Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15-04-2022
Exécuté par gregory (administrateur) sur LAPTOP-2AE64TP8 (LENOVO 80LM) (17-04-2022 23:59:55)
Exécuté depuis C:\Users\gregory\Desktop
Profils chargés: gregory
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1586 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AcroCEF\AcroCEF.exe
(AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files\Common Files\AVG\Icarus\avg-vpn\temp\asw-ba2afea2-f133-4042-b357-52624c335bdf\icarus.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Google LLC -> Google) C:\Users\gregory\AppData\Local\Google\Chrome\User Data\SwReporter\99.279.200\software_reporter_tool.exe <4>
(C:\Program Files (x86)\Google\Update\Install\{7A4FB698-6ADD-4B02-860D-FEB7A8C30589}\100.0.4896.88_99.0.4844.84_chrome_updater.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{7A4FB698-6ADD-4B02-860D-FEB7A8C30589}\CR_F7F7F.tmp\setup.exe <2>
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\100.0.1185.44\identity_helper.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCopyAccelerator.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <4>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-6bd33811.exe ->) (Accès refusé) [Fichier non signé] C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\72B8C77D-2776-4484-A3EA-49250DB4861E\MpSigStub.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <9>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{7A4FB698-6ADD-4B02-860D-FEB7A8C30589}\100.0.4896.88_99.0.4844.84_chrome_updater.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxEM.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Users\gregory\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-6bd33811.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Secure VPN\VpnSvc.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Hewlett-Packard Company) [Fichier non signé] C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(services.exe ->) (HP) [Fichier non signé] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxCUIService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Malwarebytes Corporation -> Malwarebytes) C:\ProgramData\MB3Install\MBAMIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe
(services.exe ->) (Nitro PDF Software -> ) C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
(services.exe ->) (Nitro PDF Software -> Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(services.exe ->) (Nitro PDF Software -> Nitro PDF Software) C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(svchost.exe ->) (AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files\Common Files\AVG\Icarus\avg-vpn\icarus.exe
(svchost.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Hewlett-Packard Company -> Hewlett Packard) C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WaaSMedicAgent.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe
(wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3743648 2015-08-03] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388928 2018-06-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2018-06-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2018-06-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942936 2018-11-02] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Fichier non signé]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2852684532-2492962048-194019044-1001\...\Run: [MicrosoftEdgeAutoLaunch_14EED633C98365CEDE9DE3B6CED09492] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3540408 2022-04-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2852684532-2492962048-194019044-1001\...\Run: [Discord] => C:\Users\gregory\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKLM\...\Windows x64\Print Processors\hpcpp108: C:\Windows\System32\spool\prtprocs\x64\hpcpp108.DLL [331776 2011-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Fichier non signé]
HKLM\...\Print\Monitors\Nitro PDF Port Monitor: C:\WINDOWS\system32\nitrolocalmon9.dll [29704 2014-08-01] (Nitro PDF Software -> Nitro PDF Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\99.0.4844.84\Installer\chrmstp.exe [2022-03-30] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{75A22DF0-B81D-46ed-B119-CD30507BD615}] -> C:\WINDOWS\system32\SampleHardwareEventCredentialProvider.dll [2015-08-25] (LENOVO -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVG Secure VPN.lnk [2022-03-11]
ShortcutTarget: AVG Secure VPN.lnk -> C:\Program Files\AVG\Secure VPN\Vpn.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {04772333-76BC-4DF9-8A1D-5E62811CFFFE} - System32\Tasks\AVG Secure VPN Update => C:\Program Files\AVG\Secure VPN\VpnUpdate.exe [1264752 2022-03-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {059C953E-2E16-4569-8F9B-5532C41F92F4} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe backgroundagent (Pas de fichier)
Task: {10E058E5-DFE5-41C2-B9DB-8D76209D27A1} - \Lenovo\ImController\Lenovo iM Controller Monitor -> Pas de fichier <==== ATTENTION
Task: {12927899-CE8B-4BFC-998D-7D302D035A51} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe /show (Pas de fichier)
Task: {12A25C86-7650-4FD5-BA4D-A4A871E7F485} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {1C03CD46-E0E2-419A-9BDE-E364E63E047C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\fb84ea0d-0b25-44fb-8eab-4f7704bc3b3f => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {1D5AF8DB-D4C5-4DF6-ADAC-87193AC8536E} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {2158E73D-7A73-434A-A60E-A7F8149072C9} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {26E2B4FD-B1A9-414F-88FA-382D85547009} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7f27515d-6685-4b50-bc65-ade7f2dd85e3 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {31DADE57-783F-40A3-9B68-FE2AC6A8CBDC} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe -update (Pas de fichier)
Task: {34983788-0B92-48F5-A43A-86700AC46301} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-12] (Google Inc -> Google Inc.)
Task: {3C932EFC-D2A9-48C0-94FB-FF8F01724458} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-08] (Adobe Inc. -> Adobe)
Task: {42814184-7972-4446-A02B-BB8B3E0EED80} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {44E39D5B-3499-44FE-936C-C70A22785E51} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111520 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {475774BE-C557-4C1B-BFFE-E42F6E7844AD} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Pas de fichier <==== ATTENTION
Task: {5432D807-0DB8-4B32-BB97-56A42AD5C316} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-12] (Google Inc -> Google Inc.)
Task: {57723785-6C59-4ABF-95F9-D782FAD44E5C} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe (Pas de fichier)
Task: {5E3D9405-A423-42DD-AE4A-2F838E3E79E0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {65501967-D1D0-4754-AB6D-2FADBEC68607} - System32\Tasks\R@1n-KMS\Windows100Core => wmic path SoftwareLicensingProduct where (ID="58e97c99-f377-4ef1-81d5-4ad5522b5fd8") call Activate
Task: {6ABE41F2-F054-4FBC-9706-DF616BA4E212} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {79B7EFA9-1A66-4747-8799-0BA76E6A0B49} - System32\Tasks\AVG\AVG Secure VPN Bug Report => C:\Program Files\AVG\Secure VPN\AvBugReport.exe [4690032 2022-03-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 12 --programpath "C:\Program Files\AVG\Secure VPN" --configpath "C:\ProgramData\AVG\Secure VPN" --path "C:\ProgramData\AVG\Secure VPN\log" --path "C:\ProgramData\AVG\Icarus\Logs" --logpath "C:\ProgramData\AVG\Secure VPN\log" --guid 95407e2e-2759-46bf-9872-71f0361c63aa
Task: {7CE5B92F-A36A-4C59-8A4E-AE5C2AA30F04} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6513608 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {8294DF1F-11DB-4C53-8187-9E3C3BABBC49} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22866856 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {8C214104-B165-4BFE-AA18-8C3515DF718C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22866856 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {93D66BF5-F80A-4014-86F3-E39F82E2C4F8} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe /nobrowser (Pas de fichier)
