Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02
Exécuté par pault (administrateur) sur LAPTOP-J3MM0FVH (ASUSTeK COMPUTER INC. VivoBook_ASUS Laptop X509UA) (29-11-2023 17:34:48)
Exécuté depuis C:\Users\pault\OneDrive\Bureau\FRST64.exe
Profils chargés: pault
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3693 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Users\pault\AppData\Local\Microsoft\Windows\AppCache\Host\apphost.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSOptimization\AsusOSD.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxEM.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.332\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.332\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WpcMon.exe
(NETSUPPORT LTD. -> NetSupport Ltd) C:\ProgramData\regid.1993-06.com.microsoft\wmiprvse.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSLinkRemote\AsusLinkRemote.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSLinkNear\AsusLinkNear.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSystemAnalysis\AsusSystemAnalysis.exe <2>
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_a5d3270da26fb113\ICEsoundService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_42f9d9bfb72d84cf\RstMwService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_f75fa513cf0ccec1\esif_uf.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e9b40d45ab4dc6b8\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e9b40d45ab4dc6b8\IntelCpHeciSvc.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe
(services.exe ->) (Qualcomm Atheros, Inc. -> ) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(sihost.exe ->) (649690DD-9BE8-48E7-8019-88DCA877AF4E -> McAfee, LLC) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MRT.exe <2>
(svchost.exe ->) () [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\Paroxysms\threatening.exe
(svchost.exe ->) (649690DD-9BE8-48E7-8019-88DCA877AF4E -> McAfee LLC) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsMaps_11.2308.3.0_x64__8wekyb3d8bbwe\Maps.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.11012.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.11012.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2309.6.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Endive] => C:\Program Files (x86)\Paroxysms\Averil.exe [2117632 2023-11-29] () [Fichier non signé]
HKLM\...\Run: [Spiritualist] => C:\Program Files (x86)\gastro\Notify.exe [2117632 2023-11-29] () [Fichier non signé]
HKLM\...\Run: [Originally] => C:\Program Files (x86)\Evildoers\Averil.exe [2117632 2023-11-29] () [Fichier non signé]
HKLM\...\Run: [OriginallyOriginally] => C:\Program Files (x86)\Paroxysms\threatening.exe [241389 2023-11-29] () [Fichier non signé] [Fichier en cours d'utilisation]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKLM-x32\...\Run: [Brosnan] => C:\Program Files (x86)\Paroxysms\Averil.exe [2117632 2023-11-29] () [Fichier non signé]
HKLM-x32\...\Run: [Babin] => C:\Program Files (x86)\gastro\Notify.exe [2117632 2023-11-29] () [Fichier non signé]
HKLM-x32\...\Run: [Airbase] => C:\Program Files (x86)\Evildoers\Averil.exe [2117632 2023-11-29] () [Fichier non signé]
HKLM-x32\...\Run: [AirbaseAirbase] => C:\Program Files (x86)\Paroxysms\threatening.exe [241389 2023-11-29] () [Fichier non signé] [Fichier en cours d'utilisation]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\MRT: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-1170345104-389755362-35519030-1001\...\Run: [MicrosoftEdgeAutoLaunch_39730C3E1F1947C7329D0D86A1E9F005] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896768 2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1170345104-389755362-35519030-1002\...\Run: [MicrosoftEdgeAutoLaunch_E7DDBF732AAFE2EAC8FE3A8B2E6C3F09] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896768 2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1170345104-389755362-35519030-1002\...\Run: [Voicemod] => "C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe" (Pas de fichier)
HKU\S-1-5-21-1170345104-389755362-35519030-1002\...\Run: [CanvaAutoLaunchAvailabilityCheckAgent] => C:\Users\pault\AppData\Local\Programs\Canva\Canva.exe [166379664 2023-10-30] (Canva -> Canva Pty Ltd)
HKU\S-1-5-21-1170345104-389755362-35519030-1002\...\Run: [Opera Stable] => C:\Users\pault\AppData\Local\Programs\Opera\launcher.exe [2353056 2023-11-21] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-1170345104-389755362-35519030-1002\...\Run: [Letup] => C:\Program Files (x86)\Paroxysms\Averil.exe [2117632 2023-11-29] () [Fichier non signé]
HKU\S-1-5-21-1170345104-389755362-35519030-1002\...\Run: [Malay] => C:\Program Files (x86)\gastro\Notify.exe [2117632 2023-11-29] () [Fichier non signé]
HKU\S-1-5-21-1170345104-389755362-35519030-1002\...\Run: [Bares] => C:\Program Files (x86)\Evildoers\Averil.exe [2117632 2023-11-29] () [Fichier non signé]
HKU\S-1-5-21-1170345104-389755362-35519030-1002\...\Run: [Unexecuted] => C:\Program Files (x86)\Paroxysms\Averil.exe [2117632 2023-11-29] () [Fichier non signé]
HKU\S-1-5-21-1170345104-389755362-35519030-1002\...\Run: [Tipping] => C:\Program Files (x86)\gastro\Notify.exe [2117632 2023-11-29] () [Fichier non signé]
HKU\S-1-5-21-1170345104-389755362-35519030-1002\...\Run: [Overtimes] => C:\Program Files (x86)\Evildoers\Averil.exe [2117632 2023-11-29] () [Fichier non signé]
HKU\S-1-5-21-1170345104-389755362-35519030-1002\...\Policies\Explorer\Run: [AppCacheHost] => C:\Users\pault\AppData\Local\Microsoft\Windows\AppCache\Host\apphost.exe [332288 2023-11-15] () [Fichier non signé]
HKU\S-1-5-21-1170345104-389755362-35519030-1002\...\Winlogon: [Shell] explorer.exe,"C:\Users\pault\AppData\Local\Microsoft\Windows\AppCache\Host\apphost.exe" run <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\119.0.6045.199\Installer\chrmstp.exe [2023-11-29] (Google LLC -> Google LLC)
HKU\S-1-5-21-1170345104-389755362-35519030-1002\Environment\\UserInitMprLogonScript: -> C:\ProgramData\regid.1993-06.com.microsoft\wmiprvse.exe [2023-08-18] (NETSUPPORT LTD. -> NetSupport Ltd) <==== ATTENTION
Startup: C:\Users\pault\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2023-02-22]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {73F5B754-1C67-451B-8FE0-5D6C0ACE7986} - System32\Tasks\605do6\r575da\tdo4a5\sbrybe\ocwzo8\rnm4lw\maxoyk\v1vlho\0k5gyk\uiacye\wcl32b\8061vv\ch9obp\gv6xcb\yc3dex\l2xjrq\9q8q30 => C:\Users\pault\AppData\Local\Notify.exe [2117632 2023-11-29] () [Fichier non signé] <==== ATTENTION
Task: {B91728A7-5CDF-4AF3-8A17-CC348E3DDC72} - System32\Tasks\82nops\gz7uy0\fnfitb\6y9h6o\7xd1az\1x4vtl\q7981g\emift3\w4agpq\eb0k6h\uw8kst\n444vl\jz3y3y\j89tj2\xwym1w\9eyd7i\utgwzw => C:\Program Files (x86)\Paroxysms\Averil.exe [2117632 2023-11-29] () [Fichier non signé] <==== ATTENTION
Task: {8932C585-FA31-42E8-A7F3-5F9AE5064819} - System32\Tasks\9n8txq\afffbt\9z194s\cczhi7\pjiadh\ul6e69\n6t0xd\fosjre\m0am5a\fl0j9f\itg3t9\4cwo3d\hreyo3\ghcat5\zqt7jt\azgviq\7wj9j0 => %localappdata%\purty.exe (Pas de fichier) <==== ATTENTION
Task: {965831E8-68F9-4480-929F-3C46E7E5858B} - System32\Tasks\AdvancedUpdater => C:\Program Files (x86)\AW Manager\Windows Manager\Windows Updater.exe [1026936 2022-05-13] (Microleaves LTD -> AW Manager) <==== ATTENTION
