Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021
Exécuté par elise (administrateur) sur DESKTOP-VT9MBL6 (ASUSTeK COMPUTER INC. S400CA) (03-01-2022 14:37:53)
Exécuté depuis C:\Users\elise\Desktop
Profils chargés: elise
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1415 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1371_none_7e1bd7147c8285b0\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [122427152 2021-07-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2314993036-2799168284-3816431023-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2543992 2021-12-31] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2314993036-2799168284-3816431023-1001\...\Run: [] => [X]
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {08EB9B0F-6A85-47B7-8367-2FB019EE538B} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {19FFEA17-77C0-42D2-B956-CE126264B6CE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {2C4089C9-E816-4B74-880F-D220A75011B5} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [254640 2021-12-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {4A670BB8-748D-4315-A296-E95493E218FB} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14049536 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {5A8F2854-9DAB-4AA6-8BEA-454E52EA603D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {5E5FAD5B-C744-4299-98BD-1ACFA9775C6B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5F2670CC-F1B9-40FA-BF6B-85E6BB17BCEE} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {6716AC7A-9B3A-433C-A88B-40A67F1FAEF8} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4074344 2021-12-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {778A37A9-E898-4884-A498-539199898F27} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8388528 2021-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {924F923A-D903-43CB-AB39-613440605335} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18392 2017-05-24] (ASUSTeK Computer Inc. -> AsusTek)
Task: {95295CF2-95C5-4AC1-B61F-6255FA85C7BF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2021-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0F95A85-4F52-4CED-AD50-9E3C206C042B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {A48E187E-F72A-4169-A2DD-8C6FB8664271} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A83D62E2-FB9A-4EC0-B6F4-EA6EF22A5D1C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA9A9215-2B05-4E3A-92D5-BF7B38AB44DF} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1657440 2021-12-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {AE7D0AA5-6A59-4236-BD8C-F479038985F2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {B662870A-706B-41A8-867A-066126E97C2C} - System32\Tasks\Avira_Security_Update => C:\Windows\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {CC30849D-7FAE-40C4-AB02-7FF5E3AB8DCF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CD2713FF-6428-4F7D-9CDE-CBE1B2213F3C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2021-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4ED92F7-9A05-40AA-A8DA-6820853E6350} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2314993036-2799168284-3816431023-1001 => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting (Pas de fichier)
Task: {F6A28720-20CC-4B65-A03D-088E5CBAEC1A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8388528 2021-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {FACC203A-2DCD-424D-AA3B-AF1A80875B6C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FB613222-CD70-4820-9E29-A51CE460CAC8} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {FB613222-CD70-4820-9E29-A51CE460CAC8} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {FB613222-CD70-4820-9E29-A51CE460CAC8} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{edd4408a-dd8a-49f7-b83c-19c60205188b}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\elise\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-17]
FireFox:
========
FF DefaultProfile: v5gg3gsp.default
FF ProfilePath: C:\Users\elise\AppData\Roaming\Mozilla\Firefox\Profiles\v5gg3gsp.default [2021-12-17]
FF Extension: (Avira Password Manager) - C:\Users\elise\AppData\Roaming\Mozilla\Firefox\Profiles\v5gg3gsp.default\Extensions\passwordmanager@avira.com [2021-12-17] [non signé]
FF ProfilePath: C:\Users\elise\AppData\Roaming\Mozilla\Firefox\Profiles\f8v49jcd.default-release [2022-01-03]
