\onedrive\bureau\among us\among us.exe] => (Allow) C:\users\gabri\onedrive\bureau\among us\among us.exe => Pas de fichier
FirewallRules: [UDP Query User{9FB0FBAA-BB65-4A4B-8C37-546693C1799A}C:\users\gabri\onedrive\bureau\among us\among us.exe] => (Allow) C:\users\gabri\onedrive\bureau\among us\among us.exe => Pas de fichier
FirewallRules: [TCP Query User{CEE31C86-581E-43FB-BE9C-E831954B695D}C:\users\gabri\appdata\local\temp\rar$exa19192.9032\among.us.v2022.2.8s\among.us.v2022.2.8s\among us.exe] => (Allow) C:\users\gabri\appdata\local\temp\rar$exa19192.9032\among.us.v2022.2.8s\among.us.v2022.2.8s\among us.exe => Pas de fichier
FirewallRules: [UDP Query User{A3602688-C1FA-494B-AD77-7D1042275FBC}C:\users\gabri\appdata\local\temp\rar$exa19192.9032\among.us.v2022.2.8s\among.us.v2022.2.8s\among us.exe] => (Allow) C:\users\gabri\appdata\local\temp\rar$exa19192.9032\among.us.v2022.2.8s\among.us.v2022.2.8s\among us.exe => Pas de fichier
FirewallRules: [TCP Query User{D9E1C1DA-2E1B-4E90-B733-A116AD7F874B}C:\users\gabri\onedrive\bureau\among.us.v2022.2.8s\among us.exe] => (Allow) C:\users\gabri\onedrive\bureau\among.us.v2022.2.8s\among us.exe => Pas de fichier
FirewallRules: [UDP Query User{6822FB9B-E457-4D9C-B006-3F16FA0268DB}C:\users\gabri\onedrive\bureau\among.us.v2022.2.8s\among us.exe] => (Allow) C:\users\gabri\onedrive\bureau\among.us.v2022.2.8s\among us.exe => Pas de fichier
FirewallRules: [TCP Query User{6756B271-0AD2-4B8C-B255-34AC571B48B7}C:\users\gabri\appdata\local\enlisted\launcher.exe] => (Allow) C:\users\gabri\appdata\local\enlisted\launcher.exe => Pas de fichier
FirewallRules: [UDP Query User{7A2D837D-0F8D-4D8F-8F3F-544EB04F9695}C:\users\gabri\appdata\local\enlisted\launcher.exe] => (Allow) C:\users\gabri\appdata\local\enlisted\launcher.exe => Pas de fichier
FirewallRules: [{89C97131-3861-4BA2-ADB3-24B50D322341}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{2AAE4B12-2A44-48FF-ABBF-F6A150ACCCA5}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{A0CFE423-87D6-4875-B502-B8764C824FCD}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{18D39BF8-D798-47A8-B1E0-8DF2F49B4BC8}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{B849D2C2-9AD7-4C20-B9C1-6BF47DBC1DD8}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{C359A5F3-5566-47F5-8D9F-7F6D4CC79079}] => (Allow) C:\Users\gabri\AppData\Local\Roblox\Versions\version-8c3e105625324213\RobloxPlayerLauncher.exe => Pas de fichier
FirewallRules: [{A4627F35-D20A-494F-AE20-EF514484F787}] => (Allow) C:\Users\gabri\AppData\Local\Roblox\Versions\version-8c3e105625324213\RobloxPlayerLauncher.exe => Pas de fichier
FirewallRules: [{2E9FC60E-499F-46F0-B361-232FC8CD8134}] => (Allow) C:\Users\gabri\AppData\Local\Roblox\Versions\RobloxStudioLauncherBeta.exe => Pas de fichier
FirewallRules: [{90044F6D-0885-40DB-91AE-A94958803F5F}] => (Allow) C:\Users\gabri\AppData\Local\Roblox\Versions\RobloxStudioLauncherBeta.exe => Pas de fichier
FirewallRules: [{6853FFB0-8ACB-483B-88BF-9C4696A764D5}] => (Allow) C:\Users\gabri\AppData\Local\Roblox\Versions\version-8c3e105625324213\RobloxPlayerLauncher.exe => Pas de fichier
FirewallRules: [{29D046C2-2DF3-4793-BD11-8D242817A113}] => (Allow) C:\Users\gabri\AppData\Local\Roblox\Versions\version-8c3e105625324213\RobloxPlayerLauncher.exe => Pas de fichier
FirewallRules: [{AA067F9E-B224-4F1F-BF06-9901029D9EA9}] => (Allow) C:\Users\gabri\AppData\Local\Roblox\Versions\version-8c3e105625324213\RobloxPlayerLauncher.exe => Pas de fichier
