Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.04.2024 Ran by pc (06-04-2024 17:14:52) Running from C:\Users\pc\Desktop Microsoft Windows 10 Professionnel Version 22H2 19045.4170 (X64) (2021-05-31 12:23:07) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrateur (S-1-5-21-2523344994-3823910579-3822066088-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2523344994-3823910579-3822066088-503 - Limited - Disabled) hugod (S-1-5-21-2523344994-3823910579-3822066088-1004 - Limited - Disabled) Invité (S-1-5-21-2523344994-3823910579-3822066088-501 - Limited - Disabled) marti (S-1-5-21-2523344994-3823910579-3822066088-1002 - Administrator - Enabled) marti_ (S-1-5-21-2523344994-3823910579-3822066088-1018 - Administrator - Enabled) maxim (S-1-5-21-2523344994-3823910579-3822066088-1003 - Administrator - Enabled) pc (S-1-5-21-2523344994-3823910579-3822066088-1001 - Administrator - Enabled) => C:\Users\pc WDAGUtilityAccount (S-1-5-21-2523344994-3823910579-3822066088-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.05.16.529 - Advanced Micro Devices, Inc.) AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.24.0.0 - Advanced Micro Devices, Inc.) Hidden AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden AMD_Chipset_Drivers (HKLM-x32\...\{fa489a41-09bb-480e-95ff-0856f05112eb}) (Version: 5.05.16.529 - Advanced Micro Devices, Inc.) Hidden Avast Antivirus Gratuit (HKLM\...\Avast Antivirus) (Version: 24.2.6105 - Avast Software) BakkesMod version 3.0 (HKLM\...\{BF029534-4334-4CFC-B771-50B7EE54346F}_is1) (Version: 3.0 - BakkesMod) Contrôle d’intégrité du PC Windows (HKLM\...\{90C6971F-ABF1-4FBF-BD98-24F14C5F5AB4}) (Version: 3.6.2204.08001 - Microsoft Corporation) Discord (HKU\S-1-5-21-2523344994-3823910579-3822066088-1001\...\Discord) (Version: 1.0.9035 - Discord Inc.) Epic Games Launcher (HKLM-x32\...\{25A199C2-78B4-4D70-AE0D-71BD2E70FAF8}) (Version: 1.3.23.0 - Epic Games, Inc.) Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (es-ES) (HKLM-x32\...\{F49AF755-A5C3-4252-A190-5772B2669C3B}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (es-MX) (HKLM-x32\...\{E8F3B154-03CE-4120-8B9D-9E83ED5F3AD7}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (fr-CA) (HKLM-x32\...\{7D179500-CA0C-4456-B624-C15876B15F39}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (fr-FR) (HKLM-x32\...\{4CC174AA-25BC-46FF-B1E2-13B24AFB6142}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (it-IT) (HKLM-x32\...\{969D900A-3481-4A77-B888-D24160D4D727}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (ja-JP) (HKLM-x32\...\{EDA8693D-9E82-4FD1-98C8-0DC4F9141E0F}) (Version: 11.0.7400.336 - Microsoft Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2024.2.534136 - Logitech) Microsoft .NET 7.0 Templates 7.0.203 (x64) (HKLM\...\{A874533D-746B-4775-A041-9C04D0258D6D}) (Version: 28.7.24500 - Microsoft Corporation) Hidden Microsoft .NET 7.0 Templates 7.0.203 (x86) (HKLM-x32\...\{DEA3EDD0-D3D3-4FEE-98A9-82B2450BE64D}) (Version: 28.7.24500 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 7.0.5 (x64) (HKLM\...\{8BEEA1E5-2EB9-453E-BB9D-497C788B1271}) (Version: 56.23.58437 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 7.0.5 (x64_arm) (HKLM\...\{B0613946-1920-45F8-9BE3-2E3FFF7A1A1E}) (Version: 56.23.58437 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 7.0.5 (x64_arm64) (HKLM\...\{78F98773-C35A-47CB-B819-A3DD0151554C}) (Version: 56.23.58437 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 7.0.5 (x64_x86) (HKLM\...\{9B65AC4E-46B8-46DA-BCD0-D5A5CEFD0F2E}) (Version: 56.23.58437 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 7.0.5 (x86) (HKLM-x32\...\{AA007EBA-8D28-48B4-B353-5EF18D52BD5A}) (Version: 56.23.58437 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 7.0.5 (x86_arm) (HKLM-x32\...\{2C567A69-2510-42F9-BBF8-C888D1D75068}) (Version: 56.23.58437 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 7.0.5 (x86_arm64) (HKLM-x32\...\{464FC9D7-CE50-400D-93FF-02C6FE826600}) (Version: 56.23.58437 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 7.0.5 (x86_x64) (HKLM-x32\...\{C41255B1-6D84-4187-AEA5-5397AF4871F3}) (Version: 56.23.58437 - Microsoft Corporation) Hidden Microsoft .NET Host - 5.0.13 (x64) (HKLM\...\{07FD769C-6C18-4038-A261-E9859C74E624}) (Version: 40.52.30715 - Microsoft Corporation) Hidden Microsoft .NET Host - 6.0.8 (x86) (HKLM-x32\...\{46F7B664-9497-493D-8269-C39DE0F9C7BB}) (Version: 48.35.45462 - Microsoft Corporation) Hidden Microsoft .NET Host - 7.0.5 (x64) (HKLM\...\{CE8DF750-A582-4D59-A610-478A752481B1}) (Version: 56.23.58437 - Microsoft Corporation) Hidden Microsoft .NET Host - 7.0.5 (x86) (HKLM-x32\...\{2F933E6C-13D1-4886-99EB-05ED0C42885B}) (Version: 56.23.58437 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 5.0.13 (x64) (HKLM\...\{0F011389-4823-40D0-AB50-711628D820F5}) (Version: 40.52.30715 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.8 (x86) (HKLM-x32\...\{56205076-5F5F-408B-A2CC-EF72BFFBC6DD}) (Version: 48.35.45462 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 7.0.5 (x64) (HKLM\...\{B6F2958F-0F6F-4CCD-867F-80EC5C333B79}) (Version: 56.23.58437 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 7.0.5 (x86) (HKLM-x32\...\{E3B06B8A-7FA4-4421-8A96-8503B2669F50}) (Version: 56.23.58437 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 5.0.13 (x64) (HKLM\...\{C84C2DA1-52E2-4183-8F20-88176B77848F}) (Version: 40.52.30715 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.8 (x86) (HKLM-x32\...\{4368217D-0EEE-4612-973D-CB228B37F17A}) (Version: 48.35.45462 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 7.0.5 (x64) (HKLM\...\{793FCD19-00AC-4804-B569-782DF3B24A39}) (Version: 56.23.58437 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 7.0.5 (x86) (HKLM-x32\...