Task: {993171FD-2632-455D-9EE0-11E6291C2985} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111520 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD3749C1-FF5E-4A46-A712-4F98B3558CE7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7caf6bd1-391d-459e-992d-f30e52b13998 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {B4703D83-0104-4282-AE6B-F54BD7372C6C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BBDFB5E6-E08C-4C8F-9A83-BB06646621CB} - System32\Tasks\AVG\AVG Secure VPN Update => C:\Program Files\Common Files\AVG\Icarus\avg-vpn\icarus.exe [6617400 2022-03-01] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {BD284E3C-615F-4F05-99D8-E83049B1859C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C3F6A60F-E794-450F-832D-21B8C7BE8D1A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {C725E3DB-C69F-4468-93C2-E89A8ACAA976} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe -diag HWScan (Pas de fichier)
Task: {C930DE22-A286-4FA1-9897-EC0BA397C2FB} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe -autostart (Pas de fichier)
Task: {CFF658AF-7159-42D7-9AC6-A975E6B1D45E} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [42808 2010-09-22] (Hewlett-Packard Company -> Hewlett Packard)
Task: {D5F4DF19-FA27-4018-B154-1EEA7525674E} - System32\Tasks\R@1n-KMS\Office16ProPlus => wmic path SoftwareLicensingProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate
Task: {D99AAF0F-6F65-4623-A375-BA05CB6FC4B7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\3d410d8a-75d6-42d3-8fb2-f500611eba8b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {DEF3727F-343F-41BB-BF52-A51979E27C54} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {E314606E-2B24-4448-9317-FD419045C867} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe UpdateStatus (Pas de fichier)
Task: {E6D10079-BD31-43B7-B887-0338BBB37E77} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6513608 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F106B930-4738-49DD-944B-A906991B1EF5} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\aed9c3e5-4f57-4bcf-be02-c6c66906e2d7 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {F5E4379A-FD5B-4FBC-A731-569CBF8B48C7} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 109.88.203.3 62.197.111.140
Tcpip\..\Interfaces\{02d0092b-1386-4836-8112-50b6b46a4566}: [DhcpNameServer] 109.88.203.3 62.197.111.140
Tcpip\..\Interfaces\{0eceaa49-801c-4620-9781-ce7f11744213}: [DhcpNameServer] 109.88.203.3 62.197.111.140
Tcpip\..\Interfaces\{bd8a7640-eabb-4054-8053-95410ab387da}: [NameServer] 100.120.124.1
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\gregory\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-17]
Edge HomePage: Default -> hxxp://www.google.com
Edge StartupUrls: Default -> "hxxp://www.google.com/"
Edge Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\gregory\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-01-14]
Edge Extension: (Connective signing extension) - C:\Users\gregory\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kclpjmhngbacampgcdojmiedamjbgjjm [2021-12-01]
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-05-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-05-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-08-01] (Nitro PDF Software -> Nitro PDF)
FF Plugin HKU\S-1-5-21-2852684532-2492962048-194019044-1001: connective.be/BrowserPlugin -> C:\Users\gregory\AppData\Local\Connective\SigningFirefoxPlugin\npapi-plugin.dll [2021-07-05] (Connective n.v.) [Fichier non signé]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default [2022-04-18]
CHR Notifications: Default -> hxxps://be.easyflyer.eu; hxxps://best.aliexpress.com; hxxps://cryptoast.fr; hxxps://desidees.net; hxxps://fr.aliexpress.com; hxxps://fr.dreamstime.com; hxxps://fr.zaful.com; hxxps://satland.org; hxxps://scalaires-et-autres.forumactif.com; hxxps://www.alibaba.com; hxxps://www.architecture-art-deco.fr; hxxps://www.beaute-test.com; hxxps://www.bmw-serie3.com; hxxps://www.cnetfrance.fr; hxxps://www.conrad.fr; hxxps://www.depanntout.com; hxxps://www.facebook.com; hxxps://www.fnac.com; hxxps://www.lesnumeriques.com; hxxps://www.lightinthebox.com; hxxps://www.marmiton.org; hxxps://www.neozone.org; hxxps://www.pinterest.fr; hxxps://www.topsante.com; hxxps://www.tui.be; hxxps://www.tuifly.be; hxxps://www.voici.fr; hxxps://www.wish.com
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Google Drive) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-12]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-01-13]
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-03-23]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-03-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Profile: C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-04-17]
CHR Profile: C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-11-19]
CHR Extension: (Slides) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-24]
CHR Extension: (Docs) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-24]
CHR Extension: (Google Drive) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-24]
CHR Extension: (YouTube) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-24]
CHR Extension: (Adobe Acrobat) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-11-19]
CHR Extension: (Sheets) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-24]
CHR Extension: (Google Docs hors connexion) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-24]
CHR Extension: (Skype) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2021-10-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-24]
CHR Extension: (Gmail) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-24]
CHR Profile: C:\Users\gregory\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-17]
CHR HKLM\...\Chrome\Extension: [oahnbekpplfncpdnahmjddbnidmpdkcn]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11666384 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company) [Fichier non signé]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-27] (HP) [Fichier non signé]
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 MBAMIService; C:\ProgramData\MB3Install\MBAMIService.exe [230096 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 NitroDriverReadSpool9; C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [230920 2014-08-01] (Nitro PDF Software -> Nitro PDF Software)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe [418312 2014-08-01] (Nitro PDF Software -> )
R2 nlsX86cc; C:\Windows\SysWOW64\NLSSRV32.EXE [69640 2014-08-01] (Nitro PDF Software -> Nalpeiron Ltd.)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 SecureVPN; C:\Program Files\AVG\Secure VPN\VpnSvc.exe [9609840 2022-03-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 avgTap; C:\WINDOWS\System32\drivers\avgTap.sys [54888 2022-02-15] (AVG Technologies CZ, s.r.o. -> The OpenVPN Project)
S3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [53488 2018-06-10] (IVT CORPORATION -> IVT Corporation.)
S3 GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [130944 2014-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-02-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MpKslcb9a0a9c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B9AB00FF-34C7-4492-8E15-C4F3E652CB8A}\MpKslDrv.sys [137464 2022-03-29] (Microsoft Windows -> Microsoft Corporation)
R3 MpKslcca5b203; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5C4ED180-73C5-41A3-87B7-D8370A24F458}\MpKslDrv.sys [137464 2022-03-28] (Microsoft Windows -> Microsoft Corporation)
R3 RSP2STOR; C:\WINDOWS\System32\drivers\RtsP2Stor.sys [338368 2018-06-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [439544 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-04-17 23:59 - 2022-04-18 00:04 - 000034275 _____ C:\Users\gregory\Desktop\FRST.txt
2022-04-17 23:56 - 2022-04-18 00:02 - 000000000 ____D C:\FRST
2022-04-17 23:54 - 2022-04-17 23:54 - 000339871 _____ C:\Users\gregory\Desktop\ZHPDiag.txt
2022-04-17 23:39 - 2022-04-17 23:38 - 002366464 _____ (Farbar) C:\Users\gregory\Desktop\FRST64.exe
2022-04-17 23:36 - 2022-04-17 23:38 - 002366464 _____ (Farbar) C:\Users\gregory\Downloads\FRST64.exe
2022-04-17 23:23 - 2022-04-17 23:54 - 000000000 ____D C:\Users\gregory\AppData\Roaming\ZHP
2022-04-17 23:23 - 2022-04-17 23:23 - 000000874 _____ C:\Users\gregory\Desktop\ZHPSuite.lnk
2022-04-17 23:23 - 2022-04-17 23:23 - 000000000 ____D C:\Users\gregory\AppData\Local\ZHP
