Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 28-08-2023
Exécuté par yanni (administrateur) sur ORDIPHOTOS (28-08-2023 18:06:41)
Exécuté depuis C:\Users\yanni\Desktop\FRST64.exe
Profils chargés: yanni
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3324 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
(Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(C:\Users\yanni\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\yanni\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Seiko Epson Corporation) [Fichier non signé] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(services.exe ->) () [Fichier non signé] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(services.exe ->) () [Fichier non signé] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AOMEI International Network Limited -> AOMEI International Network Limited) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.0\ABService.exe
(services.exe ->) (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy) C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\yanni\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2333.8.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21538.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21538.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.7272.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.7272.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2305.4.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3266_none_7e25389a7c7bcadb\TiWorker.exe
(svchost.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe <4>
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3941528 2023-03-29] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [217152 2023-01-03] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [126403424 2022-03-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2893312 2017-12-05] (Brother Industries, Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1310720 2020-02-10] (Seiko Epson Corporation) [Fichier non signé]
HKU\S-1-5-21-391627760-3568676956-2494176701-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2609016 2023-08-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-391627760-3568676956-2494176701-1001\...\Run: [MicrosoftEdgeAutoLaunch_6878C3B228176445361A9C3D108CD53B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4107728 2023-08-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-391627760-3568676956-2494176701-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2609016 2023-08-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-391627760-3568676956-2494176701-1002\...\Run: [MicrosoftEdgeAutoLaunch_1FAE7C5A1330509A6D5D4BD8C442B8CE] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4107728 2023-08-25] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon iP7200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBA.DLL [30208 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP7200 series: C:\WINDOWS\system32\CNMLMBA.DLL [389120 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {3D3A21E2-2712-4159-B3A7-745FE6D1D7F1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {DD0ECA3D-5615-4457-89FD-9D2DE8DD57D9} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-yannickcouffin@outlook.fr => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {BDBECC14-A2BB-401F-9777-6C858C66C74B} - System32\Tasks\GoogleUpdateTaskMachineCore{8DAEC772-C752-47A5-BE5E-9C114929A206} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-03-31] (Google LLC -> Google LLC)
Task: {7F551C1B-7FBF-43A6-83F7-DFEADCC69BA3} - System32\Tasks\GoogleUpdateTaskMachineUA{E40E8E4D-1887-41EC-919B-D97AC7FAA5FB} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-03-31] (Google LLC -> Google LLC)
Task: {6273F447-2651-40AA-83F0-B5E35D995D1B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656848 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {1D77C74E-B00E-4CF3-8548-4DA0225937A7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656848 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {20786FF9-ADCF-411E-B751-618FA8E92F99} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158872 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7807A5B5-D55C-49F4-9A03-1EA44376A08C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158872 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {5F67F5EF-271E-494F-B228-385AD05D1A86} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [167864 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {0B3258BE-93B1-49A1-8B9B-54E7A55BEAC1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C26B9531-E4B4-4DDC-938F-ED7FC974EE90} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E37BD265-6756-40E3-B2C0-AC5DFF2037BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {91E73C85-084F-4BEC-BEE5-422AF614AD56} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E9418453-7715-41C3-ABC0-08AD29D0F604} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125600 