Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 28-08-2023
Exécuté par sarlf (administrateur) sur LAPTOP-OQQ95IM5 (LENOVO 80XL) (08-09-2023 14:10:30)
Exécuté depuis C:\Users\sarlf\Downloads\FRST64 (1).exe
Profils chargés: sarlf
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3324 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxEM.exe
(explorer.exe ->) (Dolby Laboratories, Inc. -> ) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(explorer.exe ->) (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\LenovoUtility\utility.exe
(explorer.exe ->) (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJJE.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <25>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\IntelCpHeciSvc.exe
(services.exe ->) (Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.23.5.106\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.23.5.106\nsWscSvc.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391088 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [894376 2017-04-14] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [829632 2016-06-24] (Dolby Laboratories, Inc. -> )
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1417063958-667235216-1923551968-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1417063958-667235216-1923551968-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41584544 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1417063958-667235216-1923551968-1001\...\Run: [MicrosoftEdgeAutoLaunch_E4E70E2518D828597794FF884C758FED] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4108328 2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Norton Download ManagerFORCE_UPGRADE_22_23_5] => C:\PROGRA~3\Norton\{0C55C~1\NORTON~1.EXE /m /noui /instversion "22.23.5" (Pas de fichier)
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [117248 2018-05-31] (pdfforge GmbH) [Fichier non signé]
HKLM\...\Print\Monitors\rica5Slm: C:\WINDOWS\system32\rica5Slm.dll [28160 2013-12-26] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO.,Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\116.0.5845.180\Installer\chrmstp.exe [2023-09-08] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {065CFFAB-31DE-4564-A7C7-890DA0C9748D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {7692AF13-6C00-428F-890C-68FF1398E9B7} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "5050e980-7343-4701-80c9-3964169bbb09" --version "6.15.10623" --silent
Task: {0D5B451E-E5E2-48C0-9498-A48207939557} - System32\Tasks\CCleanerSkipUAC - sarlf => C:\Program Files\CCleaner\CCleaner.exe [34687904 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {8AB30686-C7AF-448A-8F47-514DE63D5F81} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [190744 2016-10-07] (CyberLink Corp. -> CyberLink)
Task: {C5624C51-0228-4FC3-87AA-26CBDC23CBC6} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\Lenovo\Power2Go\CLVDLauncher.exe [347416 2016-09-20] (CyberLink Corp. -> CyberLink Corp.)
Task: {59650388-BD9B-477A-B8D1-1EA524185830} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-26] (Google Inc -> Google Inc.)
Task: {74D30E93-FF67-4CCE-9F08-F69E5EFFD994} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-26] (Google Inc -> Google Inc.)
Task: {81DCDD27-D76A-423D-A7A2-FBD92EA9DC02} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {731A103E-2223-46B7-ABB1-2ED1E048F51E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {CD2A8E56-DF6F-48E7-A1A1-CE64B2E702BB} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [77312 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {558CFEC6-7E30-443D-8E7C-4CBDB6FF03BD} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\15ffa48e-29cd-47b4-9375-f368a8c1ec8d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {B2166A98-DEB9-429E-A305-E03737A36079} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\185ac207-56e2-4c76-bd92-5bfbcd15eedd => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {DC519366-AEFC-4A20-AA9D-322120A6E53C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9168baa4-6576-42ec-be61-2999a8ae2ba9 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {74A5968F-7171-4F79-854D-E8946772AF53} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e8bb75cd-e9f6-43f2-997f-655fac530768 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {95DC43A4-F9EB-4660-B19F-C331C63F8BCD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26913464 2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {C679ACD9-CC51-46D8-9D1D-95C457853ACF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26913464 2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {885896B3-AED3-4CA8-8F07-A0731AD31E67} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124352 2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {0B03A326-9D8F-4925-9F59-925EE755F43B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124352 2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {79AD52EC-0949-4A94-B4ED-1FEBC8149348} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [887496 2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {97A8A25F-E4EF-4741-88CE-5299CEF8A563} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.23.5.106\SymErr.exe [379024 2023-06-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {DB1F21CB-CCFB-4D98-9970-B0B5D99F73CB} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.23.5.106\SymErr.exe [379024 2023-06-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {7F09FB2F-EDAC-4B32-818F-9AFEF1979482} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.23.5.106\SymErr.exe [379024 2023-06-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {6172ADC2-BA08-484B-8438-920D0ECEB4BF} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.20.5.40\SymErr.exe /ui (Pas de fichier)
Task: {93FEB401-194D-4707-9F42-92B7F5DDFEA7} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.20.5.40\SymErr.exe /analyze (Pas de fichier)
Task: {C70E6B48-DDF4-465C-9D3E-C701A866FCE6} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.20.5.40\SymErr.exe /submit (Pas de fichier)
Task: {6BA9A668-A14E-4E84-9686-2556F2C6A445} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.23.5.106\WSCStub.exe [646520 2023-06-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {23D3E414-C3E0-4D46-9D4F-51BE78F0C24B} - System32\Tasks\PDVDServ14 Task => C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe [88344 2017-02-17] (CyberLink Corp. -> CyberLink Corp.)