FF Homepage: Mozilla\Firefox\Profiles\f8v49jcd.default-release -> hxxps://www.google.fr/
FF Extension: (AdGuard AdBlocker) - C:\Users\elise\AppData\Roaming\Mozilla\Firefox\Profiles\f8v49jcd.default-release\Extensions\adguardadblocker@adguard.com.xpi [2021-12-17]
FF Extension: (Désactivation de Google Analytics) - C:\Users\elise\AppData\Roaming\Mozilla\Firefox\Profiles\f8v49jcd.default-release\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2021-05-05] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-12-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-12-29] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [263984 2021-12-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [263472 2021-12-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129128 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncHelper.exe [3280760 2021-12-31] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [7901368 2021-12-17] (Malwarebytes Inc -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.230.1107.0004\OneDriveUpdaterService.exe [3737976 2021-12-31] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AsusTP; C:\Windows\System32\drivers\AsusTP.sys [101872 2017-05-24] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [210352 2022-01-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-10-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-12-04] (Malwarebytes Inc -> Malwarebytes)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2021-12-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [435432 2021-12-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-17] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-01-03 14:37 - 2022-01-03 14:42 - 000016644 _____ C:\Users\elise\Desktop\FRST.txt
2022-01-03 14:35 - 2022-01-03 14:40 - 000000000 ____D C:\FRST
2022-01-03 14:25 - 2022-01-03 14:25 - 000232831 _____ C:\Users\elise\Desktop\ZHPDiag.txt
2022-01-03 14:17 - 2022-01-03 14:17 - 000000865 _____ C:\Users\elise\Desktop\ZHPSuite.lnk
2022-01-03 14:15 - 2022-01-03 14:15 - 002311168 _____ (Farbar) C:\Users\elise\Desktop\FRST64.exe
2022-01-03 14:14 - 2022-01-03 14:14 - 003478168 _____ (Nicolas Coolman) C:\Users\elise\Desktop\ZHPSuite.exe
2022-01-03 09:54 - 2022-01-03 09:54 - 000007598 _____ C:\Users\elise\AppData\Local\Resmon.ResmonCfg
2022-01-01 20:51 - 2022-01-01 20:51 - 000210352 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-12-31 16:08 - 2021-12-31 16:08 - 000000000 ____D C:\Windows\SystemTemp
2021-12-31 16:04 - 2021-12-31 16:04 - 000086446 _____ C:\Users\elise\Downloads\pdf.pdf
2021-12-31 15:52 - 2022-01-01 20:57 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2021-12-31 15:51 - 2022-01-01 20:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-12-29 15:59 - 2021-12-29 15:59 - 000011979 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-12-29 15:58 - 2021-12-29 15:58 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-12-29 15:57 - 2021-12-29 15:57 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2021-12-29 15:56 - 2021-12-29 15:56 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-12-29 15:56 - 2021-12-29 15:56 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-12-29 15:18 - 2021-12-29 15:18 - 000000000 ___HD C:\$WinREAgent
2021-12-29 14:58 - 2021-12-29 15:54 - 000000000 ____D C:\Users\elise\Documents\CV
2021-12-29 14:58 - 2021-12-29 14:58 - 000003888 _____ C:\Windows\system32\Tasks\Avira_Security_Maintenance
2021-12-29 14:57 - 2021-12-29 14:57 - 000003428 _____ C:\Windows\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2021-12-29 14:55 - 2021-12-29 14:57 - 000398621 _____ C:\Users\elise\Downloads\cv cadre commerciale.pdf
2021-12-17 12:23 - 2021-12-17 12:23 - 000000000 ____D C:\Program Files (x86)\Teams Installer
2021-12-17 12:22 - 2021-12-17 12:22 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-12-17 12:08 - 2021-12-31 15:52 - 000000000 ____D C:\Program Files\Microsoft Office
2021-12-17 12:08 - 2021-12-17 12:08 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-12-17 11:22 - 2021-12-17 11:22 - 000000000 ____D C:\Users\elise\AppData\Roaming\Teams
2021-12-17 11:20 - 2022-01-03 14:09 - 000000000 ____D C:\Users\elise\AppData\Local\SquirrelTemp
2021-12-17 11:02 - 2021-12-31 15:57 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-12-17 11:02 - 2021-12-31 15:56 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-17 11:02 - 2021-12-17 11:02 - 000000000 ___RD C:\Users\Default\OneDrive