\{23D1DA1E-5CBC-4990-BB53-5974E8D0AB3A}) (Version: 56.23.58437 - Microsoft Corporation) Hidden Microsoft .NET SDK 7.0.203 (x64) (HKLM-x32\...\{9629d426-6dfd-4992-856c-cf8e22053f18}) (Version: 7.2.323.17716 - Microsoft Corporation) Microsoft .NET SDK 7.0.203 (x86) (HKLM-x32\...\{8134163e-5715-44b3-b443-654912ab53f0}) (Version: 7.2.323.17716 - Microsoft Corporation) Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) (HKLM\...\{A7036CFB-B403-4598-85FF-D397ABB88173}) (Version: 24.0.28113 - Microsoft Corporation) Hidden Microsoft .NET Standard Targeting Pack - 2.1.0 (x86) (HKLM-x32\...\{74C05E31-3587-425C-9342-233964C42675}) (Version: 24.0.28113 - Microsoft Corporation) Hidden Microsoft .NET Targeting Pack - 7.0.5 (x64) (HKLM\...\{3D347BF4-DCF0-4960-81B3-A09703182982}) (Version: 56.23.58437 - Microsoft Corporation) Hidden Microsoft .NET Targeting Pack - 7.0.5 (x86) (HKLM-x32\...\{98A540CC-952F-470E-97C6-3D2DBCD0CD9C}) (Version: 56.23.58437 - Microsoft Corporation) Hidden Microsoft .NET Toolset 7.0.203 (x64) (HKLM\...\{C83164CF-DC88-4956-BB8F-7189DC6D6E6D}) (Version: 28.6.57268 - Microsoft Corporation) Hidden Microsoft .NET Toolset 7.0.203 (x86) (HKLM-x32\...\{4CD4A46F-16F6-4EE9-9469-FAA9E435AE42}) (Version: 28.6.57268 - Microsoft Corporation) Hidden Microsoft ASP.NET Core 7.0.5 Shared Framework (x64) (HKLM\...\{D4659401-47DD-3355-A866-C827D0DDAC97}) (Version: 7.0.5.23174 - Microsoft Corporation) Hidden Microsoft ASP.NET Core 7.0.5 Shared Framework (x86) (HKLM-x32\...\{E9A7B080-E866-31F8-A4D1-D534685DFF86}) (Version: 7.0.5.23174 - Microsoft Corporation) Hidden Microsoft ASP.NET Core 7.0.5 Targeting Pack (x64) (HKLM\...\{135A25E2-920D-3A18-A1A2-C18B7D3ADD48}) (Version: 7.0.5.23174 - Microsoft Corporation) Hidden Microsoft ASP.NET Core 7.0.5 Targeting Pack (x86) (HKLM-x32\...\{A2448B21-04AD-329A-8EC8-422549CC005B}) (Version: 7.0.5.23174 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 123.0.2420.81 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 123.0.2420.81 - Microsoft Corporation) Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.055.0317.0002 - Microsoft Corporation) Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation) Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft Server Speech Recognition Language - TELE (pl-PL) (HKLM-x32\...\{BEFB9378-5E88-4266-8EB1-C92869449885}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft Server Speech Recognition Language - TELE (pt-BR) (HKLM-x32\...\{F6B5EB21-0ABF-487C-B9A9-D9DB259C4403}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft Server Speech Recognition Language - TELE (ru-RU) (HKLM-x32\...\{9419B7EA-6A4B-4A57-8E2A-3BDD4676118F}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft Server Speech Recognition Language - TELE (zh-CN) (HKLM-x32\...\{BAD2A75A-1708-47BA-A498-20890D2C78A7}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-2523344994-3823910579-3822066088-1001\...\Teams) (Version: 1.5.00.28361 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 5.0.13 (x64) (HKLM\...\{E41C6EA8-A897-4008-835E-151A92FD6F95}) (Version: 40.52.30717 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 5.0.13 (x64) (HKLM-x32\...\{e2d1ae32-dd1d-4ad7-a298-10e42e7840fc}) (Version: 5.0.13.30717 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 6.0.8 (x86) (HKLM-x32\...\{2EA86F1A-CE4C-4696-8B6A-556D46294B2D}) (Version: 48.35.45540 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.8 (x86) (HKLM-x32\...\{95474ef5-2654-4ae1-a60a-b68931b0e10d}) (Version: 6.0.8.31518 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 7.0.5 (x64) (HKLM\...\{109506AF-BF9E-43E1-87F3-3141B9C3F6BA}) (Version: 56.23.58485 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 7.0.5 (x86) (HKLM-x32\...\{10B89C4E-2660-4746-AD74-18C3BD27D929}) (Version: 56.23.58485 - Microsoft Corporation) Hidden Microsoft Windows Desktop Targeting Pack - 7.0.5 (x64) (HKLM\...\{CADF61B0-5AB9-467E-A60F-357EAFB2E352}) (Version: 56.23.58485 - Microsoft Corporation) Hidden Microsoft Windows Desktop Targeting Pack - 7.0.5 (x86) (HKLM-x32\...\{2D1F81F3-235C-449F-86F1-3E3A770D078F}) (Version: 56.23.58485 - Microsoft Corporation) Hidden Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Microsoft.NET.Sdk.Android.Manifest-7.0.100 (x64) (HKLM\...\{FE768F65-89B5-40E5-9CE5-25D002197AE7}) (Version: 33.0.4 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.Android.Manifest-7.0.100 (x86) (HKLM-x32\...\{0497A128-EA98-4863-A656-3029B4C45E82}) (Version: 33.0.4 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.iOS.Manifest-7.0.100 (x64) (HKLM\...\{543E585A-87D5-4F29-A914-7953B2F13EF2}) (Version: 16.0.0 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.iOS.Manifest-7.0.100 (x86) (HKLM-x32\...\{AA9D6311-1DE7-46F3-8403-0805829BFD78}) (Version: 16.0.0 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.MacCatalyst.Manifest-7.0.100 (x64) (HKLM\...\{7C190DE4-5808-421D-9C41-89ED1FBE95CC}) (Version: 15.4.0 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.MacCatalyst.Manifest-7.0.100 (x86) (HKLM-x32\...\{F4DA49EB-02E4-42C9-9F00-862B2CB4916E}) (Version: 15.4.0 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.macOS.Manifest-7.0.100 (x64) (HKLM\...\{57816DD5-505C-46E5-A8F5-4BC85E3A7D2C}) (Version: 12.3.0 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.macOS.Manifest-7.0.100 (x86) (HKLM-x32\...\{3969B97E-427F-42B2-9BE4-AFE27D0FC3CD}) (Version: 12.3.0 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.Maui.Manifest-7.0.100 (x64) (HKLM\...\{8B3894C0-B5D2-4DDF-9732-75A96EE9A834}) (Version: 7.0.49 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.Maui.Manifest-7.0.100 (x86) (HKLM-x32\...\{948CFF8E-E122-46DD-94BB-F2F63BF78178}) (Version: 7.0.49 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.tvOS.Manifest-7.0.100 (x64) (HKLM\...