Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 23-05-2023
Exécuté par romar (23-05-2023 19:13:11)
Exécuté depuis C:\Users\romar\OneDrive\Document\Bureau
Microsoft Windows 11 Famille Version 22H2 22621.1702 (X64) (2022-10-20 10:14:58)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================


(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

Administrateur (S-1-5-21-993868400-1050244446-1395841530-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-993868400-1050244446-1395841530-503 - Limited - Disabled)
Invité (S-1-5-21-993868400-1050244446-1395841530-501 - Limited - Disabled)
romar (S-1-5-21-993868400-1050244446-1395841530-1001 - Administrator - Enabled) => C:\Users\romar
WDAGUtilityAccount (S-1-5-21-993868400-1050244446-1395841530-504 - Limited - Disabled)

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

Ankama Launcher 3.9.3 (HKLM\...\410fcd79-1be8-5bf1-986e-ea09c55f7edf) (Version: 3.9.3 - Ankama)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1579.3 - AVAST Software) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blitz (HKU\S-1-5-21-993868400-1050244446-1395841530-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 2.1.35 - Blitz, Inc.)
Crossplay Launcher (HKLM\...\Crossplay Launcher_is1) (Version: 1.0.9.0 - Com2uS Platform Corporation)
DeepL (HKU\S-1-5-21-993868400-1050244446-1395841530-1001\...\https%3a##appdownload.deepl.com#windows#0install#deepl.xml) (Version: - DeepL SE)
Discord (HKU\S-1-5-21-993868400-1050244446-1395841530-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
GitHub Desktop (HKU\S-1-5-21-993868400-1050244446-1395841530-1001\...\GitHubDesktop) (Version: 3.2.0 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 113.0.5672.127 - Google LLC)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hearthstone Deck Tracker (HKU\S-1-5-21-993868400-1050244446-1395841530-1001\...\HearthstoneDeckTracker) (Version: 1.19.24 - HearthSim)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-993868400-1050244446-1395841530-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Legion Arena (HKLM-x32\...\Legion Arena_is1) (Version: 1.3.1.1 - Lenovo Group Ltd.)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.43.0 - Lenovo Group Ltd.)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2022.12.348746 - Logitech)
Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.16327.20248 - Microsoft Corporation)
Microsoft 365 Apps for enterprise - fr-fr (HKLM\...\O365ProPlusRetail - fr-fr) (Version: 16.0.16327.20248 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.50 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.50 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.091.0430.0001 - Microsoft Corporation)
Microsoft OneNote - fr-fr (HKLM\...\OneNoteFreeRetail - fr-fr) (Version: 16.0.16327.20248 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-993868400-1050244446-1395841530-1001\...\Teams) (Version: 1.5.00.8070 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{43D501A5-E5E3-46EC-8F33-9E15D2A2CBD5}) (Version: 5.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.131 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.131 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA Pilote graphique 528.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 528.92 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16327.20248 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Opera GX Stable 98.0.4759.64 (HKU\S-1-5-21-993868400-1050244446-1395841530-1001\...\Opera GX 98.0.4759.64) (Version: 98.0.4759.64 - Opera Software)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.223.0.33 - Overwolf Ltd.)
R for Windows 4.2.1 (HKLM\...\R for Windows 4.2.1_is1) (Version: 4.2.1 - R Core Team)
R for Windows 4.2.2 (HKLM\...\R for Windows 4.2.2_is1) (Version: 4.2.2 - R Core Team)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.49.413.2021 - Realtek)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Roller Champions (HKLM-x32\...\Uplay Install 11899) (Version: - Ubisoft)
RStudio (HKLM-x32\...\RStudio) (Version: 2022.07.2+576 - RStudio)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Summoners War Chronicles (HKLM-x32\...\com.com2us.chronicles.pc.hive.us.normal) (Version: - Com2uS Platform Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.22976 - Microsoft Corporation)
Telegram Desktop (HKU\S-1-5-21-993868400-1050244446-1395841530-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.4.1 - Telegram FZ-LLC)
TFTactics (HKU\S-1-5-21-993868400-1050244446-1395841530-1001\...\Overwolf_delfmdadipjjmpajblkalfkbebcbldbknecigjpc) (Version: 1.8.5 - Overwolf app)
VALORANT (HKU\S-1-5-21-993868400-1050244446-1395841530-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
Zoom (HKU\S-1-5-21-993868400-1050244446-1395841530-1001\...\ZoomUMX) (Version: 5.13.5 (12053) - Zoom Video Communications, Inc.)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20070.0_x64__0a9344xs7nr4m [2023-03-17] (Advanced Micro Devices Inc.) [Startup Task]
Extension vidéo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-22] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_145.3.1086.0_x64__v10z8vjag6ke6 [2023-05-19] (HP Inc.)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2304.15.0_x64__k1h2ywk1493x8 [2023-05-13] (LENOVO INC.)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.4.12.0_x64__5grkq8ppsgwt4 [2023-04-01] (LENOVO INC) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.39.0_x64__8wekyb3d8bbwe [2023-01-03] (Microsoft Corp.)
Microsoft Midi gm.dls -> C:\Program Files\WindowsApps\Microsoft.Midi.GmDls_1.0.1.0_neutral__8wekyb3d8bbwe [2022-10-06] (Microsoft Platform Extensions)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10126.517.0_x64__8wekyb3d8bbwe [2023-02-21] (Microsoft Corporation)
ms-resource:app_name_ms_todo -> C:\Program Files\WindowsApps\Microsoft.Todos_2.96.61291.0_x64__8wekyb3d8bbwe [2023-05-16] (Microsoft Corporation) [Startup Task]
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.60961.0_x64__8wekyb3d8bbwe [2023-04-22] (Microsoft Corporation)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.17.0_x64__w2gh52qy24etm [2023-02-27] (A-Volute)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-11-02] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-10] (NVIDIA Corp.)
OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_19.23.19.0_x64__8wekyb3d8bbwe [2022-07-25] (Microsoft Corporation)
PDF Document Scanner -> C:\Program Files\WindowsApps\61083ApeApps.PDFDocumentScanner_4.39.0.0_x64__d2yynfvsn01f4 [2023-05-10] (Ape Apps)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.37.275.0_x64__dt26b99r8h8gj [2022-12-09] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0 [2023-05-18] (Spotify AB) [Startup Task]