2023-08-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {34B79D8D-12A8-495B-BF0D-2A7FE671E201} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-391627760-3568676956-2494176701-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125600 2023-08-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B06F03D-145B-46DE-B2BE-C0F18AC1E1D3} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-391627760-3568676956-2494176701-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125600 2023-08-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {E4EA434F-60CC-48A4-95C0-CD12E6CEBE96} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [133905984 2023-03-10] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{618e7c17-5fed-45a1-b2ce-2cd3e736dc80}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\yanni\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-28]
Edge Notifications: Default -> hxxps://bdhze4.mictiotom.com; hxxps://izjec2.mictiotom.com; hxxps://mictiotom.com
Edge HomePage: Default -> hxxp://www.google.fr/
Edge StartupUrls: Default -> "hxxps://orange.fr/","hxxps://www.google.fr/"
Edge Extension: (Google Docs Quick Create) - C:\Users\yanni\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bldgenmjegcnjebiongilahhcjldgmlm [2023-03-28]
Edge Extension: (Alerte Bons Plans eBuyClub) - C:\Users\yanni\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fjjddemkcndmbbeeibicagaobbijjgmm [2023-08-11]
Edge Extension: (Google Docs hors connexion) - C:\Users\yanni\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-28]
Edge Extension: (IGRAAL : Cashback & codes promo) - C:\Users\yanni\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hgfjoaookbahbhinopgfoiajfijfcdhm [2023-08-11]
Edge Extension: (Edge relevant text changes) - C:\Users\yanni\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-11]
Edge Extension: (Signal Spam) - C:\Users\yanni\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\npkncdihipibabapnailakhpajlglbfk [2023-03-28]
Edge Extension: (Speedtest by Ookla) - C:\Users\yanni\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pgjjikdiikihdfpoppgaidccahalehjh [2023-06-15]
Edge Profile: C:\Users\yanni\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2023-04-28]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> K:\PHOTOGRAPHIE-DESSIN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-08-19] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems Incorporated -> Adobe Systems)
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.0\ABService.exe [1102328 2023-02-24] (AOMEI International Network Limited -> AOMEI International Network Limited)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [298496 2017-12-05] (Brother Industries, Ltd.) [Fichier non signé]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11878368 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
R2 CMigrationService; C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe [761408 2023-03-10] (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.158.0730.0001\FileSyncHelper.exe [3448224 2023-08-24] (Microsoft Corporation -> Microsoft Corporation)
R2 NativePushService; C:\Users\yanni\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [594320 2023-02-22] (Wondershare Technology Group Co.,Ltd -> Wondershare)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.158.0730.0001\OneDriveUpdaterService.exe [3785656 2023-08-24] (Microsoft Corporation -> Microsoft Corporation)
R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [381504 2023-03-10] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 SamsungRapidSvc; C:\WINDOWS\System32\RAPID\SamsungRapidSvc.exe [187968 2023-01-03] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2022-10-04] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2022-10-04] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16971576 2023-03-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2022-11-10] () [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe [3104488 2023-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe [133576 2023-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [19456 2022-11-10] () [Fichier non signé]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [172928 2023-04-02] (AOMEI International Network Limited -> )
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [32176 2023-04-02] (AOMEI International Network Limited -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [280064 2023-03-28] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 DPIDEFil; C:\WINDOWS\System32\drivers\DPIDEFil.sys [53608 2023-03-29] (NEC Personal Computers, Ltd. -> NEC Personal Computers, Ltd.)