2021-12-17 10:58 - 2021-12-17 12:20 - 000002472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-12-17 10:58 - 2021-12-17 12:20 - 000002472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-12-17 10:58 - 2021-12-17 12:20 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-12-17 10:58 - 2021-12-17 12:20 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-12-17 10:58 - 2021-12-17 12:20 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-12-17 10:58 - 2021-12-17 12:20 - 000002433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-12-17 10:58 - 2021-12-17 12:20 - 000002395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-12-17 10:58 - 2021-12-17 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office
2021-12-17 10:16 - 2021-12-17 10:16 - 000002818 _____ C:\Windows\system32\Tasks\Avira_Security_Systray
2021-12-17 10:15 - 2021-12-29 14:57 - 000003650 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2021-12-17 09:26 - 2021-12-29 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-12-17 09:23 - 2021-12-29 15:03 - 000003608 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2314993036-2799168284-3816431023-1001
2021-12-17 09:18 - 2021-12-17 09:20 - 000000000 ____D C:\Users\elise\AppData\Local\CrashDumps
2021-12-17 08:47 - 2022-01-03 14:25 - 000000000 ____D C:\Users\elise\AppData\Roaming\ZHP
2021-12-17 08:47 - 2022-01-03 14:17 - 000000000 ____D C:\Users\elise\AppData\Local\ZHP
2021-12-16 17:16 - 2021-12-16 17:17 - 000000000 ____D C:\Program Files\Microsoft Office (Officiel)
2021-12-04 09:40 - 2021-12-04 09:40 - 000000000 ____D C:\Users\elise\AppData\Local\SolidDocuments
2021-12-04 09:37 - 2021-12-04 09:37 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-12-03 22:11 - 2021-10-02 08:31 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2021-12-03 21:50 - 2021-12-03 21:50 - 000611960 _____ C:\Windows\SysWOW64\TextShaping.dll
2021-12-03 21:49 - 2021-12-03 21:49 - 000706536 _____ C:\Windows\system32\TextShaping.dll
2021-12-03 21:49 - 2021-12-03 21:49 - 000098304 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-12-03 21:48 - 2021-12-03 21:48 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2021-12-03 21:01 - 2021-12-03 21:01 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-12-03 21:01 - 2021-12-03 21:01 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-11-20 15:25 - 2021-11-24 21:35 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-11-20 15:22 - 2021-11-20 15:22 - 000000000 ____D C:\Program Files\Adobe
2021-10-29 20:12 - 2021-11-20 15:22 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-10-29 20:07 - 2021-10-29 20:08 - 000095688 _____ C:\Users\elise\Downloads\règlement intérieur 2021 2022.pdf
2021-10-29 20:06 - 2021-10-29 20:08 - 000284938 _____ C:\Users\elise\Downloads\mot jeux dangereux.pdf
2021-10-19 21:29 - 2021-10-19 21:29 - 000000000 ____D C:\Windows\SysWOW64\statReporter
2021-10-19 21:24 - 2022-01-01 20:55 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-01-03 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-03 14:11 - 2021-05-05 21:32 - 000000000 ____D C:\Users\elise\AppData\LocalLow\Mozilla
2022-01-03 14:09 - 2021-06-04 15:22 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2022-01-03 14:08 - 2021-05-05 21:00 - 000000000 __SHD C:\Users\elise\IntelGraphicsProfiles
2022-01-03 10:50 - 2020-11-18 23:28 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-01-01 20:58 - 2021-05-05 20:46 - 001681370 _____ C:\Windows\system32\PerfStringBackup.INI
2022-01-01 20:58 - 2019-12-07 15:49 - 000757852 _____ C:\Windows\system32\perfh00C.dat
2022-01-01 20:58 - 2019-12-07 15:49 - 000142606 _____ C:\Windows\system32\perfc00C.dat
2022-01-01 20:58 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2022-01-01 20:58 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-01-01 20:55 - 2021-05-05 21:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-01 20:54 - 2021-05-05 21:32 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-01 20:53 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-01 20:50 - 2021-05-05 20:32 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-01 20:50 - 2020-11-19 00:29 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-01-01 20:50 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2021-12-31 16:16 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-12-31 16:11 - 2020-11-18 23:28 - 000440888 _____ C:\Windows\system32\FNTCACHE.DAT