Task: {E786CA10-4D71-491F-A4CF-F821F1B44B76} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSOptimization\AsusHotkey.exe [310912 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {98F5E3CE-D9D7-45D0-A213-05C573C0E8E1} - System32\Tasks\ASUS Update Checker 2.0 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSoftwareManager\AsusUpdateChecker.exe [797816 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {759C5C7D-E626-45E3-88A0-EB1D7FE237C0} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4147944 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {8CFCD55F-AAD8-48DA-AE28-41E06F1E9760} - System32\Tasks\e8fn7z\77vlg0\tndtoe\pyjrhy\8yjpnp\v8vwtg\ox53m8\o0vtf2\47qjxe\8566kz\fznvm5\dfixxe\6p62t4\ntaoqs\3gzjra\qoqley\8ci4l6 => C:\Users\pault\AppData\Local\pulido.exe [742188 2023-11-29] () [Fichier non signé] <==== ATTENTION
Task: {C11F10AB-5CF8-4890-8B34-8AA6A3E5A9AD} - System32\Tasks\GoogleUpdateTaskMachineCore{42FF87EC-4CA7-46E5-B6FD-41FAD98EFCB8} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-03-30] (Google LLC -> Google LLC)
Task: {BF939E39-F82A-48D3-BDE2-F4D72254EA7B} - System32\Tasks\GoogleUpdateTaskMachineUA{415F9E5F-BDB8-4F23-87DD-53C2809B5504} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-03-30] (Google LLC -> Google LLC)
Task: {D9FE95C3-C05F-451D-8970-C11027FFFAD0} - System32\Tasks\idjfhi\oq822e\bnx98b\od1m1n\mpgsva\h5207y\g3i3jb\zzytgq\b79uux\9spk4i\5r5rsh\j5c0q5\53u2cq\n3yqhd\76m3qm\qoulej\ghkdc9 => C:\Program Files (x86)\Snoozing\derives.exe [63714 2023-11-29] () [Fichier non signé] <==== ATTENTION
Task: {1FF7A82F-37F2-4FBE-816D-E085E3A552A5} - System32\Tasks\jvcfmh\uadojg\hf6cch\b2g06o\t2hnfr\cgaqfe\5vxbl6\12orqw\9itdhj\p086ar\l19mf0\zoorcy\oyo42b\bz5x30\h47jpd\159xsr\8y47w1 => C:\Program Files (x86)\Evildoers\Averil.exe [2117632 2023-11-29] () [Fichier non signé] <==== ATTENTION
Task: {F4ACF888-61C8-42C7-A5AF-534CD34594B6} - System32\Tasks\l65gcq\kmy9tk\h36e33\fibtci\11h6zx\ypa0wx\3q5dpp\mp3l0y\akio5d\bc4cpz\xp58jj\joi7zs\9jzbwy\s0h4hw\qlqxsf\xqtrdd\3ijgy2 => C:\Users\pault\AppData\Local\Averil.exe [2117632 2023-11-29] () [Fichier non signé] <==== ATTENTION
Task: {3476BC2D-CEE6-424A-B828-CEB67EB59B7A} - System32\Tasks\mi8zdf\pe7idk\ub2mjf\y6jajo\aiegwq\aj3s8x\cakwh3\rvezwz\obs510\a4qf1i\57pflt\uxq9n2\pbxn2q\4wq0l6\ejquah\zd599k\giqo4e => C:\Users\pault\AppData\Local\Averil.exe [2117632 2023-11-29] () [Fichier non signé] <==== ATTENTION
Task: {B9A0D63A-F700-4EF7-9D74-5AEBC1ACCB13} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E5C7542-AD53-4CD5-A365-A41269146739} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {F894E4F9-6E4D-441D-81C9-A3A4899339D7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305304 2023-11-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {3007786D-6A72-4753-979C-EB6421BA9E2F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305304 2023-11-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9CD6BBA-514E-40D1-930F-77351D1DE1EF} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169656 2023-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F224C39-D5D6-4CF8-9013-0EA3823AEAC2} - System32\Tasks\Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask => {82aa0895-198a-4c1b-b2d1-c16894218afb} C:\Windows\System32\unifiedconsent.dll [278016 2023-11-20] (Microsoft Windows -> Microsoft Corporation)
Task: {553B1E12-342A-443A-884B-D8F1CD637533} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1CC3EC67-5DDE-49C7-950E-8628A699F24C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {82F215CF-9F4A-47A5-A679-03A24D6C1563} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A8E7624A-4280-465B-94B5-3FF1BAD6A0BC} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [251904 2023-11-20] (Microsoft Windows -> Microsoft Corporation)
Task: {10764A26-5FB2-4058-9E4B-BE83E5FCE97B} - System32\Tasks\nah251\mokab1\mtnqen\zgu6wd\e3cnhb\8wyq1n\da5qye\bkhp2x\67y138\g5wfwm\1mxo3d\pi9gzu\ol4mld\qhlrg1\sadcao\odurhk\cl6zno => C:\Program Files (x86)\Paroxysms\threatening.exe [241389 2023-11-29] () [Fichier non signé] [Fichier en cours d'utilisation] <==== ATTENTION
Task: {2A3F229C-E466-4E44-96E9-2F29873A28C9} - System32\Tasks\Opera scheduled Autoupdate 1700991502 => C:\Users\pault\AppData\Local\Programs\Opera\launcher.exe [2353056 2023-11-21] (Opera Norway AS -> Opera Software)
Task: {986C3ACF-16F7-46F8-AD59-99C228F6B42A} - System32\Tasks\qyh98f\efujth\j3kct4\uteqzz\zf8al0\5d3uka\wlk8y9\chly0w\c1cupu\erm4gn\egoa4v\fgmfbf\psc7t2\7lnvqs\agd869\kxetdc\i6eh2r => C:\Program Files (x86)\gastro\Notify.exe [2117632 2023-11-29] () [Fichier non signé] <==== ATTENTION
Task: {455F571E-72FD-49B8-A913-B3E64F586FFA} - System32\Tasks\r49ngz\oxu6ue\t2lqmp\tkrmth\wh90oy\p7vzmk\i26yj4\f56tx0\rkn1wb\95ddf3\0lsq4c\mla9f6\eg1jh7\aejydl\ovnzoq\zo24qi\jf5nmp => C:\Program Files (x86)\gastro\Notify.exe [2117632 2023-11-29] () [Fichier non signé] <==== ATTENTION
Task: {5B04BF9F-5F91-48FA-958B-ACE3F1B5CC59} - System32\Tasks\RtkAudUService64_BG => C:\Windows\System32\RtkAudUService64.exe [1140456 2020-08-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {BE1E327D-4181-4FA9-A490-50BD66DC1465} - System32\Tasks\vbbkrm\8s91fo\apxj4q\gdulwo\rh5dz6\favkfb\cpb5f6\eartcs\2r2ljl\fxu6e7\rzq3b2\xrpyio\g1c4sh\f81tj1\445gg7\va4cku\w6zhz3 => C:\Program Files (x86)\Paroxysms\dint.exe [37653 2023-11-29] () [Fichier non signé] <==== ATTENTION
Task: {9776747B-2761-4078-BD71-4B319B5E061A} - System32\Tasks\yt7ibk\tuuwyi\mzaxgw\i5ohu7\0nsygf\705spk\if0cug\3qb1dr\aqlv93\plej2p\nmbeyc\ey9w9z\57rtt1\hu5nm0\svji82\zs0px8\mm1gsb => C:\Program Files (x86)\Evildoers\Notify.exe [2117632 2023-11-29] () [Fichier non signé] <==== ATTENTION
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{cd4ce746-6918-4aa4-801e-4d9a3d0da155}: [DhcpNameServer] 192.168.1.254
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\pault\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-29]
Edge HomePage: Default -> hxxp://www.msn.com/?pc=ASTE
Edge Extension: (Google Docs hors connexion) - C:\Users\pault\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-20]
Edge Extension: (Edge relevant text changes) - C:\Users\pault\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-20]
Edge Extension: (Change My Cursor) - C:\Users\pault\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lppmahciboilaokklohhhdlaadkobgpc [2023-03-13]
Edge Extension: (Apps) - C:\Users\pault\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pejhfhcoekcajgokallhmklcjkkeemgj [2023-08-14] [UpdateUrl:hxxps://extappupdate.com/crx/updates.xml] <==== ATTENTION
Edge Extension: (Apps Helper) - C:\apps-helper [2023-01-23]
Edge Profile: C:\Users\pault\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2023-11-29]
Edge Extension: (Google Docs hors connexion) - C:\Users\pault\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-29]
Edge Extension: (Edge relevant text changes) - C:\Users\pault\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-29]
Edge HKLM\...\Edge\Extension: [pejhfhcoekcajgokallhmklcjkkeemgj] - C:\\apps.crx [2023-01-23]
Edge HKLM-x32\...\Edge\Extension: [pejhfhcoekcajgokallhmklcjkkeemgj] - C:\\apps.crx [2023-01-23]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-11-01] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\pault\AppData\Local\Google\Chrome\User Data\Default [2023-11-29]
