Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 24-11-2021
Exécuté par papyo (administrateur) sur DESKTOP-7M14SH3 (ASUSTeK COMPUTER INC. G20AJ) (24-11-2021 22:27:38)
Exécuté depuis D:\
Profils chargés: papyo
Plate-forme: Microsoft Windows 11 Famille Version 21H2 22000.348 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.29\msedgewebview2.exe <6>
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\UtcDecoderHost.exe
(Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Incorporation) C:\Windows\Philips\SPC220NC\Monitor.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Scans\MsMpEngCP.exe
(Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20045.455.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(NortonLifeLock Inc. -> Symantec Corporation) C:\Program Files\Norton Utilities Premium\x64\LBGovernor.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
Impossible d'accéder au processus -> mbamtray.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9274304 2018-06-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2018-06-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Monitor] => C:\WINDOWS\Philips\SPC220NC\Monitor.exe [323584 2018-06-21] (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Incorporation)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288184 2021-11-10] (Intel Corporation -> Intel)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.29\Installer\setup.exe [2873736 2021-11-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2371481684-2106917738-1379841812-1004\...\Run: [MicrosoftEdgeAutoLaunch_761F2A401BEE3BAF14EE01F2896BDBB4] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Mozilla Firefox\firefox.exe -os-restarted -url hxxps://adlice.com/download/roguekiller/?utm_campaign=roguekiller&utm_source=soft&utm_medium=btn
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {2EE612E9-6592-4CA5-B22D-FED22AEE0EC9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {31D19CFF-B0C9-4E55-8332-7AED29E7C223} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2020-02-29] (Google Inc -> Google LLC)
Task: {45AEB930-8F72-49C6-81BF-7BE68F481407} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)
Task: {6BA886AB-D796-40D1-8A26-023970AEC888} - System32\Tasks\Norton Utility\Live Boost Process Governor => C:\Program Files\Norton Utilities Premium\x64\LBGovernor.exe [1050096 2021-11-11] (NortonLifeLock Inc. -> Symantec Corporation)
Task: {6D9C3254-A037-473D-BB3F-08D3ED8C0A18} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Pas de fichier)
Task: {7720C78A-2303-46B3-AEA3-4DA4830C5556} - System32\Tasks\Norton Utility\AutomaticCare => C:\Program Files\Norton Utilities Premium\NUP.exe [3632624 2021-11-11] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {7DEEEA77-1424-4CDA-81E4-0C56F4638CFC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {844775D2-10DA-437F-A753-3879ED8653BF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2020-02-29] (Google Inc -> Google LLC)
Task: {84F9EA30-0CCB-4DE3-A450-B02385209D62} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8B3AAB18-FA36-4DE7-BD7A-F95CE68F29A1} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {9550AE29-8A55-4EFA-A20C-4EEF452BEB94} - System32\Tasks\CCleanerSkipUAC - papyo => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9C92DBB1-3E57-47FE-BDDC-348FB3A13BA5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {AFDF2510-D70B-45DD-B04F-09048C5AD716} - System32\Tasks\TUDsDownloader => C:\Program Files\Norton Utilities Premium\activesync.exe -appexecutable nup.exe -tuds (Pas de fichier)
Task: {AFF0E32C-08F2-44D4-A96E-58B23485A2A6} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {C11B94C2-7C73-4116-859F-63A940221F71} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {E4CC8D3B-695F-49DE-BF39-B8D9792D7C57} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F64A1DE8-279A-431F-B3C6-9FD268D61FE5} - System32\Tasks\Norton Utility\ActiveSync-NortonUtility => C:\Program Files\Norton Utilities Premium\ActiveBridge.exe -appexecutable NUP.exe -ammode (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{3bf850d0-cc18-44d0-8307-8726b596e6a2}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{ff58028e-4060-4d32-8418-087c2d671f6e}: [DhcpNameServer] 192.168.0.254
Edge:
=======
DownloadDir: D:\
Edge HomeButtonPage: HKU\S-1-5-21-2371481684-2106917738-1379841812-1001 -> hxxp://bing.fr/
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\papyo\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-24]
Edge HomePage: Default -> hxxps://www.bing.com/search?q=bing&FORM=&refig=43d5c0dea10f4390e0edf0db0826260e
Edge StartupUrls: Default -> "hxxp://bing.fr/","hxxps://www.lefigaro.fr/"
Edge Extension: (Norton Safe Web) - C:\Users\papyo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bdaafgjhhjkdplpffldcncdignokfkbo [2021-11-22]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\papyo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-11-24]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: wh87mah6.default
FF ProfilePath: C:\Users\papyo\AppData\Roaming\Mozilla\Firefox\Profiles\wh87mah6.default [2019-12-13]
FF ProfilePath: C:\Users\papyo\AppData\Roaming\Mozilla\Firefox\Profiles\yhmqlnnc.default-release-1607678590077 [2021-11-24]
FF DownloadDir: C:\Users\papyo\OneDrive\Bureau
FF Extension: (Norton Safe Web) - C:\Users\papyo\AppData\Roaming\Mozilla\Firefox\Profiles\yhmqlnnc.default-release-1607678590077\Extensions\nortonsafeweb@symantec.com.xpi [2021-08-28]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [39352 2021-11-10] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [177592 2021-11-10] (Intel Corporation -> Intel)
S4 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-11-01] (HP Inc. -> HP Inc.)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-11-24] (Malwarebytes Inc -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [180224 2021-06-05] (Microsoft Corporation) [Fichier non signé]
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2021-11-23] (Microsoft Windows -> Microsoft Corporation)
R3 IntelReadyModeDriver; C:\WINDOWS\System32\drivers\IntelReadyModeDriver.sys [33504 2015-10-21] (Intel CASE -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2021-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-11-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-24] (Malwarebytes Inc -> Malwarebytes)
S3 RtkA2dp; C:\WINDOWS\system32\drivers\RtkA2dp.sys [193280 2018-06-21] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 RtkAvrcp; C:\WINDOWS\System32\drivers\RtkAvrcp.sys [73712 2018-06-21] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 RtkAvrcpCtrlr; C:\WINDOWS\System32\drivers\RtkAvrcpCtrlr.sys [78720 2018-06-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 RtkHandsfree; C:\WINDOWS\System32\drivers\RtkHandsfree.sys [38112 2018-06-21] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 SPC220NC; C:\WINDOWS\system32\DRIVERS\SPC220NC.SYS [572928 2018-06-21] (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Inc.)