==================== Personnalisé CLSID (Avec liste blanche): ==============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-993868400-1050244446-1395841530-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\romar\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22062.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-993868400-1050244446-1395841530-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\romar\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
CustomCLSID: HKU\S-1-5-21-993868400-1050244446-1395841530-1001_Classes\CLSID\{b72e6f5e-f6e0-a9eb-461b-6118363bd15c}\localserver32 -> C:\Users\romar\AppData\Local\0install.net\implementations\sha256new_Z5ML7M7EV32PQUZPYH5TRQ66YWIXJTNNNXRVGIVTKNGMJNRHHFVQ\DeepL.exe (DeepL SE -> DeepL SE)
CustomCLSID: HKU\S-1-5-21-993868400-1050244446-1395841530-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\romar\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.091.0430.0001\FileSyncShell64.dll [2023-05-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.091.0430.0001\FileSyncShell64.dll [2023-05-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.091.0430.0001\FileSyncShell64.dll [2023-05-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.091.0430.0001\FileSyncShell64.dll [2023-05-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.091.0430.0001\FileSyncShell64.dll [2023-05-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.091.0430.0001\FileSyncShell64.dll [2023-05-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.091.0430.0001\FileSyncShell64.dll [2023-05-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.091.0430.0001\FileSyncShell64.dll [2023-05-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.091.0430.0001\FileSyncShell64.dll [2023-05-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.091.0430.0001\FileSyncShell64.dll [2023-05-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.091.0430.0001\FileSyncShell64.dll [2023-05-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.091.0430.0001\FileSyncShell64.dll [2023-05-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.091.0430.0001\FileSyncShell64.dll [2023-05-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.091.0430.0001\FileSyncShell64.dll [2023-05-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.091.0430.0001\FileSyncShell64.dll [2023-05-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.091.0430.0001\FileSyncShell64.dll [2023-05-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.091.0430.0001\FileSyncShell64.dll [2023-05-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> Pas de fichier
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_48c31942d8ae9bd7\nvshext.dll [2023-04-24] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Avec liste blanche) ====================