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2021-12-31 16:08 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2021-12-29 16:13 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-12-29 15:11 - 2021-05-09 20:45 - 000000000 ____D C:\Windows\system32\MRT
2021-12-29 15:07 - 2020-11-19 00:31 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-29 14:51 - 2021-05-09 20:45 - 137938848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-12-17 12:23 - 2021-05-05 20:55 - 000000000 ___RD C:\Users\elise\OneDrive
2021-12-17 12:21 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-12-17 11:16 - 2021-05-05 21:03 - 000000000 ____D C:\ProgramData\Avira
2021-12-17 10:22 - 2021-05-05 21:03 - 000000000 ____D C:\Program Files (x86)\Avira
2021-12-17 09:27 - 2020-11-19 00:29 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-12-17 09:23 - 2021-05-05 21:19 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-12-17 09:21 - 2021-09-17 11:27 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-12-17 09:21 - 2021-05-05 21:08 - 000000000 ____D C:\Program Files\Malwarebytes
2021-12-17 09:10 - 2021-05-19 20:41 - 000803176 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2021-12-17 09:10 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-12-17 08:46 - 2021-05-05 21:02 - 000000000 ____D C:\Program Files\Protection PC
2021-12-16 16:59 - 2021-05-05 20:51 - 000000000 ____D C:\Users\elise\AppData\Local\Packages
2021-12-11 10:40 - 2020-11-19 00:31 - 000003634 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-11 10:40 - 2020-11-19 00:31 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-12-04 09:40 - 2021-05-05 20:51 - 000000000 ____D C:\Users\elise\AppData\Roaming\Adobe
2021-12-04 09:23 - 2020-11-19 00:32 - 000000000 ____D C:\ProgramData\Packages
==================== Fichiers à la racine de certains dossiers ========
2022-01-03 09:54 - 2022-01-03 09:54 - 000007598 _____ () C:\Users\elise\AppData\Local\Resmon.ResmonCfg
==================== SigCheckExt =========================
2022-01-03 14:15 - 2022-01-03 14:15 - 002311168 _____ (Farbar) C:\Users\elise\Desktop\FRST64.exe
2022-01-03 14:14 - 2022-01-03 14:14 - 003478168 _____ (Nicolas Coolman) C:\Users\elise\Desktop\ZHPSuite.exe
2021-06-04 15:01 - 2021-06-04 15:01 - 000000000 _____ C:\Users\elise\Downloads\DriverPack-17-Online.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{eb659c60-ad14-11eb-90f8-806e6f6e6963}
timeout 2
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {4006b588-2ce2-11eb-bf89-74d02b71d2c2}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {eb659c60-ad14-11eb-90f8-806e6f6e6963}
device unknown
description UEFI: SMI USB DISK 1100
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {4006b58a-2ce2-11eb-bf89-74d02b71d2c2}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {4006b588-2ce2-11eb-bf89-74d02b71d2c2}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {4006b58a-2ce2-11eb-bf89-74d02b71d2c2}
device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{4006b58b-2ce2-11eb-bf89-74d02b71d2c2}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-fr
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{4006b58b-2ce2-11eb-bf89-74d02b71d2c2}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {7945dd13-999a-11e3-bf8a-feb7e7b81658}
device ramdisk=[\Device\HarddiskVolume2]\sources\boot.wim,{ramdiskoptions}
path \windows\system32\boot\winload.efi
description WinPE
badmemoryaccess Yes
osdevice ramdisk=[\Device\HarddiskVolume2]\sources\boot.wim,{ramdiskoptions}
systemroot \windows
nx OptIn
detecthal Yes
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {4006b588-2ce2-11eb-bf89-74d02b71d2c2}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {4006b58a-2ce2-11eb-bf89-74d02b71d2c2}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
badmemoryaccess Yes
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
badmemoryaccess Yes
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {4006b58b-2ce2-11eb-bf89-74d02b71d2c2}
description Windows Recovery
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options Ramdisk du programme d'installation
-------------------------------------------
identificateur {ramdiskoptions}
description Ramdisk options
badmemoryaccess Yes
ramdisksdidevice partition=\Device\HarddiskVolume2