R3 SymTAP; C:\WINDOWS\System32\drivers\SymTAP.sys [52104 2018-10-16] (Symantec Corporation -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-10-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-10-29] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-10-29] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-11-24 21:33 - 2021-11-24 21:33 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-11-24 21:33 - 2021-11-24 21:33 - 000210352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-11-24 21:33 - 2021-11-24 21:33 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-11-24 21:33 - 2021-11-24 21:33 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-11-24 21:33 - 2021-11-24 21:33 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-11-24 21:32 - 2021-11-24 21:32 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-11-24 21:32 - 2021-11-24 21:32 - 000000000 ____D C:\Program Files\Malwarebytes
2021-11-24 21:15 - 2021-11-24 21:16 - 000000000 ____D C:\AdwCleaner
2021-11-24 16:34 - 2021-11-24 16:34 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000002-000000.txt
2021-11-24 16:04 - 2021-11-24 16:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2021-11-24 09:05 - 2021-11-24 09:05 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000001-000000.txt
2021-11-23 22:21 - 2021-11-24 22:28 - 000000000 ____D C:\FRST
2021-11-23 17:38 - 2021-11-23 17:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-11-23 17:12 - 2021-11-23 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2021-11-23 17:12 - 2021-11-23 17:12 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2021-11-23 16:57 - 2021-11-23 16:57 - 000002904 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - papyo
2021-11-23 08:37 - 2021-11-23 08:37 - 000015040 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-23 08:37 - 2021-11-23 08:37 - 000013824 _____ C:\WINDOWS\SysWOW64\prxyqry.dll
2021-11-23 08:36 - 2021-11-23 08:36 - 000040960 _____ C:\WINDOWS\system32\prxyqry.dll
2021-11-23 08:35 - 2021-11-23 08:35 - 000215552 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2021-11-23 08:23 - 2021-11-23 08:23 - 000000000 ___HD C:\$WinREAgent
2021-11-19 08:10 - 2021-11-19 08:10 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-11-17 21:24 - 2021-11-17 21:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-11-17 21:20 - 2021-11-11 03:36 - 001874664 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-11-17 21:20 - 2021-11-11 03:36 - 001874664 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-11-17 21:20 - 2021-11-11 03:36 - 001464960 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-11-17 21:20 - 2021-11-11 03:36 - 001450216 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-11-17 21:20 - 2021-11-11 03:36 - 001450216 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-11-17 21:20 - 2021-11-11 03:36 - 001208248 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-11-17 21:20 - 2021-11-11 03:36 - 001111272 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-11-17 21:20 - 2021-11-11 03:36 - 001111272 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-11-17 21:20 - 2021-11-11 03:36 - 000965352 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-11-17 21:20 - 2021-11-11 03:36 - 000965352 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-11-17 21:20 - 2021-11-11 03:33 - 002116536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-11-17 21:20 - 2021-11-11 03:33 - 001597568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-11-17 21:20 - 2021-11-11 03:33 - 001523328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-11-17 21:20 - 2021-11-11 03:33 - 001174456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-11-17 21:20 - 2021-11-11 03:33 - 000802232 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-11-17 21:20 - 2021-11-11 03:33 - 000709560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-11-17 21:20 - 2021-11-11 03:33 - 000678328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-11-17 21:20 - 2021-11-11 03:33 - 000656512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-11-17 21:20 - 2021-11-11 03:33 - 000635008 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-11-17 21:20 - 2021-11-11 03:33 - 000564352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-11-17 21:20 - 2021-11-11 03:32 - 008725944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-11-17 21:20 - 2021-11-11 03:32 - 007845816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-11-17 21:20 - 2021-11-11 03:32 - 005730224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-11-17 21:20 - 2021-11-11 03:32 - 004940728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-11-17 21:20 - 2021-11-11 03:32 - 002850432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-11-17 21:20 - 2021-11-11 03:32 - 000981120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-11-17 21:20 - 2021-11-11 03:32 - 000792192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-11-17 21:20 - 2021-11-11 03:32 - 000452224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-11-17 21:20 - 2021-11-11 03:31 - 000850872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-11-17 21:20 - 2021-11-11 03:30 - 007582144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-11-17 21:20 - 2021-11-11 03:30 - 006432960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-11-17 21:20 - 2021-11-09 23:27 - 000085718 _____ C:\WINDOWS\system32\nvinfo.pb
2021-11-16 10:27 - 2021-11-16 10:27 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000000-000000.txt
2021-11-14 15:45 - 2021-11-14 15:45 - 000003834 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2021-11-14 15:15 - 2021-11-14 15:15 - 000003762 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2021-11-14 15:15 - 2021-11-14 15:15 - 000003670 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2021-11-14 15:15 - 2021-11-14 15:15 - 000003528 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2021-11-14 15:15 - 2021-11-14 15:15 - 000001517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2021-11-14 15:15 - 2021-11-14 15:15 - 000000000 ____D C:\Users\papyo\AppData\Local\Intel
2021-11-14 15:15 - 2021-11-14 15:15 - 000000000 ____D C:\ProgramData\Intel
2021-11-14 15:15 - 2021-11-14 15:15 - 000000000 ____D C:\Program Files\Intel
2021-11-14 15:15 - 2021-11-14 15:15 - 000000000 ____D C:\Program Files (x86)\Intel
2021-11-14 15:15 - 2021-07-23 11:36 - 000041816 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2021-11-14 08:39 - 2021-11-23 16:57 - 000000000 ____D C:\Program Files\CCleaner
2021-11-14 08:39 - 2021-11-17 15:18 - 000003048 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-11-13 18:07 - 2021-11-13 18:07 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2021-11-13 17:44 - 2021-11-13 17:44 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Local\ElevatedDiagnostics
2021-11-12 21:40 - 2021-11-24 15:16 - 000002474 _____ C:\Users\papyo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-12 10:40 - 2021-11-12 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2021-11-12 10:38 - 2021-11-12 10:38 - 000000000 ____D C:\ProgramData\Wargaming.net