Task: {0DD07B59-FD63-4529-B164-6D0B78C4E4BE} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2353000 2023-06-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {04920B17-1F38-427B-BF19-69A5E1AB9E0A} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {DB6774B5-5446-44B3-9899-3708BFB62E42} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {EC60E1E0-AD2A-4566-B068-92A7554D7544} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8d9e62cc-5532-41a6-979c-10530045aea9}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\sarlf\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-08]
Edge HomePage: Default -> hxxps://?
Edge StartupUrls: Default -> "hxxps://?"
Edge Extension: (Google Docs hors connexion) - C:\Users\sarlf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-08]
Edge Extension: (Edge relevant text changes) - C:\Users\sarlf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-08]
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\sarlf\AppData\Local\Google\Chrome\User Data\Default [2023-09-08]
CHR HomePage: Default -> hxxps://?
CHR StartupUrls: Default -> "hxxps://?"
CHR DefaultSearchURL: Default -> hxxps://simplesearch.co?q={searchTerms}&pId=LU170101SODA_DN&iDate=2018-05-30 10:29:10&bitmask=9998&searchsource=58&sp=12
CHR DefaultSearchKeyword: Default -> default bing
CHR DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (Google Docs hors connexion) - C:\Users\sarlf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-06]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\sarlf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11817440 2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
U2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [3413424 2022-04-13] (Lavasoft Software Canada Inc. -> ) <==== ATTENTION
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2018-09-25] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9286168 2023-09-07] (Malwarebytes Inc. -> Malwarebytes)
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1270536 2019-02-26] (McAfee, Inc. -> McAfee, Inc.)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.23.5.106\NortonSecurity.exe [344888 2023-06-14] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.23.5.106\nsWscSvc.exe [1059176 2023-06-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-09-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-09-06] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2022-04-13] (Bitdefender SRL -> Bitdefender)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.23.5.106\Definitions\BASHDefs\20230907.001\BHDrvx64.sys [1696736 2023-09-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\ccSetx64.sys [198280 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527832 2023-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2023-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.23.5.106\Definitions\IPSDefs\20230907.064\IDSvia64.sys [1527816 2023-09-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222272 2023-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-09-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [199640 2023-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2023-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181984 2023-09-07] (Malwarebytes Inc. -> Malwarebytes)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\nsvst.sys [57120 2023-06-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\SRTSP64.SYS [956048 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\SRTSPX64.SYS [52872 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\SYMEFASI64.SYS [2180248 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\SymELAM.sys [36016 2023-06-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100328 2023-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.23.5.106\SymPlatform\SymEvnt.sys [722400 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\Ironx64.SYS [306824 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\symnets.sys [492728 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55872 2023-09-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [574872 2023-09-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2023-09-06] (Microsoft Windows -> Microsoft Corporation)
R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\wpCtrlDrv.sys [1016792 2023-06-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 MpKsl3c727583; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{259A0317-F8EA-475A-9E28-F90A17A5BBE9}\MpKslDrv.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-09-08 14:16 - 2023-09-08 14:16 - 000000000 ____D C:\Users\sarlf\Downloads\FRST-OlderVersion
2023-09-08 14:15 - 2023-09-08 14:16 - 002382336 _____ (Farbar) C:\Users\sarlf\Downloads\FRST64-2.1.exe
2023-09-08 13:54 - 2023-09-08 14:09 - 000037523 _____ C:\Users\sarlf\Downloads\Addition.txt
2023-09-08 13:50 - 2023-09-08 14:12 - 000025100 _____ C:\Users\sarlf\Downloads\FRST.txt
2023-09-08 13:48 - 2023-09-08 14:11 - 000000000 ____D C:\FRST
2023-09-08 11:56 - 2023-09-08 11:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2023-09-08 11:54 - 2023-09-08 11:56 - 000000000 ____D C:\Users\sarlf\Downloads\CrystalDiskInfo9_1_1
2023-09-08 11:50 - 2023-09-08 11:50 - 007382778 _____ C:\Users\sarlf\Downloads\CrystalDiskInfo9_1_1.zip
2023-09-08 11:43 - 2023-09-08 11:43 - 003511456 _____ (Nicolas Coolman) C:\Users\sarlf\Downloads\ZHPSuite (7).exe
2023-09-08 11:35 - 2023-09-08 11:35 - 000000000 ____D C:\Users\sarlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