2022-04-17 23:20 - 2022-04-17 23:19 - 003482312 _____ (Nicolas Coolman) C:\Users\gregory\Desktop\ZHPSuite.exe
2022-04-17 23:16 - 2022-04-17 23:19 - 003482312 _____ (Nicolas Coolman) C:\Users\gregory\Downloads\ZHPSuite.exe
2022-04-17 20:49 - 2022-04-17 20:49 - 000000000 ___HD C:\$WinREAgent
2022-03-31 22:47 - 2022-03-31 22:47 - 004243999 _____ C:\Users\gregory\Downloads\mini excavator manual.pdf
2022-03-29 20:48 - 2022-03-29 20:48 - 001123061 _____ C:\Users\gregory\Downloads\FR_DX27Z_DX35Z_Preliminary_Brochure_D4601120_02-2022_LowRes (1).pdf
2022-03-28 20:44 - 2022-03-28 20:44 - 000016336 _____ C:\Users\gregory\Downloads\file (43).pdf
2022-03-28 19:17 - 2022-03-28 19:18 - 001123061 _____ C:\Users\gregory\Downloads\FR_DX27Z_DX35Z_Preliminary_Brochure_D4601120_02-2022_LowRes.pdf
2022-03-28 19:09 - 2022-03-28 22:49 - 000000648 _____ C:\Users\gregory\advanced_ip_scanner_MAC.bin
2022-03-28 19:09 - 2022-03-28 22:49 - 000000015 _____ C:\Users\gregory\advanced_ip_scanner_Comments.bin
2022-03-28 19:09 - 2022-03-28 22:49 - 000000015 _____ C:\Users\gregory\advanced_ip_scanner_Aliases.bin
2022-03-28 19:09 - 2022-03-28 19:09 - 000105516 _____ C:\Users\gregory\Downloads\bpost-label - 2022-03-28T170944590.pdf
2022-03-28 19:07 - 2022-03-28 19:07 - 000105516 _____ C:\Users\gregory\Downloads\bpost-label - 2022-03-28T170745138.pdf
2022-03-28 17:51 - 2022-03-28 17:51 - 000001057 _____ C:\Users\Public\Desktop\Advanced IP Scanner.lnk
2022-03-28 17:51 - 2022-03-28 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced IP Scanner v2
2022-03-28 17:51 - 2022-03-28 17:51 - 000000000 ____D C:\Program Files (x86)\Advanced IP Scanner
2022-03-28 17:50 - 2022-03-28 17:50 - 020385120 _____ (Famatech Corp. ) C:\Users\gregory\Downloads\Advanced_IP_Scanner_2.5.3850.exe
2022-03-28 17:37 - 2022-03-28 17:37 - 000000000 ____D C:\Users\gregory\AppData\Local\D3DSCache
2022-03-27 21:29 - 2022-03-27 21:29 - 000136317 _____ C:\Users\gregory\Downloads\GCF0C_FR_ComfyFlex_gas.pdf
2022-03-26 20:53 - 2022-03-26 20:53 - 000874172 _____ C:\Users\gregory\Downloads\Excavator_40178_Conditions-particulieres_FR.pdf
2022-03-25 21:54 - 2022-03-25 21:54 - 000252561 _____ C:\Users\gregory\Downloads\Topographie-de-la-douleur.pdf
2022-03-25 21:54 - 2022-03-25 21:54 - 000252561 _____ C:\Users\gregory\Desktop\Topographie-de-la-douleur.pdf
2022-03-18 20:44 - 2022-03-18 20:44 - 000050410 _____ C:\Users\gregory\Downloads\01125-642e1fdabd114655a1dfefa22df0ce53.pdf
2022-03-14 13:55 - 2022-03-14 13:55 - 000019274 _____ C:\Users\gregory\Downloads\Basket (19).pdf
2022-03-14 13:55 - 2022-03-14 13:55 - 000017780 _____ C:\Users\gregory\Downloads\Basket (18).pdf
2022-03-13 15:31 - 2022-03-13 15:31 - 000025505 _____ C:\Users\gregory\Downloads\cylindres-fr-organigramme-cyl14145-gregory-usai-09-01-2022-1.xlsx
2022-03-13 15:31 - 2022-03-13 15:31 - 000025505 _____ C:\Users\gregory\Desktop\cylindres-fr-organigramme-cyl14145-gregory-usai-09-01-2022-1.xlsx
2022-03-11 22:14 - 2022-03-11 22:14 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-11 22:12 - 2022-03-11 22:12 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-11 22:11 - 2022-03-11 22:11 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-11 22:09 - 2022-03-11 22:09 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-11 22:09 - 2022-03-11 22:09 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-02 00:21 - 2022-03-02 00:21 - 000218870 _____ C:\Users\gregory\Downloads\led-transfo-12v-1-70w-300-89-12-71-int.pdf
2022-03-01 20:46 - 2022-03-01 20:46 - 000235901 _____ C:\Users\gregory\Downloads\TicketOrder20220301-7825511.pdf
2022-02-28 20:10 - 2022-02-28 20:11 - 000106377 _____ C:\Users\gregory\Downloads\bpost-label - 2022-02-28T181058507.pdf
2022-02-27 23:22 - 2022-02-27 23:22 - 019791192 _____ C:\Users\gregory\Downloads\Gmail (16).zip
2022-02-27 22:05 - 2022-02-27 22:05 - 000104031 _____ C:\Users\gregory\Downloads\bpost-label - 2022-02-27T200529458.pdf
2022-02-24 21:17 - 2022-02-24 21:17 - 000103042 _____ C:\Users\gregory\Downloads\bpost-label - 2022-02-24T191744975.pdf
2022-02-19 20:47 - 2022-02-19 20:54 - 000000000 ____D C:\WINDOWS\TempInst
2022-02-15 21:41 - 2022-03-12 19:37 - 000003974 _____ C:\WINDOWS\system32\Tasks\AVG Secure VPN Update
2022-02-15 21:41 - 2022-03-12 19:37 - 000000000 ____D C:\ProgramData\AVG
2022-02-15 21:41 - 2022-03-10 21:41 - 000036120 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2022-02-15 21:41 - 2022-02-15 21:41 - 000054888 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\avgTap.sys
2022-02-15 21:41 - 2022-02-15 21:41 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure VPN.lnk
2022-02-15 21:41 - 2022-02-15 21:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2022-02-15 21:41 - 2022-02-15 21:41 - 000000000 ____D C:\Program Files\Common Files\AVG
2022-02-15 21:41 - 2022-02-15 21:41 - 000000000 ____D C:\Program Files\AVG
2022-02-15 21:40 - 2022-02-15 21:40 - 001180824 _____ (AVG Technologies) C:\Users\gregory\Downloads\avg_vpn_online_setup.exe
2022-02-11 22:07 - 2022-02-11 22:07 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-11 22:07 - 2022-02-11 22:07 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-02-10 21:13 - 2022-02-10 21:14 - 000061865 _____ C:\Users\gregory\Downloads\32200189791.pdf
2022-02-08 22:47 - 2022-02-08 22:47 - 013722894 _____ C:\Users\gregory\Downloads\Gmail (15).zip
2022-02-08 22:31 - 2022-03-29 21:55 - 000000000 ____D C:\Users\gregory\Desktop\ikea
2022-02-06 22:13 - 2022-03-28 22:49 - 000000026 _____ C:\Users\gregory\Desktop\ip chaudiere.txt
2022-02-05 22:25 - 2022-02-05 22:25 - 000060760 _____ C:\Users\gregory\Downloads\32104469828.pdf
2022-01-30 14:28 - 2022-01-30 13:57 - 002090752 _____ C:\Users\gregory\Desktop\enigma2-plugin-extensions-xstreamity_3.58_all.ipk
2022-01-30 14:05 - 2022-01-30 14:05 - 002090752 _____ C:\Users\gregory\Downloads\enigma2-plugin-extensions-xstreamity_3.58_all (1).ipk
2022-01-30 13:57 - 2022-01-30 13:57 - 002090752 _____ C:\Users\gregory\Downloads\enigma2-plugin-extensions-xstreamity_3.58_all.ipk
2022-01-29 21:00 - 2022-01-29 21:00 - 003919431 _____ C:\Users\gregory\Downloads\Insite Gold Complete User Guide v1.9 End User (1).pdf
2022-01-29 21:00 - 2022-01-29 21:00 - 003919431 _____ C:\Users\gregory\Desktop\Insite Gold Complete User Guide v1.9 End User (1).pdf
2022-01-25 20:39 - 2022-01-25 20:40 - 053024653 _____ C:\Users\gregory\Downloads\AirySat TV(1.6.9.1)_to_Publish.apk
2022-01-18 21:54 - 2022-01-18 21:54 - 024443914 _____ C:\Users\gregory\Downloads\Gmail (14).zip
2022-01-18 21:54 - 2022-01-18 21:54 - 000000000 ____D C:\Users\gregory\Desktop\Nouveau dossier (3)
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-04-18 00:12 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-17 23:41 - 2020-10-07 20:27 - 000000000 ____D C:\Users\gregory\Desktop\creche
2022-04-17 23:39 - 2020-11-23 21:37 - 000000000 ____D C:\Users\gregory\Desktop\aqua
2022-04-17 23:29 - 2016-03-12 13:14 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-17 23:17 - 2021-03-17 21:08 - 000000000 ____D C:\Users\gregory\Desktop\h2o
2022-04-17 23:14 - 2021-04-03 22:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-04-17 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-17 22:18 - 2020-10-26 01:14 - 000004180 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{73CC9617-0FDB-4378-87B1-87E74F36F536}
2022-04-17 22:05 - 2020-10-26 00:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-17 21:30 - 2020-06-11 20:18 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-17 20:52 - 2020-10-26 00:59 - 001772726 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-17 20:52 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2022-04-17 20:52 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2022-04-17 20:52 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-17 20:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-17 20:35 - 2021-11-30 20:25 - 000000000 ____D C:\Users\gregory\AppData\Roaming\discord
2022-04-17 20:35 - 2021-11-30 20:24 - 000000000 ____D C:\Users\gregory\AppData\Local\Discord
2022-04-17 20:24 - 2020-10-26 20:25 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6ab22389ed921
2022-04-17 20:24 - 2020-10-26 01:14 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-17 20:23 - 2016-03-11 04:10 - 000000000 __SHD C:\Users\gregory\IntelGraphicsProfiles
2022-03-28 19:09 - 2020-10-26 00:47 - 000000000 ____D C:\Users\gregory