2021-11-11 23:05 - 2021-11-11 23:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton
2021-11-11 23:05 - 2021-11-11 23:05 - 000000000 ____D C:\Program Files\Norton Utilities Premium
2021-11-11 16:22 - 2021-11-11 16:22 - 000000000 ____D C:\WINDOWS\Philips
2021-11-10 15:10 - 2021-11-10 15:10 - 000000000 ____D C:\Users\papyo\AppData\Roaming\OpenOffice
2021-11-09 22:37 - 2021-11-09 22:37 - 000286720 _____ C:\WINDOWS\system32\AggregatorHost.exe
2021-11-09 22:37 - 2021-11-09 22:37 - 000077824 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-09 17:40 - 2021-11-09 17:40 - 003290776 _____ (Nicolas Coolman) C:\Users\papyo\ZHPCleaner.exe
2021-11-07 20:21 - 2021-11-07 20:21 - 000000000 ____D C:\Users\papyo\AppData\Local\mbam
2021-11-07 11:00 - 2021-11-07 11:00 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.11
2021-11-07 10:59 - 2021-11-07 11:00 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
2021-11-07 10:58 - 2021-11-07 10:58 - 000000000 ____D C:\Users\papyo\redist
2021-11-07 10:58 - 2021-11-07 10:58 - 000000000 ____D C:\Users\papyo\readmes
2021-11-02 21:37 - 2021-11-02 21:37 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Local\ZHP
2021-10-31 20:50 - 2021-10-31 20:51 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Local\Steam
2021-10-26 21:38 - 2021-10-26 21:38 - 000000000 ____D C:\Users\papyo\AppData\LocalLow\Statespace
2021-10-21 20:29 - 2021-10-21 20:29 - 000121344 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-10-21 20:29 - 2021-10-21 20:29 - 000024576 _____ C:\WINDOWS\system32\nrtapi.dll
2021-10-21 20:29 - 2021-10-21 20:29 - 000006656 _____ C:\WINDOWS\SysWOW64\nrtapi.dll
2021-10-21 20:28 - 2021-10-21 20:28 - 000258048 _____ C:\WINDOWS\system32\CoreMas.dll
2021-10-21 20:28 - 2021-10-21 20:28 - 000208896 _____ C:\WINDOWS\system32\IHDS.dll
2021-10-21 20:28 - 2021-10-21 20:28 - 000167936 _____ C:\WINDOWS\system32\TpmTool.exe
2021-10-21 19:55 - 2021-10-21 19:55 - 000000000 ____D C:\Users\papyo\AppData\Local\DBG
2021-10-20 20:41 - 2021-10-27 07:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-10-20 20:41 - 2021-10-20 20:41 - 000000000 ____D C:\Program Files\VS Revo Group
2021-10-19 05:44 - 2021-11-12 10:43 - 000000000 ____D C:\Users\papyo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2021-10-19 05:44 - 2021-11-12 10:41 - 000000000 ____D C:\Users\papyo\AppData\Roaming\Wargaming.net
2021-10-19 05:44 - 2021-11-12 10:40 - 000000000 ____D C:\Program Files (x86)\Wargaming.net
2021-10-13 08:19 - 2021-10-13 08:19 - 000617648 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-10-13 08:17 - 2021-10-13 08:17 - 000727576 _____ C:\WINDOWS\system32\TextShaping.dll
2021-09-25 09:39 - 2021-09-25 09:39 - 000000000 ____D C:\WINDOWS\Panther
2021-09-22 17:18 - 2021-09-22 17:18 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bing Wallpaper
2021-09-22 17:14 - 2021-09-22 17:14 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Local\Norton
2021-09-22 17:11 - 2021-09-22 17:11 - 000004062 _____ C:\WINDOWS\system32\Tasks\TUDsDownloader
2021-09-21 19:14 - 2021-09-21 19:14 - 123595735 _____ C:\Users\papyo\openoffice1.cab
2021-09-21 19:11 - 2021-09-21 19:11 - 002469888 _____ C:\Users\papyo\openoffice4111.msi
2021-09-21 19:11 - 2021-09-21 19:11 - 000479232 _____ C:\Users\papyo\setup.exe
2021-09-21 19:11 - 2021-09-21 19:11 - 000000282 _____ C:\Users\papyo\setup.ini
2021-09-18 07:32 - 2021-09-18 07:32 - 000024251 _____ C:\Users\papyo\OneDrive\Documents\facture-HH01009009-2021-08-2874763Vinci2.pdf
2021-09-15 17:05 - 2021-09-15 17:05 - 000024251 _____ C:\Users\papyo\OneDrive\Documents\facture-HH01009009-2021-08-2874763Vinci.pdf
2021-09-13 07:46 - 2021-11-01 22:55 - 000007597 _____ C:\Users\papyo\AppData\Local\resmon.resmoncfg
2021-09-09 06:11 - 2021-11-24 22:20 - 000000000 ____D C:\Users\papyo\AppData\Roaming\ZHP
2021-09-09 06:11 - 2021-11-22 09:25 - 000000000 ____D C:\Users\papyo\AppData\Local\ZHP
2021-09-01 21:02 - 2021-09-01 21:02 - 000000000 ____D C:\Program Files\Norton Utilities
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-11-24 22:05 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-24 21:34 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-11-24 21:34 - 2017-05-17 20:34 - 000000000 ____D C:\Users\papyo\AppData\LocalLow\Mozilla
2021-11-24 21:33 - 2021-06-05 13:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-11-24 21:33 - 2021-01-06 21:26 - 000000000 ____D C:\Users\papyo\AppData\Local\CrashDumps
2021-11-24 21:20 - 2021-06-29 11:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-24 21:20 - 2021-06-05 13:01 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-11-24 21:20 - 2020-04-29 21:56 - 000000000 ____D C:\ProgramData\NVIDIA
2021-11-24 21:20 - 2019-09-16 17:58 - 000012288 ___SH C:\DumpStack.log.tmp
2021-11-24 17:37 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-24 16:36 - 2019-12-08 08:21 - 000000000 ____D C:\ProgramData\Norton
2021-11-24 16:16 - 2021-06-05 13:01 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-11-24 16:14 - 2019-12-07 20:59 - 000000000 ____D C:\Users\papyo\AppData\Local\D3DSCache
2021-11-24 15:17 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-24 15:17 - 2019-12-07 19:20 - 000000000 ____D C:\Users\papyo\AppData\Local\Packages
2021-11-24 15:17 - 2019-12-07 19:20 - 000000000 ____D C:\ProgramData\Packages
2021-11-24 15:16 - 2021-06-29 11:11 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2371481684-2106917738-1379841812-1001
2021-11-24 09:11 - 2021-06-29 11:14 - 001800264 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-24 09:11 - 2021-06-05 19:14 - 000806506 _____ C:\WINDOWS\system32\perfh00C.dat
2021-11-24 09:11 - 2021-06-05 19:14 - 000156164 _____ C:\WINDOWS\system32\perfc00C.dat
2021-11-24 09:11 - 2021-06-05 13:09 - 000000000 ____D C:\WINDOWS\INF
2021-11-24 09:06 - 2021-05-08 14:02 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-11-24 09:06 - 2019-12-08 19:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-24 09:05 - 2021-06-29 11:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-23 17:38 - 2019-12-08 19:29 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-23 08:54 - 2021-06-29 11:04 - 000329016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\id-ID
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-23 08:49 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\servicing
2021-11-23 08:45 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-23 08:35 - 2021-06-29 11:12 - 003086336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-11-22 10:27 - 2021-06-29 10:44 - 000000000 ____D C:\Users\papyo
2021-11-22 09:41 - 2021-08-09 19:40 - 000000000 ____D C:\WINDOWS\Minidump
2021-11-20 11:54 - 2020-09-05 07:38 - 000000000 ____D C:\Users\papyo\OneDrive\Documents\pdf
2021-11-20 11:22 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-11-20 10:04 - 2021-06-29 10:44 - 000000000 ____D C:\Users\Gorpyloskev
2021-11-20 08:06 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-11-20 07:59 - 2021-06-29 11:11 - 000004180 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{96418FD3-5493-4989-A32B-8AF0801F3937}
