Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 13-03-2022
Exécuté par PC (administrateur) sur DESKTOP-ACHU8TL (LENOVO 30AGS16500) (15-03-2022 15:18:11)
Exécuté depuis C:\Users\PC\Desktop
Profils chargés: PC
Plate-forme: Microsoft Windows 10 Professionnel Version 21H2 19044.1586 (X64) Langue: Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\lmgrd.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) [Fichier non signé] C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\adskflex.exe
(C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe ->) (Chaos Software Ltd.) [Fichier non signé] C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe
(C:\Program Files\NVIDIA Corporation\nview\nviewMain64.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\nview\nviewMain.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCopyAccelerator.exe
(C:\Users\PC\AppData\Local\Programs\Opera\opera.exe ->) (Opera Software AS -> Opera Software) C:\Users\PC\AppData\Local\Programs\Opera\84.0.4316.31\opera_crashreporter.exe
(cmd.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\lmgrd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\nview\nviewMain64.exe <2>
(Opera Software AS -> Opera Software) C:\Users\PC\AppData\Local\Programs\Opera\opera.exe <37>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) [Fichier non signé] C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\11.0.0.4854\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (Chaos Software Ltd. -> ) [Fichier non signé] C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\LBAI\LBAEvent.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_1a8e446ca269ea1c\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_1a8e446ca269ea1c\NVWMI\nvWmi64.exe <2>
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [221992 2020-12-09] (Autodesk, Inc. -> Autodesk)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [668376 2021-05-11] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe [2913648 2021-05-10] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKU\S-1-5-21-1264579653-3894767983-416308737-1001\...\Run: [Opera Browser Assistant] => C:\Users\PC\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1264579653-3894767983-416308737-1001\...\Policies\Explorer: []
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2021-11-29]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {01F0F3DC-A8AF-447B-9124-7C8856615257} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {0C2D9923-2758-4FA2-9BB7-BB2C5B33D4E4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8307120 2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {14517183-06D6-4F51-9293-042419FC5F2F} - System32\Tasks\Microsoft\Windows\Autodesk\Autodesk => wscript.exe "%CommonProgramFiles(x86)%\Autodesk Shared\Network License Manager\Service.vbs" "%CommonProgramFiles(x86)%\Autodesk Shared\Network License Manager\Service.bat"
Task: {1A15CD42-5170-4E43-BF81-BB56DC7AA5E6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1A31CB1F-8B8E-4E89-B2D7-9C3AEBC0AB32} - System32\Tasks\Opera scheduled Autoupdate 1630941422 => C:\Users\PC\AppData\Local\Programs\Opera\launcher.exe [2470608 2022-03-03] (Opera Software AS -> Opera Software)
Task: {1F1436D9-0DFB-43C6-8B88-56B711489311} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1543792 2021-10-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1FC4D695-0545-49D4-9B45-5E0992313ACB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {59A1C6A1-80FE-4DE9-B55F-D24FFCD3B16E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [137072 2022-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {7FEB56FA-B7DF-455B-99C8-220C8D07AEDE} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe (Pas de fichier)
Task: {89C486F8-163E-4F3C-9FF2-3E0E5567630F} - System32\Tasks\Opera scheduled assistant Autoupdate 1630941424 => C:\Users\PC\AppData\Local\Programs\Opera\launcher.exe [2470608 2022-03-03] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\PC\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {A8EC27F6-6F04-4031-BFED-F846D66DCCAB} - System32\Tasks\Microsoft\Windows\Maintenance\InstallWinSAT => C:\WINDOWS\system32\Maintenance.vbs [12 2021-10-26] () [Fichier non signé]
Task: {AB64A3FA-3730-4806-8C3A-3F133FD87999} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758792 2021-09-22] (Lenovo -> )