ramdisksdipath \boot\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par elise (administrateur) sur DESKTOP-VT9MBL6 (ASUSTeK COMPUTER INC. S400CA) (03-01-2022 14:37:53)
Exécuté depuis C:\Users\elise\Desktop
Profils chargés: elise
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1415 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1371_none_7e1bd7147c8285b0\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [122427152 2021-07-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2314993036-2799168284-3816431023-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2543992 2021-12-31] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2314993036-2799168284-3816431023-1001\...\Run: [] => [X]
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {08EB9B0F-6A85-47B7-8367-2FB019EE538B} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {19FFEA17-77C0-42D2-B956-CE126264B6CE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {2C4089C9-E816-4B74-880F-D220A75011B5} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [254640 2021-12-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {4A670BB8-748D-4315-A296-E95493E218FB} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14049536 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {5A8F2854-9DAB-4AA6-8BEA-454E52EA603D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {5E5FAD5B-C744-4299-98BD-1ACFA9775C6B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5F2670CC-F1B9-40FA-BF6B-85E6BB17BCEE} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {6716AC7A-9B3A-433C-A88B-40A67F1FAEF8} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4074344 2021-12-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {778A37A9-E898-4884-A498-539199898F27} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8388528 2021-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {924F923A-D903-43CB-AB39-613440605335} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18392 2017-05-24] (ASUSTeK Computer Inc. -> AsusTek)
Task: {95295CF2-95C5-4AC1-B61F-6255FA85C7BF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2021-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0F95A85-4F52-4CED-AD50-9E3C206C042B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {A48E187E-F72A-4169-A2DD-8C6FB8664271} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A83D62E2-FB9A-4EC0-B6F4-EA6EF22A5D1C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA9A9215-2B05-4E3A-92D5-BF7B38AB44DF} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1657440 2021-12-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {AE7D0AA5-6A59-4236-BD8C-F479038985F2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {B662870A-706B-41A8-867A-066126E97C2C} - System32\Tasks\Avira_Security_Update => C:\Windows\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {CC30849D-7FAE-40C4-AB02-7FF5E3AB8DCF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CD2713FF-6428-4F7D-9CDE-CBE1B2213F3C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2021-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4ED92F7-9A05-40AA-A8DA-6820853E6350} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2314993036-2799168284-3816431023-1001 => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting (Pas de fichier)
Task: {F6A28720-20CC-4B65-A03D-088E5CBAEC1A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8388528 2021-12-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {FACC203A-2DCD-424D-AA3B-AF1A80875B6C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FB613222-CD70-4820-9E29-A51CE460CAC8} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {FB613222-CD70-4820-9E29-A51CE460CAC8} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {FB613222-CD70-4820-9E29-A51CE460CAC8} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{edd4408a-dd8a-49f7-b83c-19c60205188b}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\elise\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-17]
FireFox:
========
FF DefaultProfile: v5gg3gsp.default
FF ProfilePath: C:\Users\elise\AppData\Roaming\Mozilla\Firefox\Profiles\v5gg3gsp.default [2021-12-17]
FF Extension: (Avira Password Manager) - C:\Users\elise\AppData\Roaming\Mozilla\Firefox\Profiles\v5gg3gsp.default\Extensions\passwordmanager@avira.com [2021-12-17] [non signé]
FF ProfilePath: C:\Users\elise\AppData\Roaming\Mozilla\Firefox\Profiles\f8v49jcd.default-release [2022-01-03]
FF Homepage: Mozilla\Firefox\Profiles\f8v49jcd.default-release -> hxxps://www.google.fr/