==================== Raccourcis & WMI ========================

==================== Modules chargés (Avec liste blanche) =============

2023-03-18 14:49 - 2022-08-21 03:44 - 001160192 _____ () [Fichier non signé] [Fichier en cours d'utilisation] C:\Users\romar\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\CefSharp.BrowserSubprocess.Core.dll
2023-04-01 15:57 - 2023-05-18 21:28 - 000498176 _____ () [Fichier non signé] \\?\C:\Users\romar\AppData\Local\Programs\Blitz\resources\app.asar.unpacked\node_modules\leveldown\prebuilds\win32-x64\node.napi.node
2023-04-01 15:57 - 2023-05-18 21:28 - 000816640 _____ () [Fichier non signé] \\?\C:\Users\romar\AppData\Local\Programs\Blitz\resources\app.asar.unpacked\node_modules\lzma-native\prebuilds\win32-x64\electron.napi.node
2022-12-07 23:14 - 2022-12-07 22:02 - 000155136 _____ () [Fichier non signé] C:\Program Files\LGHUB\resources\app.asar.unpacked\keytar.node
2023-03-18 14:49 - 2022-08-19 09:38 - 175591424 _____ () [Fichier non signé] C:\Users\romar\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libcef.dll
2023-03-18 14:49 - 2022-08-19 08:11 - 000442880 _____ () [Fichier non signé] C:\Users\romar\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libEGL.dll
2023-03-18 14:49 - 2022-08-19 08:10 - 006480384 _____ () [Fichier non signé] C:\Users\romar\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libGLESv2.dll
2023-03-18 14:49 - 2022-08-19 08:07 - 004077568 _____ () [Fichier non signé] C:\Users\romar\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\vk_swiftshader.dll
2023-03-18 14:49 - 2022-08-19 08:10 - 000828928 _____ () [Fichier non signé] C:\Users\romar\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\vulkan-1.dll
2023-02-10 22:25 - 2023-05-18 21:28 - 002862592 _____ () [Fichier non signé] C:\Users\romar\AppData\Local\Programs\Blitz\ffmpeg.dll
2023-02-10 22:25 - 2023-05-18 21:28 - 000479232 _____ () [Fichier non signé] C:\Users\romar\AppData\Local\Programs\Blitz\libegl.dll
2023-02-10 22:25 - 2023-05-18 21:28 - 007514112 _____ () [Fichier non signé] C:\Users\romar\AppData\Local\Programs\Blitz\libglesv2.dll
2023-02-10 22:25 - 2023-05-18 21:28 - 005209600 _____ () [Fichier non signé] C:\Users\romar\AppData\Local\Programs\Blitz\vk_swiftshader.dll
2023-05-23 08:21 - 2023-05-23 08:21 - 001984056 _____ (A Soft Group -> ) [Fichier non signé] C:\Program Files (x86)\Altrst\AppHelper.dll
2023-03-18 14:49 - 2022-08-19 08:16 - 001231872 _____ (The Chromium Authors) [Fichier non signé] C:\Users\romar\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\chrome_elf.dll
2023-04-01 15:57 - 2023-05-18 21:28 - 000150528 _____ (The Tukaani Project <hxxp://tukaani.org/>) [Fichier non signé] \\?\C:\Users\romar\AppData\Local\Programs\Blitz\resources\app.asar.unpacked\node_modules\lzma-native\prebuilds\win32-x64\liblzma.dll