2021-11-18 06:21 - 2021-06-29 11:13 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d76ccf33fac5d4
2021-11-18 06:21 - 2021-06-29 11:11 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-17 21:33 - 2020-01-09 00:15 - 000000000 ____D C:\Users\papyo\AppData\Local\NVIDIA
2021-11-17 21:25 - 2019-12-07 17:17 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-11-15 14:49 - 2021-04-14 07:31 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2021-11-14 15:34 - 2020-01-09 00:14 - 000000000 ____D C:\ProgramData\Package Cache
2021-11-14 07:21 - 2019-12-07 17:17 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-11-13 19:28 - 2021-08-16 05:56 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Local\D3DSCache
2021-11-13 19:27 - 2020-11-20 10:54 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Roaming\ZHP
2021-11-13 18:07 - 2021-01-14 17:32 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Roaming\Wargaming.net
2021-11-13 17:59 - 2020-11-20 10:53 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Local\CrashDumps
2021-11-13 08:15 - 2019-12-11 14:36 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Local\Packages
2021-11-12 10:43 - 2021-01-07 06:39 - 000000000 ____D C:\Games
2021-11-11 16:22 - 2019-12-07 16:49 - 000000135 _____ C:\WINDOWS\win.ini
2021-11-09 22:53 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-11-09 22:53 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-09 22:51 - 2020-11-11 07:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-09 22:47 - 2020-11-11 07:32 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-06 22:22 - 2021-07-23 06:43 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Local\NVIDIA
2021-11-03 14:41 - 2019-12-16 17:37 - 000000000 ____D C:\Users\papyo\AppData\Local\cache
2021-11-03 07:44 - 2020-01-04 09:45 - 000000000 ____D C:\Users\papyo\AppData\Local\NPE
2021-11-02 09:12 - 2019-12-08 09:13 - 000000000 ____D C:\Program Files\Common Files\AV
2021-11-01 09:25 - 2021-04-30 15:21 - 000000000 ____D C:\Users\papyo\OneDrive\Documents\Nouveau dossier
2021-10-29 20:24 - 2021-06-05 13:10 - 000000000 ____D C:\Program Files\Windows Defender
2021-10-29 20:24 - 2019-12-07 17:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-10-29 16:16 - 2019-12-07 21:16 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
==================== Fichiers à la racine de certains dossiers ========
2018-08-06 06:52 - 2018-08-06 06:52 - 000021368 _____ (Schneider Electric) C:\Users\papyo\en_res.dll
2018-08-06 06:52 - 2018-08-06 06:52 - 000021368 _____ (Schneider Electric) C:\Users\papyo\es_res.dll
2018-08-06 06:52 - 2018-08-06 06:52 - 000021880 _____ (Schneider Electric) C:\Users\papyo\fr_res.dll
2018-08-06 06:52 - 2018-08-06 06:52 - 000021880 _____ (Schneider Electric) C:\Users\papyo\grm_res.dll
2018-08-06 06:52 - 2018-08-06 06:52 - 000021368 _____ (Schneider Electric) C:\Users\papyo\it_res.dll
2018-08-06 06:52 - 2018-08-06 06:52 - 000020344 _____ (Schneider Electric) C:\Users\papyo\jp_res.dll
2018-08-06 06:52 - 2018-08-06 06:52 - 001079808 _____ (Microsoft Corporation) C:\Users\papyo\mfc80u.dll
2018-08-06 06:52 - 2018-08-06 06:52 - 000626688 _____ (Microsoft Corporation) C:\Users\papyo\msvcr80.dll
2018-08-06 06:52 - 2018-08-06 06:52 - 000021368 _____ (Schneider Electric) C:\Users\papyo\pt_res.dll
2018-08-06 06:52 - 2018-08-06 06:52 - 000018808 _____ () C:\Users\papyo\ResourceReader.dll
2018-08-06 06:52 - 2018-08-06 06:52 - 000020856 _____ (Schneider Electric) C:\Users\papyo\ru_res.dll
2021-09-21 19:11 - 2021-09-21 19:11 - 000479232 _____ () C:\Users\papyo\setup.exe
2021-11-09 17:40 - 2021-11-09 17:40 - 003290776 _____ (Nicolas Coolman) C:\Users\papyo\ZHPCleaner.exe
2018-08-06 06:52 - 2018-08-06 06:52 - 000019832 _____ (Schneider Electric) C:\Users\papyo\zh_res.dll
2021-09-13 07:46 - 2021-11-01 22:55 - 000007597 _____ () C:\Users\papyo\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2018-08-06 06:52 - 2018-08-06 06:52 - 001079808 _____ (Microsoft Corporation) C:\Users\papyo\mfc80u.dll
2018-08-06 06:52 - 2018-08-06 06:52 - 000626688 _____ (Microsoft Corporation) C:\Users\papyo\msvcr80.dll
2021-09-21 19:11 - 2021-09-21 19:11 - 000479232 _____ C:\Users\papyo\setup.exe
2021-11-09 17:40 - 2021-11-09 17:40 - 003290776 _____ (Nicolas Coolman) C:\Users\papyo\ZHPCleaner.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{ccea8f3d-9f98-11e4-95ec-939cabdeb8ad}
{e65f7f07-38ef-11ec-8e77-806e6f6e6963}
{e65f7f08-38ef-11ec-8e77-806e6f6e6963}
{2b82a070-4d3c-11ec-8ed0-806e6f6e6963}
{2b82a071-4d3c-11ec-8ed0-806e6f6e6963}
{2b82a072-4d3c-11ec-8ed0-806e6f6e6963}
timeout 1
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {871c5f38-9df7-11eb-8dae-f07959391953}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0
Application logicielle (101fffff)
--------------------------------
identificateur {2b82a070-4d3c-11ec-8ed0-806e6f6e6963}
description UEFI:CD/DVD Drive
Application logicielle (101fffff)
--------------------------------
identificateur {2b82a071-4d3c-11ec-8ed0-806e6f6e6963}
description UEFI:Removable Device
Application logicielle (101fffff)
--------------------------------
identificateur {2b82a072-4d3c-11ec-8ed0-806e6f6e6963}
description UEFI:Network Device
Application logicielle (101fffff)
--------------------------------
identificateur {ccea8f3d-9f98-11e4-95ec-939cabdeb8ad}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
badmemoryaccess Yes
Application logicielle (101fffff)
--------------------------------
identificateur {e65f7f07-38ef-11ec-8e77-806e6f6e6963}
description UEFI: IPV4 Intel(R) Ethernet Connection (2) I218-V
Application logicielle (101fffff)
--------------------------------
identificateur {e65f7f08-38ef-11ec-8e77-806e6f6e6963}
description UEFI: IPV6 Intel(R) Ethernet Connection (2) I218-V
Chargeur de d‚marrage Windows
-----------------------------
identificateur {5b0adfb8-feae-11ea-95e2-ce06c8fa01e4}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{5b0adfb9-feae-11ea-95e2-ce06c8fa01e4}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{5b0adfb9-feae-11ea-95e2-ce06c8fa01e4}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {871c5f3b-9df7-11eb-8dae-f07959391953}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {871c5f38-9df7-11eb-8dae-f07959391953}
nx OptIn
bootmenupolicy Standard
usefirmwarepcisettings No
bootlog No
Chargeur de d‚marrage Windows
-----------------------------
identificateur {871c5f3b-9df7-11eb-8dae-f07959391953}
device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{871c5f3c-9df7-11eb-8dae-f07959391953}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{871c5f3c-9df7-11eb-8dae-f07959391953}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {871c5f38-9df7-11eb-8dae-f07959391953}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {871c5f3b-9df7-11eb-8dae-f07959391953}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
custom:21000026 partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {871c5f3c-9df7-11eb-8dae-f07959391953}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume5