2023-09-08 09:33 - 2023-09-08 09:33 - 000219646 _____ C:\Users\sarlf\Desktop\ZHPDiag.html
2023-09-08 09:22 - 2023-09-08 09:23 - 003511456 _____ (Nicolas Coolman) C:\Users\sarlf\Downloads\ZHPSuite (6).exe
2023-09-08 09:21 - 2023-09-08 09:21 - 003511456 _____ (Nicolas Coolman) C:\Users\sarlf\Downloads\ZHPSuite (5).exe
2023-09-08 09:19 - 2023-09-08 09:19 - 003508424 _____ (Nicolas Coolman) C:\Users\sarlf\Downloads\ZHPSuite (4).exe
2023-09-08 09:13 - 2023-09-08 09:13 - 003508424 _____ (Nicolas Coolman) C:\Users\sarlf\Downloads\ZHPSuite (3).exe
2023-09-08 09:07 - 2023-09-08 09:16 - 003508424 _____ (Nicolas Coolman) C:\Users\sarlf\Downloads\ZHPSuite (2).exe
2023-09-07 16:04 - 2023-09-07 16:04 - 000000000 ___HD C:\$WinREAgent
2023-09-07 15:48 - 2023-09-07 15:48 - 000181984 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-09-07 15:46 - 2023-09-08 11:24 - 000000000 ____D C:\Users\sarlf\AppData\Local\Malwarebytes
2023-09-07 15:46 - 2023-09-07 15:46 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-09-07 15:46 - 2023-09-07 15:46 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-09-07 15:44 - 2023-09-07 15:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-09-07 15:44 - 2023-09-07 15:44 - 000000000 ____D C:\Program Files\Malwarebytes
2023-09-07 15:42 - 2023-09-07 15:43 - 002606880 _____ (Malwarebytes) C:\Users\sarlf\Downloads\MBSetup (2).exe
2023-09-07 11:47 - 2023-09-07 11:47 - 000000000 ____D C:\Users\sarlf\AppData\Local\mbam
2023-09-07 11:36 - 2023-09-07 11:37 - 002606880 _____ (Malwarebytes) C:\Users\sarlf\Downloads\MBSetup (1).exe
2023-09-07 11:36 - 2023-09-07 11:36 - 002606880 _____ (Malwarebytes) C:\Users\sarlf\Downloads\MBSetup.exe
2023-09-07 10:51 - 2023-09-07 10:56 - 000000000 ____D C:\AdwCleaner
2023-09-07 10:49 - 2023-09-07 10:50 - 008791352 _____ (Malwarebytes) C:\Users\sarlf\Downloads\adwcleaner_8.4.0.exe
2023-09-07 10:10 - 2023-09-07 10:10 - 000016417 _____ C:\Users\sarlf\Desktop\ZHPCleaner (R).html
2023-09-07 10:10 - 2023-09-07 10:10 - 000007986 _____ C:\Users\sarlf\Desktop\ZHPCleaner (R).txt
2023-09-07 09:58 - 2023-09-07 10:24 - 000009171 _____ C:\Users\sarlf\Desktop\ZHPCleaner (S).html
2023-09-07 09:29 - 2023-09-07 09:29 - 000000928 _____ C:\Users\sarlf\Desktop\ZHPCleaner.lnk
2023-09-07 09:25 - 2023-09-07 09:25 - 003343008 _____ (Nicolas Coolman) C:\Users\sarlf\Downloads\ZHPCleaner (2).exe
2023-09-07 09:23 - 2023-09-07 09:23 - 003343008 _____ (Nicolas Coolman) C:\Users\sarlf\Downloads\ZHPCleaner (1).exe
2023-09-07 09:21 - 2023-09-07 09:21 - 003343008 _____ (Nicolas Coolman) C:\Users\sarlf\Downloads\ZHPCleaner.exe
2023-09-06 14:13 - 2023-09-08 11:13 - 000164572 _____ C:\Users\sarlf\Desktop\ZHPDiag.txt
2023-09-06 14:00 - 2023-09-08 11:43 - 000000000 ____D C:\Users\sarlf\AppData\Roaming\ZHP
2023-09-06 14:00 - 2023-09-07 09:29 - 000000000 ____D C:\Users\sarlf\AppData\Local\ZHP
2023-09-06 14:00 - 2023-09-06 14:00 - 000000918 _____ C:\Users\sarlf\Desktop\ZHPSuite.lnk
2023-09-06 13:53 - 2023-09-06 13:53 - 003511456 _____ (Nicolas Coolman) C:\Users\sarlf\Downloads\ZHPSuite (1).exe
2023-09-06 13:52 - 2023-09-06 13:52 - 003511456 _____ (Nicolas Coolman) C:\Users\sarlf\Downloads\ZHPSuite.exe
2023-09-06 11:10 - 2023-09-06 11:10 - 000000000 ___HD C:\OneDriveTemp
2023-09-06 10:55 - 2023-09-08 11:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2023-09-06 10:44 - 2023-09-07 11:08 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2023-09-06 10:44 - 2023-09-06 10:44 - 000003378 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-09-08 14:03 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-08 13:58 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-09-08 13:25 - 2023-07-05 03:53 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-09-08 13:25 - 2018-03-26 09:19 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-08 12:22 - 2021-04-05 21:27 - 000000000 ____D C:\Users\sarlf\AppData\Roaming\Zoom
2023-09-08 12:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-08 12:17 - 2018-03-26 08:01 - 000000000 ____D C:\Users\sarlf\AppData\Local\Packages
2023-09-08 12:13 - 2018-03-26 09:17 - 000000000 ____D C:\Users\sarlf\AppData\Roaming\Microsoft\Word
2023-09-08 12:12 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-08 11:25 - 2018-06-07 13:14 - 000000000 ____D C:\Program Files\CCleaner
2023-09-08 11:25 - 2018-03-26 08:07 - 000000000 ___RD C:\Users\sarlf\OneDrive
2023-09-08 11:24 - 2018-03-26 08:01 - 000000000 __SHD C:\Users\sarlf\IntelGraphicsProfiles
2023-09-08 11:22 - 2020-09-27 09:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-08 11:22 - 2020-09-27 07:51 - 000008192 ___SH C:\DumpStack.log.tmp
2023-09-08 11:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-09-08 10:58 - 2020-09-27 07:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-09-08 10:46 - 2019-12-06 15:10 - 000000000 ____D C:\Users\sarlf\AppData\Local\D3DSCache
2023-09-08 10:28 - 2018-03-26 09:21 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-08 10:28 - 2018-03-26 09:21 - 000002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-09-08 10:14 - 2023-07-05 04:09 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-09-08 10:14 - 2019-12-07 16:49 - 000792842 _____ C:\WINDOWS\system32\perfh00C.dat
2023-09-08 10:14 - 2019-12-07 16:49 - 000149972 _____ C:\WINDOWS\system32\perfc00C.dat