R3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [181824 2023-03-29] (GENESYS LOGIC, INC. -> Genesys Logic)
S3 JabraDFU; C:\WINDOWS\System32\Drivers\JabraBcDfuX64.sys [39288 2023-05-27] (GN Netcom A/S -> GN Netcom A/S)
R3 MpKsl9bd09268; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C8239250-180A-49BA-865B-620DB7F3EAD9}\MpKslDrv.sys [222464 2023-08-28] (Microsoft Windows -> Microsoft Corporation)
R0 SamsungRapidDiskFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidDiskFltr.sys [264168 2023-01-03] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidFSFltr.sys [119272 2023-01-03] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55704 2023-08-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572656 2023-08-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [104688 2023-08-11] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-08-28 18:06 - 2023-08-28 18:07 - 000022925 _____ C:\Users\yanni\Desktop\FRST.txt
2023-08-28 18:06 - 2023-08-28 18:07 - 000000000 ____D C:\FRST
2023-08-28 18:04 - 2023-08-28 18:04 - 002382336 _____ (Farbar) C:\Users\yanni\Desktop\FRST64.exe
2023-08-28 15:22 - 2023-08-28 15:49 - 000000000 ____D C:\Users\yanni\Desktop\alpes 2024
2023-08-28 13:06 - 2023-08-28 13:06 - 000000000 ___HD C:\$SysReset
2023-08-28 12:38 - 2023-08-28 12:38 - 003144872 _____ (OneLaunch ) C:\Users\isabe\Downloads\OneLaunch - PDF_85v0u.exe
2023-08-21 20:49 - 2023-08-21 20:49 - 000001057 _____ C:\Users\Public\Desktop\Wondershare Recoverit.lnk
2023-08-21 19:59 - 2023-08-21 19:59 - 001264416 _____ C:\Users\isabe\Downloads\recoverit_setup_full4198 (1).exe
2023-08-21 19:14 - 2023-08-22 14:34 - 000000000 ____D C:\Program Files\Recuva
2023-08-21 19:14 - 2023-08-21 19:14 - 012997472 _____ (Piriform Software Ltd) C:\Users\isabe\Downloads\rcsetup153.exe
2023-08-21 19:14 - 2023-08-21 19:14 - 000001699 _____ C:\Users\Public\Desktop\Recuva.lnk
2023-08-21 19:14 - 2023-08-21 19:14 - 000000000 ____D C:\ProgramData\Piriform
2023-08-21 19:14 - 2023-08-21 19:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2023-08-21 19:05 - 2023-08-21 19:05 - 002382088 _____ (Tenorshare Co., Ltd.) C:\Users\isabe\Downloads\tenorshare-4ddig-for-windows.exe
2023-08-21 18:51 - 2023-08-21 18:51 - 000000000 ____D C:\Users\yanni\AppData\Roaming\TSMonitor
2023-08-21 18:49 - 2023-08-21 18:49 - 002382096 _____ (Tenorshare Co., Ltd.) C:\Users\isabe\Downloads\4ddig-for-windows-bing (1).exe
2023-08-21 18:49 - 2023-08-21 18:49 - 000000000 ____D C:\Program Files (x86)\Tenorshare
2023-08-21 18:48 - 2023-08-21 18:48 - 002382096 _____ (Tenorshare Co., Ltd.) C:\Users\isabe\Downloads\4ddig-for-windows-bing.exe
2023-08-21 18:44 - 2023-08-21 18:44 - 000000016 _____ C:\ProgramData\mntemp
2023-08-21 18:44 - 2023-08-21 18:44 - 000000000 ____D C:\Users\yanni\AppData\Roaming\Wondershare
2023-08-21 18:44 - 2023-08-21 18:44 - 000000000 ____D C:\Users\yanni\AppData\Local\Wondershare
2023-08-21 18:44 - 2023-08-21 18:44 - 000000000 ____D C:\Users\isabe\AppData\Roaming\Wondershare
2023-08-21 18:44 - 2023-08-21 18:44 - 000000000 ____D C:\ProgramData\Wondershare
2023-08-21 18:44 - 2023-08-21 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2023-08-21 18:44 - 2023-08-21 18:44 - 000000000 ____D C:\Program Files (x86)\Wondershare
2023-08-21 18:42 - 2023-08-23 12:06 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2023-08-21 18:42 - 2023-08-21 18:42 - 001264416 _____ C:\Users\isabe\Downloads\recoverit_setup_full4198.exe
2023-08-17 15:58 - 2023-08-17 15:58 - 000157843 _____ C:\Users\isabe\Downloads\Aquabrome-Productsheet-FRANCE_bd.pdf
2023-08-15 19:14 - 2023-08-15 19:15 - 260220534 _____ C:\Users\isabe\Downloads\P1180094 (online-video-cutter.com).mp4
2023-08-13 12:10 - 2023-08-27 17:37 - 000000000 ____D C:\Users\isabe\AppData\Roaming\vlc
2023-08-11 14:46 - 2023-08-11 14:46 - 000000000 ___HD C:\$WinREAgent
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-08-28 18:05 - 2023-04-02 09:53 - 000000000 ____D C:\ProgramData\NVIDIA
2023-08-28 18:05 - 2023-03-28 20:32 - 000000000 ____D C:\Users\isabe
2023-08-28 17:56 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-28 17:38 - 2023-04-09 19:17 - 000000000 ____D C:\Users\yanni\AppData\Roaming\Microsoft\Excel
2023-08-28 17:26 - 2023-03-31 10:44 - 000000000 ____D C:\Program Files (x86)\Google
2023-08-28 17:26 - 2022-09-08 05:11 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-08-28 17:10 - 2023-03-28 20:34 - 000000000 ___RD C:\Users\isabe\OneDrive