2022-03-27 20:09 - 2016-03-18 20:24 - 000000000 ____D C:\Users\gregory\AppData\Roaming\Nitro PDF
2022-03-25 21:34 - 2021-12-12 21:18 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2852684532-2492962048-194019044-1001
2022-03-25 21:34 - 2020-10-26 01:14 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2852684532-2492962048-194019044-1001
2022-03-25 21:34 - 2020-10-26 00:47 - 000002430 _____ C:\Users\gregory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-24 21:00 - 2020-10-26 01:14 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-03-24 20:59 - 2021-12-13 20:47 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
==================== Fichiers à la racine de certains dossiers ========
2019-03-28 20:26 - 2019-03-28 20:26 - 007505920 _____ () C:\Program Files (x86)\GUTEADC.tmp
2018-09-14 22:33 - 2021-07-17 23:05 - 000000033 _____ () C:\Users\gregory\AppData\Roaming\AdobeWLCMCache.dat
2017-03-01 21:58 - 2018-11-20 20:35 - 000000600 _____ () C:\Users\gregory\AppData\Local\PUTTY.RND
==================== SigCheckExt =========================
2016-07-16 13:42 - 2016-07-16 13:42 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AllJoynDiscoveryPlugin.dll
2016-07-12 21:19 - 2016-07-01 05:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2016-07-16 13:41 - 2016-07-16 13:41 - 000032256 _____ (CANON INC.) C:\WINDOWS\system32\CNHI10A.DLL
2015-10-30 09:19 - 2015-10-30 09:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll
2017-04-14 21:38 - 2017-03-28 07:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2010-09-27 14:15 - 2010-09-27 14:15 - 000032768 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpbmiapi.dll
2010-09-27 14:15 - 2010-09-27 14:15 - 000033280 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpboid.dll
2010-09-27 14:15 - 2010-09-27 14:15 - 000009216 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpboidps.dll
2010-09-27 14:15 - 2010-09-27 14:15 - 000057344 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpbpro.dll
2010-09-27 14:15 - 2010-09-27 14:15 - 000009728 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpbprops.dll
2010-01-19 15:12 - 2010-01-19 15:12 - 000070144 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPBWSDR.DLL
2010-05-06 15:18 - 2010-05-06 15:18 - 000180736 _____ (hp) C:\WINDOWS\system32\hplbddrv.dll
2009-09-16 18:44 - 2009-09-16 18:44 - 000153088 _____ (Hewlett Packard) C:\WINDOWS\system32\HpTcpMib.dll
2009-09-16 18:45 - 2009-09-16 18:45 - 000331264 _____ (Hewlett Packard) C:\WINDOWS\system32\HPTcpMon.dll
2009-09-16 18:45 - 2009-09-16 18:45 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HPTcpMUI.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000079872 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZidr12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZipm12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000054784 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZipr12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000045056 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzipt12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000030208 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzisn12.dll
2009-09-16 11:44 - 2009-09-16 11:44 - 000596992 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzjcd01.dll
2009-09-16 11:44 - 2009-09-16 11:44 - 000028672 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzjfw64.dll
2009-09-16 11:44 - 2009-09-16 11:44 - 000132096 _____ (Hewlett Packard) C:\WINDOWS\system32\hpzjrd01.dll
2015-09-10 05:43 - 2015-09-04 15:26 - 000206848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4279.dll
2017-05-12 08:35 - 2017-03-04 08:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-07-16 13:43 - 2016-07-17 00:45 - 003584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll
2015-11-11 07:17 - 2015-08-25 16:02 - 002079232 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\system32\libeay32.dll
2016-03-11 04:13 - 2015-08-25 16:02 - 000273920 _____ C:\WINDOWS\system32\SDKClient.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDiscoveryPlugin.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiOnboardingPlugin.dll
2016-07-16 13:43 - 2016-07-16 13:43 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\configmanager2.dll
2016-07-16 13:43 - 2016-07-16 13:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coredpus.dll
2015-10-30 09:19 - 2015-10-30 09:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll
2010-08-06 11:13 - 2010-08-06 11:13 - 000050688 _____ (Hewlett-Packard) C:\WINDOWS\SysWOW64\HPZidr12.dll
2010-08-06 11:13 - 2010-08-06 11:13 - 000034816 _____ (Hewlett-Packard) C:\WINDOWS\SysWOW64\HPZipr12.dll
2017-03-16 22:43 - 2017-03-04 08:18 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-07-16 13:44 - 2016-07-17 00:45 - 002549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll
2015-10-30 09:19 - 2016-09-14 20:01 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-10-30 09:19 - 2016-09-14 20:01 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2012-03-12 21:56 - 2012-03-12 21:56 - 000947472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjava.dll
2020-03-28 17:35 - 2011-06-23 13:25 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2022-04-17 23:39 - 2022-04-17 23:38 - 002366464 _____ (Farbar) C:\Users\gregory\Desktop\FRST64.exe
2022-04-17 23:20 - 2022-04-17 23:19 - 003482312 _____ (Nicolas Coolman) C:\Users\gregory\Desktop\ZHPSuite.exe
2017-11-13 22:21 - 2017-11-13 22:22 - 000468464 _____ () C:\Users\gregory\Downloads\Enigma Iptv Generator 1.0.0.2.exe
2022-04-17 23:36 - 2022-04-17 23:38 - 002366464 _____ (Farbar) C:\Users\gregory\Downloads\FRST64.exe
2021-02-14 23:46 - 2021-02-14 23:47 - 096771977 _____ C:\Users\gregory\Downloads\InstallQuickDesign-fr.exe
2017-04-28 22:10 - 2017-04-28 22:11 - 057892747 _____ (Hytto Ltd. ) C:\Users\gregory\Downloads\Lovense_Browser.exe
2020-05-08 19:37 - 2020-05-08 19:37 - 002469376 _____ C:\Users\gregory\Downloads\Pola3.0a.exe
2022-04-17 23:16 - 2022-04-17 23:19 - 003482312 _____ (Nicolas Coolman) C:\Users\gregory\Downloads\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{c83d0525-df42-11e5-9bcf-806e6f6e6963}
{5f675013-8834-11e5-9332-806e6f6e6963}
{5f675011-8834-11e5-9332-806e6f6e6963}
{5f675012-8834-11e5-9332-806e6f6e6963}
timeout 0
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {9849b1ed-1712-11eb-835d-90e9c0c1e135}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0
Application logicielle (101fffff)
--------------------------------
identificateur {5f675011-8834-11e5-9332-806e6f6e6963}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {5f675012-8834-11e5-9332-806e6f6e6963}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {5f675013-8834-11e5-9332-806e6f6e6963}
description EFI Network
Application logicielle (101fffff)
--------------------------------
identificateur {5f675014-8834-11e5-9332-806e6f6e6963}
description USB Entry for Windows To Go
Application logicielle (101fffff)
--------------------------------
identificateur {5f675015-8834-11e5-9332-806e6f6e6963}
description EFI Network 0 for IPv4 (1C-39-47-25-CC-02)
Application logicielle (101fffff)
--------------------------------
identificateur {5f675016-8834-11e5-9332-806e6f6e6963}
description EFI Network 0 for IPv6 (1C-39-47-25-CC-02)
Application logicielle (101fffff)
--------------------------------
identificateur {c83d0525-df42-11e5-9bcf-806e6f6e6963}
device partition=\Device\HarddiskVolume7
path \EFI\Microsoft\Boot\LrsBootMgr.efi
description Lenovo Recovery System
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {9849b1ef-1712-11eb-835d-90e9c0c1e135}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {9849b1ed-1712-11eb-835d-90e9c0c1e135}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {9849b1ef-1712-11eb-835d-90e9c0c1e135}
device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{9849b1f0-1712-11eb-835d-90e9c0c1e135}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{9849b1f0-1712-11eb-835d-90e9c0c1e135}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {9849b1ed-1712-11eb-835d-90e9c0c1e135}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {9849b1ef-1712-11eb-835d-90e9c0c1e135}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {9849b1f0-1712-11eb-835d-90e9c0c1e135}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume5