2023-09-08 10:12 - 2020-09-27 09:54 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-08 10:12 - 2020-09-27 09:54 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-09-08 10:08 - 2020-09-27 07:51 - 000436208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-09-08 10:05 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-09-08 10:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-09-08 10:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-09-08 10:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-09-08 10:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-09-08 10:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-09-08 10:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-09-08 10:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-09-08 10:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-09-08 10:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-09-08 10:00 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-09-08 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-09-08 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-09-08 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-09-08 01:34 - 2019-12-03 18:54 - 000000000 ____D C:\Program Files\Common Files\AV
2023-09-07 18:22 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-09-07 18:21 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2023-09-07 17:37 - 2020-09-27 09:53 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-09-07 16:42 - 2019-12-07 16:51 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-09-07 15:45 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-09-07 14:35 - 2023-07-05 03:55 - 000000000 ____D C:\Users\sarlf
2023-09-07 12:32 - 2018-05-31 09:30 - 000000000 ____D C:\Users\sarlf\AppData\Local\CrashDumps
2023-09-07 11:45 - 2021-04-08 13:16 - 000000000 ____D C:\Users\sarlf\AppData\LocalLow\Norton
2023-09-07 11:44 - 2023-06-29 14:01 - 000000000 ____D C:\Users\sarlf\AppData\Local\Norton
2023-09-07 11:37 - 2023-07-05 04:47 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1417063958-667235216-1923551968-1001
2023-09-07 11:37 - 2023-07-05 04:47 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1417063958-667235216-1923551968-1001
2023-09-07 11:37 - 2023-07-05 03:55 - 000002470 _____ C:\Users\sarlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-07 11:08 - 2018-04-25 09:02 - 000002420 _____ C:\Users\Public\Desktop\Norton Security.lnk
2023-09-07 10:57 - 2022-04-13 12:11 - 000000000 ____D C:\WINDOWS\system32\Lavasoft
2023-09-07 10:57 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2023-09-07 10:57 - 2018-05-30 12:29 - 000000000 ____D C:\Users\sarlf\AppData\Local\Lavasoft
2023-09-07 10:10 - 2018-05-30 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2023-09-07 10:10 - 2018-05-30 12:28 - 000000000 ____D C:\Users\sarlf\AppData\Roaming\Lavasoft
2023-09-07 10:09 - 2018-05-30 12:28 - 000000000 ____D C:\ProgramData\Lavasoft
2023-09-06 13:55 - 2017-08-24 22:50 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-09-06 12:07 - 2023-06-30 10:41 - 000000000 ___DC C:\WINDOWS\Panther
2023-09-06 11:50 - 2018-03-26 11:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-09-06 11:36 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-09-06 10:48 - 2018-03-26 11:05 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-09-06 10:47 - 2018-04-25 09:00 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2023-09-06 10:37 - 2023-06-28 10:22 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-09-06 10:01 - 2020-09-27 09:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-09-06 09:40 - 2020-09-27 09:55 - 000000000 ____D C:\ProgramData\Packages
2023-09-06 09:25 - 2020-09-27 09:53 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-09-06 09:25 - 2020-09-27 09:53 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-09-06 09:20 - 2023-07-05 04:47 - 000003884 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-09-06 09:20 - 2023-07-05 04:47 - 000003760 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-09-06 08:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-09-05 16:00 - 2018-04-25 08:44 - 000000000 ____D C:\ProgramData\Norton
2023-09-05 15:48 - 2018-06-14 08:58 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-09-05 15:41 - 2018-04-25 08:44 - 000000000 ____D C:\Users\Public\Downloads\Norton
2023-09-05 15:33 - 2023-07-05 04:47 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-09-05 15:33 - 2023-07-05 04:47 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-09-05 15:27 - 2018-03-26 10:33 - 000000000 ____D C:\Users\sarlf\AppData\Roaming\Microsoft\Excel
==================== Fichiers à la racine de certains dossiers ========
2023-06-28 10:31 - 2023-06-28 10:31 - 009676800 _____ () C:\Program Files (x86)\GUT87E9.tmp
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par sarlf (administrateur) sur LAPTOP-OQQ95IM5 (LENOVO 80XL) (08-09-2023 14:10:30)
Exécuté depuis C:\Users\sarlf\Downloads\FRST64 (1).exe
Profils chargés: sarlf
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3324 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxEM.exe
(explorer.exe ->) (Dolby Laboratories, Inc. -> ) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(explorer.exe ->) (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\LenovoUtility\utility.exe
(explorer.exe ->) (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJJE.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <25>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\IntelCpHeciSvc.exe