2023-08-28 17:10 - 2023-03-28 19:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-28 13:44 - 2023-03-29 19:09 - 000000000 ____D C:\Users\yanni\AppData\Roaming\Microsoft\MMC
2023-08-28 13:10 - 2023-03-28 20:00 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-28 13:10 - 2019-12-07 16:49 - 000791594 _____ C:\WINDOWS\system32\perfh00C.dat
2023-08-28 13:10 - 2019-12-07 16:49 - 000149760 _____ C:\WINDOWS\system32\perfc00C.dat
2023-08-28 13:10 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-08-28 13:06 - 2023-04-01 14:07 - 000000000 ____D C:\Users\yanni\AppData\Roaming\Samsung Magician
2023-08-28 13:06 - 2023-03-28 20:22 - 000000000 ___RD C:\Users\yanni\OneDrive
2023-08-28 13:06 - 2023-03-28 20:18 - 000000000 ____D C:\Users\yanni
2023-08-28 13:05 - 2023-04-02 12:34 - 000000208 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat
2023-08-28 13:05 - 2023-04-02 12:04 - 000000432 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2023-08-28 13:05 - 2023-04-01 14:06 - 000000000 ____D C:\Program Files\TeamViewer
2023-08-28 13:05 - 2023-03-28 19:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-08-28 12:51 - 2023-03-28 20:33 - 000000000 ____D C:\Users\isabe\AppData\Local\D3DSCache
2023-08-28 08:50 - 2023-03-29 17:31 - 000000000 ____D C:\Users\yanni\AppData\Local\Adobe
2023-08-27 15:48 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-27 15:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-08-27 10:59 - 2023-03-28 19:51 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-08-26 08:53 - 2023-03-28 19:50 - 000499960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-26 08:52 - 2023-04-23 16:01 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-08-26 08:52 - 2020-11-18 10:20 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-25 18:56 - 2023-04-03 13:08 - 000000000 ____D C:\Users\yanni\AppData\Roaming\Microsoft\Word
2023-08-24 13:51 - 2023-04-23 15:35 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-391627760-3568676956-2494176701-1002
2023-08-24 13:51 - 2023-04-23 15:35 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-08-24 13:51 - 2023-04-23 15:35 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-08-24 13:51 - 2023-03-28 20:22 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-391627760-3568676956-2494176701-1001
2023-08-24 10:29 - 2023-04-02 11:17 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-08-24 10:29 - 2023-04-02 11:17 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-08-23 20:08 - 2023-04-02 12:05 - 000001024 ____H C:\SYSTAG.BIN
2023-08-23 09:41 - 2023-06-21 09:56 - 000000000 ____D C:\Users\isabe\AppData\Local\CrashDumps
2023-08-20 17:46 - 2023-06-01 18:55 - 000000000 ____D C:\Users\yanni\AppData\Roaming\vlc
2023-08-16 09:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-08-14 11:35 - 2023-03-28 20:20 - 000000000 ____D C:\Users\yanni\AppData\Local\D3DSCache
2023-08-12 22:22 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2023-08-12 19:27 - 2023-05-31 17:26 - 000000885 _____ C:\Users\Public\Desktop\paint.net.lnk
2023-08-12 19:27 - 2023-03-31 10:43 - 000000885 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2023-08-12 15:50 - 2023-03-28 20:32 - 000000000 ___SD C:\Users\isabe\AppData\Roaming\Microsoft\Protect
2023-08-11 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-11 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-11 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-11 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-11 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-11 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-11 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-11 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-11 18:07 - 2023-04-03 12:34 - 000000000 ____D C:\Program Files\Microsoft Office
2023-08-11 14:54 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-11 14:51 - 2023-03-28 19:58 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-08-11 14:34 - 2023-03-30 15:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-11 14:31 - 2023-03-30 15:46 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-08-11 14:29 - 2023-03-28 19:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-08-11 12:26 - 2023-03-29 08:54 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-08-11 12:21 - 2023-03-31 10:44 - 000003960 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{E40E8E4D-1887-41EC-919B-D97AC7FAA5FB}
2023-08-11 12:21 - 2023-03-31 10:44 - 000003836 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{8DAEC772-C752-47A5-BE5E-9C114929A206}
2023-08-11 12:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
==================== Fichiers à la racine de certains dossiers ========
2023-05-16 17:45 - 2023-05-16 17:45 - 000000856 _____ () C:\Users\yanni\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par yanni (administrateur) sur ORDIPHOTOS (28-08-2023 18:06:41)