Task: {B0749482-AD45-4AE2-9B5A-6B857A9C9EAB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B3A853A7-11AD-42C1-928F-09F71083D6A2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BC13749A-3ECC-4A64-8BEA-46EB85D0CED0} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758792 2021-09-22] (Lenovo -> )
Task: {BC206F2E-5818-4D38-8366-656E0567E5AC} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => StartupCheck.vbs (Pas de fichier)
Task: {BE093293-239A-4642-9E61-619F1F8258BC} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\PLUGScheduler => C:\Program Files\RUXIM\PLUGscheduler.exe [369512 2022-01-12] (Microsoft Windows -> Microsoft Corporation)
Task: {C592A11C-F95B-4509-B691-4DDB46CEBB0B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB5BDB84-4FE7-44AB-A550-F0C459B31177} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8307120 2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {D2F9C40E-2A49-40F5-BBF0-D5A9EB6CF5E1} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [59232 2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {D50BDEAA-7109-4B15-BA5C-A0985D3FCB03} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-05-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {D8C7C977-E4DA-48B4-A906-1332E6F35677} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {DD43200A-E5ED-4CC0-8CA0-1ECA3F2796B9} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {E6F7A639-6066-47CF-AEB1-5DEF67D87C72} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E8137027-E004-4357-A1A6-38C840045DEA} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [137072 2022-03-15] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3251d5ed-5c18-4492-a806-206507016930}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Profile: C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-09]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
Opera:
=======
OPR Profile: C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable [2022-03-15]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-02-18]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-06]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1050920 2021-05-11] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [18673448 2021-03-29] (Autodesk, Inc. -> Autodesk) [Fichier non signé]
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3803376 2021-11-29] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11649952 2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
R2 LBAEvent; C:\Program Files (x86)\Lenovo\LBAI\LBAEvent.exe [26144 2016-01-26] (LENOVO -> Lenovo)
R2 NVWMI; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_1a8e446ca269ea1c\NVWMI\nvWmi64.exe [4450944 2021-10-27] (Nvidia Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6228008 2022-03-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 vrswrm-service; C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe [90176 2021-09-07] (Chaos Software Ltd. -> ) [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_1a8e446ca269ea1c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_1a8e446ca269ea1c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 LBAI; C:\WINDOWS\System32\Drivers\LBAI.sys [30432 2017-04-29] (Lenovo -> Lenovo)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [439544 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-03-15 15:18 - 2022-03-15 15:18 - 000020705 _____ C:\Users\PC\Desktop\FRST.txt
2022-03-15 15:17 - 2022-03-15 15:18 - 000000000 ____D C:\FRST
2022-03-15 15:17 - 2022-03-15 15:17 - 002364928 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2022-03-15 15:14 - 2022-03-15 15:14 - 000300317 _____ C:\Users\PC\Desktop\ZHPDiag.txt
2022-03-15 15:09 - 2022-03-15 15:14 - 000000000 ____D C:\Users\PC\AppData\Roaming\ZHP
2022-03-15 15:09 - 2022-03-15 15:09 - 000000862 _____ C:\Users\PC\Desktop\ZHPSuite.lnk
2022-03-15 15:09 - 2022-03-15 15:09 - 000000000 ____D C:\Users\PC\AppData\Local\ZHP
2022-03-15 15:04 - 2022-03-15 15:04 - 003480728 _____ (Nicolas Coolman) C:\Users\PC\Desktop\ZHPSuite.exe
2022-03-14 20:08 - 2022-03-14 20:08 - 000077497 _____ C:\Users\PC\Downloads\cast_fiche_technique_01 (1).pdf
2022-03-14 18:07 - 2022-03-14 18:07 - 000077497 _____ C:\Users\PC\Downloads\cast_fiche_technique_01.pdf