FF Extension: (AdGuard AdBlocker) - C:\Users\elise\AppData\Roaming\Mozilla\Firefox\Profiles\f8v49jcd.default-release\Extensions\adguardadblocker@adguard.com.xpi [2021-12-17]
FF Extension: (Désactivation de Google Analytics) - C:\Users\elise\AppData\Roaming\Mozilla\Firefox\Profiles\f8v49jcd.default-release\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2021-05-05] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-12-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-12-29] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [263984 2021-12-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [263472 2021-12-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129128 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncHelper.exe [3280760 2021-12-31] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [7901368 2021-12-17] (Malwarebytes Inc -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.230.1107.0004\OneDriveUpdaterService.exe [3737976 2021-12-31] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AsusTP; C:\Windows\System32\drivers\AsusTP.sys [101872 2017-05-24] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [210352 2022-01-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-10-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-12-04] (Malwarebytes Inc -> Malwarebytes)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2021-12-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [435432 2021-12-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-17] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-01-03 14:37 - 2022-01-03 14:42 - 000016644 _____ C:\Users\elise\Desktop\FRST.txt
2022-01-03 14:35 - 2022-01-03 14:40 - 000000000 ____D C:\FRST
2022-01-03 14:25 - 2022-01-03 14:25 - 000232831 _____ C:\Users\elise\Desktop\ZHPDiag.txt
2022-01-03 14:17 - 2022-01-03 14:17 - 000000865 _____ C:\Users\elise\Desktop\ZHPSuite.lnk
2022-01-03 14:15 - 2022-01-03 14:15 - 002311168 _____ (Farbar) C:\Users\elise\Desktop\FRST64.exe
2022-01-03 14:14 - 2022-01-03 14:14 - 003478168 _____ (Nicolas Coolman) C:\Users\elise\Desktop\ZHPSuite.exe
2022-01-03 09:54 - 2022-01-03 09:54 - 000007598 _____ C:\Users\elise\AppData\Local\Resmon.ResmonCfg
2022-01-01 20:51 - 2022-01-01 20:51 - 000210352 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-12-31 16:08 - 2021-12-31 16:08 - 000000000 ____D C:\Windows\SystemTemp
2021-12-31 16:04 - 2021-12-31 16:04 - 000086446 _____ C:\Users\elise\Downloads\pdf.pdf
2021-12-31 15:52 - 2022-01-01 20:57 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2021-12-31 15:51 - 2022-01-01 20:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-12-29 15:59 - 2021-12-29 15:59 - 000011979 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-12-29 15:58 - 2021-12-29 15:58 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-12-29 15:57 - 2021-12-29 15:57 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2021-12-29 15:56 - 2021-12-29 15:56 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-12-29 15:56 - 2021-12-29 15:56 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-12-29 15:18 - 2021-12-29 15:18 - 000000000 ___HD C:\$WinREAgent
2021-12-29 14:58 - 2021-12-29 15:54 - 000000000 ____D C:\Users\elise\Documents\CV
2021-12-29 14:58 - 2021-12-29 14:58 - 000003888 _____ C:\Windows\system32\Tasks\Avira_Security_Maintenance
2021-12-29 14:57 - 2021-12-29 14:57 - 000003428 _____ C:\Windows\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2021-12-29 14:55 - 2021-12-29 14:57 - 000398621 _____ C:\Users\elise\Downloads\cv cadre commerciale.pdf
2021-12-17 12:23 - 2021-12-17 12:23 - 000000000 ____D C:\Program Files (x86)\Teams Installer
2021-12-17 12:22 - 2021-12-17 12:22 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-12-17 12:08 - 2021-12-31 15:52 - 000000000 ____D C:\Program Files\Microsoft Office
2021-12-17 12:08 - 2021-12-17 12:08 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-12-17 11:22 - 2021-12-17 11:22 - 000000000 ____D C:\Users\elise\AppData\Roaming\Teams
2021-12-17 11:20 - 2022-01-03 14:09 - 000000000 ____D C:\Users\elise\AppData\Local\SquirrelTemp
2021-12-17 11:02 - 2021-12-31 15:57 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-12-17 11:02 - 2021-12-31 15:56 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-17 11:02 - 2021-12-17 11:02 - 000000000 ___RD C:\Users\Default\OneDrive