Exécuté depuis C:\Users\yanni\Desktop\FRST64.exe
Profils chargés: yanni
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3324 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
(Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(C:\Users\yanni\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\yanni\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Seiko Epson Corporation) [Fichier non signé] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(services.exe ->) () [Fichier non signé] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(services.exe ->) () [Fichier non signé] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AOMEI International Network Limited -> AOMEI International Network Limited) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.0\ABService.exe
(services.exe ->) (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy) C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\yanni\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2333.8.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21538.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21538.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.7272.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.7272.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2305.4.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3266_none_7e25389a7c7bcadb\TiWorker.exe
(svchost.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe <4>
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3941528 2023-03-29] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [217152 2023-01-03] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [126403424 2022-03-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2893312 2017-12-05] (Brother Industries, Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1310720 2020-02-10] (Seiko Epson Corporation) [Fichier non signé]
HKU\S-1-5-21-391627760-3568676956-2494176701-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2609016 2023-08-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-391627760-3568676956-2494176701-1001\...\Run: [MicrosoftEdgeAutoLaunch_6878C3B228176445361A9C3D108CD53B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4107728 2023-08-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-391627760-3568676956-2494176701-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2609016 2023-08-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-391627760-3568676956-2494176701-1002\...\Run: [MicrosoftEdgeAutoLaunch_1FAE7C5A1330509A6D5D4BD8C442B8CE] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4107728 2023-08-25] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon iP7200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBA.DLL [30208 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP7200 series: C:\WINDOWS\system32\CNMLMBA.DLL [389120 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {3D3A21E2-2712-4159-B3A7-745FE6D1D7F1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {DD0ECA3D-5615-4457-89FD-9D2DE8DD57D9} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-yannickcouffin@outlook.fr => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {BDBECC14-A2BB-401F-9777-6C858C66C74B} - System32\Tasks\GoogleUpdateTaskMachineCore{8DAEC772-C752-47A5-BE5E-9C114929A206} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-03-31] (Google LLC -> Google LLC)
Task: {7F551C1B-7FBF-43A6-83F7-DFEADCC69BA3} - System32\Tasks\GoogleUpdateTaskMachineUA{E40E8E4D-1887-41EC-919B-D97AC7FAA5FB} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-03-31] (Google LLC -> Google LLC)
Task: {6273F447-2651-40AA-83F0-B5E35D995D1B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656848 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {1D77C74E-B00E-4CF3-8548-4DA0225937A7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656848 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {20786FF9-ADCF-411E-B751-618FA8E92F99} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158872 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7807A5B5-D55C-49F4-9A03-1EA44376A08C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158872 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {5F67F5EF-271E-494F-B228-385AD05D1A86} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [167864 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {0B3258BE-93B1-49A1-8B9B-54E7A55BEAC1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C26B9531-E4B4-4DDC-938F-ED7FC974EE90} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E37BD265-6756-40E3-B2C0-AC5DFF2037BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {91E73C85-084F-4BEC-BEE5-422AF614AD56} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E9418453-7715-41C3-ABC0-08AD29D0F604} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125600 