2022-03-09 14:15 - 2022-03-09 14:15 - 000195584 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-03-09 14:15 - 2022-03-09 14:15 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-09 14:14 - 2022-03-09 14:14 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-09 14:14 - 2022-03-09 14:14 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-09 14:14 - 2022-03-09 14:14 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-09 14:14 - 2022-03-09 14:14 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-09 14:10 - 2022-03-09 14:10 - 000000000 ___HD C:\$WinREAgent
2022-03-04 10:48 - 2022-03-04 10:48 - 000000000 ____D C:\Users\PC\AppData\Local\unali-142325734
2022-03-04 10:48 - 2022-03-04 10:48 - 000000000 ____D C:\Users\PC\AppData\Local\unali-142325531
2022-03-04 10:41 - 2022-03-04 10:48 - 000000000 ____D C:\Program Files (x86)\EaseUS
2022-03-04 10:41 - 2022-03-04 10:41 - 000000000 ____D C:\Users\PC\AppData\Roaming\EaseUS
2022-03-04 10:41 - 2022-03-04 10:41 - 000000000 ____D C:\ProgramData\SystemAcCrux
2022-03-04 10:41 - 2022-03-04 10:41 - 000000000 ____D C:\Program Files\EaseUS
2022-03-04 10:41 - 2022-03-04 10:41 - 000000000 ____D C:\NasCacheDirectory
2022-02-28 14:18 - 2022-02-28 14:18 - 000002766 _____ C:\Users\PC\Desktop\06_LA_CELLE_ST_CLOUD_TASSIGNY - Raccourci.lnk
2022-02-18 12:08 - 2022-02-18 12:08 - 000000751 _____ C:\Users\PC\Documents\Téléchargements - Raccourci.lnk
2022-02-16 13:07 - 2022-02-16 13:07 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-16 13:07 - 2022-02-16 13:07 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-02-02 12:03 - 2022-02-02 12:03 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2022-01-28 12:20 - 2022-01-28 12:20 - 000000000 ____D C:\Users\PC\AppData\Local\DigiDNA
2022-01-28 12:20 - 2022-01-28 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMazing HEIC Converter
2022-01-28 12:20 - 2022-01-28 12:20 - 000000000 ____D C:\Program Files\DigiDNA
2022-01-28 12:14 - 2022-01-31 16:05 - 000000000 ____D C:\Users\PC\AppData\Roaming\vlc
2022-01-28 12:14 - 2022-01-28 12:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2022-01-28 12:14 - 2022-01-28 12:14 - 000000000 ____D C:\Program Files\VideoLAN
2022-01-28 11:03 - 2022-01-28 11:03 - 000002541 _____ C:\Users\PC\Desktop\MODELES - Raccourci.lnk
2022-01-26 14:14 - 2022-01-26 14:14 - 000047076 _____ C:\Users\PC\Desktop\Echelles Autocad.webp
2022-01-13 11:21 - 2022-01-13 11:21 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-13 11:21 - 2022-01-13 11:21 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2021-12-18 00:01 - 2021-12-18 00:01 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-15 17:15 - 2021-12-15 17:15 - 000000725 _____ C:\Users\PC\Documents\Bureau - Raccourci.lnk
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-03-15 14:54 - 2021-09-17 16:25 - 001683190 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-15 14:54 - 2019-12-07 15:50 - 000755342 _____ C:\WINDOWS\system32\perfh00C.dat
2022-03-15 14:54 - 2019-12-07 15:50 - 000142148 _____ C:\WINDOWS\system32\perfc00C.dat
2022-03-15 14:54 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-03-15 14:46 - 2021-11-29 19:19 - 000000000 ____D C:\ProgramData\AnyDesk
2022-03-15 14:46 - 2021-11-29 19:17 - 000000000 ____D C:\Users\PC\AppData\Roaming\AnyDesk
2022-03-15 14:46 - 2021-09-17 16:17 - 000008192 ___SH C:\DumpStack.log.tmp
2022-03-15 14:46 - 2021-05-22 17:48 - 000000000 ____D C:\ProgramData\NVIDIA
2022-03-15 14:46 - 2020-11-19 00:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-15 14:46 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-15 14:46 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-03-15 14:33 - 2021-09-07 09:33 - 000000000 ____D C:\Program Files\Microsoft Office
2022-03-15 14:31 - 2021-09-09 11:50 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-03-15 14:22 - 2020-11-19 00:44 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-03-15 14:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-14 20:11 - 2021-09-17 16:18 - 000000000 ____D C:\Users\PC
2022-03-14 20:01 - 2021-09-07 15:03 - 000000000 ____D C:\ProgramData\boost_interprocess
2022-03-14 20:00 - 2020-11-18 23:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-14 10:14 - 2021-12-13 12:52 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1264579653-3894767983-416308737-1001
2022-03-14 10:14 - 2021-09-17 16:21 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1264579653-3894767983-416308737-1001