(services.exe ->) (Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.23.5.106\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.23.5.106\nsWscSvc.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391088 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [894376 2017-04-14] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [829632 2016-06-24] (Dolby Laboratories, Inc. -> )
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1417063958-667235216-1923551968-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1417063958-667235216-1923551968-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41584544 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1417063958-667235216-1923551968-1001\...\Run: [MicrosoftEdgeAutoLaunch_E4E70E2518D828597794FF884C758FED] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4108328 2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Norton Download ManagerFORCE_UPGRADE_22_23_5] => C:\PROGRA~3\Norton\{0C55C~1\NORTON~1.EXE /m /noui /instversion "22.23.5" (Pas de fichier)
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [117248 2018-05-31] (pdfforge GmbH) [Fichier non signé]
HKLM\...\Print\Monitors\rica5Slm: C:\WINDOWS\system32\rica5Slm.dll [28160 2013-12-26] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO.,Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\116.0.5845.180\Installer\chrmstp.exe [2023-09-08] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {065CFFAB-31DE-4564-A7C7-890DA0C9748D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {7692AF13-6C00-428F-890C-68FF1398E9B7} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "5050e980-7343-4701-80c9-3964169bbb09" --version "6.15.10623" --silent
Task: {0D5B451E-E5E2-48C0-9498-A48207939557} - System32\Tasks\CCleanerSkipUAC - sarlf => C:\Program Files\CCleaner\CCleaner.exe [34687904 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {8AB30686-C7AF-448A-8F47-514DE63D5F81} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [190744 2016-10-07] (CyberLink Corp. -> CyberLink)
Task: {C5624C51-0228-4FC3-87AA-26CBDC23CBC6} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\Lenovo\Power2Go\CLVDLauncher.exe [347416 2016-09-20] (CyberLink Corp. -> CyberLink Corp.)
Task: {59650388-BD9B-477A-B8D1-1EA524185830} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-26] (Google Inc -> Google Inc.)
Task: {74D30E93-FF67-4CCE-9F08-F69E5EFFD994} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-26] (Google Inc -> Google Inc.)
Task: {81DCDD27-D76A-423D-A7A2-FBD92EA9DC02} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {731A103E-2223-46B7-ABB1-2ED1E048F51E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {CD2A8E56-DF6F-48E7-A1A1-CE64B2E702BB} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [77312 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {558CFEC6-7E30-443D-8E7C-4CBDB6FF03BD} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\15ffa48e-29cd-47b4-9375-f368a8c1ec8d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {B2166A98-DEB9-429E-A305-E03737A36079} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\185ac207-56e2-4c76-bd92-5bfbcd15eedd => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {DC519366-AEFC-4A20-AA9D-322120A6E53C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9168baa4-6576-42ec-be61-2999a8ae2ba9 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {74A5968F-7171-4F79-854D-E8946772AF53} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e8bb75cd-e9f6-43f2-997f-655fac530768 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {95DC43A4-F9EB-4660-B19F-C331C63F8BCD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26913464 2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {C679ACD9-CC51-46D8-9D1D-95C457853ACF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26913464 2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {885896B3-AED3-4CA8-8F07-A0731AD31E67} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124352 2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {0B03A326-9D8F-4925-9F59-925EE755F43B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124352 2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {79AD52EC-0949-4A94-B4ED-1FEBC8149348} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [887496 2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {97A8A25F-E4EF-4741-88CE-5299CEF8A563} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.23.5.106\SymErr.exe [379024 2023-06-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {DB1F21CB-CCFB-4D98-9970-B0B5D99F73CB} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.23.5.106\SymErr.exe [379024 2023-06-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {7F09FB2F-EDAC-4B32-818F-9AFEF1979482} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.23.5.106\SymErr.exe [379024 2023-06-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {6172ADC2-BA08-484B-8438-920D0ECEB4BF} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.20.5.40\SymErr.exe /ui (Pas de fichier)
Task: {93FEB401-194D-4707-9F42-92B7F5DDFEA7} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.20.5.40\SymErr.exe /analyze (Pas de fichier)
Task: {C70E6B48-DDF4-465C-9D3E-C701A866FCE6} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.20.5.40\SymErr.exe /submit (Pas de fichier)
Task: {6BA9A668-A14E-4E84-9686-2556F2C6A445} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.23.5.106\WSCStub.exe [646520 2023-06-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {23D3E414-C3E0-4D46-9D4F-51BE78F0C24B} - System32\Tasks\PDVDServ14 Task => C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe [88344 2017-02-17] (CyberLink Corp. -> CyberLink Corp.)
