Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-12-2023 Ran by HP (11-12-2023 14:10:32) Running from C:\Users\HP\Desktop Microsoft Windows 10 Professionnel Version 22H2 19045.3693 (X64) (2022-01-28 15:15:51) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrateur (S-1-5-21-1312067145-2974934266-877005598-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1312067145-2974934266-877005598-503 - Limited - Disabled) HP (S-1-5-21-1312067145-2974934266-877005598-1002 - Administrator - Enabled) => C:\Users\HP Invité (S-1-5-21-1312067145-2974934266-877005598-501 - Limited - Disabled) Open Session (S-1-5-21-1312067145-2974934266-877005598-1009 - Limited - Enabled) => C:\Users\Open Session WDAGUtilityAccount (S-1-5-21-1312067145-2974934266-877005598-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) adobe (HKLM-x32\...\{3E35508F-DEC5-4651-A594-9214449F70AE}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1634.4 - AVG Technologies) Hidden Bang & Olufsen Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 9.0.232.90 - Conexant) chatgpt (HKU\S-1-5-21-1312067145-2974934266-877005598-1002\...\e36f6d066da67ec527475408e56892bb) (Version: 1.0 - Google\Chrome) CIH Banque (HKU\S-1-5-21-1312067145-2974934266-877005598-1002\...\5cfe417888de176d589fbbb3f5d5277b) (Version: 1.0 - Google\Chrome) Contrôle d’intégrité du PC Windows (HKLM\...\{90C6971F-ABF1-4FBF-BD98-24F14C5F5AB4}) (Version: 3.6.2204.08001 - Microsoft Corporation) Figma (HKU\S-1-5-21-1312067145-2974934266-877005598-1002\...\Figma) (Version: 116.7.103 - Figma, Inc.) Figma Agent (HKU\S-1-5-21-1312067145-2974934266-877005598-1002\...\FigmaAgent) (Version: 116.15.4 - Figma, Inc.) GIMP 2.10.34 (HKU\S-1-5-21-1312067145-2974934266-877005598-1002\...\GIMP-2_is1) (Version: 2.10.34 - The GIMP Team) Gmail Perso (HKU\S-1-5-21-1312067145-2974934266-877005598-1002\...\f455b448768d814bce828f401236dba2) (Version: 1.0 - Google\Chrome) Gmail School (HKU\S-1-5-21-1312067145-2974934266-877005598-1002\...\ae81de17a5ac38e8fe4953d01bc12f67) (Version: 1.0 - Google\Chrome) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 119.0.6045.200 - Google LLC) Google Meet (HKU\S-1-5-21-1312067145-2974934266-877005598-1002\...\3192683ce249e7bcd45d7228827a5f01) (Version: 1.0 - Google\Chrome) Google Meet (HKU\S-1-5-21-1312067145-2974934266-877005598-1002\...\dcb70991657d5402f8aeb960edccc445) (Version: 1.0 - Google\Chrome) Microsoft .NET Host - 6.0.14 (x64) (HKLM\...\{40D4EC44-91F8-4EEE-869E-F4B3E90E6688}) (Version: 48.59.55225 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.14 (x64) (HKLM\...\{D1726E78-81F3-40A2-A7AF-6286BAA49B1C}) (Version: 48.59.55225 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.14 (x64) (HKLM\...\{61202CF9-3B84-4E5A-91A1-2984FAE38259}) (Version: 48.59.55225 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.61 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.61 - Microsoft Corporation) Microsoft Office Professional Plus 2021 - fr-fr (HKLM\...\ProPlus2021Retail - fr-fr) (Version: 16.0.17029.20068 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.226.1031.0003 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-1312067145-2974934266-877005598-1002\...\Teams) (Version: 1.5.00.21668 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-1312067145-2974934266-877005598-1009\...\Teams) (Version: 1.6.00.18681 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.14 (x64) (HKLM\...\{424D9E0C-14D9-4D4B-9562-845689D972F6}) (Version: 48.59.55235 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.14 (x64) (HKLM-x32\...\{c4558324-5b32-43fc-9ac2-423fee96dae0}) (Version: 6.0.14.32124 - Microsoft Corporation) Notion 2.2.1 (HKU\S-1-5-21-1312067145-2974934266-877005598-1002\...\661f0cc6-343a-59cb-a5e8-8f6324cc6998) (Version: 2.2.1 - Notion Labs, Inc) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20068 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden Payoneer (HKU\S-1-5-21-1312067145-2974934266-877005598-1002\...\5f7963f5299bf99fe404c4bcf7283acd) (Version: 1.0 - Google\Chrome) PayPal (HKU\S-1-5-21-1312067145-2974934266-877005598-1002\...\5249b0a54bdbef3b68c053ec694d8bdb) (Version: 1.0 - Google\Chrome) Quora (HKU\S-1-5-21-1312067145-2974934266-877005598-1002\...