FirewallRules: [{2C32A5CB-CE21-4A81-95FF-E13B6F9BC802}] => (Allow) C:\Users\gabri\AppData\Local\Roblox\Versions\version-8c3e105625324213\RobloxPlayerLauncher.exe => Pas de fichier
FirewallRules: [TCP Query User{DE65719C-22DB-4CE5-BABB-07D80DF85978}C:\users\gabri\onedrive\bureau\jeux\hearts.of.iron.iv.v1.11.11\hearts of iron iv\hoi4.exe] => (Allow) C:\users\gabri\onedrive\bureau\jeux\hearts.of.iron.iv.v1.11.11\hearts of iron iv\hoi4.exe => Pas de fichier
FirewallRules: [UDP Query User{2EE31DB9-1AD4-422F-9D0D-AF94AE91E14E}C:\users\gabri\onedrive\bureau\jeux\hearts.of.iron.iv.v1.11.11\hearts of iron iv\hoi4.exe] => (Allow) C:\users\gabri\onedrive\bureau\jeux\hearts.of.iron.iv.v1.11.11\hearts of iron iv\hoi4.exe => Pas de fichier
FirewallRules: [{1656B5C1-5F04-4C7C-B22A-8E1D38C8A14F}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{24BF45AD-F6A3-4B3E-89AE-7156E1C14293}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{C1F73245-6B46-4EA1-9193-42C1CF54F5A5}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{2C5828D1-8EFF-4D46-B207-857AE907093F}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{6224D61E-CB65-400C-A444-045CCACA5356}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{01E6D198-F7C0-4BE0-A22D-15BC3F203F49}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{A3F3A38A-1A28-43C9-8D1A-1412EF29B3D5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AC0106BC-ABF5-42DB-9D15-8116DF64A050}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{77609301-51D1-45AB-8F84-2B3E518EC782}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{520CA865-DE08-4AD0-A58D-1F2C5BA8E2AC}C:\users\gabri\appdata\local\temp\rar$exa12176.43871\hearts.of.iron.iv.v1.11.11\hearts of iron iv\hoi4.exe] => (Allow) C:\users\gabri\appdata\local\temp\rar$exa12176.43871\hearts.of.iron.iv.v1.11.11\hearts of iron iv\hoi4.exe => Pas de fichier
FirewallRules: [UDP Query User{E3305D7C-B9EC-4C7B-A473-8137391DD719}C:\users\gabri\appdata\local\temp\rar$exa12176.43871\hearts.of.iron.iv.v1.11.11\hearts of iron iv\hoi4.exe] => (Allow) C:\users\gabri\appdata\local\temp\rar$exa12176.43871\hearts.of.iron.iv.v1.11.11\hearts of iron iv\hoi4.exe => Pas de fichier
FirewallRules: [TCP Query User{4220C8FF-86E0-4D0B-9631-56476D198197}C:\users\gabri\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\gabri\appdata\local\discord\app-1.0.9013\discord.exe => Pas de fichier
FirewallRules: [UDP Query User{65B12DF2-7FC2-4B1A-9959-1DB6E3DC5584}C:\users\gabri\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\gabri\appdata\local\discord\app-1.0.9013\discord.exe => Pas de fichier
FirewallRules: [TCP Query User{9DC1F82D-077E-473C-83C6-BF38A4701C44}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Pas de fichier
FirewallRules: [UDP Query User{E2A25711-2577-44E1-8C36-0EFB42A9AD0C}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Pas de fichier
FirewallRules: [{42539134-60F4-4AF8-88F7-BECFF724624F}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe => Pas de fichier
FirewallRules: [{A9AA01B4-04F2-47EC-BE32-783E142D14E5}] => (Allow) C:\Program Files\HP\Sure Click\4.4.7.365\servers\manifests\chrome\brchromium\114.0.5735.289\BrChrome.exe (Bromium, Inc. -> HP)
FirewallRules: [{d7ca2772-b0df-4577-b8b1-4db5739c9f3b}] => (Allow) C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe => Pas de fichier