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par papyo (administrateur) sur DESKTOP-7M14SH3 (ASUSTeK COMPUTER INC. G20AJ) (24-11-2021 22:27:38)
Exécuté depuis D:\
Profils chargés: papyo
Plate-forme: Microsoft Windows 11 Famille Version 21H2 22000.348 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.29\msedgewebview2.exe <6>
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\UtcDecoderHost.exe
(Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Incorporation) C:\Windows\Philips\SPC220NC\Monitor.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Scans\MsMpEngCP.exe
(Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20045.455.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(NortonLifeLock Inc. -> Symantec Corporation) C:\Program Files\Norton Utilities Premium\x64\LBGovernor.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
Impossible d'accéder au processus -> mbamtray.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9274304 2018-06-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2018-06-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Monitor] => C:\WINDOWS\Philips\SPC220NC\Monitor.exe [323584 2018-06-21] (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Incorporation)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288184 2021-11-10] (Intel Corporation -> Intel)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.29\Installer\setup.exe [2873736 2021-11-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2371481684-2106917738-1379841812-1004\...\Run: [MicrosoftEdgeAutoLaunch_761F2A401BEE3BAF14EE01F2896BDBB4] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Mozilla Firefox\firefox.exe -os-restarted -url hxxps://adlice.com/download/roguekiller/?utm_campaign=roguekiller&utm_source=soft&utm_medium=btn
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {2EE612E9-6592-4CA5-B22D-FED22AEE0EC9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {31D19CFF-B0C9-4E55-8332-7AED29E7C223} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2020-02-29] (Google Inc -> Google LLC)
Task: {45AEB930-8F72-49C6-81BF-7BE68F481407} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)
Task: {6BA886AB-D796-40D1-8A26-023970AEC888} - System32\Tasks\Norton Utility\Live Boost Process Governor => C:\Program Files\Norton Utilities Premium\x64\LBGovernor.exe [1050096 2021-11-11] (NortonLifeLock Inc. -> Symantec Corporation)
Task: {6D9C3254-A037-473D-BB3F-08D3ED8C0A18} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Pas de fichier)
Task: {7720C78A-2303-46B3-AEA3-4DA4830C5556} - System32\Tasks\Norton Utility\AutomaticCare => C:\Program Files\Norton Utilities Premium\NUP.exe [3632624 2021-11-11] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {7DEEEA77-1424-4CDA-81E4-0C56F4638CFC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {844775D2-10DA-437F-A753-3879ED8653BF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2020-02-29] (Google Inc -> Google LLC)
Task: {84F9EA30-0CCB-4DE3-A450-B02385209D62} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8B3AAB18-FA36-4DE7-BD7A-F95CE68F29A1} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {9550AE29-8A55-4EFA-A20C-4EEF452BEB94} - System32\Tasks\CCleanerSkipUAC - papyo => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9C92DBB1-3E57-47FE-BDDC-348FB3A13BA5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {AFDF2510-D70B-45DD-B04F-09048C5AD716} - System32\Tasks\TUDsDownloader => C:\Program Files\Norton Utilities Premium\activesync.exe -appexecutable nup.exe -tuds (Pas de fichier)
Task: {AFF0E32C-08F2-44D4-A96E-58B23485A2A6} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {C11B94C2-7C73-4116-859F-63A940221F71} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {E4CC8D3B-695F-49DE-BF39-B8D9792D7C57} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F64A1DE8-279A-431F-B3C6-9FD268D61FE5} - System32\Tasks\Norton Utility\ActiveSync-NortonUtility => C:\Program Files\Norton Utilities Premium\ActiveBridge.exe -appexecutable NUP.exe -ammode (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{3bf850d0-cc18-44d0-8307-8726b596e6a2}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{ff58028e-4060-4d32-8418-087c2d671f6e}: [DhcpNameServer] 192.168.0.254
Edge:
=======
DownloadDir: D:\
Edge HomeButtonPage: HKU\S-1-5-21-2371481684-2106917738-1379841812-1001 -> hxxp://bing.fr/
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\papyo\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-24]
Edge HomePage: Default -> hxxps://www.bing.com/search?q=bing&FORM=&refig=43d5c0dea10f4390e0edf0db0826260e
Edge StartupUrls: Default -> "hxxp://bing.fr/","hxxps://www.lefigaro.fr/"
Edge Extension: (Norton Safe Web) - C:\Users\papyo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bdaafgjhhjkdplpffldcncdignokfkbo [2021-11-22]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\papyo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-11-24]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: wh87mah6.default
FF ProfilePath: C:\Users\papyo\AppData\Roaming\Mozilla\Firefox\Profiles\wh87mah6.default [2019-12-13]
FF ProfilePath: C:\Users\papyo\AppData\Roaming\Mozilla\Firefox\Profiles\yhmqlnnc.default-release-1607678590077 [2021-11-24]
FF DownloadDir: C:\Users\papyo\OneDrive\Bureau
FF Extension: (Norton Safe Web) - C:\Users\papyo\AppData\Roaming\Mozilla\Firefox\Profiles\yhmqlnnc.default-release-1607678590077\Extensions\nortonsafeweb@symantec.com.xpi [2021-08-28]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [39352 2021-11-10] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [177592 2021-11-10] (Intel Corporation -> Intel)
S4 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-11-01] (HP Inc. -> HP Inc.)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-11-24] (Malwarebytes Inc -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [180224 2021-06-05] (Microsoft Corporation) [Fichier non signé]
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2021-11-23] (Microsoft Windows -> Microsoft Corporation)
R3 IntelReadyModeDriver; C:\WINDOWS\System32\drivers\IntelReadyModeDriver.sys [33504 2015-10-21] (Intel CASE -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2021-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-11-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-24] (Malwarebytes Inc -> Malwarebytes)
S3 RtkA2dp; C:\WINDOWS\system32\drivers\RtkA2dp.sys [193280 2018-06-21] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 RtkAvrcp; C:\WINDOWS\System32\drivers\RtkAvrcp.sys [73712 2018-06-21] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 RtkAvrcpCtrlr; C:\WINDOWS\System32\drivers\RtkAvrcpCtrlr.sys [78720 2018-06-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 RtkHandsfree; C:\WINDOWS\System32\drivers\RtkHandsfree.sys [38112 2018-06-21] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 SPC220NC; C:\WINDOWS\system32\DRIVERS\SPC220NC.SYS [572928 2018-06-21] (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Inc.)