\448918075045820e5548b9505e0bf8b5) (Version: 1.0 - Google\Chrome) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.65 - Synaptics Incorporated) Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.22976 - Microsoft Corporation) Twitter (HKU\S-1-5-21-1312067145-2974934266-877005598-1002\...\10032e97766be032293b1bf85b9c1b59) (Version: 1.0 - Google\Chrome) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation) Viralstyle (HKU\S-1-5-21-1312067145-2974934266-877005598-1002\...\3067e5ad3b2d9fa7e8a6cbc467ae4cd8) (Version: 1.0 - Google\Chrome) VSDC Free Video Editor version 8.1.2.455 (HKLM\...\VSDC Free Video Editor_is1) (Version: 8.1.2.455 - Flash-Integro LLC) WinRAR 6.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.10.0 - win.rar GmbH) YouTube (HKU\S-1-5-21-1312067145-2974934266-877005598-1002\...\006afe4f087010da2423cb768a9e11c8) (Version: 1.0 - Google\Chrome) YouTube (HKU\S-1-5-21-1312067145-2974934266-877005598-1002\...\baef8ec9dad6789c8623ce0c85607a8f) (Version: 1.0 - Google\Chrome) YouTube (HKU\S-1-5-21-1312067145-2974934266-877005598-1009\...\fa0fb19e11f45c8e0e6e8e8be6504767) (Version: 1.0 - Google\Chrome) Packages: ========= Angry Birds 2 -> C:\Program Files\WindowsApps\1ED5AEA5.4160926B82DB_3.13.4.0_x64__p2gbknwb5d8r2 [2023-11-24] (Rovio Entertainment Oyj) Asphalt 8: Airborne -> C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_7.5.12.0_x64__0pp20fcewvvtj [2023-12-09] (GAMELOFT SA) Cube Connect -> C:\Program Files\WindowsApps\24126LRStudios.CubeConnect_1.2.23.0_x64__fqrdd7fbndtry [2023-11-05] (LR Studios) [MS Ad] Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2023.531.1.0_x64__8xx8rvfyw5nnt [2023-12-10] (Meta) Facebook -> C:\Program Files\WindowsApps\www.facebook.com-1C2D851A_2023.531.1.1_neutral__n468xs7erp6tc [2023-10-14] (www.facebook.com) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_150.1.1140.0_x64__v10z8vjag6ke6 [2023-11-28] (HP Inc.) HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_8.10.39.0_x64__v10z8vjag6ke6 [2023-06-27] (HP Inc.) Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5237.0_x64__8j3eq9eme6ctt [2023-11-10] (INTEL CORP) [Startup Task] Memorize Quran -> C:\Program Files\WindowsApps\29553DigitalAction.MemorizeQuran_1.2.0.12_neutral__ahxw7anypsxwg [2023-03-23] (DigitalAction) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-01-29] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-01-29] (Microsoft Corporation) [MS Ad] Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.1129.100_x64__8wekyb3d8bbwe [2023-12-09] (Microsoft Corporation) Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-10-30] (Microsoft Corporation) Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.152.0_x64__pwbj9vvecjh7j [2023-12-09] (Amazon Development Centre (London) Ltd) Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-05] (Microsoft Studios) [MS Ad] WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2348.4.0_x64__cv1g1gvanyjgm [2023-12-09] (WhatsApp Inc.) [Startup Task] ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1312067145-2974934266-877005598-1002_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\HP\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => No File CustomCLSID: HKU\S-1-5-21-1312067145-2974934266-877005598-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22209.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1312067145-2974934266-877005598-1002_Classes\CLSID\{1a46400f-4c81-802a-c2c1-1e9a687a9340}\localserver32 -> "C:\Program Files\HandBrake\HandBrake.exe" -ToastActivated => No File ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-02-10] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-02-10] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-02-10] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-02-10] (Adobe Systems Incorporated -> ) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncShell64.dll [2023-11-18] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-02-10] (Adobe Systems Incorporated -> ) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed] HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed] HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed] HKLM\...\Drivers32: [msacm.lame] => C:\Windows\system32\lame.ax [245760 2005-08-01] () [File not signed] HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed] HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\system32\xvidvfw.dll [139264 2004-07-03] () [File not signed] HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed] HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed] HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed] HKLM\...