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par gregory (administrateur) sur LAPTOP-2AE64TP8 (LENOVO 80LM) (17-04-2022 23:59:55)
Exécuté depuis C:\Users\gregory\Desktop
Profils chargés: gregory
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1586 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AcroCEF\AcroCEF.exe
(AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files\Common Files\AVG\Icarus\avg-vpn\temp\asw-ba2afea2-f133-4042-b357-52624c335bdf\icarus.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Google LLC -> Google) C:\Users\gregory\AppData\Local\Google\Chrome\User Data\SwReporter\99.279.200\software_reporter_tool.exe <4>
(C:\Program Files (x86)\Google\Update\Install\{7A4FB698-6ADD-4B02-860D-FEB7A8C30589}\100.0.4896.88_99.0.4844.84_chrome_updater.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{7A4FB698-6ADD-4B02-860D-FEB7A8C30589}\CR_F7F7F.tmp\setup.exe <2>
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\100.0.1185.44\identity_helper.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCopyAccelerator.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <4>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-6bd33811.exe ->) (Accès refusé) [Fichier non signé] C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\72B8C77D-2776-4484-A3EA-49250DB4861E\MpSigStub.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <9>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{7A4FB698-6ADD-4B02-860D-FEB7A8C30589}\100.0.4896.88_99.0.4844.84_chrome_updater.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxEM.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Users\gregory\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-6bd33811.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Secure VPN\VpnSvc.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Hewlett-Packard Company) [Fichier non signé] C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(services.exe ->) (HP) [Fichier non signé] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxCUIService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Malwarebytes Corporation -> Malwarebytes) C:\ProgramData\MB3Install\MBAMIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe
(services.exe ->) (Nitro PDF Software -> ) C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
(services.exe ->) (Nitro PDF Software -> Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(services.exe ->) (Nitro PDF Software -> Nitro PDF Software) C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(svchost.exe ->) (AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files\Common Files\AVG\Icarus\avg-vpn\icarus.exe
(svchost.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Hewlett-Packard Company -> Hewlett Packard) C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WaaSMedicAgent.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe
(wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3743648 2015-08-03] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388928 2018-06-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2018-06-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2018-06-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942936 2018-11-02] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Fichier non signé]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2852684532-2492962048-194019044-1001\...\Run: [MicrosoftEdgeAutoLaunch_14EED633C98365CEDE9DE3B6CED09492] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3540408 2022-04-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2852684532-2492962048-194019044-1001\...\Run: [Discord] => C:\Users\gregory\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKLM\...\Windows x64\Print Processors\hpcpp108: C:\Windows\System32\spool\prtprocs\x64\hpcpp108.DLL [331776 2011-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Fichier non signé]
HKLM\...\Print\Monitors\Nitro PDF Port Monitor: C:\WINDOWS\system32\nitrolocalmon9.dll [29704 2014-08-01] (Nitro PDF Software -> Nitro PDF Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\99.0.4844.84\Installer\chrmstp.exe [2022-03-30] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{75A22DF0-B81D-46ed-B119-CD30507BD615}] -> C:\WINDOWS\system32\SampleHardwareEventCredentialProvider.dll [2015-08-25] (LENOVO -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVG Secure VPN.lnk [2022-03-11]
ShortcutTarget: AVG Secure VPN.lnk -> C:\Program Files\AVG\Secure VPN\Vpn.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {04772333-76BC-4DF9-8A1D-5E62811CFFFE} - System32\Tasks\AVG Secure VPN Update => C:\Program Files\AVG\Secure VPN\VpnUpdate.exe [1264752 2022-03-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {059C953E-2E16-4569-8F9B-5532C41F92F4} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe backgroundagent (Pas de fichier)
Task: {10E058E5-DFE5-41C2-B9DB-8D76209D27A1} - \Lenovo\ImController\Lenovo iM Controller Monitor -> Pas de fichier <==== ATTENTION
Task: {12927899-CE8B-4BFC-998D-7D302D035A51} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe /show (Pas de fichier)
Task: {12A25C86-7650-4FD5-BA4D-A4A871E7F485} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {1C03CD46-E0E2-419A-9BDE-E364E63E047C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\fb84ea0d-0b25-44fb-8eab-4f7704bc3b3f => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {1D5AF8DB-D4C5-4DF6-ADAC-87193AC8536E} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {2158E73D-7A73-434A-A60E-A7F8149072C9} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {26E2B4FD-B1A9-414F-88FA-382D85547009} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7f27515d-6685-4b50-bc65-ade7f2dd85e3 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {31DADE57-783F-40A3-9B68-FE2AC6A8CBDC} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe -update (Pas de fichier)
Task: {34983788-0B92-48F5-A43A-86700AC46301} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-12] (Google Inc -> Google Inc.)
Task: {3C932EFC-D2A9-48C0-94FB-FF8F01724458} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-08] (Adobe Inc. -> Adobe)
Task: {42814184-7972-4446-A02B-BB8B3E0EED80} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {44E39D5B-3499-44FE-936C-C70A22785E51} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111520 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {475774BE-C557-4C1B-BFFE-E42F6E7844AD} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Pas de fichier <==== ATTENTION
Task: {5432D807-0DB8-4B32-BB97-56A42AD5C316} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-12] (Google Inc -> Google Inc.)
Task: {57723785-6C59-4ABF-95F9-D782FAD44E5C} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe (Pas de fichier)
Task: {5E3D9405-A423-42DD-AE4A-2F838E3E79E0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {65501967-D1D0-4754-AB6D-2FADBEC68607} - System32\Tasks\R@1n-KMS\Windows100Core => wmic path SoftwareLicensingProduct where (ID="58e97c99-f377-4ef1-81d5-4ad5522b5fd8") call Activate
Task: {6ABE41F2-F054-4FBC-9706-DF616BA4E212} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {79B7EFA9-1A66-4747-8799-0BA76E6A0B49} - System32\Tasks\AVG\AVG Secure VPN Bug Report => C:\Program Files\AVG\Secure VPN\AvBugReport.exe [4690032 2022-03-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 12 --programpath "C:\Program Files\AVG\Secure VPN" --configpath "C:\ProgramData\AVG\Secure VPN" --path "C:\ProgramData\AVG\Secure VPN\log" --path "C:\ProgramData\AVG\Icarus\Logs" --logpath "C:\ProgramData\AVG\Secure VPN\log" --guid 95407e2e-2759-46bf-9872-71f0361c63aa
Task: {7CE5B92F-A36A-4C59-8A4E-AE5C2AA30F04} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6513608 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {8294DF1F-11DB-4C53-8187-9E3C3BABBC49} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22866856 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {8C214104-B165-4BFE-AA18-8C3515DF718C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22866856 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {93D66BF5-F80A-4014-86F3-E39F82E2C4F8} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe /nobrowser (Pas de fichier)