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/search?fr=mcafee&type=E210FR885G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/gossip/gossip-fr-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (RoPro - Améliorez votre expérience Roblox) - C:\Users\pault\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbacgifemdbhdkfppmeilbgppmhaobf [2023-05-24]
CHR Extension: (Stylus) - C:\Users\pault\AppData\Local\Google\Chrome\User Data\Default\Extensions\clngdbkpkpeebahjckkjfobafhncgmne [2023-11-29]
CHR Extension: (Dark Mode) - C:\Users\pault\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmghijelimhndkbmpgbldicpogfkceaj [2023-11-11]
CHR Extension: (Microsoft Bing Search with Rewards) - C:\Users\pault\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbgcedjacmlbgleddnoacbnijgmiolem [2023-10-04]
CHR Extension: (Google Docs hors connexion) - C:\Users\pault\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\pault\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-30]
CHR Extension: (Curseur personnalisé - Changeur de curseur) - C:\Users\pault\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogdlpmhglpejoiomcodnpjnfgcpmgale [2023-10-07]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [pejhfhcoekcajgokallhmklcjkkeemgj] - C:\\apps.crx [2023-01-23]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [pejhfhcoekcajgokallhmklcjkkeemgj] - C:\\apps.crx [2023-01-23]
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AsusAppService; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\AsusAppService\AsusAppService.exe [1177320 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSLinkNear; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSLinkNear\AsusLinkNear.exe [1631976 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSLinkRemote\AsusLinkRemote.exe [772840 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSOptimization\AsusOptimization.exe [508032 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSoftwareManager\AsusSoftwareManager.exe [1111160 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSwitch\AsusSwitch.exe [641144 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4147944 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [834280 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12882616 2023-11-22] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [813032 2023-01-26] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [229360 2023-03-11] (HP Inc. -> HP Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [882136 2023-11-01] (McAfee, LLC -> McAfee, LLC)
R2 QcomWlanSrv; C:\Windows\System32\drivers\QcomWlanSrvx64.exe [188736 2021-07-20] (Qualcomm Atheros, Inc. -> )
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [20738360 2023-08-07] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AsusPTPDrv; C:\Windows\System32\drivers\AsusPTPFilter.sys [112856 2020-05-18] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSystemAnalysis\AsusSAIO.sys [49312 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSOptimization\AsusWmiAcpi.sys [48808 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R3 MpKsl5ad482c9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{11A725DF-4426-4FFD-B862-66A6BA07912E}\MpKslDrv.sys [263560 2023-11-29] (Microsoft Windows -> Microsoft Corporation)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2021-11-04] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 VCamSDK; C:\Windows\system32\DRIVERS\VCamSDK.sys [1092456 2022-03-17] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft)
S4 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55744 2023-11-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R4 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [578856 2023-11-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-08] (Microsoft Windows -> Microsoft Corporation)
U4 Sense; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-11-29 17:32 - 2023-11-29 17:36 - 000000000 ____D C:\FRST
2023-11-29 17:31 - 2023-11-29 17:32 - 002383872 _____ (Farbar) C:\Users\pault\Downloads\FRST64.exe
2023-11-29 17:27 - 2023-11-29 17:27 - 002084864 _____ (Farbar) C:\Users\pault\Downloads\FRST.exe
2023-11-29 15:37 - 2023-11-29 15:37 - 000000000 ____D C:\Windows\system32\Tasks\yt7ibk
2023-11-29 15:37 - 2023-11-29 15:37 - 000000000 ____D C:\Windows\system32\Tasks\r49ngz
2023-11-29 15:37 - 2023-11-29 15:37 - 000000000 ____D C:\Windows\system32\Tasks\qyh98f
2023-11-29 15:37 - 2023-11-29 15:37 - 000000000 ____D C:\Windows\system32\Tasks\nah251
2023-11-29 15:37 - 2023-11-29 15:37 - 000000000 ____D C:\Windows\system32\Tasks\mi8zdf
2023-11-29 15:37 - 2023-11-29 15:37 - 000000000 ____D C:\Windows\system32\Tasks\jvcfmh
2023-11-29 15:37 - 2023-11-29 15:37 - 000000000 ____D C:\Windows\system32\Tasks\82nops
2023-11-29 15:36 - 2023-11-29 15:36 - 000000000 ___HD C:\Program Files (x86)\Evildoers
2023-11-29 15:36 - 2023-11-29 15:36 - 000000000 ____D C:\Windows\system32\Tasks\vbbkrm
2023-11-29 15:36 - 2023-11-29 15:36 - 000000000 ____D C:\Windows\system32\Tasks\l65gcq
2023-11-29 15:36 - 2023-11-29 15:36 - 000000000 ____D C:\Windows\system32\Tasks\idjfhi
2023-11-29 15:36 - 2023-11-29 15:36 - 000000000 ____D C:\Windows\system32\Tasks\e8fn7z
2023-11-29 15:36 - 2023-11-29 15:36 - 000000000 ____D C:\Windows\system32\Tasks\9n8txq
2023-11-29 15:36 - 2023-11-29 15:36 - 000000000 ____D C:\Windows\system32\Tasks\605do6
2023-11-29 15:36 - 2023-11-29 15:36 - 000000000 ____D C:\Program Files (x86)\Snoozing
2023-11-29 15:36 - 2023-11-29 15:36 - 000000000 ____D C:\Program Files (x86)\Paroxysms
2023-11-29 15:36 - 2023-11-29 15:36 - 000000000 ____D C:\Program Files (x86)\gastro
2023-11-29 15:34 - 2023-11-29 15:34 - 002117632 _____ () C:\Windows\clientele.exe
2023-11-29 15:34 - 2023-11-29 15:34 - 002117632 _____ () C:\Users\pault\AppData\Local\Notify.exe
2023-11-29 15:34 - 2023-11-29 15:34 - 002117632 _____ () C:\Users\pault\AppData\Local\Averil.exe
2023-11-29 15:34 - 2023-11-29 15:34 - 000742188 _____ C:\Users\pault\AppData\Local\pulido.exe
2023-11-29 13:45 - 2023-11-29 13:45 - 000000000 ____D C:\Users\pault\AppData\Roaming\playway-launcher
2023-11-29 13:45 - 2023-11-29 13:45 - 000000000 ____D C:\Users\pault\AppData\LocalLow\GameFormatic
2023-11-28 17:08 - 2023-11-28 17:08 - 000000000 ____D C:\Users\pault\AppData\Roaming\WinRAR
2023-11-28 17:05 - 2023-11-29 15:37 - 000003936 _____ C:\Windows\system32\Tasks\AdvancedUpdater
2023-11-28 17:05 - 2023-11-28 17:05 - 000000000 ____D C:\Users\pault\AppData\Local\AdvinstAnalytics
2023-11-28 17:05 - 2023-11-28 17:05 - 000000000 ____D C:\Program Files (x86)\AW Manager
2023-11-27 19:46 - 2023-11-27 19:46 - 000000000 ____D C:\Users\pault\AppData\Local\NetSupport
2023-11-27 19:46 - 2023-11-27 19:46 - 000000000 ____D C:\ProgramData\regid.1993-06.com.microsoft
2023-11-27 19:26 - 2023-11-27 19:26 - 000000000 ____D C:\Users\pault\AppData\LocalLow\JustPlay_LOL
2023-11-27 19:25 - 2023-11-27 19:25 - 000000000 ____D C:\Users\pault\AppData\LocalLow\JustPlay.LOL
2023-11-27 18:19 - 2023-11-27 18:19 - 002296488 _____ C:\Users\pault\Downloads\SteamSetup.exe
2023-11-26 15:17 - 2023-04-04 18:29 - 025925765 _____ C:\Users\pault\OneDrive\Images\Documents\rien.pptx
2023-11-26 10:38 - 2023-11-26 10:38 - 000004232 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1700991502
2023-11-26 10:38 - 2023-11-26 10:38 - 000001397 _____ C:\Users\pault\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2023-11-26 10:37 - 2023-11-26 10:37 - 002940520 _____ (Opera Software) C:\Users\pault\Downloads\OperaSetup.exe