FirewallRules: [{e5125b1e-32f7-431f-a14a-e9f1c7f95061}] => (Allow) C:\Program Files\ldplayer9box\VBoxNetNAT.exe => Pas de fichier
FirewallRules: [{708af8a8-b9fb-4f9d-9af8-2e70b0c3df0e}] => (Allow) C:\LDPlayer\LDPlayer9\dnplayer.exe => Pas de fichier
FirewallRules: [{A53982DF-2860-4076-B8B9-A87EB03A88CD}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Pas de fichier
FirewallRules: [{56DA9DCF-A014-42C1-B18E-7B3E77925896}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Pas de fichier
FirewallRules: [{77CE0213-AE88-4C44-A139-D038EBEC62C7}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => Pas de fichier
FirewallRules: [{C17A6591-5B1C-4FE2-99ED-14FC9DF861F3}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe => Pas de fichier
FirewallRules: [TCP Query User{93C13ABB-51AC-4E74-9E96-2408E23F702F}C:\users\gabri\appdata\local\enlisted\win64\enlisted.exe] => (Allow) C:\users\gabri\appdata\local\enlisted\win64\enlisted.exe => Pas de fichier
FirewallRules: [UDP Query User{3D467971-CCCA-4BD3-8B8B-2C6298DCFF14}C:\users\gabri\appdata\local\enlisted\win64\enlisted.exe] => (Allow) C:\users\gabri\appdata\local\enlisted\win64\enlisted.exe => Pas de fichier
FirewallRules: [{0191D4CD-7A50-445C-9C69-19C0EA73DBBB}] => (Allow) C:\Users\gabri\AppData\Local\Programs\Opera\103.0.4928.34\opera.exe => Pas de fichier
FirewallRules: [{2C70B306-BE39-4A08-A412-8B1004CFB172}] => (Allow) C:\Users\gabri\AppData\Local\Programs\Opera\103.0.4928.47\opera.exe => Pas de fichier
FirewallRules: [{A9BFD532-CA05-46B2-A0D6-B8B6BB1B449E}] => (Allow) C:\Program Files (x86)\OneBrowser\Application\OneBrowser.exe (Chickadee Digital, LLC -> Chickadee Digital, LLC)
FirewallRules: [{C8AF2E76-1934-48D5-800F-9FBBA1FC8C27}] => (Allow) C:\Program Files (x86)\Overwolf\0.236.0.11\OverwolfBrowser.exe => Pas de fichier
FirewallRules: [{411A079D-97A6-44A2-8BBB-AFE27C80BEFE}] => (Allow) C:\Program Files (x86)\Overwolf\0.236.0.11\OverwolfBrowser.exe => Pas de fichier
FirewallRules: [{0251D448-63FF-4A91-85F6-5171F7F96FA3}] => (Block) C:\Program Files (x86)\Overwolf\0.236.0.11\OverwolfBrowser.exe => Pas de fichier
FirewallRules: [{1CB40FB1-30B4-4AA5-8FB8-7367D017A338}] => (Block) C:\Program Files (x86)\Overwolf\0.236.0.11\OverwolfBrowser.exe => Pas de fichier
FirewallRules: [{406A4A7E-E458-497B-9195-DF1454C3E1F0}] => (Allow) C:\Program Files (x86)\Overwolf\0.236.2.2\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{E615DAA3-A7BC-4BB2-9589-D3FA3A431FE6}] => (Allow) C:\Program Files (x86)\Overwolf\0.236.2.2\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{B850208E-AB5A-4316-B42C-6DC0492C30CC}] => (Allow) C:\Program Files\HP\Sure Click\ApplicationSupport\chrome\4.4.11.356\brchromium\118.0.5993.159\BrChrome.exe (Bromium, Inc. -> HP)
FirewallRules: [{B85F7525-1901-4D48-BC94-0A0AD94F3DB2}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{20B857B4-F1E8-4DDE-BF48-8507E035A904}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E894A413-28C6-48AD-A7C7-91AC675D0969}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1E661CFA-237B-497D-89EA-2AB24A922905}] => (Allow) C:\Users\gabri\AppData\Local\Programs\Opera\105.0.4970.48\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{D7E23AA2-3EA8-4C41-885E-A0F0C1F740C9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.77\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Points de restauration =========================