Task: {993171FD-2632-455D-9EE0-11E6291C2985} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111520 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD3749C1-FF5E-4A46-A712-4F98B3558CE7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7caf6bd1-391d-459e-992d-f30e52b13998 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {B4703D83-0104-4282-AE6B-F54BD7372C6C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BBDFB5E6-E08C-4C8F-9A83-BB06646621CB} - System32\Tasks\AVG\AVG Secure VPN Update => C:\Program Files\Common Files\AVG\Icarus\avg-vpn\icarus.exe [6617400 2022-03-01] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {BD284E3C-615F-4F05-99D8-E83049B1859C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C3F6A60F-E794-450F-832D-21B8C7BE8D1A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {C725E3DB-C69F-4468-93C2-E89A8ACAA976} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe -diag HWScan (Pas de fichier)
Task: {C930DE22-A286-4FA1-9897-EC0BA397C2FB} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe -autostart (Pas de fichier)
Task: {CFF658AF-7159-42D7-9AC6-A975E6B1D45E} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [42808 2010-09-22] (Hewlett-Packard Company -> Hewlett Packard)
Task: {D5F4DF19-FA27-4018-B154-1EEA7525674E} - System32\Tasks\R@1n-KMS\Office16ProPlus => wmic path SoftwareLicensingProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate
Task: {D99AAF0F-6F65-4623-A375-BA05CB6FC4B7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\3d410d8a-75d6-42d3-8fb2-f500611eba8b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {DEF3727F-343F-41BB-BF52-A51979E27C54} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {E314606E-2B24-4448-9317-FD419045C867} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe UpdateStatus (Pas de fichier)
Task: {E6D10079-BD31-43B7-B887-0338BBB37E77} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6513608 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F106B930-4738-49DD-944B-A906991B1EF5} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\aed9c3e5-4f57-4bcf-be02-c6c66906e2d7 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {F5E4379A-FD5B-4FBC-A731-569CBF8B48C7} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 109.88.203.3 62.197.111.140
Tcpip\..\Interfaces\{02d0092b-1386-4836-8112-50b6b46a4566}: [DhcpNameServer] 109.88.203.3 62.197.111.140
Tcpip\..\Interfaces\{0eceaa49-801c-4620-9781-ce7f11744213}: [DhcpNameServer] 109.88.203.3 62.197.111.140
Tcpip\..\Interfaces\{bd8a7640-eabb-4054-8053-95410ab387da}: [NameServer] 100.120.124.1
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\gregory\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-17]
Edge HomePage: Default -> hxxp://www.google.com
Edge StartupUrls: Default -> "hxxp://www.google.com/"
Edge Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\gregory\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-01-14]
Edge Extension: (Connective signing extension) - C:\Users\gregory\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kclpjmhngbacampgcdojmiedamjbgjjm [2021-12-01]
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-05-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-05-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-08-01] (Nitro PDF Software -> Nitro PDF)
FF Plugin HKU\S-1-5-21-2852684532-2492962048-194019044-1001: connective.be/BrowserPlugin -> C:\Users\gregory\AppData\Local\Connective\SigningFirefoxPlugin\npapi-plugin.dll [2021-07-05] (Connective n.v.) [Fichier non signé]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default [2022-04-18]
CHR Notifications: Default -> hxxps://be.easyflyer.eu; hxxps://best.aliexpress.com; hxxps://cryptoast.fr; hxxps://desidees.net; hxxps://fr.aliexpress.com; hxxps://fr.dreamstime.com; hxxps://fr.zaful.com; hxxps://satland.org; hxxps://scalaires-et-autres.forumactif.com; hxxps://www.alibaba.com; hxxps://www.architecture-art-deco.fr; hxxps://www.beaute-test.com; hxxps://www.bmw-serie3.com; hxxps://www.cnetfrance.fr; hxxps://www.conrad.fr; hxxps://www.depanntout.com; hxxps://www.facebook.com; hxxps://www.fnac.com; hxxps://www.lesnumeriques.com; hxxps://www.lightinthebox.com; hxxps://www.marmiton.org; hxxps://www.neozone.org; hxxps://www.pinterest.fr; hxxps://www.topsante.com; hxxps://www.tui.be; hxxps://www.tuifly.be; hxxps://www.voici.fr; hxxps://www.wish.com
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Google Drive) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-12]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-01-13]
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-03-23]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-03-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Profile: C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-04-17]
CHR Profile: C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-11-19]
CHR Extension: (Slides) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-24]
CHR Extension: (Docs) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-24]
CHR Extension: (Google Drive) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-24]
CHR Extension: (YouTube) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-24]
CHR Extension: (Adobe Acrobat) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-11-19]
CHR Extension: (Sheets) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-24]
CHR Extension: (Google Docs hors connexion) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-24]
CHR Extension: (Skype) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2021-10-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-24]
CHR Extension: (Gmail) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-24]
CHR Profile: C:\Users\gregory\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-17]
CHR HKLM\...\Chrome\Extension: [oahnbekpplfncpdnahmjddbnidmpdkcn]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11666384 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company) [Fichier non signé]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-27] (HP) [Fichier non signé]
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 MBAMIService; C:\ProgramData\MB3Install\MBAMIService.exe [230096 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 NitroDriverReadSpool9; C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [230920 2014-08-01] (Nitro PDF Software -> Nitro PDF Software)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe [418312 2014-08-01] (Nitro PDF Software -> )
R2 nlsX86cc; C:\Windows\SysWOW64\NLSSRV32.EXE [69640 2014-08-01] (Nitro PDF Software -> Nalpeiron Ltd.)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 SecureVPN; C:\Program Files\AVG\Secure VPN\VpnSvc.exe [9609840 2022-03-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 avgTap; C:\WINDOWS\System32\drivers\avgTap.sys [54888 2022-02-15] (AVG Technologies CZ, s.r.o. -> The OpenVPN Project)
S3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [53488 2018-06-10] (IVT CORPORATION -> IVT Corporation.)
S3 GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [130944 2014-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-02-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MpKslcb9a0a9c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B9AB00FF-34C7-4492-8E15-C4F3E652CB8A}\MpKslDrv.sys [137464 2022-03-29] (Microsoft Windows -> Microsoft Corporation)
R3 MpKslcca5b203; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5C4ED180-73C5-41A3-87B7-D8370A24F458}\MpKslDrv.sys [137464 2022-03-28] (Microsoft Windows -> Microsoft Corporation)
R3 RSP2STOR; C:\WINDOWS\System32\drivers\RtsP2Stor.sys [338368 2018-06-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [439544 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-04-17 23:59 - 2022-04-18 00:04 - 000034275 _____ C:\Users\gregory\Desktop\FRST.txt
2022-04-17 23:56 - 2022-04-18 00:02 - 000000000 ____D C:\FRST
2022-04-17 23:54 - 2022-04-17 23:54 - 000339871 _____ C:\Users\gregory\Desktop\ZHPDiag.txt
2022-04-17 23:39 - 2022-04-17 23:38 - 002366464 _____ (Farbar) C:\Users\gregory\Desktop\FRST64.exe
2022-04-17 23:36 - 2022-04-17 23:38 - 002366464 _____ (Farbar) C:\Users\gregory\Downloads\FRST64.exe
2022-04-17 23:23 - 2022-04-17 23:54 - 000000000 ____D C:\Users\gregory\AppData\Roaming\ZHP
2022-04-17 23:23 - 2022-04-17 23:23 - 000000874 _____ C:\Users\gregory\Desktop\ZHPSuite.lnk
2022-04-17 23:23 - 2022-04-17 23:23 - 000000000 ____D C:\Users\gregory\AppData\Local\ZHP
2022-04-17 23:20 - 2022-04-17 23:19 - 003482312 _____ (Nicolas Coolman) C:\Users\gregory\Desktop\ZHPSuite.exe