\{6DAE2F44-C521-4219-8BE0-D72979F8C18E}) (Version: 16.0.0 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.tvOS.Manifest-7.0.100 (x86) (HKLM-x32\...\{F4321D63-85FD-431C-B523-80301EDD4A97}) (Version: 16.0.0 - Microsoft Corporation) Hidden Microsoft.NET.Workload.Emscripten.net6.Manifest (x64) (HKLM\...\{2A063023-C53B-4FC0-9E47-59FBEE4C8441}) (Version: 56.35.58417 - Microsoft Corporation) Hidden Microsoft.NET.Workload.Emscripten.net6.Manifest (x86) (HKLM-x32\...\{CB653941-CAEB-48B2-9EA3-1B8D3957B558}) (Version: 56.35.58417 - Microsoft Corporation) Hidden Microsoft.NET.Workload.Emscripten.net7.Manifest (x64) (HKLM\...\{BCBE79F7-20E7-45C7-91D4-BEB9214F8D35}) (Version: 56.35.58417 - Microsoft Corporation) Hidden Microsoft.NET.Workload.Emscripten.net7.Manifest (x86) (HKLM-x32\...\{45689C74-73F4-4AC0-9D55-2949C3948E88}) (Version: 56.35.58417 - Microsoft Corporation) Hidden Microsoft.NET.Workload.Mono.Toolchain.net6.Manifest (x64) (HKLM\...\{17A80AE2-77FC-4391-B1DD-25407A371306}) (Version: 56.3.58437 - Microsoft Corporation) Hidden Microsoft.NET.Workload.Mono.Toolchain.net6.Manifest (x86) (HKLM-x32\...\{899150FB-9ECA-449D-B1C7-E1B993FC3D71}) (Version: 56.3.58437 - Microsoft Corporation) Hidden Microsoft.NET.Workload.Mono.Toolchain.net7.Manifest (x64) (HKLM\...\{0C25CA92-E301-47E8-AD53-D9315C431D97}) (Version: 56.3.58437 - Microsoft Corporation) Hidden Microsoft.NET.Workload.Mono.Toolchain.net7.Manifest (x86) (HKLM-x32\...\{B56485E4-A66E-4530-B630-577CFE742B62}) (Version: 56.3.58437 - Microsoft Corporation) Hidden Minecraft Launcher (HKLM-x32\...\{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.0.0 - Mojang) NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation) NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation) NVIDIA Pilote graphique 552.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 552.12 - NVIDIA Corporation) Opera Stable 108.0.5067.29 (HKU\S-1-5-21-2523344994-3823910579-3822066088-1001\...\Opera 108.0.5067.29) (Version: 108.0.5067.29 - Opera Software) Opera Stable 94.0.4606.38 (HKU\S-1-5-21-2523344994-3823910579-3822066088-1001\...\Opera 94.0.4606.38) (Version: 94.0.4606.38 - Opera Software) Opera Stable 95.0.4635.46 (HKU\S-1-5-21-2523344994-3823910579-3822066088-1001\...\Opera 95.0.4635.46) (Version: 95.0.4635.46 - Opera Software) Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9045.1 - Realtek Semiconductor Corp.) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.86.1893 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.3.0.1 - Rockstar Games) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Tom Clancy's Rainbow Six (HKLM-x32\...\Tom Clancy's Rainbow Six) (Version: - ) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation) Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft) VLC media player (HKLM\...\VLC media player) (Version: 3.0.19 - VideoLAN) WinRAR 6.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.21.0 - win.rar GmbH) Packages: ========= Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-04-21] (Microsoft Corporation) Deezer Music -> C:\Program Files\WindowsApps\Deezer.62021768415AF_6.0.90.0_x86__q7m17pa7q8kj0 [2024-04-01] (Deezer SA) Live 4K Wallpapers -> C:\Program Files\WindowsApps\VORTEXLABSTOO.LiveHDWallpapers-DesktopBackground_2.5.1.0_x64__49x7jrevqbam0 [2024-03-13] (Vortex Labs Apps) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-02-01] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-02-01] (Microsoft Corporation) [MS Ad] Microsoft Copilot -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-03-29] (Microsoft Corporation) Minecraft for Windows -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.20.6201.0_x64__8wekyb3d8bbwe [2024-02-20] (Microsoft Studios) Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.7.2.0_x64__8wekyb3d8bbwe [2024-02-17] (Microsoft Studios) Minecraft Windows Preview -> C:\Program Files\WindowsApps\Microsoft.MinecraftWindowsBeta_1.20.8024.0_x64__8wekyb3d8bbwe [2024-04-01] (Microsoft Studios) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.965.0_x64__56jybvy8sckqj [2024-04-04] (NVIDIA Corp.) Porsche 911 GT2 RS - Forza Motorsport 7 -> C:\Program Files\WindowsApps\MicrosoftCorporation.Porsche911GT2RS-ForzaMotorspo_1.0.0.0_neutral__8wekyb3d8bbwe [2022-12-07] (Microsoft Corporation) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.19.234.0_x64__dt26b99r8h8gj [2023-06-04] (Realtek Semiconductor Corp) Slither.io® -> C:\Program Files\WindowsApps\25841LowtechStudios.io.Slither.io_15.9.0.0_x64__3bf2w4xg630q0 [2022-02-01] (Lowtech Studios .io) [MS Ad] Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-07] (Microsoft Studios) [MS Ad] Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0 [2024-04-01] (Spotify AB) [Startup Task] Turtle Beach Control Center -> C:\Program Files\WindowsApps\TurtleBeachInc.TurtleBeachControlCenter_1.2.0.0_x64__3pzeze0ym1bc2 [2023-09-19] (Turtle Beach, Inc) WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2412.4.0_x64__cv1g1gvanyjgm [2024-04-01] (WhatsApp Inc.) [Startup Task] ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2523344994-3823910579-3822066088-1001_Classes\CLSID\{04271989-C4D2-2E4E-852D-0DCB012C2421} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6} CustomCLSID: HKU\S-1-5-21-2523344994-3823910579-3822066088-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\pc\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22234.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2523344994-3823910579-3822066088-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\pc\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.055.0317.0002\FileSyncShell64.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.055.0317.0002\FileSyncShell64.