2023-08-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {34B79D8D-12A8-495B-BF0D-2A7FE671E201} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-391627760-3568676956-2494176701-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125600 2023-08-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B06F03D-145B-46DE-B2BE-C0F18AC1E1D3} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-391627760-3568676956-2494176701-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125600 2023-08-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {E4EA434F-60CC-48A4-95C0-CD12E6CEBE96} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [133905984 2023-03-10] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{618e7c17-5fed-45a1-b2ce-2cd3e736dc80}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\yanni\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-28]
Edge Notifications: Default -> hxxps://bdhze4.mictiotom.com; hxxps://izjec2.mictiotom.com; hxxps://mictiotom.com
Edge HomePage: Default -> hxxp://www.google.fr/
Edge StartupUrls: Default -> "hxxps://orange.fr/","hxxps://www.google.fr/"
Edge Extension: (Google Docs Quick Create) - C:\Users\yanni\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bldgenmjegcnjebiongilahhcjldgmlm [2023-03-28]
Edge Extension: (Alerte Bons Plans eBuyClub) - C:\Users\yanni\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fjjddemkcndmbbeeibicagaobbijjgmm [2023-08-11]
Edge Extension: (Google Docs hors connexion) - C:\Users\yanni\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-28]
Edge Extension: (IGRAAL : Cashback & codes promo) - C:\Users\yanni\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hgfjoaookbahbhinopgfoiajfijfcdhm [2023-08-11]
Edge Extension: (Edge relevant text changes) - C:\Users\yanni\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-11]
Edge Extension: (Signal Spam) - C:\Users\yanni\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\npkncdihipibabapnailakhpajlglbfk [2023-03-28]
Edge Extension: (Speedtest by Ookla) - C:\Users\yanni\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pgjjikdiikihdfpoppgaidccahalehjh [2023-06-15]
Edge Profile: C:\Users\yanni\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2023-04-28]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> K:\PHOTOGRAPHIE-DESSIN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-08-19] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems Incorporated -> Adobe Systems)
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.0\ABService.exe [1102328 2023-02-24] (AOMEI International Network Limited -> AOMEI International Network Limited)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [298496 2017-12-05] (Brother Industries, Ltd.) [Fichier non signé]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11878368 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
R2 CMigrationService; C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe [761408 2023-03-10] (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.158.0730.0001\FileSyncHelper.exe [3448224 2023-08-24] (Microsoft Corporation -> Microsoft Corporation)
R2 NativePushService; C:\Users\yanni\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [594320 2023-02-22] (Wondershare Technology Group Co.,Ltd -> Wondershare)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.158.0730.0001\OneDriveUpdaterService.exe [3785656 2023-08-24] (Microsoft Corporation -> Microsoft Corporation)
R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [381504 2023-03-10] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 SamsungRapidSvc; C:\WINDOWS\System32\RAPID\SamsungRapidSvc.exe [187968 2023-01-03] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2022-10-04] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2022-10-04] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16971576 2023-03-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2022-11-10] () [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe [3104488 2023-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe [133576 2023-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [19456 2022-11-10] () [Fichier non signé]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [172928 2023-04-02] (AOMEI International Network Limited -> )
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [32176 2023-04-02] (AOMEI International Network Limited -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [280064 2023-03-28] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 DPIDEFil; C:\WINDOWS\System32\drivers\DPIDEFil.sys [53608 2023-03-29] (NEC Personal Computers, Ltd. -> NEC Personal Computers, Ltd.)