2022-04-17 23:16 - 2022-04-17 23:19 - 003482312 _____ (Nicolas Coolman) C:\Users\gregory\Downloads\ZHPSuite.exe
2022-04-17 20:49 - 2022-04-17 20:49 - 000000000 ___HD C:\$WinREAgent
2022-03-31 22:47 - 2022-03-31 22:47 - 004243999 _____ C:\Users\gregory\Downloads\mini excavator manual.pdf
2022-03-29 20:48 - 2022-03-29 20:48 - 001123061 _____ C:\Users\gregory\Downloads\FR_DX27Z_DX35Z_Preliminary_Brochure_D4601120_02-2022_LowRes (1).pdf
2022-03-28 20:44 - 2022-03-28 20:44 - 000016336 _____ C:\Users\gregory\Downloads\file (43).pdf
2022-03-28 19:17 - 2022-03-28 19:18 - 001123061 _____ C:\Users\gregory\Downloads\FR_DX27Z_DX35Z_Preliminary_Brochure_D4601120_02-2022_LowRes.pdf
2022-03-28 19:09 - 2022-03-28 22:49 - 000000648 _____ C:\Users\gregory\advanced_ip_scanner_MAC.bin
2022-03-28 19:09 - 2022-03-28 22:49 - 000000015 _____ C:\Users\gregory\advanced_ip_scanner_Comments.bin
2022-03-28 19:09 - 2022-03-28 22:49 - 000000015 _____ C:\Users\gregory\advanced_ip_scanner_Aliases.bin
2022-03-28 19:09 - 2022-03-28 19:09 - 000105516 _____ C:\Users\gregory\Downloads\bpost-label - 2022-03-28T170944590.pdf
2022-03-28 19:07 - 2022-03-28 19:07 - 000105516 _____ C:\Users\gregory\Downloads\bpost-label - 2022-03-28T170745138.pdf
2022-03-28 17:51 - 2022-03-28 17:51 - 000001057 _____ C:\Users\Public\Desktop\Advanced IP Scanner.lnk
2022-03-28 17:51 - 2022-03-28 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced IP Scanner v2
2022-03-28 17:51 - 2022-03-28 17:51 - 000000000 ____D C:\Program Files (x86)\Advanced IP Scanner
2022-03-28 17:50 - 2022-03-28 17:50 - 020385120 _____ (Famatech Corp. ) C:\Users\gregory\Downloads\Advanced_IP_Scanner_2.5.3850.exe
2022-03-28 17:37 - 2022-03-28 17:37 - 000000000 ____D C:\Users\gregory\AppData\Local\D3DSCache
2022-03-27 21:29 - 2022-03-27 21:29 - 000136317 _____ C:\Users\gregory\Downloads\GCF0C_FR_ComfyFlex_gas.pdf
2022-03-26 20:53 - 2022-03-26 20:53 - 000874172 _____ C:\Users\gregory\Downloads\Excavator_40178_Conditions-particulieres_FR.pdf
2022-03-25 21:54 - 2022-03-25 21:54 - 000252561 _____ C:\Users\gregory\Downloads\Topographie-de-la-douleur.pdf
2022-03-25 21:54 - 2022-03-25 21:54 - 000252561 _____ C:\Users\gregory\Desktop\Topographie-de-la-douleur.pdf
2022-03-18 20:44 - 2022-03-18 20:44 - 000050410 _____ C:\Users\gregory\Downloads\01125-642e1fdabd114655a1dfefa22df0ce53.pdf
2022-03-14 13:55 - 2022-03-14 13:55 - 000019274 _____ C:\Users\gregory\Downloads\Basket (19).pdf
2022-03-14 13:55 - 2022-03-14 13:55 - 000017780 _____ C:\Users\gregory\Downloads\Basket (18).pdf
2022-03-13 15:31 - 2022-03-13 15:31 - 000025505 _____ C:\Users\gregory\Downloads\cylindres-fr-organigramme-cyl14145-gregory-usai-09-01-2022-1.xlsx
2022-03-13 15:31 - 2022-03-13 15:31 - 000025505 _____ C:\Users\gregory\Desktop\cylindres-fr-organigramme-cyl14145-gregory-usai-09-01-2022-1.xlsx
2022-03-11 22:14 - 2022-03-11 22:14 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-11 22:12 - 2022-03-11 22:12 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-11 22:11 - 2022-03-11 22:11 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-11 22:09 - 2022-03-11 22:09 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-11 22:09 - 2022-03-11 22:09 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-02 00:21 - 2022-03-02 00:21 - 000218870 _____ C:\Users\gregory\Downloads\led-transfo-12v-1-70w-300-89-12-71-int.pdf
2022-03-01 20:46 - 2022-03-01 20:46 - 000235901 _____ C:\Users\gregory\Downloads\TicketOrder20220301-7825511.pdf
2022-02-28 20:10 - 2022-02-28 20:11 - 000106377 _____ C:\Users\gregory\Downloads\bpost-label - 2022-02-28T181058507.pdf
2022-02-27 23:22 - 2022-02-27 23:22 - 019791192 _____ C:\Users\gregory\Downloads\Gmail (16).zip
2022-02-27 22:05 - 2022-02-27 22:05 - 000104031 _____ C:\Users\gregory\Downloads\bpost-label - 2022-02-27T200529458.pdf
2022-02-24 21:17 - 2022-02-24 21:17 - 000103042 _____ C:\Users\gregory\Downloads\bpost-label - 2022-02-24T191744975.pdf
2022-02-19 20:47 - 2022-02-19 20:54 - 000000000 ____D C:\WINDOWS\TempInst
2022-02-15 21:41 - 2022-03-12 19:37 - 000003974 _____ C:\WINDOWS\system32\Tasks\AVG Secure VPN Update
2022-02-15 21:41 - 2022-03-12 19:37 - 000000000 ____D C:\ProgramData\AVG
2022-02-15 21:41 - 2022-03-10 21:41 - 000036120 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2022-02-15 21:41 - 2022-02-15 21:41 - 000054888 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\avgTap.sys
2022-02-15 21:41 - 2022-02-15 21:41 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure VPN.lnk
2022-02-15 21:41 - 2022-02-15 21:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2022-02-15 21:41 - 2022-02-15 21:41 - 000000000 ____D C:\Program Files\Common Files\AVG
2022-02-15 21:41 - 2022-02-15 21:41 - 000000000 ____D C:\Program Files\AVG
2022-02-15 21:40 - 2022-02-15 21:40 - 001180824 _____ (AVG Technologies) C:\Users\gregory\Downloads\avg_vpn_online_setup.exe
2022-02-11 22:07 - 2022-02-11 22:07 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-11 22:07 - 2022-02-11 22:07 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-02-10 21:13 - 2022-02-10 21:14 - 000061865 _____ C:\Users\gregory\Downloads\32200189791.pdf
2022-02-08 22:47 - 2022-02-08 22:47 - 013722894 _____ C:\Users\gregory\Downloads\Gmail (15).zip
2022-02-08 22:31 - 2022-03-29 21:55 - 000000000 ____D C:\Users\gregory\Desktop\ikea
2022-02-06 22:13 - 2022-03-28 22:49 - 000000026 _____ C:\Users\gregory\Desktop\ip chaudiere.txt
2022-02-05 22:25 - 2022-02-05 22:25 - 000060760 _____ C:\Users\gregory\Downloads\32104469828.pdf
2022-01-30 14:28 - 2022-01-30 13:57 - 002090752 _____ C:\Users\gregory\Desktop\enigma2-plugin-extensions-xstreamity_3.58_all.ipk
2022-01-30 14:05 - 2022-01-30 14:05 - 002090752 _____ C:\Users\gregory\Downloads\enigma2-plugin-extensions-xstreamity_3.58_all (1).ipk
2022-01-30 13:57 - 2022-01-30 13:57 - 002090752 _____ C:\Users\gregory\Downloads\enigma2-plugin-extensions-xstreamity_3.58_all.ipk
2022-01-29 21:00 - 2022-01-29 21:00 - 003919431 _____ C:\Users\gregory\Downloads\Insite Gold Complete User Guide v1.9 End User (1).pdf
2022-01-29 21:00 - 2022-01-29 21:00 - 003919431 _____ C:\Users\gregory\Desktop\Insite Gold Complete User Guide v1.9 End User (1).pdf
2022-01-25 20:39 - 2022-01-25 20:40 - 053024653 _____ C:\Users\gregory\Downloads\AirySat TV(1.6.9.1)_to_Publish.apk
2022-01-18 21:54 - 2022-01-18 21:54 - 024443914 _____ C:\Users\gregory\Downloads\Gmail (14).zip
2022-01-18 21:54 - 2022-01-18 21:54 - 000000000 ____D C:\Users\gregory\Desktop\Nouveau dossier (3)
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-04-18 00:12 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-17 23:41 - 2020-10-07 20:27 - 000000000 ____D C:\Users\gregory\Desktop\creche
2022-04-17 23:39 - 2020-11-23 21:37 - 000000000 ____D C:\Users\gregory\Desktop\aqua
2022-04-17 23:29 - 2016-03-12 13:14 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-17 23:17 - 2021-03-17 21:08 - 000000000 ____D C:\Users\gregory\Desktop\h2o
2022-04-17 23:14 - 2021-04-03 22:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-04-17 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-17 22:18 - 2020-10-26 01:14 - 000004180 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{73CC9617-0FDB-4378-87B1-87E74F36F536}
2022-04-17 22:05 - 2020-10-26 00:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-17 21:30 - 2020-06-11 20:18 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-17 20:52 - 2020-10-26 00:59 - 001772726 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-17 20:52 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2022-04-17 20:52 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2022-04-17 20:52 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-17 20:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-17 20:35 - 2021-11-30 20:25 - 000000000 ____D C:\Users\gregory\AppData\Roaming\discord
2022-04-17 20:35 - 2021-11-30 20:24 - 000000000 ____D C:\Users\gregory\AppData\Local\Discord
2022-04-17 20:24 - 2020-10-26 20:25 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6ab22389ed921
2022-04-17 20:24 - 2020-10-26 01:14 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-17 20:23 - 2016-03-11 04:10 - 000000000 __SHD C:\Users\gregory\IntelGraphicsProfiles
2022-03-28 19:09 - 2020-10-26 00:47 - 000000000 ____D C:\Users\gregory