R3 SymTAP; C:\WINDOWS\System32\drivers\SymTAP.sys [52104 2018-10-16] (Symantec Corporation -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-10-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-10-29] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-10-29] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-11-24 21:33 - 2021-11-24 21:33 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-11-24 21:33 - 2021-11-24 21:33 - 000210352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-11-24 21:33 - 2021-11-24 21:33 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-11-24 21:33 - 2021-11-24 21:33 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-11-24 21:33 - 2021-11-24 21:33 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-11-24 21:32 - 2021-11-24 21:32 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-11-24 21:32 - 2021-11-24 21:32 - 000000000 ____D C:\Program Files\Malwarebytes
2021-11-24 21:15 - 2021-11-24 21:16 - 000000000 ____D C:\AdwCleaner
2021-11-24 16:34 - 2021-11-24 16:34 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000002-000000.txt
2021-11-24 16:04 - 2021-11-24 16:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2021-11-24 09:05 - 2021-11-24 09:05 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000001-000000.txt
2021-11-23 22:21 - 2021-11-24 22:28 - 000000000 ____D C:\FRST
2021-11-23 17:38 - 2021-11-23 17:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-11-23 17:12 - 2021-11-23 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2021-11-23 17:12 - 2021-11-23 17:12 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2021-11-23 16:57 - 2021-11-23 16:57 - 000002904 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - papyo
2021-11-23 08:37 - 2021-11-23 08:37 - 000015040 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-23 08:37 - 2021-11-23 08:37 - 000013824 _____ C:\WINDOWS\SysWOW64\prxyqry.dll
2021-11-23 08:36 - 2021-11-23 08:36 - 000040960 _____ C:\WINDOWS\system32\prxyqry.dll
2021-11-23 08:35 - 2021-11-23 08:35 - 000215552 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2021-11-23 08:23 - 2021-11-23 08:23 - 000000000 ___HD C:\$WinREAgent
2021-11-19 08:10 - 2021-11-19 08:10 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-11-17 21:24 - 2021-11-17 21:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-11-17 21:20 - 2021-11-11 03:36 - 001874664 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-11-17 21:20 - 2021-11-11 03:36 - 001874664 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-11-17 21:20 - 2021-11-11 03:36 - 001464960 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-11-17 21:20 - 2021-11-11 03:36 - 001450216 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-11-17 21:20 - 2021-11-11 03:36 - 001450216 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-11-17 21:20 - 2021-11-11 03:36 - 001208248 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-11-17 21:20 - 2021-11-11 03:36 - 001111272 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-11-17 21:20 - 2021-11-11 03:36 - 001111272 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-11-17 21:20 - 2021-11-11 03:36 - 000965352 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-11-17 21:20 - 2021-11-11 03:36 - 000965352 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-11-17 21:20 - 2021-11-11 03:33 - 002116536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-11-17 21:20 - 2021-11-11 03:33 - 001597568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-11-17 21:20 - 2021-11-11 03:33 - 001523328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-11-17 21:20 - 2021-11-11 03:33 - 001174456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-11-17 21:20 - 2021-11-11 03:33 - 000802232 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-11-17 21:20 - 2021-11-11 03:33 - 000709560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-11-17 21:20 - 2021-11-11 03:33 - 000678328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-11-17 21:20 - 2021-11-11 03:33 - 000656512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-11-17 21:20 - 2021-11-11 03:33 - 000635008 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-11-17 21:20 - 2021-11-11 03:33 - 000564352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-11-17 21:20 - 2021-11-11 03:32 - 008725944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-11-17 21:20 - 2021-11-11 03:32 - 007845816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-11-17 21:20 - 2021-11-11 03:32 - 005730224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-11-17 21:20 - 2021-11-11 03:32 - 004940728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-11-17 21:20 - 2021-11-11 03:32 - 002850432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-11-17 21:20 - 2021-11-11 03:32 - 000981120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-11-17 21:20 - 2021-11-11 03:32 - 000792192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-11-17 21:20 - 2021-11-11 03:32 - 000452224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-11-17 21:20 - 2021-11-11 03:31 - 000850872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-11-17 21:20 - 2021-11-11 03:30 - 007582144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-11-17 21:20 - 2021-11-11 03:30 - 006432960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-11-17 21:20 - 2021-11-09 23:27 - 000085718 _____ C:\WINDOWS\system32\nvinfo.pb
2021-11-16 10:27 - 2021-11-16 10:27 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000000-000000.txt
2021-11-14 15:45 - 2021-11-14 15:45 - 000003834 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2021-11-14 15:15 - 2021-11-14 15:15 - 000003762 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2021-11-14 15:15 - 2021-11-14 15:15 - 000003670 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2021-11-14 15:15 - 2021-11-14 15:15 - 000003528 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2021-11-14 15:15 - 2021-11-14 15:15 - 000001517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2021-11-14 15:15 - 2021-11-14 15:15 - 000000000 ____D C:\Users\papyo\AppData\Local\Intel
2021-11-14 15:15 - 2021-11-14 15:15 - 000000000 ____D C:\ProgramData\Intel
2021-11-14 15:15 - 2021-11-14 15:15 - 000000000 ____D C:\Program Files\Intel
2021-11-14 15:15 - 2021-11-14 15:15 - 000000000 ____D C:\Program Files (x86)\Intel
2021-11-14 15:15 - 2021-07-23 11:36 - 000041816 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2021-11-14 08:39 - 2021-11-23 16:57 - 000000000 ____D C:\Program Files\CCleaner
2021-11-14 08:39 - 2021-11-17 15:18 - 000003048 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-11-13 18:07 - 2021-11-13 18:07 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2021-11-13 17:44 - 2021-11-13 17:44 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Local\ElevatedDiagnostics
2021-11-12 21:40 - 2021-11-24 15:16 - 000002474 _____ C:\Users\papyo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-12 10:40 - 2021-11-12 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2021-11-12 10:38 - 2021-11-12 10:38 - 000000000 ____D C:\ProgramData\Wargaming.net