2022-03-14 10:14 - 2021-09-17 16:18 - 000002408 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-14 10:06 - 2020-11-19 00:47 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-14 10:06 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-11 11:15 - 2021-09-20 10:33 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-09 20:41 - 2020-11-18 23:44 - 000411056 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-09 20:40 - 2019-12-07 15:53 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-03-09 20:40 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-03-09 20:40 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-09 20:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-09 20:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-03-09 20:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-09 20:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-09 20:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-09 20:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-09 20:40 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-03-09 17:18 - 2021-09-07 14:38 - 000087264 _____ C:\Users\PC\AppData\Local\GDIPFONTCACHEV1.DAT
2022-03-09 17:18 - 2021-09-07 14:38 - 000000000 ____D C:\ProgramData\RevitInterProcess
2022-03-09 17:17 - 2021-09-07 09:59 - 000000000 ____D C:\ProgramData\Autodesk
2022-03-09 16:16 - 2021-05-22 16:47 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2022-03-09 14:16 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-09 14:14 - 2020-11-19 00:46 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-09 14:10 - 2021-09-06 18:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-09 14:09 - 2021-09-06 18:03 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-03-09 09:55 - 2021-10-04 10:09 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7abd7afd1fd2f
2022-03-09 09:55 - 2020-11-19 00:46 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-08 16:37 - 2021-09-17 16:21 - 000004208 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1630941422
2022-03-08 16:37 - 2021-09-06 16:17 - 000001396 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2022-02-17 12:56 - 2021-09-06 18:03 - 000000000 ____D C:\Program Files\ruxim
2022-02-17 12:56 - 2021-09-06 18:03 - 000000000 ____D C:\Program Files\rempl
2022-02-16 19:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-02-16 19:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-02-16 19:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-02-16 19:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-02-16 19:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-02-16 19:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-02-16 10:38 - 2021-11-29 19:19 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2022-02-14 21:06 - 2021-09-20 10:33 - 000600944 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-02-14 21:06 - 2021-09-20 10:33 - 000482120 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
==================== Fichiers à la racine de certains dossiers ========
2021-09-09 15:13 - 2021-09-09 15:13 - 000000000 _____ () C:\Users\PC\AppData\Local\oobelibMkey.log
==================== SigCheckExt =========================
2006-12-01 22:37 - 2006-12-01 22:37 - 000904704 _____ (Microsoft Corporation) C:\msdia80.dll
2021-10-25 12:47 - 2021-10-25 12:47 - 003059712 _____ C:\WINDOWS\system32\ServiceInstaller.exe
2022-03-15 15:17 - 2022-03-15 15:17 - 002364928 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2022-03-15 15:04 - 2022-03-15 15:04 - 003480728 _____ (Nicolas Coolman) C:\Users\PC\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {b3d88aa7-17d2-11ec-a193-d3c6c14d340c}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0
Chargeur de d‚marrage Windows
-----------------------------
identificateur {6a123271-17ca-11ec-b66e-b1cd14041251}
device ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{6a123272-17ca-11ec-b66e-b1cd14041251}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{6a123272-17ca-11ec-b66e-b1cd14041251}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {6a123271-17ca-11ec-b66e-b1cd14041251}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {b3d88aa7-17d2-11ec-a193-d3c6c14d340c}
nx OptIn
bootmenupolicy Standard
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {b3d88aa7-17d2-11ec-a193-d3c6c14d340c}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {6a123271-17ca-11ec-b66e-b1cd14041251}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {6a123272-17ca-11ec-b66e-b1cd14041251}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume3