2023-11-21 10:16 - 2023-11-21 10:17 - 000000000 ____D C:\Users\pault\Downloads\ACLib
2023-11-20 18:15 - 2023-11-20 18:15 - 000000000 ___HD C:\$WinREAgent
2023-11-20 09:16 - 2023-11-20 09:16 - 000344064 _____ C:\Users\pault\OneDrive\Images\Documents\Database7.accdb
2023-11-17 17:33 - 2023-11-17 17:33 - 000017355 _____ C:\Users\pault\Downloads\Présentation copie.odt
2023-11-15 09:59 - 2023-11-15 09:59 - 000000015 _____ C:\Users\pault\AppData\Roaming\obs-virtualcam.txt
2023-11-15 09:44 - 2023-11-15 09:44 - 000000000 ____D C:\tmp
2023-11-14 17:52 - 2023-11-14 17:52 - 000013563 _____ C:\Users\pault\Downloads\monument valley.odt
2023-11-14 17:44 - 2023-11-14 17:44 - 005115746 _____ C:\Users\pault\Downloads\mylivewallpapers-com-Black-Hole-FHD.mp4
2023-11-14 16:59 - 2023-11-20 18:45 - 000000000 ____D C:\ProgramData\obs-studio
2023-11-14 16:59 - 2023-11-20 18:31 - 000000000 ____D C:\Users\pault\AppData\Roaming\obs-studio
2023-11-14 16:58 - 2023-11-20 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2023-11-14 16:53 - 2023-11-14 16:53 - 136015664 _____ (OBS Project) C:\Users\pault\Downloads\OBS-Studio-30.0-Full-Installer-x64.exe
2023-11-12 13:29 - 2023-11-12 13:29 - 003425122 _____ C:\Users\pault\Downloads\abstract-purple-topo.1920x1080.mp4
2023-11-11 15:51 - 2023-11-11 15:51 - 000071441 _____ C:\Users\pault\Downloads\téléchargement.jfif
2023-11-10 15:14 - 2023-11-10 15:14 - 000348160 _____ C:\Users\pault\OneDrive\Images\Documents\Database6.accdb
2023-11-09 17:36 - 2023-11-09 17:36 - 000001052 _____ C:\Users\pault\Downloads\nfjgjfufj - Raccourci.lnk
2023-11-09 17:35 - 2023-11-09 17:35 - 000008548 _____ C:\Users\pault\Downloads\nfjgjfufj
2023-11-09 17:33 - 2023-11-09 17:33 - 000008561 _____ C:\Users\pault\OneDrive\Images\Documents\bmw m3 e 36.jfif
2023-11-09 17:32 - 2023-11-09 17:32 - 000012635 _____ C:\Users\pault\OneDrive\Images\Documents\porche wallpaper.jfif
2023-11-08 17:50 - 2023-11-08 17:50 - 000969519 _____ C:\Users\pault\OneDrive\Images\Documents\listenoel paul pdf.pdf
2023-11-08 17:49 - 2023-11-08 17:49 - 000969519 _____ C:\Users\pault\OneDrive\Images\Documents\listenoel paul-LAPTOP-J3MM0FVH.pdf
2023-11-08 17:49 - 2023-11-08 17:47 - 000969617 _____ C:\Users\pault\OneDrive\Images\Documents\listenoel paul.pdf
2023-11-04 22:35 - 2023-11-04 22:35 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-11-03 15:07 - 2023-11-03 15:07 - 000004772 _____ C:\Users\pault\Downloads\ae.jfif
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-11-29 17:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\AppLocker
2023-11-29 17:21 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-29 16:55 - 2023-03-13 18:58 - 000000000 ____D C:\Program Files (x86)\Google
2023-11-29 16:55 - 2022-01-03 18:02 - 000000000 ____D C:\Windows\SystemTemp
2023-11-29 16:50 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-11-29 16:31 - 2021-11-23 20:08 - 000000000 ____D C:\Windows\system32\MRT
2023-11-29 16:30 - 2021-09-01 04:08 - 001771910 _____ C:\Windows\system32\PerfStringBackup.INI
2023-11-29 16:30 - 2020-11-21 13:06 - 000794726 _____ C:\Windows\system32\perfh00C.dat
2023-11-29 16:30 - 2020-11-21 13:06 - 000150840 _____ C:\Windows\system32\perfc00C.dat
2023-11-29 16:30 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-11-29 16:25 - 2023-01-27 22:38 - 000000000 ____D C:\Users\pault\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-11-29 16:25 - 2021-11-20 14:17 - 000003752 _____ C:\Windows\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2023-11-29 16:23 - 2023-08-16 10:54 - 000000000 ____D C:\Program Files\TeamViewer
2023-11-29 16:23 - 2021-11-20 16:59 - 000000000 __SHD C:\Users\pault\IntelGraphicsProfiles
2023-11-29 16:23 - 2021-09-01 04:53 - 000000000 ___HD C:\Intel
2023-11-29 16:23 - 2020-11-21 13:38 - 000008192 ___SH C:\DumpStack.log.tmp
2023-11-29 16:23 - 2020-11-21 13:38 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-11-29 16:23 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2023-11-29 16:23 - 2019-12-07 10:03 - 001310720 _____ C:\Windows\system32\config\BBI
2023-11-29 15:48 - 2023-01-30 15:18 - 000001575 _____ C:\Windows\system32\config\VSMIDK
2023-11-29 15:48 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2023-11-29 15:41 - 2021-11-20 16:59 - 000000000 ____D C:\Users\pault\AppData\Local\D3DSCache
2023-11-29 09:39 - 2022-09-21 10:03 - 000004172 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{D994AAEF-848E-4067-900C-22A0EAA311B8}
2023-11-28 10:33 - 2020-11-21 13:38 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-11-27 19:34 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-27 18:45 - 2023-01-27 21:47 - 000000000 ____D C:\Users\pault\AppData\Local\Steam
2023-11-27 12:03 - 2021-11-20 14:11 - 000000000 ____D C:\Users\pault\AppData\Roaming\Microsoft\Office
2023-11-27 12:01 - 2021-11-20 14:11 - 000000000 ____D C:\Users\pault\AppData\Roaming\Microsoft\Word
2023-11-26 15:23 - 2021-11-20 17:01 - 000000000 ___RD C:\Users\pault\OneDrive\Images\Documents\Captures d’écran
2023-11-26 15:17 - 2021-11-20 17:01 - 000000000 ___RD C:\Users\pault\OneDrive
2023-11-26 14:51 - 2021-11-20 14:14 - 000000172 ____R C:\Users\pault\OneDrive\Images\Documents\Ordinateur portable de paul.url
2023-11-26 12:28 - 2021-11-20 16:59 - 000000000 ____D C:\Users\pault\AppData\Local\Packages
2023-11-26 10:38 - 2023-01-25 00:52 - 000000000 ____D C:\Users\pault\AppData\Local\Opera Software
2023-11-26 10:37 - 2023-01-25 00:52 - 000000000 ____D C:\Users\pault\AppData\Roaming\Opera Software
2023-11-22 16:31 - 2020-11-21 13:43 - 000000000 ____D C:\Program Files\Microsoft Office
2023-11-21 10:44 - 2023-06-17 21:56 - 000000000 ____D C:\Users\pault\AppData\Roaming\Canva
2023-11-21 10:04 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-11-20 19:28 - 2020-11-21 13:38 - 000440096 _____ C:\Windows\system32\FNTCACHE.DAT
2023-11-20 19:27 - 2020-11-21 13:06 - 000000000 ____D C:\Windows\SysWOW64\fr
2023-11-20 19:27 - 2020-11-21 13:06 - 000000000 ____D C:\Windows\system32\fr
2023-11-20 19:27 - 2019-12-07 10:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-11-20 19:27 - 2019-12-07 10:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\F12
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Com
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Sysprep
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Com
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellComponents
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\IME
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-11-20 19:27 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2023-11-20 19:08 - 2023-02-22 14:49 - 000002415 _____ C:\Users\pault\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-11-20 19:08 - 2021-12-31 16:09 - 000003580 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1170345104-389755362-35519030-1002
2023-11-20 19:08 - 2021-11-20 17:01 - 000003374 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1170345104-389755362-35519030-1002
2023-11-20 18:45 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-11-20 18:43 - 2019-12-07 10:52 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2023-11-20 18:43 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2023-11-20 18:43 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2023-11-20 18:34 - 2020-11-21 13:40 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-11-20 18:10 - 2021-11-23 20:08 - 182871392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-11-20 09:16 - 2022-09-21 10:01 - 000000000 ____D C:\Users\pault\AppData\Roaming\Microsoft\Access