Task: {0DD07B59-FD63-4529-B164-6D0B78C4E4BE} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2353000 2023-06-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {04920B17-1F38-427B-BF19-69A5E1AB9E0A} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {DB6774B5-5446-44B3-9899-3708BFB62E42} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {EC60E1E0-AD2A-4566-B068-92A7554D7544} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8d9e62cc-5532-41a6-979c-10530045aea9}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\sarlf\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-08]
Edge HomePage: Default -> hxxps://?
Edge StartupUrls: Default -> "hxxps://?"
Edge Extension: (Google Docs hors connexion) - C:\Users\sarlf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-08]
Edge Extension: (Edge relevant text changes) - C:\Users\sarlf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-08]
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\sarlf\AppData\Local\Google\Chrome\User Data\Default [2023-09-08]
CHR HomePage: Default -> hxxps://?
CHR StartupUrls: Default -> "hxxps://?"
CHR DefaultSearchURL: Default -> hxxps://simplesearch.co?q={searchTerms}&pId=LU170101SODA_DN&iDate=2018-05-30 10:29:10&bitmask=9998&searchsource=58&sp=12
CHR DefaultSearchKeyword: Default -> default bing
CHR DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (Google Docs hors connexion) - C:\Users\sarlf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-06]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\sarlf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11817440 2023-09-06] (Microsoft Corporation -> Microsoft Corporation)
U2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [3413424 2022-04-13] (Lavasoft Software Canada Inc. -> ) <==== ATTENTION
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2018-09-25] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9286168 2023-09-07] (Malwarebytes Inc. -> Malwarebytes)
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1270536 2019-02-26] (McAfee, Inc. -> McAfee, Inc.)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.23.5.106\NortonSecurity.exe [344888 2023-06-14] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.23.5.106\nsWscSvc.exe [1059176 2023-06-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-09-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-09-06] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2022-04-13] (Bitdefender SRL -> Bitdefender)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.23.5.106\Definitions\BASHDefs\20230907.001\BHDrvx64.sys [1696736 2023-09-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\ccSetx64.sys [198280 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527832 2023-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2023-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.23.5.106\Definitions\IPSDefs\20230907.064\IDSvia64.sys [1527816 2023-09-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222272 2023-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-09-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [199640 2023-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2023-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181984 2023-09-07] (Malwarebytes Inc. -> Malwarebytes)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\nsvst.sys [57120 2023-06-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\SRTSP64.SYS [956048 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\SRTSPX64.SYS [52872 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\SYMEFASI64.SYS [2180248 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\SymELAM.sys [36016 2023-06-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100328 2023-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.23.5.106\SymPlatform\SymEvnt.sys [722400 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\Ironx64.SYS [306824 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\symnets.sys [492728 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55872 2023-09-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [574872 2023-09-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2023-09-06] (Microsoft Windows -> Microsoft Corporation)
R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1617050.06A\wpCtrlDrv.sys [1016792 2023-06-14] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 MpKsl3c727583; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{259A0317-F8EA-475A-9E28-F90A17A5BBE9}\MpKslDrv.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-09-08 14:16 - 2023-09-08 14:16 - 000000000 ____D C:\Users\sarlf\Downloads\FRST-OlderVersion
2023-09-08 14:15 - 2023-09-08 14:16 - 002382336 _____ (Farbar) C:\Users\sarlf\Downloads\FRST64-2.1.exe
2023-09-08 13:54 - 2023-09-08 14:09 - 000037523 _____ C:\Users\sarlf\Downloads\Addition.txt
2023-09-08 13:50 - 2023-09-08 14:12 - 000025100 _____ C:\Users\sarlf\Downloads\FRST.txt
2023-09-08 13:48 - 2023-09-08 14:11 - 000000000 ____D C:\FRST
2023-09-08 11:56 - 2023-09-08 11:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2023-09-08 11:54 - 2023-09-08 11:56 - 000000000 ____D C:\Users\sarlf\Downloads\CrystalDiskInfo9_1_1