2021-12-17 10:58 - 2021-12-17 12:20 - 000002472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-12-17 10:58 - 2021-12-17 12:20 - 000002472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-12-17 10:58 - 2021-12-17 12:20 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-12-17 10:58 - 2021-12-17 12:20 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-12-17 10:58 - 2021-12-17 12:20 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-12-17 10:58 - 2021-12-17 12:20 - 000002433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-12-17 10:58 - 2021-12-17 12:20 - 000002395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-12-17 10:58 - 2021-12-17 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office
2021-12-17 10:16 - 2021-12-17 10:16 - 000002818 _____ C:\Windows\system32\Tasks\Avira_Security_Systray
2021-12-17 10:15 - 2021-12-29 14:57 - 000003650 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2021-12-17 09:26 - 2021-12-29 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-12-17 09:23 - 2021-12-29 15:03 - 000003608 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2314993036-2799168284-3816431023-1001
2021-12-17 09:18 - 2021-12-17 09:20 - 000000000 ____D C:\Users\elise\AppData\Local\CrashDumps
2021-12-17 08:47 - 2022-01-03 14:25 - 000000000 ____D C:\Users\elise\AppData\Roaming\ZHP
2021-12-17 08:47 - 2022-01-03 14:17 - 000000000 ____D C:\Users\elise\AppData\Local\ZHP
2021-12-16 17:16 - 2021-12-16 17:17 - 000000000 ____D C:\Program Files\Microsoft Office (Officiel)
2021-12-04 09:40 - 2021-12-04 09:40 - 000000000 ____D C:\Users\elise\AppData\Local\SolidDocuments
2021-12-04 09:37 - 2021-12-04 09:37 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-12-03 22:11 - 2021-10-02 08:31 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2021-12-03 21:50 - 2021-12-03 21:50 - 000611960 _____ C:\Windows\SysWOW64\TextShaping.dll
2021-12-03 21:49 - 2021-12-03 21:49 - 000706536 _____ C:\Windows\system32\TextShaping.dll
2021-12-03 21:49 - 2021-12-03 21:49 - 000098304 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-12-03 21:48 - 2021-12-03 21:48 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2021-12-03 21:01 - 2021-12-03 21:01 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-12-03 21:01 - 2021-12-03 21:01 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-11-20 15:25 - 2021-11-24 21:35 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-11-20 15:22 - 2021-11-20 15:22 - 000000000 ____D C:\Program Files\Adobe
2021-10-29 20:12 - 2021-11-20 15:22 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-10-29 20:07 - 2021-10-29 20:08 - 000095688 _____ C:\Users\elise\Downloads\règlement intérieur 2021 2022.pdf
2021-10-29 20:06 - 2021-10-29 20:08 - 000284938 _____ C:\Users\elise\Downloads\mot jeux dangereux.pdf
2021-10-19 21:29 - 2021-10-19 21:29 - 000000000 ____D C:\Windows\SysWOW64\statReporter
2021-10-19 21:24 - 2022-01-01 20:55 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-01-03 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-03 14:11 - 2021-05-05 21:32 - 000000000 ____D C:\Users\elise\AppData\LocalLow\Mozilla
2022-01-03 14:09 - 2021-06-04 15:22 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2022-01-03 14:08 - 2021-05-05 21:00 - 000000000 __SHD C:\Users\elise\IntelGraphicsProfiles
2022-01-03 10:50 - 2020-11-18 23:28 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-01-01 20:58 - 2021-05-05 20:46 - 001681370 _____ C:\Windows\system32\PerfStringBackup.INI
2022-01-01 20:58 - 2019-12-07 15:49 - 000757852 _____ C:\Windows\system32\perfh00C.dat
2022-01-01 20:58 - 2019-12-07 15:49 - 000142606 _____ C:\Windows\system32\perfc00C.dat
2022-01-01 20:58 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2022-01-01 20:58 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-01-01 20:55 - 2021-05-05 21:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-01 20:54 - 2021-05-05 21:32 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-01 20:53 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-01 20:50 - 2021-05-05 20:32 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-01 20:50 - 2020-11-19 00:29 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-01-01 20:50 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2021-12-31 16:16 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-12-31 16:11 - 2020-11-18 23:28 - 000440888 _____ C:\Windows\system32\FNTCACHE.DAT