2021-11-11 23:05 - 2021-11-11 23:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton
2021-11-11 23:05 - 2021-11-11 23:05 - 000000000 ____D C:\Program Files\Norton Utilities Premium
2021-11-11 16:22 - 2021-11-11 16:22 - 000000000 ____D C:\WINDOWS\Philips
2021-11-10 15:10 - 2021-11-10 15:10 - 000000000 ____D C:\Users\papyo\AppData\Roaming\OpenOffice
2021-11-09 22:37 - 2021-11-09 22:37 - 000286720 _____ C:\WINDOWS\system32\AggregatorHost.exe
2021-11-09 22:37 - 2021-11-09 22:37 - 000077824 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-09 17:40 - 2021-11-09 17:40 - 003290776 _____ (Nicolas Coolman) C:\Users\papyo\ZHPCleaner.exe
2021-11-07 20:21 - 2021-11-07 20:21 - 000000000 ____D C:\Users\papyo\AppData\Local\mbam
2021-11-07 11:00 - 2021-11-07 11:00 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.11
2021-11-07 10:59 - 2021-11-07 11:00 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
2021-11-07 10:58 - 2021-11-07 10:58 - 000000000 ____D C:\Users\papyo\redist
2021-11-07 10:58 - 2021-11-07 10:58 - 000000000 ____D C:\Users\papyo\readmes
2021-11-02 21:37 - 2021-11-02 21:37 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Local\ZHP
2021-10-31 20:50 - 2021-10-31 20:51 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Local\Steam
2021-10-26 21:38 - 2021-10-26 21:38 - 000000000 ____D C:\Users\papyo\AppData\LocalLow\Statespace
2021-10-21 20:29 - 2021-10-21 20:29 - 000121344 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-10-21 20:29 - 2021-10-21 20:29 - 000024576 _____ C:\WINDOWS\system32\nrtapi.dll
2021-10-21 20:29 - 2021-10-21 20:29 - 000006656 _____ C:\WINDOWS\SysWOW64\nrtapi.dll
2021-10-21 20:28 - 2021-10-21 20:28 - 000258048 _____ C:\WINDOWS\system32\CoreMas.dll
2021-10-21 20:28 - 2021-10-21 20:28 - 000208896 _____ C:\WINDOWS\system32\IHDS.dll
2021-10-21 20:28 - 2021-10-21 20:28 - 000167936 _____ C:\WINDOWS\system32\TpmTool.exe
2021-10-21 19:55 - 2021-10-21 19:55 - 000000000 ____D C:\Users\papyo\AppData\Local\DBG
2021-10-20 20:41 - 2021-10-27 07:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-10-20 20:41 - 2021-10-20 20:41 - 000000000 ____D C:\Program Files\VS Revo Group
2021-10-19 05:44 - 2021-11-12 10:43 - 000000000 ____D C:\Users\papyo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2021-10-19 05:44 - 2021-11-12 10:41 - 000000000 ____D C:\Users\papyo\AppData\Roaming\Wargaming.net
2021-10-19 05:44 - 2021-11-12 10:40 - 000000000 ____D C:\Program Files (x86)\Wargaming.net
2021-10-13 08:19 - 2021-10-13 08:19 - 000617648 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-10-13 08:17 - 2021-10-13 08:17 - 000727576 _____ C:\WINDOWS\system32\TextShaping.dll
2021-09-25 09:39 - 2021-09-25 09:39 - 000000000 ____D C:\WINDOWS\Panther
2021-09-22 17:18 - 2021-09-22 17:18 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bing Wallpaper
2021-09-22 17:14 - 2021-09-22 17:14 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Local\Norton
2021-09-22 17:11 - 2021-09-22 17:11 - 000004062 _____ C:\WINDOWS\system32\Tasks\TUDsDownloader
2021-09-21 19:14 - 2021-09-21 19:14 - 123595735 _____ C:\Users\papyo\openoffice1.cab
2021-09-21 19:11 - 2021-09-21 19:11 - 002469888 _____ C:\Users\papyo\openoffice4111.msi
2021-09-21 19:11 - 2021-09-21 19:11 - 000479232 _____ C:\Users\papyo\setup.exe
2021-09-21 19:11 - 2021-09-21 19:11 - 000000282 _____ C:\Users\papyo\setup.ini
2021-09-18 07:32 - 2021-09-18 07:32 - 000024251 _____ C:\Users\papyo\OneDrive\Documents\facture-HH01009009-2021-08-2874763Vinci2.pdf
2021-09-15 17:05 - 2021-09-15 17:05 - 000024251 _____ C:\Users\papyo\OneDrive\Documents\facture-HH01009009-2021-08-2874763Vinci.pdf
2021-09-13 07:46 - 2021-11-01 22:55 - 000007597 _____ C:\Users\papyo\AppData\Local\resmon.resmoncfg
2021-09-09 06:11 - 2021-11-24 22:20 - 000000000 ____D C:\Users\papyo\AppData\Roaming\ZHP
2021-09-09 06:11 - 2021-11-22 09:25 - 000000000 ____D C:\Users\papyo\AppData\Local\ZHP
2021-09-01 21:02 - 2021-09-01 21:02 - 000000000 ____D C:\Program Files\Norton Utilities
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-11-24 22:05 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-24 21:34 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-11-24 21:34 - 2017-05-17 20:34 - 000000000 ____D C:\Users\papyo\AppData\LocalLow\Mozilla
2021-11-24 21:33 - 2021-06-05 13:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-11-24 21:33 - 2021-01-06 21:26 - 000000000 ____D C:\Users\papyo\AppData\Local\CrashDumps
2021-11-24 21:20 - 2021-06-29 11:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-24 21:20 - 2021-06-05 13:01 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-11-24 21:20 - 2020-04-29 21:56 - 000000000 ____D C:\ProgramData\NVIDIA
2021-11-24 21:20 - 2019-09-16 17:58 - 000012288 ___SH C:\DumpStack.log.tmp
2021-11-24 17:37 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-24 16:36 - 2019-12-08 08:21 - 000000000 ____D C:\ProgramData\Norton
2021-11-24 16:16 - 2021-06-05 13:01 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-11-24 16:14 - 2019-12-07 20:59 - 000000000 ____D C:\Users\papyo\AppData\Local\D3DSCache
2021-11-24 15:17 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-24 15:17 - 2019-12-07 19:20 - 000000000 ____D C:\Users\papyo\AppData\Local\Packages
2021-11-24 15:17 - 2019-12-07 19:20 - 000000000 ____D C:\ProgramData\Packages
2021-11-24 15:16 - 2021-06-29 11:11 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2371481684-2106917738-1379841812-1001
2021-11-24 09:11 - 2021-06-29 11:14 - 001800264 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-24 09:11 - 2021-06-05 19:14 - 000806506 _____ C:\WINDOWS\system32\perfh00C.dat
2021-11-24 09:11 - 2021-06-05 19:14 - 000156164 _____ C:\WINDOWS\system32\perfc00C.dat
2021-11-24 09:11 - 2021-06-05 13:09 - 000000000 ____D C:\WINDOWS\INF
2021-11-24 09:06 - 2021-05-08 14:02 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-11-24 09:06 - 2019-12-08 19:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-24 09:05 - 2021-06-29 11:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-23 17:38 - 2019-12-08 19:29 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-23 08:54 - 2021-06-29 11:04 - 000329016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\id-ID
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-23 08:49 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\servicing
2021-11-23 08:45 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-23 08:35 - 2021-06-29 11:12 - 003086336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-11-22 10:27 - 2021-06-29 10:44 - 000000000 ____D C:\Users\papyo
2021-11-22 09:41 - 2021-08-09 19:40 - 000000000 ____D C:\WINDOWS\Minidump
2021-11-20 11:54 - 2020-09-05 07:38 - 000000000 ____D C:\Users\papyo\OneDrive\Documents\pdf
2021-11-20 11:22 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-11-20 10:04 - 2021-06-29 10:44 - 000000000 ____D C:\Users\Gorpyloskev
2021-11-20 08:06 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-11-20 07:59 - 2021-06-29 11:11 - 000004180 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{96418FD3-5493-4989-A32B-8AF0801F3937}