2023-11-18 15:06 - 2020-11-21 13:40 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-15 09:37 - 2023-03-19 15:02 - 000000000 ____D C:\Program Files\Oracle
2023-11-14 16:50 - 2023-03-30 17:45 - 000003992 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{415F9E5F-BDB8-4F23-87DD-53C2809B5504}
2023-11-14 16:50 - 2023-03-30 17:45 - 000003868 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{42FF87EC-4CA7-46E5-B6FD-41FAD98EFCB8}
2023-11-12 13:34 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2023-11-12 13:18 - 2021-11-20 16:59 - 000000000 ____D C:\Users\pault\AppData\Local\VirtualStore
2023-11-12 13:12 - 2021-11-20 14:42 - 000000000 ____D C:\ProgramData\Packages
2023-11-12 13:10 - 2021-11-20 12:30 - 000000000 ____D C:\Users\pault\AppData\Local\PlaceholderTileLogoFolder
2023-11-11 16:02 - 2021-11-23 20:25 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-11-08 13:34 - 2020-11-21 13:38 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-11-06 11:44 - 2022-01-08 21:45 - 000000000 ____D C:\Users\pault\AppData\Roaming\GeoGebra
2023-11-03 11:50 - 2021-09-01 04:53 - 000004122 _____ C:\Windows\system32\Tasks\ASUS Update Checker 2.0
2023-11-03 11:50 - 2021-09-01 04:53 - 000003756 _____ C:\Windows\system32\Tasks\ASUS Optimization 36D18D69AFC3
2023-11-01 17:43 - 2020-11-21 13:40 - 000003688 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-11-01 17:43 - 2020-11-21 13:40 - 000003564 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== Fichiers à la racine de certains dossiers ========
2023-01-22 21:57 - 2023-01-26 22:21 - 000000396 _____ () C:\Users\pault\AppData\Roaming\jjv5conf.json
2023-11-15 09:59 - 2023-11-15 09:59 - 000000015 _____ () C:\Users\pault\AppData\Roaming\obs-virtualcam.txt
2023-11-29 15:34 - 2023-11-29 15:34 - 002117632 _____ () C:\Users\pault\AppData\Local\Averil.exe
2023-11-29 15:34 - 2023-11-29 15:34 - 002117632 _____ () C:\Users\pault\AppData\Local\Notify.exe
2023-11-29 15:34 - 2023-11-29 15:34 - 000742188 _____ () C:\Users\pault\AppData\Local\pulido.exe
2022-11-20 12:58 - 2022-11-20 12:58 - 000007627 _____ () C:\Users\pault\AppData\Local\Resmon.ResmonCfg
2021-11-24 11:48 - 2021-11-24 11:48 - 000193912 _____ (NirSoft) C:\Users\pault\AppData\Local\SoundVolumeView.exe
2021-11-24 11:23 - 2021-11-24 11:23 - 000143224 _____ (NirSoft) C:\Users\pault\AppData\Local\SoundVolumeView64.exe
2021-11-20 17:06 - 2021-11-20 17:06 - 000138680 _____ (Microsoft Corporation) C:\Users\pault\AppData\Local\WebView2Loader.dll
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par pault (administrateur) sur LAPTOP-J3MM0FVH (ASUSTeK COMPUTER INC. VivoBook_ASUS Laptop X509UA) (29-11-2023 17:34:48)
Exécuté depuis C:\Users\pault\OneDrive\Bureau\FRST64.exe
Profils chargés: pault
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3693 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Users\pault\AppData\Local\Microsoft\Windows\AppCache\Host\apphost.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSOptimization\AsusOSD.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxEM.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.332\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.332\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WpcMon.exe
(NETSUPPORT LTD. -> NetSupport Ltd) C:\ProgramData\regid.1993-06.com.microsoft\wmiprvse.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSLinkRemote\AsusLinkRemote.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSLinkNear\AsusLinkNear.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSystemAnalysis\AsusSystemAnalysis.exe <2>
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_a5d3270da26fb113\ICEsoundService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_42f9d9bfb72d84cf\RstMwService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_f75fa513cf0ccec1\esif_uf.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e9b40d45ab4dc6b8\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e9b40d45ab4dc6b8\IntelCpHeciSvc.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe
(services.exe ->) (Qualcomm Atheros, Inc. -> ) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(sihost.exe ->) (649690DD-9BE8-48E7-8019-88DCA877AF4E -> McAfee, LLC) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MRT.exe <2>
(svchost.exe ->) () [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\Paroxysms\threatening.exe
(svchost.exe ->) (649690DD-9BE8-48E7-8019-88DCA877AF4E -> McAfee LLC) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsMaps_11.2308.3.0_x64__8wekyb3d8bbwe\Maps.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.11012.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.11012.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2309.6.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Endive] => C:\Program Files (x86)\Paroxysms\Averil.exe [2117632 2023-11-29] () [Fichier non signé]
HKLM\...\Run: [Spiritualist] => C:\Program Files (x86)\gastro\Notify.exe [2117632 2023-11-29] () [Fichier non signé]
HKLM\...\Run: [Originally] => C:\Program Files (x86)\Evildoers\Averil.exe [2117632 2023-11-29] () [Fichier non signé]
HKLM\...\Run: [OriginallyOriginally] => C:\Program Files (x86)\Paroxysms\threatening.exe [241389 2023-11-29] () [Fichier non signé] [Fichier en cours d'utilisation]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKLM-x32\...\Run: [Brosnan] => C:\Program Files (x86)\Paroxysms\Averil.exe [2117632 2023-11-29] () [Fichier non signé]
HKLM-x32\...\Run: [Babin] => C:\Program Files (x86)\gastro\Notify.exe [2117632 2023-11-29] () [Fichier non signé]
HKLM-x32\...\Run: [Airbase] => C:\Program Files (x86)\Evildoers\Averil.exe [2117632 2023-11-29] () [Fichier non signé]
HKLM-x32\...\Run: [AirbaseAirbase] => C:\Program Files (x86)\Paroxysms\threatening.exe [241389 2023-11-29] () [Fichier non signé] [Fichier en cours d'utilisation]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\MRT: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-1170345104-389755362-35519030-1001\...\Run: [MicrosoftEdgeAutoLaunch_39730C3E1F1947C7329D0D86A1E9F005] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896768 2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1170345104-389755362-35519030-1002\...\Run: [MicrosoftEdgeAutoLaunch_E7DDBF732AAFE2EAC8FE3A8B2E6C3F09] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896768 2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1170345104-389755362-35519030-1002\...\Run: [Voicemod] => "C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe" (Pas de fichier)
HKU\S-1-5-21-1170345104-389755362-35519030-1002\...\Run: [CanvaAutoLaunchAvailabilityCheckAgent] => C:\Users\pault\AppData\Local\Programs\Canva\Canva.exe [166379664 2023-10-30] (Canva -> Canva Pty Ltd)
HKU\S-1-5-21-1170345104-389755362-35519030-1002\...\Run: [Opera Stable] => C:\Users\pault\AppData\Local\Programs\Opera\launcher.exe [2353056 2023-11-21] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-1170345104-389755362-35519030-1002\...\Run: [Letup] => C:\Program Files (x86)\Paroxysms\Averil.exe [2117632 2023-11-29] () [Fichier non signé]
HKU\S-1-5-21-1170345104-389755362-35519030-1002\...\Run: [Malay] => C:\Program Files (x86)\gastro\Notify.exe [2117632 2023-11-29] () [Fichier non signé]