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2021-12-31 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2021-12-31 16:08 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2021-12-29 16:13 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-12-29 15:11 - 2021-05-09 20:45 - 000000000 ____D C:\Windows\system32\MRT
2021-12-29 15:07 - 2020-11-19 00:31 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-29 14:51 - 2021-05-09 20:45 - 137938848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-12-17 12:23 - 2021-05-05 20:55 - 000000000 ___RD C:\Users\elise\OneDrive
2021-12-17 12:21 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-12-17 11:16 - 2021-05-05 21:03 - 000000000 ____D C:\ProgramData\Avira
2021-12-17 10:22 - 2021-05-05 21:03 - 000000000 ____D C:\Program Files (x86)\Avira
2021-12-17 09:27 - 2020-11-19 00:29 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-12-17 09:23 - 2021-05-05 21:19 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-12-17 09:21 - 2021-09-17 11:27 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-12-17 09:21 - 2021-05-05 21:08 - 000000000 ____D C:\Program Files\Malwarebytes
2021-12-17 09:10 - 2021-05-19 20:41 - 000803176 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2021-12-17 09:10 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-12-17 08:46 - 2021-05-05 21:02 - 000000000 ____D C:\Program Files\Protection PC
2021-12-16 16:59 - 2021-05-05 20:51 - 000000000 ____D C:\Users\elise\AppData\Local\Packages
2021-12-11 10:40 - 2020-11-19 00:31 - 000003634 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-11 10:40 - 2020-11-19 00:31 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-12-04 09:40 - 2021-05-05 20:51 - 000000000 ____D C:\Users\elise\AppData\Roaming\Adobe
2021-12-04 09:23 - 2020-11-19 00:32 - 000000000 ____D C:\ProgramData\Packages
==================== Fichiers à la racine de certains dossiers ========
2022-01-03 09:54 - 2022-01-03 09:54 - 000007598 _____ () C:\Users\elise\AppData\Local\Resmon.ResmonCfg
==================== SigCheckExt =========================
2022-01-03 14:15 - 2022-01-03 14:15 - 002311168 _____ (Farbar) C:\Users\elise\Desktop\FRST64.exe
2022-01-03 14:14 - 2022-01-03 14:14 - 003478168 _____ (Nicolas Coolman) C:\Users\elise\Desktop\ZHPSuite.exe
2021-06-04 15:01 - 2021-06-04 15:01 - 000000000 _____ C:\Users\elise\Downloads\DriverPack-17-Online.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{eb659c60-ad14-11eb-90f8-806e6f6e6963}
timeout 2
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {4006b588-2ce2-11eb-bf89-74d02b71d2c2}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {eb659c60-ad14-11eb-90f8-806e6f6e6963}
device unknown
description UEFI: SMI USB DISK 1100
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {4006b58a-2ce2-11eb-bf89-74d02b71d2c2}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {4006b588-2ce2-11eb-bf89-74d02b71d2c2}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {4006b58a-2ce2-11eb-bf89-74d02b71d2c2}
device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{4006b58b-2ce2-11eb-bf89-74d02b71d2c2}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-fr
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{4006b58b-2ce2-11eb-bf89-74d02b71d2c2}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {7945dd13-999a-11e3-bf8a-feb7e7b81658}
device ramdisk=[\Device\HarddiskVolume2]\sources\boot.wim,{ramdiskoptions}
path \windows\system32\boot\winload.efi
description WinPE
badmemoryaccess Yes
osdevice ramdisk=[\Device\HarddiskVolume2]\sources\boot.wim,{ramdiskoptions}
systemroot \windows
nx OptIn
detecthal Yes
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {4006b588-2ce2-11eb-bf89-74d02b71d2c2}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {4006b58a-2ce2-11eb-bf89-74d02b71d2c2}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
badmemoryaccess Yes
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
badmemoryaccess Yes
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {4006b58b-2ce2-11eb-bf89-74d02b71d2c2}
description Windows Recovery
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options Ramdisk du programme d'installation
-------------------------------------------
identificateur {ramdiskoptions}
description Ramdisk options
badmemoryaccess Yes
ramdisksdidevice partition=\Device\HarddiskVolume2
ramdisksdipath \boot\boot.sdi
==================== Fin de FRST.txt ========================