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.055.0317.0002\FileSyncShell64.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.055.0317.0002\FileSyncShell64.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.055.0317.0002\FileSyncShell64.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.055.0317.0002\FileSyncShell64.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.055.0317.0002\FileSyncShell64.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-03-23] (Avast Software s.r.o. -> Gen Digital Inc.) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.055.0317.0002\FileSyncShell64.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.055.0317.0002\FileSyncShell64.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.055.0317.0002\FileSyncShell64.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.055.0317.0002\FileSyncShell64.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.055.0317.0002\FileSyncShell64.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.055.0317.0002\FileSyncShell64.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.055.0317.0002\FileSyncShell64.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-03-23] (Avast Software s.r.o. -> Gen Digital Inc.) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.055.0317.0002\FileSyncShell64.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-03-23] (Avast Software s.r.o. -> Gen Digital Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-03-23] (Avast Software s.r.o. -> Gen Digital Inc.) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.055.0317.0002\FileSyncShell64.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.055.0317.0002\FileSyncShell64.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_268e85175aa9e991\nvshext.dll [2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-03-23] (Avast Software s.r.o. -> Gen Digital Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== ==================== Loaded Modules (Whitelisted) ============= ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [8824] ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2021-06-02 14:35 - 2024-04-04 19:07 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2523344994-3823910579-3822066088-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pc\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 1.1.1.1 - 1.0.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) MSCONFIG\Services: AMD Crash Defender Service => 2 MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: AntiCheatExpert Service => 3 MSCONFIG\Services: BEService => 3 MSCONFIG\Services: EasyAntiCheat => 3 MSCONFIG\Services: EasyAntiCheat_EOS => 3 MSCONFIG\Services: EpicOnlineServices => 3 MSCONFIG\Services: FvSvc => 3 MSCONFIG\Services: LGHUBUpdaterService => 2 MSCONFIG\Services: NvContainerLocalSystem => 2 MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2 MSCONFIG\Services: Origin Client Service => 3 MSCONFIG\Services: Origin Web Helper Service => 2 MSCONFIG\Services: Rockstar Service => 3 MSCONFIG\Services: sshd => 3 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: ucldr_battlegrounds_gl => 3 MSCONFIG\Services: vgc => 3 MSCONFIG\Services: zksvc => 3 HKLM\...\StartupApproved\StartupFolder: => "WinZip Préchargeur.lnk" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "Riot Vanguard" HKLM\...\StartupApproved\Run: => "RtkAudUService" HKLM\...\StartupApproved\Run32: => "Weather" HKU\S-1-5-21-2523344994-3823910579-3822066088-1001\...\StartupApproved\StartupFolder: => "ass.lnk" HKU\S-1-5-21-2523344994-3823910579-3822066088-1001\...\StartupApproved\StartupFolder: => "Onedrive.lnk" HKU\S-1-5-21-2523344994-3823910579-3822066088-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-2523344994-3823910579-3822066088-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2523344994-3823910579-3822066088-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-2523344994-3823910579-3822066088-1001\...\StartupApproved\Run: => "LGHUB" HKU\S-1-5-21-2523344994-3823910579-3822066088-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-2523344994-3823910579-3822066088-1001\...\StartupApproved\Run: => "WarThunderLauncher" HKU\S-1-5-21-2523344994-3823910579-3822066088-1001\...\StartupApproved\Run: => "Gaijin.Net Updater" HKU\S-1-5-21-2523344994-3823910579-3822066088-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_72FC07CE8FBC282A90F28F3BD5668C8E" HKU\S-1-5-21-2523344994-3823910579-3822066088-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-2523344994-3823910579-3822066088-1001\...\StartupApproved\Run: => "Battle.net" HKU\S-1-5-21-2523344994-3823910579-3822066088-1001\...\StartupApproved\Run: => "CCXProcess" HKU\S-1-5-21-2523344994-3823910579-3822066088-1001\...\StartupApproved\Run: => "RiotClient" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{E6315ADA-C3AF-403B-8A8D-A829844A2398}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{37626D90-1FB7-4504-ACA0-3670345B039B}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{6DB5D9C9-37BA-4142-AAA6-E8C7CC26611F}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe FirewallRules: [UDP Query User{487C6292-78EB-4332-957F-A19FC19DB879}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe FirewallRules: [{279758C2-69E5-49D8-9156-EED6B77F2FAA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{6500C25B-1823-45C4-8AF2-95E63F6ADFBF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{91823028-7360-497B-8788-9F46B8CBAF3C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{54654E0D-7AD1-46F5-BF51-0238CB69CB4B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [TCP Query