HKU\S-1-5-21-1170345104-389755362-35519030-1002\...\Run: [Bares] => C:\Program Files (x86)\Evildoers\Averil.exe [2117632 2023-11-29] () [Fichier non signé]
HKU\S-1-5-21-1170345104-389755362-35519030-1002\...\Run: [Unexecuted] => C:\Program Files (x86)\Paroxysms\Averil.exe [2117632 2023-11-29] () [Fichier non signé]
HKU\S-1-5-21-1170345104-389755362-35519030-1002\...\Run: [Tipping] => C:\Program Files (x86)\gastro\Notify.exe [2117632 2023-11-29] () [Fichier non signé]
HKU\S-1-5-21-1170345104-389755362-35519030-1002\...\Run: [Overtimes] => C:\Program Files (x86)\Evildoers\Averil.exe [2117632 2023-11-29] () [Fichier non signé]
HKU\S-1-5-21-1170345104-389755362-35519030-1002\...\Policies\Explorer\Run: [AppCacheHost] => C:\Users\pault\AppData\Local\Microsoft\Windows\AppCache\Host\apphost.exe [332288 2023-11-15] () [Fichier non signé]
HKU\S-1-5-21-1170345104-389755362-35519030-1002\...\Winlogon: [Shell] explorer.exe,"C:\Users\pault\AppData\Local\Microsoft\Windows\AppCache\Host\apphost.exe" run <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\119.0.6045.199\Installer\chrmstp.exe [2023-11-29] (Google LLC -> Google LLC)
HKU\S-1-5-21-1170345104-389755362-35519030-1002\Environment\\UserInitMprLogonScript: -> C:\ProgramData\regid.1993-06.com.microsoft\wmiprvse.exe [2023-08-18] (NETSUPPORT LTD. -> NetSupport Ltd) <==== ATTENTION
Startup: C:\Users\pault\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2023-02-22]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {73F5B754-1C67-451B-8FE0-5D6C0ACE7986} - System32\Tasks\605do6\r575da\tdo4a5\sbrybe\ocwzo8\rnm4lw\maxoyk\v1vlho\0k5gyk\uiacye\wcl32b\8061vv\ch9obp\gv6xcb\yc3dex\l2xjrq\9q8q30 => C:\Users\pault\AppData\Local\Notify.exe [2117632 2023-11-29] () [Fichier non signé] <==== ATTENTION
Task: {B91728A7-5CDF-4AF3-8A17-CC348E3DDC72} - System32\Tasks\82nops\gz7uy0\fnfitb\6y9h6o\7xd1az\1x4vtl\q7981g\emift3\w4agpq\eb0k6h\uw8kst\n444vl\jz3y3y\j89tj2\xwym1w\9eyd7i\utgwzw => C:\Program Files (x86)\Paroxysms\Averil.exe [2117632 2023-11-29] () [Fichier non signé] <==== ATTENTION
Task: {8932C585-FA31-42E8-A7F3-5F9AE5064819} - System32\Tasks\9n8txq\afffbt\9z194s\cczhi7\pjiadh\ul6e69\n6t0xd\fosjre\m0am5a\fl0j9f\itg3t9\4cwo3d\hreyo3\ghcat5\zqt7jt\azgviq\7wj9j0 => %localappdata%\purty.exe (Pas de fichier) <==== ATTENTION
Task: {965831E8-68F9-4480-929F-3C46E7E5858B} - System32\Tasks\AdvancedUpdater => C:\Program Files (x86)\AW Manager\Windows Manager\Windows Updater.exe [1026936 2022-05-13] (Microleaves LTD -> AW Manager) <==== ATTENTION
Task: {E786CA10-4D71-491F-A4CF-F821F1B44B76} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSOptimization\AsusHotkey.exe [310912 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {98F5E3CE-D9D7-45D0-A213-05C573C0E8E1} - System32\Tasks\ASUS Update Checker 2.0 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSoftwareManager\AsusUpdateChecker.exe [797816 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {759C5C7D-E626-45E3-88A0-EB1D7FE237C0} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4147944 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {8CFCD55F-AAD8-48DA-AE28-41E06F1E9760} - System32\Tasks\e8fn7z\77vlg0\tndtoe\pyjrhy\8yjpnp\v8vwtg\ox53m8\o0vtf2\47qjxe\8566kz\fznvm5\dfixxe\6p62t4\ntaoqs\3gzjra\qoqley\8ci4l6 => C:\Users\pault\AppData\Local\pulido.exe [742188 2023-11-29] () [Fichier non signé] <==== ATTENTION
Task: {C11F10AB-5CF8-4890-8B34-8AA6A3E5A9AD} - System32\Tasks\GoogleUpdateTaskMachineCore{42FF87EC-4CA7-46E5-B6FD-41FAD98EFCB8} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-03-30] (Google LLC -> Google LLC)
Task: {BF939E39-F82A-48D3-BDE2-F4D72254EA7B} - System32\Tasks\GoogleUpdateTaskMachineUA{415F9E5F-BDB8-4F23-87DD-53C2809B5504} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-03-30] (Google LLC -> Google LLC)
Task: {D9FE95C3-C05F-451D-8970-C11027FFFAD0} - System32\Tasks\idjfhi\oq822e\bnx98b\od1m1n\mpgsva\h5207y\g3i3jb\zzytgq\b79uux\9spk4i\5r5rsh\j5c0q5\53u2cq\n3yqhd\76m3qm\qoulej\ghkdc9 => C:\Program Files (x86)\Snoozing\derives.exe [63714 2023-11-29] () [Fichier non signé] <==== ATTENTION
Task: {1FF7A82F-37F2-4FBE-816D-E085E3A552A5} - System32\Tasks\jvcfmh\uadojg\hf6cch\b2g06o\t2hnfr\cgaqfe\5vxbl6\12orqw\9itdhj\p086ar\l19mf0\zoorcy\oyo42b\bz5x30\h47jpd\159xsr\8y47w1 => C:\Program Files (x86)\Evildoers\Averil.exe [2117632 2023-11-29] () [Fichier non signé] <==== ATTENTION
Task: {F4ACF888-61C8-42C7-A5AF-534CD34594B6} - System32\Tasks\l65gcq\kmy9tk\h36e33\fibtci\11h6zx\ypa0wx\3q5dpp\mp3l0y\akio5d\bc4cpz\xp58jj\joi7zs\9jzbwy\s0h4hw\qlqxsf\xqtrdd\3ijgy2 => C:\Users\pault\AppData\Local\Averil.exe [2117632 2023-11-29] () [Fichier non signé] <==== ATTENTION
Task: {3476BC2D-CEE6-424A-B828-CEB67EB59B7A} - System32\Tasks\mi8zdf\pe7idk\ub2mjf\y6jajo\aiegwq\aj3s8x\cakwh3\rvezwz\obs510\a4qf1i\57pflt\uxq9n2\pbxn2q\4wq0l6\ejquah\zd599k\giqo4e => C:\Users\pault\AppData\Local\Averil.exe [2117632 2023-11-29] () [Fichier non signé] <==== ATTENTION
Task: {B9A0D63A-F700-4EF7-9D74-5AEBC1ACCB13} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E5C7542-AD53-4CD5-A365-A41269146739} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {F894E4F9-6E4D-441D-81C9-A3A4899339D7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305304 2023-11-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {3007786D-6A72-4753-979C-EB6421BA9E2F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305304 2023-11-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9CD6BBA-514E-40D1-930F-77351D1DE1EF} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169656 2023-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F224C39-D5D6-4CF8-9013-0EA3823AEAC2} - System32\Tasks\Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask => {82aa0895-198a-4c1b-b2d1-c16894218afb} C:\Windows\System32\unifiedconsent.dll [278016 2023-11-20] (Microsoft Windows -> Microsoft Corporation)
Task: {553B1E12-342A-443A-884B-D8F1CD637533} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1CC3EC67-5DDE-49C7-950E-8628A699F24C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {82F215CF-9F4A-47A5-A679-03A24D6C1563} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A8E7624A-4280-465B-94B5-3FF1BAD6A0BC} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [251904 2023-11-20] (Microsoft Windows -> Microsoft Corporation)
Task: {10764A26-5FB2-4058-9E4B-BE83E5FCE97B} - System32\Tasks\nah251\mokab1\mtnqen\zgu6wd\e3cnhb\8wyq1n\da5qye\bkhp2x\67y138\g5wfwm\1mxo3d\pi9gzu\ol4mld\qhlrg1\sadcao\odurhk\cl6zno => C:\Program Files (x86)\Paroxysms\threatening.exe [241389 2023-11-29] () [Fichier non signé] [Fichier en cours d'utilisation] <==== ATTENTION
Task: {2A3F229C-E466-4E44-96E9-2F29873A28C9} - System32\Tasks\Opera scheduled Autoupdate 1700991502 => C:\Users\pault\AppData\Local\Programs\Opera\launcher.exe [2353056 2023-11-21] (Opera Norway AS -> Opera Software)
Task: {986C3ACF-16F7-46F8-AD59-99C228F6B42A} - System32\Tasks\qyh98f\efujth\j3kct4\uteqzz\zf8al0\5d3uka\wlk8y9\chly0w\c1cupu\erm4gn\egoa4v\fgmfbf\psc7t2\7lnvqs\agd869\kxetdc\i6eh2r => C:\Program Files (x86)\gastro\Notify.exe [2117632 2023-11-29] () [Fichier non signé] <==== ATTENTION
Task: {455F571E-72FD-49B8-A913-B3E64F586FFA} - System32\Tasks\r49ngz\oxu6ue\t2lqmp\tkrmth\wh90oy\p7vzmk\i26yj4\f56tx0\rkn1wb\95ddf3\0lsq4c\mla9f6\eg1jh7\aejydl\ovnzoq\zo24qi\jf5nmp => C:\Program Files (x86)\gastro\Notify.exe [2117632 2023-11-29] () [Fichier non signé] <==== ATTENTION