R3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [181824 2023-03-29] (GENESYS LOGIC, INC. -> Genesys Logic)
S3 JabraDFU; C:\WINDOWS\System32\Drivers\JabraBcDfuX64.sys [39288 2023-05-27] (GN Netcom A/S -> GN Netcom A/S)
R3 MpKsl9bd09268; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C8239250-180A-49BA-865B-620DB7F3EAD9}\MpKslDrv.sys [222464 2023-08-28] (Microsoft Windows -> Microsoft Corporation)
R0 SamsungRapidDiskFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidDiskFltr.sys [264168 2023-01-03] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidFSFltr.sys [119272 2023-01-03] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55704 2023-08-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572656 2023-08-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [104688 2023-08-11] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-08-28 18:06 - 2023-08-28 18:07 - 000022925 _____ C:\Users\yanni\Desktop\FRST.txt
2023-08-28 18:06 - 2023-08-28 18:07 - 000000000 ____D C:\FRST
2023-08-28 18:04 - 2023-08-28 18:04 - 002382336 _____ (Farbar) C:\Users\yanni\Desktop\FRST64.exe
2023-08-28 15:22 - 2023-08-28 15:49 - 000000000 ____D C:\Users\yanni\Desktop\alpes 2024
2023-08-28 13:06 - 2023-08-28 13:06 - 000000000 ___HD C:\$SysReset
2023-08-28 12:38 - 2023-08-28 12:38 - 003144872 _____ (OneLaunch ) C:\Users\isabe\Downloads\OneLaunch - PDF_85v0u.exe
2023-08-21 20:49 - 2023-08-21 20:49 - 000001057 _____ C:\Users\Public\Desktop\Wondershare Recoverit.lnk
2023-08-21 19:59 - 2023-08-21 19:59 - 001264416 _____ C:\Users\isabe\Downloads\recoverit_setup_full4198 (1).exe
2023-08-21 19:14 - 2023-08-22 14:34 - 000000000 ____D C:\Program Files\Recuva
2023-08-21 19:14 - 2023-08-21 19:14 - 012997472 _____ (Piriform Software Ltd) C:\Users\isabe\Downloads\rcsetup153.exe
2023-08-21 19:14 - 2023-08-21 19:14 - 000001699 _____ C:\Users\Public\Desktop\Recuva.lnk
2023-08-21 19:14 - 2023-08-21 19:14 - 000000000 ____D C:\ProgramData\Piriform
2023-08-21 19:14 - 2023-08-21 19:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2023-08-21 19:05 - 2023-08-21 19:05 - 002382088 _____ (Tenorshare Co., Ltd.) C:\Users\isabe\Downloads\tenorshare-4ddig-for-windows.exe
2023-08-21 18:51 - 2023-08-21 18:51 - 000000000 ____D C:\Users\yanni\AppData\Roaming\TSMonitor
2023-08-21 18:49 - 2023-08-21 18:49 - 002382096 _____ (Tenorshare Co., Ltd.) C:\Users\isabe\Downloads\4ddig-for-windows-bing (1).exe
2023-08-21 18:49 - 2023-08-21 18:49 - 000000000 ____D C:\Program Files (x86)\Tenorshare
2023-08-21 18:48 - 2023-08-21 18:48 - 002382096 _____ (Tenorshare Co., Ltd.) C:\Users\isabe\Downloads\4ddig-for-windows-bing.exe
2023-08-21 18:44 - 2023-08-21 18:44 - 000000016 _____ C:\ProgramData\mntemp
2023-08-21 18:44 - 2023-08-21 18:44 - 000000000 ____D C:\Users\yanni\AppData\Roaming\Wondershare
2023-08-21 18:44 - 2023-08-21 18:44 - 000000000 ____D C:\Users\yanni\AppData\Local\Wondershare
2023-08-21 18:44 - 2023-08-21 18:44 - 000000000 ____D C:\Users\isabe\AppData\Roaming\Wondershare
2023-08-21 18:44 - 2023-08-21 18:44 - 000000000 ____D C:\ProgramData\Wondershare
2023-08-21 18:44 - 2023-08-21 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2023-08-21 18:44 - 2023-08-21 18:44 - 000000000 ____D C:\Program Files (x86)\Wondershare
2023-08-21 18:42 - 2023-08-23 12:06 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2023-08-21 18:42 - 2023-08-21 18:42 - 001264416 _____ C:\Users\isabe\Downloads\recoverit_setup_full4198.exe
2023-08-17 15:58 - 2023-08-17 15:58 - 000157843 _____ C:\Users\isabe\Downloads\Aquabrome-Productsheet-FRANCE_bd.pdf
2023-08-15 19:14 - 2023-08-15 19:15 - 260220534 _____ C:\Users\isabe\Downloads\P1180094 (online-video-cutter.com).mp4
2023-08-13 12:10 - 2023-08-27 17:37 - 000000000 ____D C:\Users\isabe\AppData\Roaming\vlc
2023-08-11 14:46 - 2023-08-11 14:46 - 000000000 ___HD C:\$WinREAgent
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-08-28 18:05 - 2023-04-02 09:53 - 000000000 ____D C:\ProgramData\NVIDIA
2023-08-28 18:05 - 2023-03-28 20:32 - 000000000 ____D C:\Users\isabe
2023-08-28 17:56 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-28 17:38 - 2023-04-09 19:17 - 000000000 ____D C:\Users\yanni\AppData\Roaming\Microsoft\Excel
2023-08-28 17:26 - 2023-03-31 10:44 - 000000000 ____D C:\Program Files (x86)\Google
2023-08-28 17:26 - 2022-09-08 05:11 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-08-28 17:10 - 2023-03-28 20:34 - 000000000 ___RD C:\Users\isabe\OneDrive
2023-08-28 17:10 - 2023-03-28 19:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-28 13:44 - 2023-03-29 19:09 - 000000000 ____D C:\Users\yanni\AppData\Roaming\Microsoft\MMC