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par PC (administrateur) sur DESKTOP-ACHU8TL (LENOVO 30AGS16500) (15-03-2022 15:18:11)
Exécuté depuis C:\Users\PC\Desktop
Profils chargés: PC
Plate-forme: Microsoft Windows 10 Professionnel Version 21H2 19044.1586 (X64) Langue: Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\lmgrd.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) [Fichier non signé] C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\adskflex.exe
(C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe ->) (Chaos Software Ltd.) [Fichier non signé] C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe
(C:\Program Files\NVIDIA Corporation\nview\nviewMain64.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\nview\nviewMain.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCopyAccelerator.exe
(C:\Users\PC\AppData\Local\Programs\Opera\opera.exe ->) (Opera Software AS -> Opera Software) C:\Users\PC\AppData\Local\Programs\Opera\84.0.4316.31\opera_crashreporter.exe
(cmd.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\lmgrd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\nview\nviewMain64.exe <2>
(Opera Software AS -> Opera Software) C:\Users\PC\AppData\Local\Programs\Opera\opera.exe <37>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) [Fichier non signé] C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\11.0.0.4854\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (Chaos Software Ltd. -> ) [Fichier non signé] C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\LBAI\LBAEvent.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_1a8e446ca269ea1c\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_1a8e446ca269ea1c\NVWMI\nvWmi64.exe <2>
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [221992 2020-12-09] (Autodesk, Inc. -> Autodesk)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [668376 2021-05-11] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe [2913648 2021-05-10] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKU\S-1-5-21-1264579653-3894767983-416308737-1001\...\Run: [Opera Browser Assistant] => C:\Users\PC\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1264579653-3894767983-416308737-1001\...\Policies\Explorer: []
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2021-11-29]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {01F0F3DC-A8AF-447B-9124-7C8856615257} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {0C2D9923-2758-4FA2-9BB7-BB2C5B33D4E4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8307120 2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {14517183-06D6-4F51-9293-042419FC5F2F} - System32\Tasks\Microsoft\Windows\Autodesk\Autodesk => wscript.exe "%CommonProgramFiles(x86)%\Autodesk Shared\Network License Manager\Service.vbs" "%CommonProgramFiles(x86)%\Autodesk Shared\Network License Manager\Service.bat"
Task: {1A15CD42-5170-4E43-BF81-BB56DC7AA5E6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1A31CB1F-8B8E-4E89-B2D7-9C3AEBC0AB32} - System32\Tasks\Opera scheduled Autoupdate 1630941422 => C:\Users\PC\AppData\Local\Programs\Opera\launcher.exe [2470608 2022-03-03] (Opera Software AS -> Opera Software)
Task: {1F1436D9-0DFB-43C6-8B88-56B711489311} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1543792 2021-10-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1FC4D695-0545-49D4-9B45-5E0992313ACB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {59A1C6A1-80FE-4DE9-B55F-D24FFCD3B16E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [137072 2022-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {7FEB56FA-B7DF-455B-99C8-220C8D07AEDE} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe (Pas de fichier)
Task: {89C486F8-163E-4F3C-9FF2-3E0E5567630F} - System32\Tasks\Opera scheduled assistant Autoupdate 1630941424 => C:\Users\PC\AppData\Local\Programs\Opera\launcher.exe [2470608 2022-03-03] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\PC\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {A8EC27F6-6F04-4031-BFED-F846D66DCCAB} - System32\Tasks\Microsoft\Windows\Maintenance\InstallWinSAT => C:\WINDOWS\system32\Maintenance.vbs [12 2021-10-26] () [Fichier non signé]
Task: {AB64A3FA-3730-4806-8C3A-3F133FD87999} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758792 2021-09-22] (Lenovo -> )