2023-09-08 11:50 - 2023-09-08 11:50 - 007382778 _____ C:\Users\sarlf\Downloads\CrystalDiskInfo9_1_1.zip
2023-09-08 11:43 - 2023-09-08 11:43 - 003511456 _____ (Nicolas Coolman) C:\Users\sarlf\Downloads\ZHPSuite (7).exe
2023-09-08 11:35 - 2023-09-08 11:35 - 000000000 ____D C:\Users\sarlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
2023-09-08 09:33 - 2023-09-08 09:33 - 000219646 _____ C:\Users\sarlf\Desktop\ZHPDiag.html
2023-09-08 09:22 - 2023-09-08 09:23 - 003511456 _____ (Nicolas Coolman) C:\Users\sarlf\Downloads\ZHPSuite (6).exe
2023-09-08 09:21 - 2023-09-08 09:21 - 003511456 _____ (Nicolas Coolman) C:\Users\sarlf\Downloads\ZHPSuite (5).exe
2023-09-08 09:19 - 2023-09-08 09:19 - 003508424 _____ (Nicolas Coolman) C:\Users\sarlf\Downloads\ZHPSuite (4).exe
2023-09-08 09:13 - 2023-09-08 09:13 - 003508424 _____ (Nicolas Coolman) C:\Users\sarlf\Downloads\ZHPSuite (3).exe
2023-09-08 09:07 - 2023-09-08 09:16 - 003508424 _____ (Nicolas Coolman) C:\Users\sarlf\Downloads\ZHPSuite (2).exe
2023-09-07 16:04 - 2023-09-07 16:04 - 000000000 ___HD C:\$WinREAgent
2023-09-07 15:48 - 2023-09-07 15:48 - 000181984 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-09-07 15:46 - 2023-09-08 11:24 - 000000000 ____D C:\Users\sarlf\AppData\Local\Malwarebytes
2023-09-07 15:46 - 2023-09-07 15:46 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-09-07 15:46 - 2023-09-07 15:46 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-09-07 15:44 - 2023-09-07 15:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-09-07 15:44 - 2023-09-07 15:44 - 000000000 ____D C:\Program Files\Malwarebytes
2023-09-07 15:42 - 2023-09-07 15:43 - 002606880 _____ (Malwarebytes) C:\Users\sarlf\Downloads\MBSetup (2).exe
2023-09-07 11:47 - 2023-09-07 11:47 - 000000000 ____D C:\Users\sarlf\AppData\Local\mbam
2023-09-07 11:36 - 2023-09-07 11:37 - 002606880 _____ (Malwarebytes) C:\Users\sarlf\Downloads\MBSetup (1).exe
2023-09-07 11:36 - 2023-09-07 11:36 - 002606880 _____ (Malwarebytes) C:\Users\sarlf\Downloads\MBSetup.exe
2023-09-07 10:51 - 2023-09-07 10:56 - 000000000 ____D C:\AdwCleaner
2023-09-07 10:49 - 2023-09-07 10:50 - 008791352 _____ (Malwarebytes) C:\Users\sarlf\Downloads\adwcleaner_8.4.0.exe
2023-09-07 10:10 - 2023-09-07 10:10 - 000016417 _____ C:\Users\sarlf\Desktop\ZHPCleaner (R).html
2023-09-07 10:10 - 2023-09-07 10:10 - 000007986 _____ C:\Users\sarlf\Desktop\ZHPCleaner (R).txt
2023-09-07 09:58 - 2023-09-07 10:24 - 000009171 _____ C:\Users\sarlf\Desktop\ZHPCleaner (S).html
2023-09-07 09:29 - 2023-09-07 09:29 - 000000928 _____ C:\Users\sarlf\Desktop\ZHPCleaner.lnk
2023-09-07 09:25 - 2023-09-07 09:25 - 003343008 _____ (Nicolas Coolman) C:\Users\sarlf\Downloads\ZHPCleaner (2).exe
2023-09-07 09:23 - 2023-09-07 09:23 - 003343008 _____ (Nicolas Coolman) C:\Users\sarlf\Downloads\ZHPCleaner (1).exe
2023-09-07 09:21 - 2023-09-07 09:21 - 003343008 _____ (Nicolas Coolman) C:\Users\sarlf\Downloads\ZHPCleaner.exe
2023-09-06 14:13 - 2023-09-08 11:13 - 000164572 _____ C:\Users\sarlf\Desktop\ZHPDiag.txt
2023-09-06 14:00 - 2023-09-08 11:43 - 000000000 ____D C:\Users\sarlf\AppData\Roaming\ZHP
2023-09-06 14:00 - 2023-09-07 09:29 - 000000000 ____D C:\Users\sarlf\AppData\Local\ZHP
2023-09-06 14:00 - 2023-09-06 14:00 - 000000918 _____ C:\Users\sarlf\Desktop\ZHPSuite.lnk
2023-09-06 13:53 - 2023-09-06 13:53 - 003511456 _____ (Nicolas Coolman) C:\Users\sarlf\Downloads\ZHPSuite (1).exe
2023-09-06 13:52 - 2023-09-06 13:52 - 003511456 _____ (Nicolas Coolman) C:\Users\sarlf\Downloads\ZHPSuite.exe
2023-09-06 11:10 - 2023-09-06 11:10 - 000000000 ___HD C:\OneDriveTemp
2023-09-06 10:55 - 2023-09-08 11:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2023-09-06 10:44 - 2023-09-07 11:08 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2023-09-06 10:44 - 2023-09-06 10:44 - 000003378 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-09-08 14:03 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-08 13:58 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-09-08 13:25 - 2023-07-05 03:53 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-09-08 13:25 - 2018-03-26 09:19 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-08 12:22 - 2021-04-05 21:27 - 000000000 ____D C:\Users\sarlf\AppData\Roaming\Zoom
2023-09-08 12:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-08 12:17 - 2018-03-26 08:01 - 000000000 ____D C:\Users\sarlf\AppData\Local\Packages
2023-09-08 12:13 - 2018-03-26 09:17 - 000000000 ____D C:\Users\sarlf\AppData\Roaming\Microsoft\Word
2023-09-08 12:12 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-08 11:25 - 2018-06-07 13:14 - 000000000 ____D C:\Program Files\CCleaner
2023-09-08 11:25 - 2018-03-26 08:07 - 000000000 ___RD C:\Users\sarlf\OneDrive
2023-09-08 11:24 - 2018-03-26 08:01 - 000000000 __SHD C:\Users\sarlf\IntelGraphicsProfiles
2023-09-08 11:22 - 2020-09-27 09:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-08 11:22 - 2020-09-27 07:51 - 000008192 ___SH C:\DumpStack.log.tmp
2023-09-08 11:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-09-08 10:58 - 2020-09-27 07:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-09-08 10:46 - 2019-12-06 15:10 - 000000000 ____D C:\Users\sarlf\AppData\Local\D3DSCache