\Drivers32: [vidc.VP62] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed] HKLM\...\Drivers32: [vidc.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-07] () [File not signed] ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\HP\Desktop\Aicha 28 - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 10" ShortcutWithArgument: C:\Users\HP\Desktop\Aicha School - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3" ShortcutWithArgument: C:\Users\HP\Desktop\CIH Banque.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 10" --app-id=gfofefijannglaigpjkhlbhapehjafag ShortcutWithArgument: C:\Users\HP\Desktop\GM School.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=kjgfgldnnfoeklkmfkjfagphfepbbdan ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\CIH Banque.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 10" --app-id=gfofefijannglaigpjkhlbhapehjafag ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 4" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Meet (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=kjgfgldnnfoeklkmfkjfagphfepbbdan ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Meet.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 4" --app-id=kjgfgldnnfoeklkmfkjfagphfepbbdan ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Payoneer.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 4" --app-id=jjlcdnbcengachofgchmkjdakjaialic ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 4" --app-id=agimnkijcaahngcdmfeangaknmldooml ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Aicha - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 4" ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube (2).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 4" --app-id=agimnkijcaahngcdmfeangaknmldooml ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 4" --app-id=agimnkijcaahngcdmfeangaknmldooml ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Aicha - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 4" ==================== Loaded Modules (Whitelisted) ============= 2023-12-11 13:54 - 2023-12-11 13:54 - 000086861 _____ () [File not signed] C:\Users\HP\AppData\Local\Temp\JNativeHook-6395190571973246720.x86_64.dll 2022-03-15 13:35 - 2018-07-03 11:14 - 001348608 _____ (Conexant Systems, Inc.) [File not signed] C:\Program Files\Conexant\SA3\HP-NB-AIO\CxHDAudioAPI.dll 2023-04-28 11:44 - 2011-05-27 18:45 - 001466368 ___SH (PC SOFT) [File not signed] C:\ProgramData\Systeme\WD160COM.DLL 2023-04-28 11:44 - 2011-05-31 11:28 - 002698240 ___SH (PC SOFT) [File not signed] C:\ProgramData\Systeme\WD160HF.DLL 2023-04-28 11:44 - 2011-06-03 12:37 - 000696320 ___SH (PC SOFT) [File not signed] C:\ProgramData\Systeme\WD160IMG.DLL 2023-04-28 11:44 - 2011-06-15 18:51 - 003854336 ___SH (PC SOFT) [File not signed] C:\ProgramData\Systeme\WD160OBJ.DLL 2023-04-28 11:44 - 2011-05-26 16:02 - 000195584 ___SH (PC SOFT) [File not signed] C:\ProgramData\Systeme\WD160PNT.DLL 2023-04-28 11:44 - 2011-06-08 09:44 - 000802816 ___SH (PC SOFT) [File not signed] C:\ProgramData\Systeme\WD160STD.DLL 2023-04-28 11:44 - 2011-06-06 17:08 - 002557440 ___SH (PC SOFT) [File not signed] C:\ProgramData\Systeme\WD160VM.DLL ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [3442] AlternateDataStreams: C:\Users\Open Session\Desktop\Excel.lnk:B96E9B8455 [3442] ==================== Safe Mode (Whitelisted) ================== ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-12-10] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-10] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-10] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-10] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-10] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-10] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-10] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-10] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-10] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1312067145-2974934266-877005598-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\HP\AppData\Local\Microsoft\Windows\Themes\Beach Glo\DesktopBackground\01 gettyimages-603718440_resized.jpg HKU\S-1-5-21-1312067145-2974934266-877005598-1009\Control Panel\Desktop\\Wallpaper -> C:\Users\Open Session\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKU\S-1-5-21-1312067145-2974934266-877005598-1009\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{D3E1D9D2-A258-4A2A-AF8E-177A24B26462}C:\users\hp\appdata\local\programs\rave-desktop\rave.exe] => (Allow) C:\users\hp\appdata\local\programs\rave-desktop\rave.exe => No File FirewallRules: [UDP Query User{0BCE51B2-8965-4EDC-811E-860597F2F8CA}C:\users\hp\appdata\local\programs\rave-desktop\rave.exe] => (Allow) C:\users\hp\appdata\local\programs\rave-desktop\rave.exe => No File FirewallRules: [TCP Query User{F454C72F-BAC8-435A-9727-3C60905AC003}C:\users\hp\appdata\local\programs\rave-desktop\rave.exe] => (Allow) C:\users\hp\appdata\local\programs\rave-desktop\rave.exe => No File FirewallRules: [UDP Query User{DA834C14-DD8E-4A81-A915-3AA02ADB994B}C:\users\hp\appdata\local\programs\rave-desktop\rave.exe] => (Allow) C:\users\hp\appdata\local\programs\rave-desktop\rave.exe => No File FirewallRules: [TCP Query User{79AEF8FA-9780-42DF-8181-EB81952592B7}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe => No File FirewallRules: [UDP Query User{94DE282A-04DC-43F6-AD92-A8CCD35C2CC8}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe => No File FirewallRules: [{51844F9D-32AB-41AE-AE1A-54C60722ADEF}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => No File FirewallRules: [{A21337F9-C932-49AC-A945-E4213C64DE1F}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => No File FirewallRules: [{07E5FCA2-93D2-448C-8239-B01BD95BF4DF}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File FirewallRules: [{E520672D-FD2F-41B3-8550-E62E8D27B381}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe => No File FirewallRules: [{5BCAD1AB-CD2E-413A-B474-9F061439A15D}] => (Allow) C:\Users\HP\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File FirewallRules: [{4692C354-A255-43B8-8535-F43665EC2293}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe => No File FirewallRules: [{F46CB906-9786-4EC1-B951-F25A04B8946D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe => No File FirewallRules: [{36C8F4C9-A191-4864-9EA6-6FC7F19A19F6}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe => No File FirewallRules: [{2CE3748C-70FF-48A7-86AD-57A2C5582A1E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe => No File FirewallRules: [{3E95F208-322F-40FA-A5FC-DDDA3164D573}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe => No File FirewallRules: [{D086C7BB-376F-4A2A-8193-06574F5FC493}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe => No File FirewallRules: [{9E48873C-3214-433C-8D5D-54F78F466DD4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File FirewallRules: [{F933BE39-7CCB-4CEE-B43F-3F6BB77C431F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe => No File FirewallRules: [TCP Query User{CC173B3B-B400-4BE9-9120-5F277A838F22}C:\users\hp\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\hp\appdata\local\discord\app-1.0.9011\discord.exe => No File FirewallRules: [UDP Query User{433A23C4-7D4B-46FC-BE55-4A35EF3FABED}C:\users\hp\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\hp\appdata\local\discord\app-1.0.9011\discord.exe => No File FirewallRules: [TCP Query User{C75C14D8-463D-4822-90D3-627A6DE887E5}C:\users\hp\appdata\local\discord\app-1.0.9012\discord.exe] => (Allow) C:\users\hp\appdata\local\discord\app-1.0.9012\discord.exe => No File FirewallRules: [UDP Query User{772B6CA7-1818-4D78-8D11-0EA8335C7DF0}C:\users\hp\appdata\local\discord\app-1.0.9012\discord.exe] => (Allow) C:\users\hp\appdata\local\discord\app-1.0.9012\discord.exe => No File FirewallRules: [{73A6226C-D426-44BB-8ACA-13ABDADC1048}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC) FirewallRules: [{28B22F50-DA83-452A-A503-83B771B0078E}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC) FirewallRules: [{26AC5436-2F5A-41B1-830D-07F165CC5D6D}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC) FirewallRules: [{7C31E703-77D7-49D8-81F2-7F96BD3D2338}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC) FirewallRules: [{ABA07637-C3FF-46B4-AB0B-D7D6BE1F7114}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC) FirewallRules: [{F64737AA-A0BC-4AAB-AC4A-2A78D3D0DA18}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC) FirewallRules: [{35A435BD-07A9-468D-BC0A-83100C148C06}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{354247F3-F2F0-4E08-890D-1D96D52E3E30}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File FirewallRules: [{684E6F20-08AF-441D-9162-8BF6574D6477}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File FirewallRules: [{77911261-AAC0-472E-BE76-482ED659A4D9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File FirewallRules: [{7B5DAB7C-10FD-4A69-9C2E-5847A3BF05E6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File FirewallRules: [TCP Query User{CE98E185-8E0E-4A07-87D6-ABA31F528579}C:\users\hp\appdata\local\discord\app-1.0.9016\discord.exe] => (Allow) C:\users\hp\appdata\local\discord\app-1.0.9016\discord.exe => No File FirewallRules: [UDP Query User{2A548F15-B92E-4097-9E4F-28FA86E9C500}C:\users\hp\appdata\local\discord\app-1.0.9016\discord.exe] => (Allow) C:\users\hp\appdata\local\discord\app-1.0.9016\discord.exe => No File FirewallRules: [{EBE0CF0B-EF79-43BE-9499-3EC7FE983897}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{BDE08EA0-84CB-4314-AB9A-880E6201FA8F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.109.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{F14E9D00-1CFC-4CBA-8EBA-22F2FADFEC9A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.109.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{6A22D418-B7BB-466A-ACE7-749C57E557BB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.109.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{1A771DE3-28DF-4FFE-9561-A4F5EB44C423}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.109.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{0F92A8DD-63E6-47AB-ABC5-745DE8A7BD22}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.61\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Restore Points ========================= 05-12-2023 20:15:54 Point de contrôle planifié ==================== Faulty Device Manager Devices ============ Name: PCI Memory Controller Description: PCI Memory Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: PCI Data Acquisition and Signal Processing Controller Description: PCI Data Acquisition and Signal Processing Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ======================== Application errors: ================== Error: (12/11/2023 01:23:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: HPAudioAnalytics.exe, version: 8.10.40.148, time stamp: 0x64f6d0a0 Faulting module name: HPAnalyticsNativeClientLib.dll, version: 1.0.0.0, time stamp: 0x60c2e6b8 Exception code: 0xc0000005 Fault offset: 0x0000000000012894 Faulting process id: 0x1dd8 Faulting application start time: 0x01da2c2c7ce11b3e Faulting application path: C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_02c16d71fe8a4b6a\HPAudioAnalytics.exe Faulting module path: C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_02c16d71fe8a4b6a\HPAnalyticsNativeClientLib.dll Report Id: 01768e13-e8d0-474c-b64b-05b558a66665 Faulting package full name: Faulting package-relative application ID: Error: (12/10/2023 09:09:10 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program SearchApp.exe version 10.0.19041.3636 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 1f80 Start Time: 01da2ba4aea1d795 Termination Time: 4294967295 Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe Report Id: 78134e82-b06c-471a-b21d-497521678a53 Faulting package full name: Microsoft.Windows.Search_1.14.10.19041_neutral_neutral_cw5n1h2txyewy Faulting package-relative application ID: ShellFeedsUI Hang type: Quiesce Error: (12/10/2023 01:00:55 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DESKTOP-PT40IUP) Description: Application or service 'Microsoft Office SDX Helper' could not be shut down. Error: (12/09/2023 01:16:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: HPAudioAnalytics.exe, version: 8.10.40.148, time stamp: 0x64f6d0a0 Faulting module name: HPAnalyticsNativeClientLib.dll, version: 1.0.0.0, time stamp: 0x60c2e6b8 Exception code: 0xc0000005 Fault offset: 0x0000000000012894 Faulting process id: 0xf00 Faulting application start time: 0x01da2a996ee0f5e4 Faulting application path: C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_02c16d71fe8a4b6a\HPAudioAnalytics.exe Faulting module path: C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_02c16d71fe8a4b6a\HPAnalyticsNativeClientLib.dll Report Id: e17c15e8-2d3c-462b-a33e-81e52e3b2b63 Faulting package