Task: {B0749482-AD45-4AE2-9B5A-6B857A9C9EAB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B3A853A7-11AD-42C1-928F-09F71083D6A2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BC13749A-3ECC-4A64-8BEA-46EB85D0CED0} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758792 2021-09-22] (Lenovo -> )
Task: {BC206F2E-5818-4D38-8366-656E0567E5AC} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => StartupCheck.vbs (Pas de fichier)
Task: {BE093293-239A-4642-9E61-619F1F8258BC} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\PLUGScheduler => C:\Program Files\RUXIM\PLUGscheduler.exe [369512 2022-01-12] (Microsoft Windows -> Microsoft Corporation)
Task: {C592A11C-F95B-4509-B691-4DDB46CEBB0B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB5BDB84-4FE7-44AB-A550-F0C459B31177} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8307120 2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {D2F9C40E-2A49-40F5-BBF0-D5A9EB6CF5E1} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [59232 2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {D50BDEAA-7109-4B15-BA5C-A0985D3FCB03} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-05-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {D8C7C977-E4DA-48B4-A906-1332E6F35677} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {DD43200A-E5ED-4CC0-8CA0-1ECA3F2796B9} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {E6F7A639-6066-47CF-AEB1-5DEF67D87C72} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E8137027-E004-4357-A1A6-38C840045DEA} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [137072 2022-03-15] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3251d5ed-5c18-4492-a806-206507016930}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Profile: C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-09]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
Opera:
=======
OPR Profile: C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable [2022-03-15]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-02-18]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-06]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1050920 2021-05-11] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [18673448 2021-03-29] (Autodesk, Inc. -> Autodesk) [Fichier non signé]
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3803376 2021-11-29] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11649952 2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
R2 LBAEvent; C:\Program Files (x86)\Lenovo\LBAI\LBAEvent.exe [26144 2016-01-26] (LENOVO -> Lenovo)
R2 NVWMI; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_1a8e446ca269ea1c\NVWMI\nvWmi64.exe [4450944 2021-10-27] (Nvidia Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6228008 2022-03-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 vrswrm-service; C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe [90176 2021-09-07] (Chaos Software Ltd. -> ) [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_1a8e446ca269ea1c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_1a8e446ca269ea1c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 LBAI; C:\WINDOWS\System32\Drivers\LBAI.sys [30432 2017-04-29] (Lenovo -> Lenovo)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [439544 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-03-15 15:18 - 2022-03-15 15:18 - 000020705 _____ C:\Users\PC\Desktop\FRST.txt
2022-03-15 15:17 - 2022-03-15 15:18 - 000000000 ____D C:\FRST
2022-03-15 15:17 - 2022-03-15 15:17 - 002364928 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2022-03-15 15:14 - 2022-03-15 15:14 - 000300317 _____ C:\Users\PC\Desktop\ZHPDiag.txt
2022-03-15 15:09 - 2022-03-15 15:14 - 000000000 ____D C:\Users\PC\AppData\Roaming\ZHP
2022-03-15 15:09 - 2022-03-15 15:09 - 000000862 _____ C:\Users\PC\Desktop\ZHPSuite.lnk
2022-03-15 15:09 - 2022-03-15 15:09 - 000000000 ____D C:\Users\PC\AppData\Local\ZHP
2022-03-15 15:04 - 2022-03-15 15:04 - 003480728 _____ (Nicolas Coolman) C:\Users\PC\Desktop\ZHPSuite.exe
2022-03-14 20:08 - 2022-03-14 20:08 - 000077497 _____ C:\Users\PC\Downloads\cast_fiche_technique_01 (1).pdf
2022-03-14 18:07 - 2022-03-14 18:07 - 000077497 _____ C:\Users\PC\Downloads\cast_fiche_technique_01.pdf