==================== Alternate Data Streams (Avec liste blanche) ========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)

AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\McInst.exe:5333F5D8A9 [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\McInst.exe:B3972C507D [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 5 Multi-Instance Manager.lnk:35C0D57199 [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 5.lnk:088221F38A [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legion Arena.lnk:20903A5BF7 [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk:5465085A2F [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk:104946E0EA [10]

==================== Mode sans échec (Avec liste blanche) ==================

==================== Association (Avec liste blanche) =================

==================== Internet Explorer (Avec liste blanche) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-27] (Microsoft Corporation -> Microsoft Corporation)

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-993868400-1050244446-1395841530-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-993868400-1050244446-1395841530-1001\...\sharepoint.com -> hxxps://univgrenoble-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-993868400-1050244446-1395841530-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts contenu: =========================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2021-06-05 14:08 - 2021-06-05 14:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Autres zones ===========================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-993868400-1050244446-1395841530-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\romar\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\thumb-1920-744908.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKU\S-1-5-21-993868400-1050244446-1395841530-1001\...\StartupApproved\Run: => "Battle.net"
HKU\S-1-5-21-993868400-1050244446-1395841530-1001\...\StartupApproved\Run: => "LenovoVantageToolbar"
HKU\S-1-5-21-993868400-1050244446-1395841530-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_9B03D06066FEF68DDA93DF428249591C"
HKU\S-1-5-21-993868400-1050244446-1395841530-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-993868400-1050244446-1395841530-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant"
HKU\S-1-5-21-993868400-1050244446-1395841530-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-993868400-1050244446-1395841530-1001\...\StartupApproved\Run: => "Discord"