2022-03-27 20:09 - 2016-03-18 20:24 - 000000000 ____D C:\Users\gregory\AppData\Roaming\Nitro PDF
2022-03-25 21:34 - 2021-12-12 21:18 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2852684532-2492962048-194019044-1001
2022-03-25 21:34 - 2020-10-26 01:14 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2852684532-2492962048-194019044-1001
2022-03-25 21:34 - 2020-10-26 00:47 - 000002430 _____ C:\Users\gregory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-24 21:00 - 2020-10-26 01:14 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-03-24 20:59 - 2021-12-13 20:47 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
==================== Fichiers à la racine de certains dossiers ========
2019-03-28 20:26 - 2019-03-28 20:26 - 007505920 _____ () C:\Program Files (x86)\GUTEADC.tmp
2018-09-14 22:33 - 2021-07-17 23:05 - 000000033 _____ () C:\Users\gregory\AppData\Roaming\AdobeWLCMCache.dat
2017-03-01 21:58 - 2018-11-20 20:35 - 000000600 _____ () C:\Users\gregory\AppData\Local\PUTTY.RND
==================== SigCheckExt =========================
2016-07-16 13:42 - 2016-07-16 13:42 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AllJoynDiscoveryPlugin.dll
2016-07-12 21:19 - 2016-07-01 05:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2016-07-16 13:41 - 2016-07-16 13:41 - 000032256 _____ (CANON INC.) C:\WINDOWS\system32\CNHI10A.DLL
2015-10-30 09:19 - 2015-10-30 09:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll
2017-04-14 21:38 - 2017-03-28 07:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2010-09-27 14:15 - 2010-09-27 14:15 - 000032768 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpbmiapi.dll
2010-09-27 14:15 - 2010-09-27 14:15 - 000033280 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpboid.dll
2010-09-27 14:15 - 2010-09-27 14:15 - 000009216 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpboidps.dll
2010-09-27 14:15 - 2010-09-27 14:15 - 000057344 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpbpro.dll
2010-09-27 14:15 - 2010-09-27 14:15 - 000009728 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpbprops.dll
2010-01-19 15:12 - 2010-01-19 15:12 - 000070144 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPBWSDR.DLL
2010-05-06 15:18 - 2010-05-06 15:18 - 000180736 _____ (hp) C:\WINDOWS\system32\hplbddrv.dll
2009-09-16 18:44 - 2009-09-16 18:44 - 000153088 _____ (Hewlett Packard) C:\WINDOWS\system32\HpTcpMib.dll
2009-09-16 18:45 - 2009-09-16 18:45 - 000331264 _____ (Hewlett Packard) C:\WINDOWS\system32\HPTcpMon.dll
2009-09-16 18:45 - 2009-09-16 18:45 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HPTcpMUI.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000079872 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZidr12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZipm12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000054784 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZipr12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000045056 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzipt12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000030208 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzisn12.dll
2009-09-16 11:44 - 2009-09-16 11:44 - 000596992 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzjcd01.dll
2009-09-16 11:44 - 2009-09-16 11:44 - 000028672 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzjfw64.dll
2009-09-16 11:44 - 2009-09-16 11:44 - 000132096 _____ (Hewlett Packard) C:\WINDOWS\system32\hpzjrd01.dll
2015-09-10 05:43 - 2015-09-04 15:26 - 000206848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4279.dll
2017-05-12 08:35 - 2017-03-04 08:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-07-16 13:43 - 2016-07-17 00:45 - 003584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll
2015-11-11 07:17 - 2015-08-25 16:02 - 002079232 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\system32\libeay32.dll
2016-03-11 04:13 - 2015-08-25 16:02 - 000273920 _____ C:\WINDOWS\system32\SDKClient.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDiscoveryPlugin.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiOnboardingPlugin.dll
2016-07-16 13:43 - 2016-07-16 13:43 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\configmanager2.dll
2016-07-16 13:43 - 2016-07-16 13:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coredpus.dll
2015-10-30 09:19 - 2015-10-30 09:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll
2010-08-06 11:13 - 2010-08-06 11:13 - 000050688 _____ (Hewlett-Packard) C:\WINDOWS\SysWOW64\HPZidr12.dll
2010-08-06 11:13 - 2010-08-06 11:13 - 000034816 _____ (Hewlett-Packard) C:\WINDOWS\SysWOW64\HPZipr12.dll
2017-03-16 22:43 - 2017-03-04 08:18 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-07-16 13:44 - 2016-07-17 00:45 - 002549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll
2015-10-30 09:19 - 2016-09-14 20:01 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-10-30 09:19 - 2016-09-14 20:01 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2012-03-12 21:56 - 2012-03-12 21:56 - 000947472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjava.dll
2020-03-28 17:35 - 2011-06-23 13:25 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2022-04-17 23:39 - 2022-04-17 23:38 - 002366464 _____ (Farbar) C:\Users\gregory\Desktop\FRST64.exe
2022-04-17 23:20 - 2022-04-17 23:19 - 003482312 _____ (Nicolas Coolman) C:\Users\gregory\Desktop\ZHPSuite.exe
2017-11-13 22:21 - 2017-11-13 22:22 - 000468464 _____ () C:\Users\gregory\Downloads\Enigma Iptv Generator 1.0.0.2.exe
2022-04-17 23:36 - 2022-04-17 23:38 - 002366464 _____ (Farbar) C:\Users\gregory\Downloads\FRST64.exe
2021-02-14 23:46 - 2021-02-14 23:47 - 096771977 _____ C:\Users\gregory\Downloads\InstallQuickDesign-fr.exe
2017-04-28 22:10 - 2017-04-28 22:11 - 057892747 _____ (Hytto Ltd. ) C:\Users\gregory\Downloads\Lovense_Browser.exe
2020-05-08 19:37 - 2020-05-08 19:37 - 002469376 _____ C:\Users\gregory\Downloads\Pola3.0a.exe
2022-04-17 23:16 - 2022-04-17 23:19 - 003482312 _____ (Nicolas Coolman) C:\Users\gregory\Downloads\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{c83d0525-df42-11e5-9bcf-806e6f6e6963}
{5f675013-8834-11e5-9332-806e6f6e6963}
{5f675011-8834-11e5-9332-806e6f6e6963}
{5f675012-8834-11e5-9332-806e6f6e6963}
timeout 0
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {9849b1ed-1712-11eb-835d-90e9c0c1e135}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0
Application logicielle (101fffff)
--------------------------------
identificateur {5f675011-8834-11e5-9332-806e6f6e6963}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {5f675012-8834-11e5-9332-806e6f6e6963}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {5f675013-8834-11e5-9332-806e6f6e6963}
description EFI Network
Application logicielle (101fffff)
--------------------------------
identificateur {5f675014-8834-11e5-9332-806e6f6e6963}
description USB Entry for Windows To Go
Application logicielle (101fffff)
--------------------------------
identificateur {5f675015-8834-11e5-9332-806e6f6e6963}
description EFI Network 0 for IPv4 (1C-39-47-25-CC-02)
Application logicielle (101fffff)
--------------------------------
identificateur {5f675016-8834-11e5-9332-806e6f6e6963}
description EFI Network 0 for IPv6 (1C-39-47-25-CC-02)
Application logicielle (101fffff)
--------------------------------
identificateur {c83d0525-df42-11e5-9bcf-806e6f6e6963}
device partition=\Device\HarddiskVolume7
path \EFI\Microsoft\Boot\LrsBootMgr.efi
description Lenovo Recovery System
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {9849b1ef-1712-11eb-835d-90e9c0c1e135}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {9849b1ed-1712-11eb-835d-90e9c0c1e135}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {9849b1ef-1712-11eb-835d-90e9c0c1e135}
device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{9849b1f0-1712-11eb-835d-90e9c0c1e135}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{9849b1f0-1712-11eb-835d-90e9c0c1e135}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {9849b1ed-1712-11eb-835d-90e9c0c1e135}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {9849b1ef-1712-11eb-835d-90e9c0c1e135}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {9849b1f0-1712-11eb-835d-90e9c0c1e135}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume5
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================