2022-03-09 14:15 - 2022-03-09 14:15 - 000195584 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-03-09 14:15 - 2022-03-09 14:15 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-09 14:14 - 2022-03-09 14:14 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-09 14:14 - 2022-03-09 14:14 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-09 14:14 - 2022-03-09 14:14 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-09 14:14 - 2022-03-09 14:14 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-09 14:10 - 2022-03-09 14:10 - 000000000 ___HD C:\$WinREAgent
2022-03-04 10:48 - 2022-03-04 10:48 - 000000000 ____D C:\Users\PC\AppData\Local\unali-142325734
2022-03-04 10:48 - 2022-03-04 10:48 - 000000000 ____D C:\Users\PC\AppData\Local\unali-142325531
2022-03-04 10:41 - 2022-03-04 10:48 - 000000000 ____D C:\Program Files (x86)\EaseUS
2022-03-04 10:41 - 2022-03-04 10:41 - 000000000 ____D C:\Users\PC\AppData\Roaming\EaseUS
2022-03-04 10:41 - 2022-03-04 10:41 - 000000000 ____D C:\ProgramData\SystemAcCrux
2022-03-04 10:41 - 2022-03-04 10:41 - 000000000 ____D C:\Program Files\EaseUS
2022-03-04 10:41 - 2022-03-04 10:41 - 000000000 ____D C:\NasCacheDirectory
2022-02-28 14:18 - 2022-02-28 14:18 - 000002766 _____ C:\Users\PC\Desktop\06_LA_CELLE_ST_CLOUD_TASSIGNY - Raccourci.lnk
2022-02-18 12:08 - 2022-02-18 12:08 - 000000751 _____ C:\Users\PC\Documents\Téléchargements - Raccourci.lnk
2022-02-16 13:07 - 2022-02-16 13:07 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-16 13:07 - 2022-02-16 13:07 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-02-02 12:03 - 2022-02-02 12:03 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2022-01-28 12:20 - 2022-01-28 12:20 - 000000000 ____D C:\Users\PC\AppData\Local\DigiDNA
2022-01-28 12:20 - 2022-01-28 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMazing HEIC Converter
2022-01-28 12:20 - 2022-01-28 12:20 - 000000000 ____D C:\Program Files\DigiDNA
2022-01-28 12:14 - 2022-01-31 16:05 - 000000000 ____D C:\Users\PC\AppData\Roaming\vlc
2022-01-28 12:14 - 2022-01-28 12:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2022-01-28 12:14 - 2022-01-28 12:14 - 000000000 ____D C:\Program Files\VideoLAN
2022-01-28 11:03 - 2022-01-28 11:03 - 000002541 _____ C:\Users\PC\Desktop\MODELES - Raccourci.lnk
2022-01-26 14:14 - 2022-01-26 14:14 - 000047076 _____ C:\Users\PC\Desktop\Echelles Autocad.webp
2022-01-13 11:21 - 2022-01-13 11:21 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-13 11:21 - 2022-01-13 11:21 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2021-12-18 00:01 - 2021-12-18 00:01 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-15 17:15 - 2021-12-15 17:15 - 000000725 _____ C:\Users\PC\Documents\Bureau - Raccourci.lnk
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-03-15 14:54 - 2021-09-17 16:25 - 001683190 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-15 14:54 - 2019-12-07 15:50 - 000755342 _____ C:\WINDOWS\system32\perfh00C.dat
2022-03-15 14:54 - 2019-12-07 15:50 - 000142148 _____ C:\WINDOWS\system32\perfc00C.dat
2022-03-15 14:54 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-03-15 14:46 - 2021-11-29 19:19 - 000000000 ____D C:\ProgramData\AnyDesk
2022-03-15 14:46 - 2021-11-29 19:17 - 000000000 ____D C:\Users\PC\AppData\Roaming\AnyDesk
2022-03-15 14:46 - 2021-09-17 16:17 - 000008192 ___SH C:\DumpStack.log.tmp
2022-03-15 14:46 - 2021-05-22 17:48 - 000000000 ____D C:\ProgramData\NVIDIA
2022-03-15 14:46 - 2020-11-19 00:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-15 14:46 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-15 14:46 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-03-15 14:33 - 2021-09-07 09:33 - 000000000 ____D C:\Program Files\Microsoft Office
2022-03-15 14:31 - 2021-09-09 11:50 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-03-15 14:22 - 2020-11-19 00:44 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-03-15 14:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-14 20:11 - 2021-09-17 16:18 - 000000000 ____D C:\Users\PC
2022-03-14 20:01 - 2021-09-07 15:03 - 000000000 ____D C:\ProgramData\boost_interprocess
2022-03-14 20:00 - 2020-11-18 23:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-14 10:14 - 2021-12-13 12:52 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1264579653-3894767983-416308737-1001
2022-03-14 10:14 - 2021-09-17 16:21 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1264579653-3894767983-416308737-1001