17-12-2023 15:58:51 ZHPcleaner

==================== Éléments en erreur du Gestionnaire de périphériques ============

==================== Erreurs du Journal des événements: ========================

Erreurs Application:
==================
Error: (12/17/2023 06:15:03 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Description: A .NET application failed.
Application: OneApp.IGCC.WinService.exe
Path: C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9b33d3c65380dd2c\OneApp.IGCC.WinService.exe
Message: You must install .NET to run this application.

App: C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9b33d3c65380dd2c\OneApp.IGCC.WinService.exe
Architecture: x64
App host version: 7.0.5
.NET location: Not found

Learn about runtime installation:
https://aka.ms/dotnet/app-launch-failed

Download the .NET runtime:
https://aka.ms/dotnet-core-applaunch?missing_runtime=true&arch=x64&rid=win10-x64&apphost_version=7.0.5

Error: (12/17/2023 06:13:59 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application : HotKeyServiceUWP.exe
Version du Framework : v4.0.30319
Description : le processus a été arrêté en raison d'une exception non gérée.
Informations sur l'exception : code d'exception c0000005, adresse d'exception 00007FF8274534F6

Error: (12/17/2023 04:26:12 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Description: A .NET application failed.
Application: OneApp.IGCC.WinService.exe
Path: C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9b33d3c65380dd2c\OneApp.IGCC.WinService.exe
Message: You must install .NET to run this application.

App: C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9b33d3c65380dd2c\OneApp.IGCC.WinService.exe
Architecture: x64
App host version: 7.0.5
.NET location: Not found

Learn about runtime installation:
https://aka.ms/dotnet/app-launch-failed

Download the .NET runtime:
https://aka.ms/dotnet-core-applaunch?missing_runtime=true&arch=x64&rid=win10-x64&apphost_version=7.0.5