Task: {5B04BF9F-5F91-48FA-958B-ACE3F1B5CC59} - System32\Tasks\RtkAudUService64_BG => C:\Windows\System32\RtkAudUService64.exe [1140456 2020-08-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {BE1E327D-4181-4FA9-A490-50BD66DC1465} - System32\Tasks\vbbkrm\8s91fo\apxj4q\gdulwo\rh5dz6\favkfb\cpb5f6\eartcs\2r2ljl\fxu6e7\rzq3b2\xrpyio\g1c4sh\f81tj1\445gg7\va4cku\w6zhz3 => C:\Program Files (x86)\Paroxysms\dint.exe [37653 2023-11-29] () [Fichier non signé] <==== ATTENTION
Task: {9776747B-2761-4078-BD71-4B319B5E061A} - System32\Tasks\yt7ibk\tuuwyi\mzaxgw\i5ohu7\0nsygf\705spk\if0cug\3qb1dr\aqlv93\plej2p\nmbeyc\ey9w9z\57rtt1\hu5nm0\svji82\zs0px8\mm1gsb => C:\Program Files (x86)\Evildoers\Notify.exe [2117632 2023-11-29] () [Fichier non signé] <==== ATTENTION
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{cd4ce746-6918-4aa4-801e-4d9a3d0da155}: [DhcpNameServer] 192.168.1.254
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\pault\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-29]
Edge HomePage: Default -> hxxp://www.msn.com/?pc=ASTE
Edge Extension: (Google Docs hors connexion) - C:\Users\pault\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-20]
Edge Extension: (Edge relevant text changes) - C:\Users\pault\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-20]
Edge Extension: (Change My Cursor) - C:\Users\pault\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lppmahciboilaokklohhhdlaadkobgpc [2023-03-13]
Edge Extension: (Apps) - C:\Users\pault\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pejhfhcoekcajgokallhmklcjkkeemgj [2023-08-14] [UpdateUrl:hxxps://extappupdate.com/crx/updates.xml] <==== ATTENTION
Edge Extension: (Apps Helper) - C:\apps-helper [2023-01-23]
Edge Profile: C:\Users\pault\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2023-11-29]
Edge Extension: (Google Docs hors connexion) - C:\Users\pault\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-29]
Edge Extension: (Edge relevant text changes) - C:\Users\pault\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-29]
Edge HKLM\...\Edge\Extension: [pejhfhcoekcajgokallhmklcjkkeemgj] - C:\\apps.crx [2023-01-23]
Edge HKLM-x32\...\Edge\Extension: [pejhfhcoekcajgokallhmklcjkkeemgj] - C:\\apps.crx [2023-01-23]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-11-01] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\pault\AppData\Local\Google\Chrome\User Data\Default [2023-11-29]
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/search?fr=mcafee&type=E210FR885G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/gossip/gossip-fr-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (RoPro - Améliorez votre expérience Roblox) - C:\Users\pault\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbacgifemdbhdkfppmeilbgppmhaobf [2023-05-24]
CHR Extension: (Stylus) - C:\Users\pault\AppData\Local\Google\Chrome\User Data\Default\Extensions\clngdbkpkpeebahjckkjfobafhncgmne [2023-11-29]
CHR Extension: (Dark Mode) - C:\Users\pault\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmghijelimhndkbmpgbldicpogfkceaj [2023-11-11]
CHR Extension: (Microsoft Bing Search with Rewards) - C:\Users\pault\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbgcedjacmlbgleddnoacbnijgmiolem [2023-10-04]
CHR Extension: (Google Docs hors connexion) - C:\Users\pault\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\pault\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-30]
CHR Extension: (Curseur personnalisé - Changeur de curseur) - C:\Users\pault\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogdlpmhglpejoiomcodnpjnfgcpmgale [2023-10-07]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [pejhfhcoekcajgokallhmklcjkkeemgj] - C:\\apps.crx [2023-01-23]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [pejhfhcoekcajgokallhmklcjkkeemgj] - C:\\apps.crx [2023-01-23]
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AsusAppService; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\AsusAppService\AsusAppService.exe [1177320 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSLinkNear; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSLinkNear\AsusLinkNear.exe [1631976 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSLinkRemote\AsusLinkRemote.exe [772840 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSOptimization\AsusOptimization.exe [508032 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSoftwareManager\AsusSoftwareManager.exe [1111160 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSwitch\AsusSwitch.exe [641144 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4147944 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [834280 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12882616 2023-11-22] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [813032 2023-01-26] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [229360 2023-03-11] (HP Inc. -> HP Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [882136 2023-11-01] (McAfee, LLC -> McAfee, LLC)
R2 QcomWlanSrv; C:\Windows\System32\drivers\QcomWlanSrvx64.exe [188736 2021-07-20] (Qualcomm Atheros, Inc. -> )
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [20738360 2023-08-07] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AsusPTPDrv; C:\Windows\System32\drivers\AsusPTPFilter.sys [112856 2020-05-18] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSSystemAnalysis\AsusSAIO.sys [49312 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSOptimization\AsusWmiAcpi.sys [48808 2023-10-23] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R3 MpKsl5ad482c9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{11A725DF-4426-4FFD-B862-66A6BA07912E}\MpKslDrv.sys [263560 2023-11-29] (Microsoft Windows -> Microsoft Corporation)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2021-11-04] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 VCamSDK; C:\Windows\system32\DRIVERS\VCamSDK.sys [1092456 2022-03-17] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft)
S4 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55744 2023-11-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R4 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [578856 2023-11-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-08] (Microsoft Windows -> Microsoft Corporation)
U4 Sense; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-11-29 17:32 - 2023-11-29 17:36 - 000000000 ____D C:\FRST
2023-11-29 17:31 - 2023-11-29 17:32 - 002383872 _____ (Farbar) C:\Users\pault\Downloads\FRST64.exe
2023-11-29 17:27 - 2023-11-29 17:27 - 002084864 _____ (Farbar) C:\Users\pault\Downloads\FRST.exe
2023-11-29 15:37 - 2023-11-29 15:37 - 000000000 ____D C:\Windows\system32\Tasks\yt7ibk
2023-11-29 15:37 - 2023-11-29 15:37 - 000000000 ____D C:\Windows\system32\Tasks\r49ngz
2023-11-29 15:37 - 2023-11-29 15:37 - 000000000 ____D C:\Windows\system32\Tasks\qyh98f
2023-11-29 15:37 - 2023-11-29 15:37 - 000000000 ____D C:\Windows\system32\Tasks\nah251
2023-11-29 15:37 - 2023-11-29 15:37 - 000000000 ____D C:\Windows\system32\Tasks\mi8zdf
2023-11-29 15:37 - 2023-11-29 15:37 - 000000000 ____D C:\Windows\system32\Tasks\jvcfmh
2023-11-29 15:37 - 2023-11-29 15:37 - 000000000 ____D C:\Windows\system32\Tasks\82nops
2023-11-29 15:36 - 2023-11-29 15:36 - 000000000 ___HD C:\Program Files (x86)\Evildoers