User{DDEA78D7-0801-48F4-A7BA-C206166BCC27}C:\users\pc\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\pc\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{60431B5E-A2E7-4A1F-B195-4D355E030AE9}C:\users\pc\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\pc\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{B161C921-D5A4-4E35-B298-1BE4E4A92641}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe FirewallRules: [UDP Query User{0ACDAC68-1D60-478F-9071-5098FBE610B7}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe FirewallRules: [TCP Query User{B02C2ED7-2EFE-49CD-B079-692A9B518198}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [UDP Query User{85E8F7EE-8B96-4692-BA9F-1949B2F6F8AF}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [TCP Query User{0C8EDF80-7BDF-4C5D-9A28-E8E4F24AF658}C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe FirewallRules: [UDP Query User{ACA18A9F-88A3-4B87-8A13-C90B96DF623D}C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe FirewallRules: [TCP Query User{8D75BBF9-6C42-425B-843F-5BF1B1B80CE0}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe FirewallRules: [UDP Query User{39127174-A293-4C74-9E7A-B3CDFA0D706B}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe FirewallRules: [TCP Query User{0A0A863E-AB37-4906-AAFC-BFFD1495D2BE}C:\users\pc\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\pc\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe FirewallRules: [UDP Query User{59D52536-3A5F-4363-86DD-651A7A6D796E}C:\users\pc\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\pc\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe FirewallRules: [TCP Query User{87777C44-5BE3-4356-834F-88A45B3B2D88}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{B311BA01-9EBA-4FFF-822A-22034DD67289}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{C85DDFD5-087F-4CE6-B980-1E979CB69F83}C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe] => (Allow) C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC) FirewallRules: [UDP Query User{1E43ACF9-F84F-4F1B-ADEE-AA06A2219A5A}C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe] => (Allow) C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC) FirewallRules: [TCP Query User{F3B03AF4-30FC-4A86-AB58-639F2F111530}C:\users\pc\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Block) C:\users\pc\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe FirewallRules: [UDP Query User{7AC8A9F3-75F0-4DE6-8FED-819663EBEFCA}C:\users\pc\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Block) C:\users\pc\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe FirewallRules: [TCP Query User{0C848E5E-E4D9-4912-947A-767003C63DD5}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{7CCDFB3A-AAA3-4EDF-ABBF-A23552D92AC9}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{168166E6-83C3-45B9-83E7-A0378BAADEC5}C:\program files\epic games\justdiealready\jdgame\binaries\win64\jdgame-win64-shipping.exe] => (Allow) C:\program files\epic games\justdiealready\jdgame\binaries\win64\jdgame-win64-shipping.exe => No File FirewallRules: [UDP Query User{B9FB0D8F-2049-42DF-A67B-6920DD4F9963}C:\program files\epic games\justdiealready\jdgame\binaries\win64\jdgame-win64-shipping.exe] => (Allow) C:\program files\epic games\justdiealready\jdgame\binaries\win64\jdgame-win64-shipping.exe => No File FirewallRules: [TCP Query User{7276E8BC-A4F6-49EB-89B9-6B1DE3C6414E}C:\users\pc\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\pc\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe FirewallRules: [UDP Query User{DEAB30E7-D75E-49C9-A5F8-EE01C366B717}C:\users\pc\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\pc\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe FirewallRules: [TCP Query User{29E92DF3-C7FB-4284-9180-2C14F48AF128}C:\program files (x86)\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\assettocorsa\acs.exe () [File not signed] FirewallRules: [UDP Query User{834BF905-4953-41CB-9F52-617C59D99AB7}C:\program files (x86)\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\assettocorsa\acs.exe () [File not signed] FirewallRules: [TCP Query User{C60EFD39-65D9-433A-82AF-4E038F2F3A24}C:\users\pc\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe] => (Allow) C:\users\pc\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe FirewallRules: [UDP Query User{C1A731AC-6D1C-4DE0-9F77-5664855A793D}C:\users\pc\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe] => (Allow) C:\users\pc\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe FirewallRules: [TCP Query User{859FF365-3838-41B8-81E3-7B91587581CF}C:\program files\epic games\amongus\among us.exe] => (Allow) C:\program files\epic games\amongus\among us.exe () [File not signed] FirewallRules: [UDP Query User{D47C54CB-5D7A-4B38-9EBC-636EB402B3F0}C:\program files\epic games\amongus\among us.exe] => (Allow) C:\program files\epic games\amongus\among us.exe () [File not signed] FirewallRules: [TCP Query User{0469DABB-0DAF-403D-B41E-5224919896BC}C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe FirewallRules: [UDP Query User{36C30D4E-81C5-4437-999C-1AD1C82CD554}C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe FirewallRules: [TCP Query User{6B46AFC9-6794-47AE-8F36-A5DB3355AEC6}C:\users\pc\curseforge\minecraft\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\pc\curseforge\minecraft\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe FirewallRules: [UDP Query User{28EC64E7-213A-4EE0-AE08-C787A06D63F3}C:\users\pc\curseforge\minecraft\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\pc\curseforge\minecraft\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe FirewallRules: [TCP Query User{3B0B9E6A-B807-4F2B-AB95-86741F2B12B3}C:\users\pc\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\pc\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe FirewallRules: [UDP Query