full name: Faulting package-relative application ID: Error: (12/08/2023 08:06:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: HPAudioAnalytics.exe, version: 8.10.40.148, time stamp: 0x64f6d0a0 Faulting module name: HPAnalyticsNativeClientLib.dll, version: 1.0.0.0, time stamp: 0x60c2e6b8 Exception code: 0xc0000005 Fault offset: 0x0000000000012894 Faulting process id: 0x12b4 Faulting application start time: 0x01da29f36fc9fd4b Faulting application path: C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_02c16d71fe8a4b6a\HPAudioAnalytics.exe Faulting module path: C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_02c16d71fe8a4b6a\HPAnalyticsNativeClientLib.dll Report Id: e7696f5b-69fd-43ec-a9c9-fd039aea791f Faulting package full name: Faulting package-relative application ID: Error: (12/08/2023 05:27:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: HPAudioAnalytics.exe, version: 8.10.40.148, time stamp: 0x64f6d0a0 Faulting module name: HPAnalyticsNativeClientLib.dll, version: 1.0.0.0, time stamp: 0x60c2e6b8 Exception code: 0xc0000005 Fault offset: 0x0000000000012894 Faulting process id: 0x2280 Faulting application start time: 0x01da29dd5aca3429 Faulting application path: C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_02c16d71fe8a4b6a\HPAudioAnalytics.exe Faulting module path: C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_02c16d71fe8a4b6a\HPAnalyticsNativeClientLib.dll Report Id: e28909e1-c749-445d-9a99-8b92bcd18ec1 Faulting package full name: Faulting package-relative application ID: Error: (12/08/2023 11:38:05 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: HotKeyServiceUWP.exe, version: 8.10.40.148, time stamp: 0x64f6d102 Faulting module name: ntdll.dll, version: 10.0.19041.3636, time stamp: 0x9b64aa6f Exception code: 0xc0000005 Fault offset: 0x000000000002faad Faulting process id: 0x270 Faulting application start time: 0x01da1f0cf00eb5dc Faulting application path: C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_02c16d71fe8a4b6a\HotKeyServiceUWP.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll Report Id: 2490423b-5748-46f6-bf9d-94175b6bb713 Faulting package full name: Faulting package-relative application ID: Error: (12/06/2023 08:14:04 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: HPAudioAnalytics.exe, version: 8.10.40.148, time stamp: 0x64f6d0a0 Faulting module name: HPAnalyticsNativeClientLib.dll, version: 1.0.0.0, time stamp: 0x60c2e6b8 Exception code: 0xc0000005 Fault offset: 0x0000000000012894 Faulting process id: 0x433c Faulting application start time: 0x01da2858b78ba68d Faulting application path: C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_02c16d71fe8a4b6a\HPAudioAnalytics.exe Faulting module path: C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_02c16d71fe8a4b6a\HPAnalyticsNativeClientLib.dll Report Id: 623d4e66-479c-4c39-8893-9eb654a0c76e Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (12/11/2023 01:53:03 PM) (Source: volmgr) (EventID: 161) (User: ) Description: Dump file creation failed due to error during dump creation. Error: (12/11/2023 01:53:14 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 13:45:40 on ‎11/‎12/‎2023 was unexpected. Error: (12/10/2023 01:38:06 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-PT40IUP) Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.19041.3636_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca did not register with DCOM within the required timeout. Error: (12/10/2023 01:02:52 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-PT40IUP) Description: DCOM got error "1053" attempting to start the service WSearch with arguments "Non disponible" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (12/10/2023 01:02:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (12/10/2023 01:02:52 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. Error: (12/09/2023 09:23:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT) Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9WZDNCRFJ364-MICROSOFT.SKYPEAPP. Error: (12/09/2023 07:29:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT) Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9WZDNCRFJ364-MICROSOFT.SKYPEAPP. Windows Defender: ================ Date: 2023-12-11 00:52:17 Description: Antivirus Microsoft Defender scan has been stopped before completion. Scan Type: Logiciel anti-programme malveillant Scan Parameters: Analyse rapide Date: 2023-12-10 14:07:16 Description: Antivirus Microsoft Defender scan has been stopped before completion. Scan Type: Logiciel anti-programme malveillant Scan Parameters: Analyse rapide Date: 2023-12-09 19:12:39 Description: Antivirus Microsoft Defender scan has been stopped before completion. Scan Type: Logiciel anti-programme malveillant Scan Parameters: Analyse rapide Date: 2023-12-09 15:05:22 Description: Antivirus Microsoft Defender scan has been stopped before completion. Scan Type: Logiciel anti-programme malveillant Scan Parameters: Analyse rapide Date: 2023-12-07 22:55:49 Description: Antivirus Microsoft Defender scan has been stopped before completion. Scan Type: Logiciel anti-programme malveillant Scan Parameters: Analyse rapide Event[0]: Date: 2023-12-05 17:02:01 Description: Antivirus Microsoft Defender has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.401.1348.0 Update Source: Centre de protection Microsoft contre les logiciels malveillants Security intelligence Type: Anti-virus Update Type: Complet Current Engine Version: Previous Engine Version: 1.1.23100.2009 Error code: 0x80072efd Error description: Impossible d’établir une connexion avec le serveur Date: 2023-12-05 17:02:01 Description: Antivirus Microsoft Defender has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.401.1348.0 Update Source: Centre de protection Microsoft contre les logiciels malveillants Security intelligence Type: Logiciel anti-espion Update Type: Complet Current Engine Version: Previous Engine Version: 1.1.23100.2009 Error code: 0x80072efd Error description: Impossible d’établir une connexion avec le serveur Date: 2023-12-05 17:02:01 Description: Antivirus Microsoft Defender has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.401.1348.0 Update Source: Centre de protection Microsoft contre les logiciels malveillants Security intelligence Type: Anti-virus Update Type: Complet Current Engine Version: Previous Engine Version: 1.1.23100.2009 Error code: 0x80072efd Error description: Impossible d’établir une connexion avec le serveur Date: 2023-12-05 17:01:36 Description: Antivirus Microsoft Defender has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.401.1348.0 Update Source: Centre de protection Microsoft contre les logiciels malveillants Security intelligence Type: Anti-virus Update Type: Complet Current Engine Version: Previous Engine Version: 1.1.23100.2009 Error code: 0x80072efd Error description: Impossible d’établir une connexion avec le serveur Date: 2023-12-05 17:01:36 Description: Antivirus Microsoft Defender has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.401.1348.0 Update Source: Centre de protection Microsoft contre les logiciels malveillants Security intelligence Type: Logiciel anti-espion Update Type: Complet Current Engine Version: Previous Engine Version: 1.1.23100.2009 Error code: 0x80072efd Error description: Impossible d’établir une connexion avec le serveur CodeIntegrity: =============== Date: 2023-11-18 00:25:38 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-10-29 12:00:17 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-09-21 16:05:03 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-08-23 22:34:10 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-08-23 17:13:31 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements. ==================== Memory info =========================== BIOS: HP N75 Ver. 01.52 04/20/2021 Motherboard: HP 807C Processor: Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz Percentage of memory in use: 48% Total physical RAM: 8072.6 MB Available physical RAM: 4184.76 MB Total Virtual: 9352.6 MB Available Virtual: 5313.59 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:167.05 GB) (Free:13.63 GB) (Model: INTEL SSDSCKJF180A5H REF) NTFS Drive d: (USB KING) (Removable) (Total:14.4 GB) (Free:6.1 GB) FAT32 \\?\Volume{de1e1a46-00aa-41bc-8349-e876c1b6f158}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS \\?\Volume{2755de7e-afed-4db7-9a19-69ad57d09775}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 167.7 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (Size: 14.4 GB) (Disk ID: 014D7899) Partition 1: (Active) - (Size=14.4 GB) - (Type=FAT32) ==================== End of Addition.txt =======================