2023-09-08 10:28 - 2018-03-26 09:21 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-08 10:28 - 2018-03-26 09:21 - 000002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-09-08 10:14 - 2023-07-05 04:09 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-09-08 10:14 - 2019-12-07 16:49 - 000792842 _____ C:\WINDOWS\system32\perfh00C.dat
2023-09-08 10:14 - 2019-12-07 16:49 - 000149972 _____ C:\WINDOWS\system32\perfc00C.dat
2023-09-08 10:12 - 2020-09-27 09:54 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-08 10:12 - 2020-09-27 09:54 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-09-08 10:08 - 2020-09-27 07:51 - 000436208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-09-08 10:05 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-09-08 10:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-09-08 10:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-09-08 10:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-09-08 10:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-09-08 10:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-09-08 10:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-09-08 10:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-09-08 10:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-09-08 10:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-09-08 10:00 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-09-08 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-09-08 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-09-08 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-09-08 01:34 - 2019-12-03 18:54 - 000000000 ____D C:\Program Files\Common Files\AV
2023-09-07 18:22 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-09-07 18:21 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2023-09-07 17:37 - 2020-09-27 09:53 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-09-07 16:42 - 2019-12-07 16:51 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-09-07 15:45 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-09-07 14:35 - 2023-07-05 03:55 - 000000000 ____D C:\Users\sarlf
2023-09-07 12:32 - 2018-05-31 09:30 - 000000000 ____D C:\Users\sarlf\AppData\Local\CrashDumps
2023-09-07 11:45 - 2021-04-08 13:16 - 000000000 ____D C:\Users\sarlf\AppData\LocalLow\Norton
2023-09-07 11:44 - 2023-06-29 14:01 - 000000000 ____D C:\Users\sarlf\AppData\Local\Norton
2023-09-07 11:37 - 2023-07-05 04:47 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1417063958-667235216-1923551968-1001
2023-09-07 11:37 - 2023-07-05 04:47 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1417063958-667235216-1923551968-1001
2023-09-07 11:37 - 2023-07-05 03:55 - 000002470 _____ C:\Users\sarlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-07 11:08 - 2018-04-25 09:02 - 000002420 _____ C:\Users\Public\Desktop\Norton Security.lnk
2023-09-07 10:57 - 2022-04-13 12:11 - 000000000 ____D C:\WINDOWS\system32\Lavasoft
2023-09-07 10:57 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2023-09-07 10:57 - 2018-05-30 12:29 - 000000000 ____D C:\Users\sarlf\AppData\Local\Lavasoft
2023-09-07 10:10 - 2018-05-30 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2023-09-07 10:10 - 2018-05-30 12:28 - 000000000 ____D C:\Users\sarlf\AppData\Roaming\Lavasoft
2023-09-07 10:09 - 2018-05-30 12:28 - 000000000 ____D C:\ProgramData\Lavasoft
2023-09-06 13:55 - 2017-08-24 22:50 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-09-06 12:07 - 2023-06-30 10:41 - 000000000 ___DC C:\WINDOWS\Panther
2023-09-06 11:50 - 2018-03-26 11:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-09-06 11:36 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-09-06 10:48 - 2018-03-26 11:05 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-09-06 10:47 - 2018-04-25 09:00 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2023-09-06 10:37 - 2023-06-28 10:22 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-09-06 10:01 - 2020-09-27 09:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-09-06 09:40 - 2020-09-27 09:55 - 000000000 ____D C:\ProgramData\Packages
2023-09-06 09:25 - 2020-09-27 09:53 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-09-06 09:25 - 2020-09-27 09:53 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-09-06 09:20 - 2023-07-05 04:47 - 000003884 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-09-06 09:20 - 2023-07-05 04:47 - 000003760 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-09-06 08:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-09-05 16:00 - 2018-04-25 08:44 - 000000000 ____D C:\ProgramData\Norton
2023-09-05 15:48 - 2018-06-14 08:58 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-09-05 15:41 - 2018-04-25 08:44 - 000000000 ____D C:\Users\Public\Downloads\Norton
2023-09-05 15:33 - 2023-07-05 04:47 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-09-05 15:33 - 2023-07-05 04:47 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-09-05 15:27 - 2018-03-26 10:33 - 000000000 ____D C:\Users\sarlf\AppData\Roaming\Microsoft\Excel
==================== Fichiers à la racine de certains dossiers ========
2023-06-28 10:31 - 2023-06-28 10:31 - 009676800 _____ () C:\Program Files (x86)\GUT87E9.tmp
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================