2022-03-14 10:14 - 2021-09-17 16:18 - 000002408 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-14 10:06 - 2020-11-19 00:47 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-14 10:06 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-11 11:15 - 2021-09-20 10:33 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-09 20:41 - 2020-11-18 23:44 - 000411056 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-09 20:40 - 2019-12-07 15:53 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-03-09 20:40 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-03-09 20:40 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-09 20:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-09 20:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-03-09 20:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-09 20:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-09 20:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-09 20:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-09 20:40 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-03-09 17:18 - 2021-09-07 14:38 - 000087264 _____ C:\Users\PC\AppData\Local\GDIPFONTCACHEV1.DAT
2022-03-09 17:18 - 2021-09-07 14:38 - 000000000 ____D C:\ProgramData\RevitInterProcess
2022-03-09 17:17 - 2021-09-07 09:59 - 000000000 ____D C:\ProgramData\Autodesk
2022-03-09 16:16 - 2021-05-22 16:47 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2022-03-09 14:16 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-09 14:14 - 2020-11-19 00:46 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-09 14:10 - 2021-09-06 18:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-09 14:09 - 2021-09-06 18:03 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-03-09 09:55 - 2021-10-04 10:09 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7abd7afd1fd2f
2022-03-09 09:55 - 2020-11-19 00:46 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-08 16:37 - 2021-09-17 16:21 - 000004208 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1630941422
2022-03-08 16:37 - 2021-09-06 16:17 - 000001396 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2022-02-17 12:56 - 2021-09-06 18:03 - 000000000 ____D C:\Program Files\ruxim
2022-02-17 12:56 - 2021-09-06 18:03 - 000000000 ____D C:\Program Files\rempl
2022-02-16 19:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-02-16 19:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-02-16 19:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-02-16 19:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-02-16 19:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-02-16 19:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-02-16 10:38 - 2021-11-29 19:19 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2022-02-14 21:06 - 2021-09-20 10:33 - 000600944 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-02-14 21:06 - 2021-09-20 10:33 - 000482120 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
==================== Fichiers à la racine de certains dossiers ========
2021-09-09 15:13 - 2021-09-09 15:13 - 000000000 _____ () C:\Users\PC\AppData\Local\oobelibMkey.log
==================== SigCheckExt =========================
2006-12-01 22:37 - 2006-12-01 22:37 - 000904704 _____ (Microsoft Corporation) C:\msdia80.dll
2021-10-25 12:47 - 2021-10-25 12:47 - 003059712 _____ C:\WINDOWS\system32\ServiceInstaller.exe
2022-03-15 15:17 - 2022-03-15 15:17 - 002364928 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2022-03-15 15:04 - 2022-03-15 15:04 - 003480728 _____ (Nicolas Coolman) C:\Users\PC\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {b3d88aa7-17d2-11ec-a193-d3c6c14d340c}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0
Chargeur de d‚marrage Windows
-----------------------------
identificateur {6a123271-17ca-11ec-b66e-b1cd14041251}
device ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{6a123272-17ca-11ec-b66e-b1cd14041251}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{6a123272-17ca-11ec-b66e-b1cd14041251}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {6a123271-17ca-11ec-b66e-b1cd14041251}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {b3d88aa7-17d2-11ec-a193-d3c6c14d340c}
nx OptIn
bootmenupolicy Standard
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {b3d88aa7-17d2-11ec-a193-d3c6c14d340c}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {6a123271-17ca-11ec-b66e-b1cd14041251}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {6a123272-17ca-11ec-b66e-b1cd14041251}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume3
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================