Error: (12/17/2023 10:59:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante bad_module_info, version : 0.0.0.0, horodatage : 0x00000000
Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000
Code d’exception : 0x00000000
Décalage d’erreur : 0x00000000
ID du processus défaillant : 0x26cc
Heure de début de l’application défaillante : 0x01da30cba3adf845
Chemin d’accès de l’application défaillante : bad_module_info
Chemin d’accès du module défaillant: unknown
ID de rapport : 7ae5c902-e634-4aa6-b8ba-02e1a9b04d9c
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (12/17/2023 10:59:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante ZHPCleaner.exe, version : 2023.12.13.64, horodatage : 0x6579ab62
Nom du module défaillant : ZHPCleaner.exe, version : 2023.12.13.64, horodatage : 0x6579ab62
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00020e6e
ID du processus défaillant : 0x26cc
Heure de début de l’application défaillante : 0x01da30cba3adf845
Chemin d’accès de l’application défaillante : C:\Users\gabri\Downloads\ZHPCleaner.exe
Chemin d’accès du module défaillant: C:\Users\gabri\Downloads\ZHPCleaner.exe
ID de rapport : dfb87a47-92e2-40b4-bb66-90f12cae87c2
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (12/16/2023 06:21:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante bad_module_info, version : 0.0.0.0, horodatage : 0x00000000
Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000
Code d’exception : 0x80000004
Décalage d’erreur : 0x00007ff9e00077fe
ID du processus défaillant : 0x1710
Heure de début de l’application défaillante : 0x01da3031c4135367
Chemin d’accès de l’application défaillante : bad_module_info
Chemin d’accès du module défaillant: unknown
ID de rapport : bcdb06d5-1e50-4fca-b6b0-32a054f760db
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (12/16/2023 06:21:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante bad_module_info, version : 0.0.0.0, horodatage : 0x00000000
Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00007ff9e0020f64
ID du processus défaillant : 0x1710
Heure de début de l’application défaillante : 0x01da3031c4135367
Chemin d’accès de l’application défaillante : bad_module_info
Chemin d’accès du module défaillant: unknown
ID de rapport : c6e6fa3a-4ed6-4b24-b593-2a09da724311
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (12/16/2023 06:20:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante RobloxPlayerBeta.exe, version : 0.605.3.21348, horodatage : 0x6746a139
Nom du module défaillant : RobloxPlayerBeta.exe, version : 0.605.3.21348, horodatage : 0x6746a139
Code d’exception : 0x80000003
Décalage d’erreur : 0x000000000053006e
ID du processus défaillant : 0x1710
Heure de début de l’application défaillante : 0x01da3031c4135367
Chemin d’accès de l’application défaillante : C:\Users\gabri\AppData\Local\Roblox\Versions\version-48a28da848b7420d\RobloxPlayerBeta.exe
Chemin d’accès du module défaillant: C:\Users\gabri\AppData\Local\Roblox\Versions\version-48a28da848b7420d\RobloxPlayerBeta.exe
ID de rapport : 33eb4113-0c7c-490f-bf84-418f8ccb7ff6
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Erreurs système:
=============
Error: (12/17/2023 06:19:28 PM) (Source: DCOM) (EventID: 10001) (User: 5CD132D2ZD)
Description: Impossible de démarrer un serveur DCOM : Microsoft.AAD.BrokerPlugin_1000.19041.3636.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider en tant que Non disponible/Non disponible. L’erreur
« 2147942402 »
s’est produite lors du démarrage de la commande :
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider

Error: (12/17/2023 06:19:23 PM) (Source: DCOM) (EventID: 10001) (User: 5CD132D2ZD)
Description: Impossible de démarrer un serveur DCOM : Microsoft.AAD.BrokerPlugin_1000.19041.3636.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider en tant que Non disponible/Non disponible. L’erreur
« 2147942402 »
s’est produite lors du démarrage de la commande :
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider

Error: (12/17/2023 06:19:18 PM) (Source: DCOM) (EventID: 10001) (User: 5CD132D2ZD)
Description: Impossible de démarrer un serveur DCOM : Microsoft.AAD.BrokerPlugin_1000.19041.3636.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider en tant que Non disponible/Non disponible. L’erreur
« 2147942402 »
s’est produite lors du démarrage de la commande :
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider

Error: (12/17/2023 06:19:13 PM) (Source: DCOM) (EventID: 10001) (User: 5CD132D2ZD)
Description: Impossible de démarrer un serveur DCOM : Microsoft.AAD.BrokerPlugin_1000.19041.3636.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider en tant que Non disponible/Non disponible. L’erreur
« 2147942402 »
s’est produite lors du démarrage de la commande :
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider

Error: (12/17/2023 06:19:08 PM) (Source: DCOM) (EventID: 10001) (User: 5CD132D2ZD)
Description: Impossible de démarrer un serveur DCOM : Microsoft.AAD.BrokerPlugin_1000.19041.3636.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider en tant que Non disponible/Non disponible. L’erreur
« 2147942402 »
s’est produite lors du démarrage de la commande :
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider

Error: (12/17/2023 06:16:27 PM) (Source: DCOM) (EventID: 10001) (User: 5CD132D2ZD)
Description: Impossible de démarrer un serveur DCOM : Microsoft.AAD.BrokerPlugin_1000.19041.3636.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider en tant que Non disponible/Non disponible. L’erreur
« 2147942402 »
s’est produite lors du démarrage de la commande :
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider

Error: (12/17/2023 06:15:39 PM) (Source: DCOM) (EventID: 10001) (User: 5CD132D2ZD)
Description: Impossible de démarrer un serveur DCOM : Microsoft.AAD.BrokerPlugin_1000.19041.3636.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider en tant que Non disponible/Non disponible. L’erreur
« 2147942402 »
s’est produite lors du démarrage de la commande :
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider

Error: (12/17/2023 06:15:34 PM) (Source: DCOM) (EventID: 10001) (User: 5CD132D2ZD)
Description: Impossible de démarrer un serveur DCOM : Microsoft.AAD.BrokerPlugin_1000.19041.3636.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider en tant que Non disponible/Non disponible. L’erreur
« 2147942402 »
s’est produite lors du démarrage de la commande :
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider

Windows Defender:
================
Date: 2021-12-31 13:01:59
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {D1C0E673-7E04-4F06-A46A-664C1AFD522E}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2021-12-30 16:44:27
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {D45CE48A-32DA-41C1-B65E-058FAEAE6DB6}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2021-12-29 14:46:44
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {B19327AF-CE95-4D95-8D25-5B030D800D0B}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2021-12-27 15:01:23
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {7CEE3031-B3F0-4AAC-BA05-A305E467B6A0}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2021-12-26 13:16:01
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {C5D0D48C-BD9A-465F-A41A-F846B428AC12}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système
Event[0]:

Date: 2023-07-27 16:08:40
Description:
Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité : 1.393.1592.0
Version précédente de la veille de sécurité : 1.391.1646.0
Source de mise à jour : Utilisateur
Type de veille de sécurité : Logiciel anti-espion
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur : 1.1.23060.1005
Version précédente du moteur : 1.1.23050.3
Code d’erreur : 0x80004004
Description de l’erreur : Opération abandonnée

Date: 2023-07-27 16:08:40
Description:
Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité : 1.393.1592.0
Version précédente de la veille de sécurité : 1.391.1646.0
Source de mise à jour : Utilisateur
Type de veille de sécurité : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur : 1.1.23060.1005
Version précédente du moteur : 1.1.23050.3
Code d’erreur : 0x80004004
Description de l’erreur : Opération abandonnée

Date: 2023-07-27 16:08:40
Description:
Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour du moteur.
Nouvelle version du moteur : 1.1.23060.1005
Version précédente du moteur : 1.1.23050.3
Utilisateur : AUTORITE NT\Système
Code d’erreur : 0x80004004
Description de l’erreur : Opération abandonnée

Date: 2023-06-29 14:49:24
Description:
Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.391.1646.0
Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants
Type de veille de sécurité : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.23050.3
Code d’erreur : 0x80004004
Description de l’erreur : Opération abandonnée

Date: 2023-06-29 14:49:24
Description:
Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.391.1646.0
Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants
Type de veille de sécurité : Logiciel anti-espion
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.23050.3
Code d’erreur : 0x80004004
Description de l’erreur : Opération abandonnée

CodeIntegrity:
===============
Date: 2023-12-17 18:14:34
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2023-12-17 00:34:39
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\ReasonLabs\EPP\rsEngineSvc.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Outlook\15.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-12-17 00:34:39
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\ReasonLabs\EPP\rsEngineSvc.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC_MSIL\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Infos Mémoire ===========================

BIOS: HP T70 Ver. 01.14.00 06/27/2023
Carte mère: HP 87E0
Processeur: Intel(R) Pentium(R) Gold 7505 @ 2.00GHz
Pourcentage de mémoire utilisée: 63%
Mémoire physique - RAM - totale: 7872.26 MB
Mémoire physique - RAM - disponible: 2872.93 MB
Mémoire virtuelle totale: 25357.09 MB
Mémoire virtuelle disponible: 19636.53 MB

==================== Lecteurs ================================

Drive c: (Windows ) (Fixed) (Total:237.35 GB) (Free:50.76 GB) (Model: SSSTC CL1-8D256-HP) (Protected) NTFS

\\?\Volume{bc1c9ca9-faab-4468-bfef-9a96b6e10d50}\ (Windows RE Tools) (Fixed) (Total:0.85 GB) (Free:0.08 GB) NTFS
\\?\Volume{0e8f4aa7-e376-443c-a79f-77893db05aec}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.12 GB) FAT32

==================== MBR & Table des partitions ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 43291094)

Partition: GPT.

==================== Fin de Addition.txt =======================

Signaler le contenu de ce document