==================== RèglesPare-feu (Avec liste blanche) ================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [{93CE4CCE-C0CB-4DB0-9405-BDE479154D81}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Pas de fichier
FirewallRules: [{05D209EC-55B9-4890-B45C-C01B7F1812C9}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Pas de fichier
FirewallRules: [UDP Query User{CAF33CBF-9B2E-446C-B46E-4CE69BBB83DD}C:\users\romar\appdata\roaming\bloom\bloom.exe] => (Block) C:\users\romar\appdata\roaming\bloom\bloom.exe => Pas de fichier
FirewallRules: [TCP Query User{A210E091-3CEC-4190-8754-E3F3B15EB2DC}C:\users\romar\appdata\roaming\bloom\bloom.exe] => (Block) C:\users\romar\appdata\roaming\bloom\bloom.exe => Pas de fichier
FirewallRules: [UDP Query User{E4081734-3C40-43AE-82C8-002111CBFF80}C:\users\romar\appdata\roaming\bloom\bloom.exe] => (Block) C:\users\romar\appdata\roaming\bloom\bloom.exe => Pas de fichier
FirewallRules: [TCP Query User{640F67E2-D8CE-4608-9BF2-45D450C692CD}C:\users\romar\appdata\roaming\bloom\bloom.exe] => (Block) C:\users\romar\appdata\roaming\bloom\bloom.exe => Pas de fichier
FirewallRules: [UDP Query User{A69F7F17-AB60-4C1A-9A32-098D7AFCEADC}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{470DF2EA-16FA-4FC0-B507-02841C1F379A}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{4837BE0C-271A-4EA7-A1C4-8C4DE15AF474}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{A787F5EF-63B7-4C5C-8154-243F3B26C9EB}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{535C08B6-C430-41AF-B509-E8035445AECB}C:\users\romar\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\romar\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [TCP Query User{643B7BC1-BE7D-4CE8-BF94-0B646B2C8080}C:\users\romar\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\romar\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [{89DBBB1F-D636-4E7F-A988-A91783D4F76A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Roller Champions\roller.exe => Pas de fichier
FirewallRules: [UDP Query User{B1C578C6-41CD-4675-9F30-678184D8660C}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{37DC3C9F-AE3D-4BFC-8865-B820D858E294}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{E3B190A1-A3D0-43F0-ACF3-28485E26EB86}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{BE4F60C2-DF86-4D05-B18F-6E5505B34544}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{C8E5BFCC-857B-414C-9DF8-E38D99688379}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe => Pas de fichier
FirewallRules: [{48A3DD2F-4353-4DDD-9CDB-889C190D60C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe => Pas de fichier
FirewallRules: [{0ACF9262-7515-41CF-83BA-8C4007CCE05D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe => Pas de fichier
FirewallRules: [{1F011313-4625-45B3-BC97-F7F8B5AECCB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe => Pas de fichier
FirewallRules: [UDP Query User{B2F7C0B4-CB49-415E-AB62-F860985FBEA1}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{75336A9E-1E3A-4958-8E49-F850ADFECFD7}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{78687B61-78C6-4787-AB5E-54CBFD558EB0}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{8F970026-0290-438E-9BEB-DC2266FC6774}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{DDBF840E-4AC4-4362-B197-42C99E8E1C31}C:\users\romar\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\romar\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{73637BFE-A7FC-4291-98E1-3ACD612D4D11}C:\users\romar\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\romar\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{4E2B153C-7D65-465E-8E5A-D4BF909B9DF5}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{F7C9AD27-6C23-44FE-874F-53BBC80FD2AB}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{0722264B-6623-4F57-B58C-661E1BC78854}C:\users\romar\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\romar\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{712DB9A8-2626-470F-B39C-22331D9AB419}C:\users\romar\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\romar\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{1CD1111C-E09C-4D64-A22E-A07239E81989}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4F70712A-2268-49DE-B40F-F0622DB0F4B2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{25354794-08D9-44C9-8A79-06D613433327}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A8F2A5B3-64DC-49B8-808C-F6BC2D3EFF8D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{0CFCD9B2-6207-463B-BF46-1CA47A2202FC}C:\program files\rstudio\bin\rsession-utf8.exe] => (Allow) C:\program files\rstudio\bin\rsession-utf8.exe (RStudio, PBC) [Fichier non signé]
FirewallRules: [UDP Query User{CAA6A535-E333-4FDE-928A-8379D33A6CDC}C:\program files\rstudio\bin\rsession-utf8.exe] => (Allow) C:\program files\rstudio\bin\rsession-utf8.exe (RStudio, PBC) [Fichier non signé]
FirewallRules: [TCP Query User{3C4EFC8B-DE59-4074-A7A5-5B11399B0B25}C:\program files\rstudio\bin\rsession-utf8.exe] => (Allow) C:\program files\rstudio\bin\rsession-utf8.exe (RStudio, PBC) [Fichier non signé]
FirewallRules: [UDP Query User{BA50ACEF-52F4-4C0A-A949-7EF5905D7D6E}C:\program files\rstudio\bin\rsession-utf8.exe] => (Allow) C:\program files\rstudio\bin\rsession-utf8.exe (RStudio, PBC) [Fichier non signé]