User{ADCA5F4C-D20B-458E-B848-6E35B898E895}C:\users\pc\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\pc\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe FirewallRules: [TCP Query User{D087BD82-79FE-468D-9CFC-EE0D5EF90860}C:\users\pc\appdata\roaming\paladium-group\java\legacy\java\bin\java.exe] => (Allow) C:\users\pc\appdata\roaming\paladium-group\java\legacy\java\bin\java.exe FirewallRules: [UDP Query User{06B14ABD-62F9-432E-9AAD-C2AB3F690E6F}C:\users\pc\appdata\roaming\paladium-group\java\legacy\java\bin\java.exe] => (Allow) C:\users\pc\appdata\roaming\paladium-group\java\legacy\java\bin\java.exe FirewallRules: [{E075FC45-265B-40D4-8448-53132034D2AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cooperative Chess\coopchess.exe (Adrian Marple) [File not signed] FirewallRules: [{666A6E15-D663-48D9-8722-C7D5EC613D96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cooperative Chess\coopchess.exe (Adrian Marple) [File not signed] FirewallRules: [TCP Query User{CFA40F66-CA88-4AD7-AC46-3DC86E683E50}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe (GAIJIN NETWORK LTD -> Gaijin Entertainment) FirewallRules: [UDP Query User{5D795B33-4E1D-43EB-9674-2D89C2774DF6}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe (GAIJIN NETWORK LTD -> Gaijin Entertainment) FirewallRules: [{F24EE668-02A6-4A6D-A9E7-80B4024929BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{D528B1C1-07D7-44AE-B532-7E5105711A87}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{20FEB400-FBA2-4001-AD49-716C71EDEF2C}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File FirewallRules: [UDP Query User{A273B7C3-E280-4360-BDB1-BCE825CF7F1E}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File FirewallRules: [{1FD1DDC1-6719-49D5-A216-0D157B197D9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed] FirewallRules: [{EAE506A7-047B-4D59-A234-1760CDB70DE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed] FirewallRules: [{52517F28-5A98-46C8-96A2-FE059B5BBE1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\eac_wt_mlauncher.exe (Gaijin Entertainment) [File not signed] FirewallRules: [{91C2A7EC-A731-4CFB-897F-9235375825AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\eac_wt_mlauncher.exe (Gaijin Entertainment) [File not signed] FirewallRules: [{246D6415-4211-4335-B0D8-BE3240CE87AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (GAIJIN NETWORK LTD -> Gaijin) FirewallRules: [{652BF833-30B9-413A-A155-045D25CCFDEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (GAIJIN NETWORK LTD -> Gaijin) FirewallRules: [{1591EA18-3EB9-4218-83E3-9FB16F401EA9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{4EFF5C70-A7E5-4BB1-AC68-907516DA4233}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{27F0BEDD-C1CF-4B60-B110-270ED41DEF1C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{8638226F-5EBA-45D3-B199-A510752477F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{139C6A76-3491-47E3-8675-92E411EC5A37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Escape Together\SCP_ET.exe () [File not signed] FirewallRules: [{3F025CB4-AC91-44F4-99BE-251D1DC0FA59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Escape Together\SCP_ET.exe () [File not signed] FirewallRules: [{E5E0F46D-9496-4ABD-B160-03568BAC6195}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> ) FirewallRules: [{797ABF02-14FB-449E-AC83-100B471A601F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> ) FirewallRules: [{2BEF1E99-64DA-4237-A7B9-D72BBE06356D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{490CB52C-8E7D-4B36-9261-FDF457C1E339}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{8156EA2F-0E2E-4539-8946-83EA5BD4526A}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{D254E2B8-A3EA-46C1-AC5A-17FE96204C42}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{D52FA12C-2DDD-48F3-9127-734DE97C74E0}] => (Allow) C:\Users\pc\AppData\Local\Programs\Opera\107.0.5045.36\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{27E49E1E-15B8-4D9B-A1A7-B8469A3CE1B8}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.) FirewallRules: [{F14AF28D-A47E-47F1-A725-DF9049F909F7}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.) FirewallRules: [{ADEAA984-607D-4AB1-AA37-2B04F284F928}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A773F9EC-61E7-4A08-9BF2-C61E59E2E624}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{39FD8C95-0F4A-46B4-A7A6-1BEBBB75C513}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{EB165528-F261-4DE0-A540-70D9E9BBC19D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{AE0EDFB6-0E03-4853-B11E-637FBA05A354}] => (Allow) C:\Users\pc\AppData\Local\Programs\Opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{05F1E475-7CC2-409E-BA08-94531E7B29A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{6B8B0551-FFCF-477F-BA24-11F5B95B4E85}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{EC991E77-43CB-4BE2-BD0B-519FA1D52860}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{8D8F4746-BD44-481A-96BA-45723CCEF1B3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{806B590F-2D80-4193-AF2C-ED85B8A2FB76}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{BCFDF4A9-B999-43D6-B5E4-996B671BF094}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{E3FD649D-1FEC-49F6-9B8C-15FFBDF051F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{6C3CC383-1222-42D5-A3F1-3D49A9068ADB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{CB4B0F39-8990-41DC-9A0F-37886A7443CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{7A29BBA1-A1C1-457C-BF16-80EF9B0781ED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{8BBB7D04-6BE6-4F58-92DB-68748B3EF5CD}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.81\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Restore Points ========================= 06-04-2024 