2023-08-28 13:10 - 2023-03-28 20:00 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-28 13:10 - 2019-12-07 16:49 - 000791594 _____ C:\WINDOWS\system32\perfh00C.dat
2023-08-28 13:10 - 2019-12-07 16:49 - 000149760 _____ C:\WINDOWS\system32\perfc00C.dat
2023-08-28 13:10 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-08-28 13:06 - 2023-04-01 14:07 - 000000000 ____D C:\Users\yanni\AppData\Roaming\Samsung Magician
2023-08-28 13:06 - 2023-03-28 20:22 - 000000000 ___RD C:\Users\yanni\OneDrive
2023-08-28 13:06 - 2023-03-28 20:18 - 000000000 ____D C:\Users\yanni
2023-08-28 13:05 - 2023-04-02 12:34 - 000000208 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat
2023-08-28 13:05 - 2023-04-02 12:04 - 000000432 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2023-08-28 13:05 - 2023-04-01 14:06 - 000000000 ____D C:\Program Files\TeamViewer
2023-08-28 13:05 - 2023-03-28 19:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-08-28 12:51 - 2023-03-28 20:33 - 000000000 ____D C:\Users\isabe\AppData\Local\D3DSCache
2023-08-28 08:50 - 2023-03-29 17:31 - 000000000 ____D C:\Users\yanni\AppData\Local\Adobe
2023-08-27 15:48 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-27 15:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-08-27 10:59 - 2023-03-28 19:51 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-08-26 08:53 - 2023-03-28 19:50 - 000499960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-26 08:52 - 2023-04-23 16:01 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-08-26 08:52 - 2020-11-18 10:20 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-25 18:56 - 2023-04-03 13:08 - 000000000 ____D C:\Users\yanni\AppData\Roaming\Microsoft\Word
2023-08-24 13:51 - 2023-04-23 15:35 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-391627760-3568676956-2494176701-1002
2023-08-24 13:51 - 2023-04-23 15:35 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-08-24 13:51 - 2023-04-23 15:35 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-08-24 13:51 - 2023-03-28 20:22 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-391627760-3568676956-2494176701-1001
2023-08-24 10:29 - 2023-04-02 11:17 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-08-24 10:29 - 2023-04-02 11:17 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-08-23 20:08 - 2023-04-02 12:05 - 000001024 ____H C:\SYSTAG.BIN
2023-08-23 09:41 - 2023-06-21 09:56 - 000000000 ____D C:\Users\isabe\AppData\Local\CrashDumps
2023-08-20 17:46 - 2023-06-01 18:55 - 000000000 ____D C:\Users\yanni\AppData\Roaming\vlc
2023-08-16 09:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-08-14 11:35 - 2023-03-28 20:20 - 000000000 ____D C:\Users\yanni\AppData\Local\D3DSCache
2023-08-12 22:22 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2023-08-12 19:27 - 2023-05-31 17:26 - 000000885 _____ C:\Users\Public\Desktop\paint.net.lnk
2023-08-12 19:27 - 2023-03-31 10:43 - 000000885 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2023-08-12 15:50 - 2023-03-28 20:32 - 000000000 ___SD C:\Users\isabe\AppData\Roaming\Microsoft\Protect
2023-08-11 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-11 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-11 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-11 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-11 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-11 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-11 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-11 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-11 18:07 - 2023-04-03 12:34 - 000000000 ____D C:\Program Files\Microsoft Office
2023-08-11 14:54 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-11 14:51 - 2023-03-28 19:58 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-08-11 14:34 - 2023-03-30 15:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-11 14:31 - 2023-03-30 15:46 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-08-11 14:29 - 2023-03-28 19:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-08-11 12:26 - 2023-03-29 08:54 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-08-11 12:21 - 2023-03-31 10:44 - 000003960 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{E40E8E4D-1887-41EC-919B-D97AC7FAA5FB}
2023-08-11 12:21 - 2023-03-31 10:44 - 000003836 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{8DAEC772-C752-47A5-BE5E-9C114929A206}
2023-08-11 12:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
==================== Fichiers à la racine de certains dossiers ========
2023-05-16 17:45 - 2023-05-16 17:45 - 000000856 _____ () C:\Users\yanni\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================