FirewallRules: [TCP Query User{9E5B09F1-9D97-4D29-8A1F-FFCCFA2D22AD}C:\users\romar\appdata\local\programs\blitz\blitz.exe] => (Block) C:\users\romar\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [UDP Query User{B8C3729D-CBF3-41CB-8B78-5D987FF2E9A0}C:\users\romar\appdata\local\programs\blitz\blitz.exe] => (Block) C:\users\romar\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [{B3ADAB12-109E-42B4-8205-BA2DD2F50989}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3E69E922-D8A4-4DC9-B9A2-94B7B7328629}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{EC2F0858-EFB7-49A5-88F3-5C81784A6BCE}] => (Allow) C:\Users\romar\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{D1CEE655-F147-43AE-9382-00C9739DEC3D}] => (Allow) C:\Users\romar\AppData\Roaming\Zoom\bin\airhost.exe => Pas de fichier
FirewallRules: [{AB7A0136-9A59-4781-B725-4EE78BA8E8FC}] => (Allow) C:\Users\romar\AppData\Roaming\Zoom\bin\airhost.exe => Pas de fichier
FirewallRules: [{DCF32BEA-4BE0-45F2-B5A3-F0DE9EC397D3}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Pas de fichier
FirewallRules: [{2224F5B6-06EB-482D-9AB6-8A4406344DFE}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Pas de fichier
FirewallRules: [{1418C000-4BE7-4D20-ADA1-C9C03C7259AF}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => Pas de fichier
FirewallRules: [{E2C642C4-6643-4BA5-AF50-3C0501416716}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe => Pas de fichier
FirewallRules: [{87381826-C1B8-4FEC-991E-F9EE5C18AF3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{BDDD14C8-5118-4B4D-8A5B-FDC2C1A7D35C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0F789FD5-B5B2-4E77-97E1-B6F24DAA83AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{FF5654F8-95B3-40AB-9231-5288FDF23FF0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{2F58FC49-B761-4F1B-A370-B36ED99884D3}] => (Allow) C:\Users\romar\AppData\Local\Temp\7zS5296\HP.EasyStart.exe => Pas de fichier
FirewallRules: [TCP Query User{2C1CAFF7-51F9-43B3-A254-2869D393C089}C:\users\romar\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\romar\appdata\local\discord\app-1.0.9011\discord.exe => Pas de fichier
FirewallRules: [UDP Query User{54C97802-1020-480D-A45E-8D8652084B43}C:\users\romar\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\romar\appdata\local\discord\app-1.0.9011\discord.exe => Pas de fichier
FirewallRules: [TCP Query User{5C12663A-B623-4C09-B2DC-96A377F0DA3E}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Block) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [UDP Query User{D8B09027-0059-4BF4-AAAC-B69B59E65F31}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Block) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [{586BE4BA-305A-4216-B717-EBC8246D7543}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23091.406.2009.3890_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A4BFC3F1-123A-4AF6-AD78-25BC186A3A05}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23091.406.2009.3890_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3052D843-783F-4547-AB25-8B6BF74A319E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{573753DE-4BCD-4ABB-82F0-889EBC456C94}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7BE33BBD-6490-4A02-86B1-C6ADC7ED6A0C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F182CEB0-9C88-4810-AF17-D7CA27F6A5FF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8127EDCF-51EC-412B-9DBB-61CDC1FB37A6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{113789AA-5E39-4C82-B7D0-396BD2E8F9A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CD8AA58A-3882-4F45-9D38-470EECE486BB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{73A2D7FD-2A77-4986-A854-7BFE6B545313}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6633FC4A-8835-4F64-B9D0-6A67B3950BEC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C607C7AB-8F5F-4255-B30A-D5A865785F79}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C90B23E8-1D6B-423E-AB5E-3A2ED0D4AEF7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C74E6BB3-A536-4C96-A538-E9DC1FEFA66B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DC62816B-EE1C-46E1-83E7-47427DD48395}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{24D6035E-EF17-4449-8A47-9F60D0F6DB2F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{35B9D320-747F-4E87-8AD6-B3CB79DD6530}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{34D59E59-2CE0-4127-A72A-5712E5239E4C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F99A22F3-F148-4A10-AC5D-A08106431944}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{70372DC3-DEBD-4A8B-8814-9A2238B1A895}] => (Allow) C:\Program Files (x86)\Overwolf\0.223.0.30\OverwolfBrowser.exe => Pas de fichier
FirewallRules: [{1B9A90C1-B01A-4910-8D2B-4D8D3D2A0213}] => (Allow) C:\Program Files (x86)\Overwolf\0.223.0.30\OverwolfBrowser.exe => Pas de fichier
FirewallRules: [{4550F4E3-7225-4831-90DF-F4AB79900CEE}] => (Block) C:\Program Files (x86)\Overwolf\0.223.0.30\OverwolfBrowser.exe => Pas de fichier
FirewallRules: [{86136107-BFBE-49E8-BAB7-0E482FB9D78A}] => (Block) C:\Program Files (x86)\Overwolf\0.223.0.30\OverwolfBrowser.exe => Pas de fichier
FirewallRules: [{A3F137D8-3AAF-4614-9EEF-0E0467BD70E1}] => (Allow) C:\Program Files (x86)\Overwolf\0.223.0.33\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{45E645B2-3C0F-435E-BC29-77A41660F232}] => (Allow) C:\Program Files (x86)\Overwolf\0.223.0.33\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{735C9C61-38C6-4029-A43E-6CF84D43DFAD}] => (Allow) C:\Program Files (x86)\PremierOpinion\pmropn.exe => Pas de fichier
FirewallRules: [{9CCAC829-5472-4407-8355-63522FA78681}] => (Allow) C:\Program Files (x86)\PremierOpinion\pmropn.exe => Pas de fichier