12:35:09 Programme d’installation pour les modules Windows 06-04-2024 13:01:59 Programme d’installation pour les modules Windows 06-04-2024 13:54:05 Programme d’installation pour les modules Windows 06-04-2024 16:00:47 Programme d’installation pour les modules Windows 06-04-2024 16:23:18 Programme d’installation pour les modules Windows 06-04-2024 17:03:13 Programme d’installation pour les modules Windows ==================== Faulty Device Manager Devices ============ Name: Compteur d'événement de haute précision Description: Compteur d'événement de haute précision Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Périphériques système standard) Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ======================== Application errors: ================== Error: (04/06/2024 05:01:10 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme SystemSettings.exe version 10.0.19041.4123 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 1d2c Heure de début : 01da883325db66ae Heure d'arrêt : 4294967295 Chemin d'accès à l'application : C:\Windows\ImmersiveControlPanel\SystemSettings.exe ID de rapport : d669ddff-30fd-4560-9715-5bf30aaf10cf Nom complet du package défectueux : windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy ID de l'application relative à un package défectueux : microsoft.windows.immersivecontrolpanel Type de blocage : Quiesce Error: (04/06/2024 04:57:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante wuauclt.exe, version : 10.0.19041.4123, horodatage : 0x35946a52 Nom du module défaillant : ntdll.dll, version : 10.0.19041.3996, horodatage : 0x39215800 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000000634f6 ID du processus défaillant : 0x2638 Heure de début de l’application défaillante : 0x01da882d8397f3f9 Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\wuauclt.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : dd70eec6-e1e0-449f-8cde-54c181b69237 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (04/06/2024 04:16:19 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT) Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-DO7JIUP$ via https://AMD-KeyId-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net/templates/Aik/scep : GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Sat, 06 Apr 2024 14:16:22 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: a07cce3c-4269-4e22-a3b5-690d88196171 Méthode : GET(2484ms) Étape : GetCACaps Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (04/06/2024 03:53:52 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT) Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-DO7JIUP$ via https://AMD-KeyId-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net/templates/Aik/scep : GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Sat, 06 Apr 2024 13:53:55 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 6acff210-13e8-4ab2-98bf-8aa1275d8a40 Méthode : GET(609ms) Étape : GetCACaps Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (04/06/2024 02:16:25 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante wuauclt.exe, version : 10.0.19041.4123, horodatage : 0x35946a52 Nom du module défaillant : ntdll.dll, version : 10.0.19041.3996, horodatage : 0x39215800 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000000634f6 ID du processus défaillant : 0x1470 Heure de début de l’application défaillante : 0x01da88191d31ec85 Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\wuauclt.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : 89b01867-253d-4d5d-b775-373cc66aaad1 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (04/06/2024 01:35:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante wuauclt.exe, version : 10.0.19041.4123, horodatage : 0x35946a52 Nom du module défaillant : ntdll.dll, version : 10.0.19041.3996, horodatage : 0x39215800 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000000634f6 ID du processus défaillant : 0x704 Heure de début de l’application défaillante : 0x01da8811a84314e5 Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\wuauclt.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : 93f93fa5-9295-417d-96d7-3d7b8ca4fb6d Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (04/06/2024 12:12:37 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme Content Manager.exe version 0.8.2633.39678 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 3254 Heure de début : 01da87a110ecef0d Heure d'arrêt : 4294967295 Chemin d'accès à l'application : C:\Users\pc\Desktop\Content Manager.exe ID de rapport : 524452d8-ab60-494b-b5e7-3388687e05fd Nom complet du package défectueux : ID de l'application relative à un package défectueux : Type de blocage : Top level window is idle Error: (04/05/2024 11:34:28 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme Content Manager.exe version 0.8.2633.39678 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 315c Heure de début : 01da87a0c33f64fa Heure d'arrêt : 4294967295 Chemin d'accès à l'application : C:\Users\pc\Desktop\Content Manager.exe ID de rapport : f6a72e11-787a-49a8-a1d9-a2d9c3f40964 Nom complet du package défectueux : ID de l'application relative à un package défectueux : Type de blocage : Top level window is idle System errors: ============= Error: (04/06/2024 04:57:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT) Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x800f0831 : 2024-03 Aperçu de la mise à jour cumulative pour Windows 10 Version 22H2 pour les systèmes x64 (KB5035941). Error: (04/06/2024 04:23:31 PM) (Source: Ntfs) (EventID: 55) (User: AUTORITE NT) Description: Une défaillance a été détectée dans la structure du système de fichiers sur le volume C:. La table MFT (Master File Table) contient un enregistrement de