2021-11-18 06:21 - 2021-06-29 11:13 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d76ccf33fac5d4
2021-11-18 06:21 - 2021-06-29 11:11 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-17 21:33 - 2020-01-09 00:15 - 000000000 ____D C:\Users\papyo\AppData\Local\NVIDIA
2021-11-17 21:25 - 2019-12-07 17:17 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-11-15 14:49 - 2021-04-14 07:31 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2021-11-14 15:34 - 2020-01-09 00:14 - 000000000 ____D C:\ProgramData\Package Cache
2021-11-14 07:21 - 2019-12-07 17:17 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-11-13 19:28 - 2021-08-16 05:56 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Local\D3DSCache
2021-11-13 19:27 - 2020-11-20 10:54 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Roaming\ZHP
2021-11-13 18:07 - 2021-01-14 17:32 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Roaming\Wargaming.net
2021-11-13 17:59 - 2020-11-20 10:53 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Local\CrashDumps
2021-11-13 08:15 - 2019-12-11 14:36 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Local\Packages
2021-11-12 10:43 - 2021-01-07 06:39 - 000000000 ____D C:\Games
2021-11-11 16:22 - 2019-12-07 16:49 - 000000135 _____ C:\WINDOWS\win.ini
2021-11-09 22:53 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-11-09 22:53 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-09 22:51 - 2020-11-11 07:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-09 22:47 - 2020-11-11 07:32 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-06 22:22 - 2021-07-23 06:43 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Local\NVIDIA
2021-11-03 14:41 - 2019-12-16 17:37 - 000000000 ____D C:\Users\papyo\AppData\Local\cache
2021-11-03 07:44 - 2020-01-04 09:45 - 000000000 ____D C:\Users\papyo\AppData\Local\NPE
2021-11-02 09:12 - 2019-12-08 09:13 - 000000000 ____D C:\Program Files\Common Files\AV
2021-11-01 09:25 - 2021-04-30 15:21 - 000000000 ____D C:\Users\papyo\OneDrive\Documents\Nouveau dossier
2021-10-29 20:24 - 2021-06-05 13:10 - 000000000 ____D C:\Program Files\Windows Defender
2021-10-29 20:24 - 2019-12-07 17:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-10-29 16:16 - 2019-12-07 21:16 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
==================== Fichiers à la racine de certains dossiers ========
2018-08-06 06:52 - 2018-08-06 06:52 - 000021368 _____ (Schneider Electric) C:\Users\papyo\en_res.dll
2018-08-06 06:52 - 2018-08-06 06:52 - 000021368 _____ (Schneider Electric) C:\Users\papyo\es_res.dll
2018-08-06 06:52 - 2018-08-06 06:52 - 000021880 _____ (Schneider Electric) C:\Users\papyo\fr_res.dll
2018-08-06 06:52 - 2018-08-06 06:52 - 000021880 _____ (Schneider Electric) C:\Users\papyo\grm_res.dll
2018-08-06 06:52 - 2018-08-06 06:52 - 000021368 _____ (Schneider Electric) C:\Users\papyo\it_res.dll
2018-08-06 06:52 - 2018-08-06 06:52 - 000020344 _____ (Schneider Electric) C:\Users\papyo\jp_res.dll
2018-08-06 06:52 - 2018-08-06 06:52 - 001079808 _____ (Microsoft Corporation) C:\Users\papyo\mfc80u.dll
2018-08-06 06:52 - 2018-08-06 06:52 - 000626688 _____ (Microsoft Corporation) C:\Users\papyo\msvcr80.dll
2018-08-06 06:52 - 2018-08-06 06:52 - 000021368 _____ (Schneider Electric) C:\Users\papyo\pt_res.dll
2018-08-06 06:52 - 2018-08-06 06:52 - 000018808 _____ () C:\Users\papyo\ResourceReader.dll
2018-08-06 06:52 - 2018-08-06 06:52 - 000020856 _____ (Schneider Electric) C:\Users\papyo\ru_res.dll
2021-09-21 19:11 - 2021-09-21 19:11 - 000479232 _____ () C:\Users\papyo\setup.exe
2021-11-09 17:40 - 2021-11-09 17:40 - 003290776 _____ (Nicolas Coolman) C:\Users\papyo\ZHPCleaner.exe
2018-08-06 06:52 - 2018-08-06 06:52 - 000019832 _____ (Schneider Electric) C:\Users\papyo\zh_res.dll
2021-09-13 07:46 - 2021-11-01 22:55 - 000007597 _____ () C:\Users\papyo\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2018-08-06 06:52 - 2018-08-06 06:52 - 001079808 _____ (Microsoft Corporation) C:\Users\papyo\mfc80u.dll
2018-08-06 06:52 - 2018-08-06 06:52 - 000626688 _____ (Microsoft Corporation) C:\Users\papyo\msvcr80.dll
2021-09-21 19:11 - 2021-09-21 19:11 - 000479232 _____ C:\Users\papyo\setup.exe
2021-11-09 17:40 - 2021-11-09 17:40 - 003290776 _____ (Nicolas Coolman) C:\Users\papyo\ZHPCleaner.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{ccea8f3d-9f98-11e4-95ec-939cabdeb8ad}
{e65f7f07-38ef-11ec-8e77-806e6f6e6963}
{e65f7f08-38ef-11ec-8e77-806e6f6e6963}
{2b82a070-4d3c-11ec-8ed0-806e6f6e6963}
{2b82a071-4d3c-11ec-8ed0-806e6f6e6963}
{2b82a072-4d3c-11ec-8ed0-806e6f6e6963}
timeout 1
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {871c5f38-9df7-11eb-8dae-f07959391953}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0
Application logicielle (101fffff)
--------------------------------
identificateur {2b82a070-4d3c-11ec-8ed0-806e6f6e6963}
description UEFI:CD/DVD Drive
Application logicielle (101fffff)
--------------------------------
identificateur {2b82a071-4d3c-11ec-8ed0-806e6f6e6963}
description UEFI:Removable Device
Application logicielle (101fffff)
--------------------------------
identificateur {2b82a072-4d3c-11ec-8ed0-806e6f6e6963}
description UEFI:Network Device
Application logicielle (101fffff)
--------------------------------
identificateur {ccea8f3d-9f98-11e4-95ec-939cabdeb8ad}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
badmemoryaccess Yes
Application logicielle (101fffff)
--------------------------------
identificateur {e65f7f07-38ef-11ec-8e77-806e6f6e6963}
description UEFI: IPV4 Intel(R) Ethernet Connection (2) I218-V
Application logicielle (101fffff)
--------------------------------
identificateur {e65f7f08-38ef-11ec-8e77-806e6f6e6963}
description UEFI: IPV6 Intel(R) Ethernet Connection (2) I218-V
Chargeur de d‚marrage Windows
-----------------------------
identificateur {5b0adfb8-feae-11ea-95e2-ce06c8fa01e4}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{5b0adfb9-feae-11ea-95e2-ce06c8fa01e4}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{5b0adfb9-feae-11ea-95e2-ce06c8fa01e4}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {871c5f3b-9df7-11eb-8dae-f07959391953}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {871c5f38-9df7-11eb-8dae-f07959391953}
nx OptIn
bootmenupolicy Standard
usefirmwarepcisettings No
bootlog No
Chargeur de d‚marrage Windows
-----------------------------
identificateur {871c5f3b-9df7-11eb-8dae-f07959391953}
device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{871c5f3c-9df7-11eb-8dae-f07959391953}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{871c5f3c-9df7-11eb-8dae-f07959391953}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {871c5f38-9df7-11eb-8dae-f07959391953}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {871c5f3b-9df7-11eb-8dae-f07959391953}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
custom:21000026 partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {871c5f3c-9df7-11eb-8dae-f07959391953}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume5
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================