==================== Points de restauration =========================

23-05-2023 18:02:35 KpRm
23-05-2023 18:12:07 Removed Java 8 Update 333 (64-bit)
23-05-2023 18:22:48 Removed Futuremark SystemInfo

==================== Éléments en erreur du Gestionnaire de périphériques ============


==================== Erreurs du Journal des événements: ========================

Erreurs Application:
==================
Error: (05/23/2023 06:26:07 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\LAPTOP-A48T1QHB$ via https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep :

GetCACaps

Méthode : GET(0ms)
Étape : GetCACaps
L’adresse ou le nom de serveur n’a pas pu être résolu 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (05/23/2023 09:18:37 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\LAPTOP-A48T1QHB$ via https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep :

GetCACaps

Méthode : GET(110ms)
Étape : GetCACaps
L’adresse ou le nom de serveur n’a pas pu être résolu 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (05/23/2023 08:21:49 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-A48T1QHB)
Description: Nom de l’application défaillante yzcrowd.tmp, version : 4.1.16.1, horodatage : 0x646b7311
Nom du module défaillant : yzcrowd.tmp, version : 4.1.16.1, horodatage : 0x646b7311
Code d’exception : 0xc0000409
Décalage d’erreur : 0x001939f4
ID du processus défaillant : 0x0x5d7c
Heure de début de l’application défaillante : 0x0x1d98d3eda9a83cd
Chemin d’accès de l’application défaillante : C:\Users\romar\AppData\Local\Temp\RJ54HUdc\yzcrowd.tmp
Chemin d’accès du module défaillant: C:\Users\romar\AppData\Local\Temp\RJ54HUdc\yzcrowd.tmp
ID de rapport : 1c6eba32-0c51-43e9-9159-713fc8b2ba9b
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (05/22/2023 06:57:30 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\LAPTOP-A48T1QHB$ via https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep :

GetCACaps

Méthode : GET(125ms)
Étape : GetCACaps
L’adresse ou le nom de serveur n’a pas pu être résolu 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (05/22/2023 09:36:13 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\LAPTOP-A48T1QHB$ via https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep :

GetCACaps

Méthode : GET(94ms)
Étape : GetCACaps
L’adresse ou le nom de serveur n’a pas pu être résolu 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (05/18/2023 03:13:56 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\LAPTOP-A48T1QHB$ via https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep :

GetCACaps

Méthode : GET(16ms)
Étape : GetCACaps
L’adresse ou le nom de serveur n’a pas pu être résolu 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (05/17/2023 08:13:37 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\LAPTOP-A48T1QHB$ via https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep :

GetCACaps

Méthode : GET(1297ms)
Étape : GetCACaps
L’adresse ou le nom de serveur n’a pas pu être résolu 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (05/17/2023 01:06:08 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application : LenovoSmartKey.exe
Version du Framework : v4.0.30319
Description : le processus a été arrêté en raison d'une exception non gérée.
Informations sur l'exception : code d'exception c0000005, adresse d'exception 00007FF94579ED83
Pile :


Erreurs système:
=============
Error: (05/23/2023 06:29:09 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A48T1QHB)
Description: Le serveur {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (05/23/2023 06:26:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service rsVPNSvc n’a pas pu démarrer en raison de l’erreur :
Le fichier spécifié est introuvable.

Error: (05/23/2023 06:26:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service rsVPNClientSvc n’a pas pu démarrer en raison de l’erreur :
Le fichier spécifié est introuvable.

Error: (05/23/2023 06:25:59 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 18:15:19 le ‎23/‎05/‎2023 n’était pas prévu.

Error: (05/23/2023 06:20:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Safer Web DNS Resolver s’est terminé de façon inattendue pour la 1ème fois.

Error: (05/23/2023 09:31:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service AltruisticsService s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 100 millisecondes : Redémarrer le service.

Error: (05/23/2023 09:30:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service AltruisticsService s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 100 millisecondes : Redémarrer le service.

Error: (05/23/2023 09:30:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service AltruisticsService s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 100 millisecondes : Redémarrer le service.


Windows Defender:
================
Date: 2023-05-23 08:17:19
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {36543543-8A32-4BA8-9552-64211697F3CA}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2023-05-22 08:04:24
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {CFA28F69-EB7B-4968-84CE-8E977965EE30}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2023-05-21 01:33:50
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {9764430D-122D-4A1F-8F4D-6C0954E616EC}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2023-05-20 12:06:37
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {63E01833-8009-4807-9172-AA2DF47E330D}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

Date: 2023-05-19 13:42:02
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {6F29496B-D22E-47B3-A2B1-F2C364AA0A21}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\Système

CodeIntegrity:
===============
Date: 2023-05-23 09:31:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\romar\AppData\Local\Programs\Opera GX\opera.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

Date: 2023-05-23 09:25:48
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ReasonLabs\EPP\133293003400876750\x64\rsKernelEngine.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2023-05-23 09:25:47
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ReasonLabs\EPP\133293003400876750\rsWSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2023-05-23 09:25:47
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ReasonLabs\EPP\133293003400876750\rsLitmus.A.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2023-05-23 09:25:46
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ReasonLabs\EPP\133293003400876750\rsAssistant.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2023-05-23 09:25:46
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ReasonLabs\EPP\133293003400876750\elam\rsElam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2023-05-23 09:24:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\RAVAntivirus\rsEngineSvc.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Outlook\15.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-05-23 09:24:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\RAVAntivirus\rsEngineSvc.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC_MSIL\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Infos Mémoire ===========================

BIOS: LENOVO H3CN30WW(V2.00) 06/28/2021
Carte mère: LENOVO LNVNB161216
Processeur: AMD Ryzen 5 5600H with Radeon Graphics
Pourcentage de mémoire utilisée: 88%
Mémoire physique - RAM - totale: 5996.07 MB
Mémoire physique - RAM - disponible: 663.47 MB
Mémoire virtuelle totale: 15724.07 MB
Mémoire virtuelle disponible: 6426.41 MB

==================== Lecteurs ================================

Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:295.36 GB) (Model: SAMSUNG MZALQ512HBLU-00BL2) NTFS

\\?\Volume{f71b5fca-411b-49c4-9222-044123babda9}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.4 GB) NTFS
\\?\Volume{3b98aa7c-d7f9-4509-bd9b-92234c26abf7}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Table des partitions ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 154AACD5)

Partition: GPT.

==================== Fin de Addition.txt =======================