fichier endommagé. Le numéro de référence du fichier est 0x5000000113d65. Le nom du fichier est «  ». Error: (04/06/2024 04:23:27 PM) (Source: Ntfs) (EventID: 55) (User: AUTORITE NT) Description: Une défaillance a été détectée dans la structure du système de fichiers sur le volume C:. La table MFT (Master File Table) contient un enregistrement de fichier endommagé. Le numéro de référence du fichier est 0x5000000113d4c. Le nom du fichier est «  ». Error: (04/06/2024 04:21:08 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Le service Gestionnaire des cartes téléchargées est en attente de démarrage. Error: (04/06/2024 04:15:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service GameInput Service s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 1000 millisecondes : Redémarrer le service. Error: (04/06/2024 04:15:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service GameInput Service s’est arrêté avec l’erreur : Le fichier composé GameInput Service a été produit avec une version plus récente de la mémoire. Error: (04/06/2024 03:58:12 PM) (Source: Ntfs) (EventID: 55) (User: AUTORITE NT) Description: Une défaillance a été détectée dans la structure du système de fichiers sur le volume C:. La table MFT (Master File Table) contient un enregistrement de fichier endommagé. Le numéro de référence du fichier est 0x5000000113d65. Le nom du fichier est «  ». Error: (04/06/2024 03:58:11 PM) (Source: Ntfs) (EventID: 55) (User: AUTORITE NT) Description: Une défaillance a été détectée dans la structure du système de fichiers sur le volume C:. La table MFT (Master File Table) contient un enregistrement de fichier endommagé. Le numéro de référence du fichier est 0x5000000113d4c. Le nom du fichier est «  ». Windows Defender: ================ Date: 2024-03-04 18:17:33 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {4958483C-BA97-4773-8264-31353C0E2E6B} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : DESKTOP-DO7JIUP\pc Date: 2024-02-23 18:48:16 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {C1530750-4105-4DEC-85C6-EDC43E0D6B18} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2024-02-21 19:42:18 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {D5BCDB16-7085-441F-AA75-62AC46E4D491} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2024-02-20 22:08:59 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {965F74A4-0F98-4003-A110-8CE71D5CCEDE} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Date: 2024-02-18 20:20:51 Description: L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin. ID de l’analyse : {6B7A57C3-82D0-4D57-9C3A-2C73B3A8C006} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : AUTORITE NT\Système Event[0]: Date: 2024-04-05 18:59:16 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité. Nouvelle version de la veille de sécurité : 1.409.55.0 Version précédente de la veille de sécurité : 1.407.775.0 Source de mise à jour : Utilisateur Type de veille de sécurité : Logiciel anti-espion Type de mise à jour : Complet Utilisateur : AUTORITE NT\Système Version actuelle du moteur : 1.1.24030.4 Version précédente du moteur : 1.1.24020.9 Code d’erreur : 0x80004004 Description de l’erreur : Opération abandonnée Date: 2024-04-05 18:59:16 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité. Nouvelle version de la veille de sécurité : 1.409.55.0 Version précédente de la veille de sécurité : 1.407.775.0 Source de mise à jour : Utilisateur Type de veille de sécurité : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\Système Version actuelle du moteur : 1.1.24030.4 Version précédente du moteur : 1.1.24020.9 Code d’erreur : 0x80004004 Description de l’erreur : Opération abandonnée Date: 2024-04-05 18:59:16 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour du moteur. Nouvelle version du moteur : 1.1.24030.4 Version précédente du moteur : 1.1.24020.9 Utilisateur : AUTORITE NT\Système Code d’erreur : 0x80004004 Description de l’erreur : Opération abandonnée Date: 2024-04-05 18:55:41 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité. Nouvelle version de la veille de sécurité : Version précédente de la veille de sécurité : 1.407.775.0 Source de mise à jour : Serveur Microsoft Update Type de veille de sécurité : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\Système Version actuelle du moteur : Version précédente du moteur : 1.1.24020.9 Code d’erreur : 0x80240022 Description de l’erreur : Le programme ne peut pas rechercher les mises à jour de définitions. Date: 2024-04-05 18:55:41 Description: Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité. Nouvelle version de la veille de sécurité : Version précédente de la veille de sécurité : 1.407.775.0 Source de mise à jour : Serveur Microsoft Update Type de veille de sécurité : Anti-virus Type de mise à jour : Complet Utilisateur : AUTORITE NT\Système Version actuelle du moteur : Version précédente du moteur : 1.1.24020.9 Code d’erreur : 0x80240022 Description de l’erreur : Le programme ne peut pas rechercher les mises à jour de définitions. CodeIntegrity: =============== Date: 2024-04-06 17:08:56 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. P7.00 11/15/2021 Motherboard: ASRock A320M-HDV R4.0 Processor: AMD Ryzen 3 3200G with Radeon Vega Graphics Percentage of memory in use: 38% Total physical RAM: 16312.67 MB Available physical RAM: 10057.94 MB Total Virtual: 20408.67 MB Available Virtual: 12229.37 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:927.45 GB) (Free:131.49 GB) (Model: ST1000DM010-2EP102) NTFS \\?\Volume{3a4b1b95-bd06-409e-a95a-c7415a659734}\ () (Fixed) (Total:0 GB) (Free:0 GB) \\?\Volume{26afecf9-c8ff-4fa1-8ccf-dbf39f0a033d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt =======================