2023-11-29 15:36 - 2023-11-29 15:36 - 000000000 ____D C:\Windows\system32\Tasks\vbbkrm
2023-11-29 15:36 - 2023-11-29 15:36 - 000000000 ____D C:\Windows\system32\Tasks\l65gcq
2023-11-29 15:36 - 2023-11-29 15:36 - 000000000 ____D C:\Windows\system32\Tasks\idjfhi
2023-11-29 15:36 - 2023-11-29 15:36 - 000000000 ____D C:\Windows\system32\Tasks\e8fn7z
2023-11-29 15:36 - 2023-11-29 15:36 - 000000000 ____D C:\Windows\system32\Tasks\9n8txq
2023-11-29 15:36 - 2023-11-29 15:36 - 000000000 ____D C:\Windows\system32\Tasks\605do6
2023-11-29 15:36 - 2023-11-29 15:36 - 000000000 ____D C:\Program Files (x86)\Snoozing
2023-11-29 15:36 - 2023-11-29 15:36 - 000000000 ____D C:\Program Files (x86)\Paroxysms
2023-11-29 15:36 - 2023-11-29 15:36 - 000000000 ____D C:\Program Files (x86)\gastro
2023-11-29 15:34 - 2023-11-29 15:34 - 002117632 _____ () C:\Windows\clientele.exe
2023-11-29 15:34 - 2023-11-29 15:34 - 002117632 _____ () C:\Users\pault\AppData\Local\Notify.exe
2023-11-29 15:34 - 2023-11-29 15:34 - 002117632 _____ () C:\Users\pault\AppData\Local\Averil.exe
2023-11-29 15:34 - 2023-11-29 15:34 - 000742188 _____ C:\Users\pault\AppData\Local\pulido.exe
2023-11-29 13:45 - 2023-11-29 13:45 - 000000000 ____D C:\Users\pault\AppData\Roaming\playway-launcher
2023-11-29 13:45 - 2023-11-29 13:45 - 000000000 ____D C:\Users\pault\AppData\LocalLow\GameFormatic
2023-11-28 17:08 - 2023-11-28 17:08 - 000000000 ____D C:\Users\pault\AppData\Roaming\WinRAR
2023-11-28 17:05 - 2023-11-29 15:37 - 000003936 _____ C:\Windows\system32\Tasks\AdvancedUpdater
2023-11-28 17:05 - 2023-11-28 17:05 - 000000000 ____D C:\Users\pault\AppData\Local\AdvinstAnalytics
2023-11-28 17:05 - 2023-11-28 17:05 - 000000000 ____D C:\Program Files (x86)\AW Manager
2023-11-27 19:46 - 2023-11-27 19:46 - 000000000 ____D C:\Users\pault\AppData\Local\NetSupport
2023-11-27 19:46 - 2023-11-27 19:46 - 000000000 ____D C:\ProgramData\regid.1993-06.com.microsoft
2023-11-27 19:26 - 2023-11-27 19:26 - 000000000 ____D C:\Users\pault\AppData\LocalLow\JustPlay_LOL
2023-11-27 19:25 - 2023-11-27 19:25 - 000000000 ____D C:\Users\pault\AppData\LocalLow\JustPlay.LOL
2023-11-27 18:19 - 2023-11-27 18:19 - 002296488 _____ C:\Users\pault\Downloads\SteamSetup.exe
2023-11-26 15:17 - 2023-04-04 18:29 - 025925765 _____ C:\Users\pault\OneDrive\Images\Documents\rien.pptx
2023-11-26 10:38 - 2023-11-26 10:38 - 000004232 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1700991502
2023-11-26 10:38 - 2023-11-26 10:38 - 000001397 _____ C:\Users\pault\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2023-11-26 10:37 - 2023-11-26 10:37 - 002940520 _____ (Opera Software) C:\Users\pault\Downloads\OperaSetup.exe
2023-11-21 10:16 - 2023-11-21 10:17 - 000000000 ____D C:\Users\pault\Downloads\ACLib
2023-11-20 18:15 - 2023-11-20 18:15 - 000000000 ___HD C:\$WinREAgent
2023-11-20 09:16 - 2023-11-20 09:16 - 000344064 _____ C:\Users\pault\OneDrive\Images\Documents\Database7.accdb
2023-11-17 17:33 - 2023-11-17 17:33 - 000017355 _____ C:\Users\pault\Downloads\Présentation copie.odt
2023-11-15 09:59 - 2023-11-15 09:59 - 000000015 _____ C:\Users\pault\AppData\Roaming\obs-virtualcam.txt
2023-11-15 09:44 - 2023-11-15 09:44 - 000000000 ____D C:\tmp
2023-11-14 17:52 - 2023-11-14 17:52 - 000013563 _____ C:\Users\pault\Downloads\monument valley.odt
2023-11-14 17:44 - 2023-11-14 17:44 - 005115746 _____ C:\Users\pault\Downloads\mylivewallpapers-com-Black-Hole-FHD.mp4
2023-11-14 16:59 - 2023-11-20 18:45 - 000000000 ____D C:\ProgramData\obs-studio
2023-11-14 16:59 - 2023-11-20 18:31 - 000000000 ____D C:\Users\pault\AppData\Roaming\obs-studio
2023-11-14 16:58 - 2023-11-20 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2023-11-14 16:53 - 2023-11-14 16:53 - 136015664 _____ (OBS Project) C:\Users\pault\Downloads\OBS-Studio-30.0-Full-Installer-x64.exe
2023-11-12 13:29 - 2023-11-12 13:29 - 003425122 _____ C:\Users\pault\Downloads\abstract-purple-topo.1920x1080.mp4
2023-11-11 15:51 - 2023-11-11 15:51 - 000071441 _____ C:\Users\pault\Downloads\téléchargement.jfif
2023-11-10 15:14 - 2023-11-10 15:14 - 000348160 _____ C:\Users\pault\OneDrive\Images\Documents\Database6.accdb
2023-11-09 17:36 - 2023-11-09 17:36 - 000001052 _____ C:\Users\pault\Downloads\nfjgjfufj - Raccourci.lnk
2023-11-09 17:35 - 2023-11-09 17:35 - 000008548 _____ C:\Users\pault\Downloads\nfjgjfufj
2023-11-09 17:33 - 2023-11-09 17:33 - 000008561 _____ C:\Users\pault\OneDrive\Images\Documents\bmw m3 e 36.jfif
2023-11-09 17:32 - 2023-11-09 17:32 - 000012635 _____ C:\Users\pault\OneDrive\Images\Documents\porche wallpaper.jfif
2023-11-08 17:50 - 2023-11-08 17:50 - 000969519 _____ C:\Users\pault\OneDrive\Images\Documents\listenoel paul pdf.pdf
2023-11-08 17:49 - 2023-11-08 17:49 - 000969519 _____ C:\Users\pault\OneDrive\Images\Documents\listenoel paul-LAPTOP-J3MM0FVH.pdf
2023-11-08 17:49 - 2023-11-08 17:47 - 000969617 _____ C:\Users\pault\OneDrive\Images\Documents\listenoel paul.pdf
2023-11-04 22:35 - 2023-11-04 22:35 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-11-03 15:07 - 2023-11-03 15:07 - 000004772 _____ C:\Users\pault\Downloads\ae.jfif
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-11-29 17:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\AppLocker
2023-11-29 17:21 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-29 16:55 - 2023-03-13 18:58 - 000000000 ____D C:\Program Files (x86)\Google
2023-11-29 16:55 - 2022-01-03 18:02 - 000000000 ____D C:\Windows\SystemTemp
2023-11-29 16:50 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-11-29 16:31 - 2021-11-23 20:08 - 000000000 ____D C:\Windows\system32\MRT
2023-11-29 16:30 - 2021-09-01 04:08 - 001771910 _____ C:\Windows\system32\PerfStringBackup.INI
2023-11-29 16:30 - 2020-11-21 13:06 - 000794726 _____ C:\Windows\system32\perfh00C.dat
2023-11-29 16:30 - 2020-11-21 13:06 - 000150840 _____ C:\Windows\system32\perfc00C.dat
2023-11-29 16:30 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-11-29 16:25 - 2023-01-27 22:38 - 000000000 ____D C:\Users\pault\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-11-29 16:25 - 2021-11-20 14:17 - 000003752 _____ C:\Windows\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2023-11-29 16:23 - 2023-08-16 10:54 - 000000000 ____D C:\Program Files\TeamViewer
2023-11-29 16:23 - 2021-11-20 16:59 - 000000000 __SHD C:\Users\pault\IntelGraphicsProfiles
2023-11-29 16:23 - 2021-09-01 04:53 - 000000000 ___HD C:\Intel
2023-11-29 16:23 - 2020-11-21 13:38 - 000008192 ___SH C:\DumpStack.log.tmp
2023-11-29 16:23 - 2020-11-21 13:38 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-11-29 16:23 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2023-11-29 16:23 - 2019-12-07 10:03 - 001310720 _____ C:\Windows\system32\config\BBI
2023-11-29 15:48 - 2023-01-30 15:18 - 000001575 _____ C:\Windows\system32\config\VSMIDK
2023-11-29 15:48 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2023-11-29 15:41 - 2021-11-20 16:59 - 000000000 ____D C:\Users\pault\AppData\Local\D3DSCache
2023-11-29 09:39 - 2022-09-21 10:03 - 000004172 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{D994AAEF-848E-4067-900C-22A0EAA311B8}
2023-11-28 10:33 - 2020-11-21 13:38 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-11-27 19:34 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-27 18:45 - 2023-01-27 21:47 - 000000000 ____D C:\Users\pault\AppData\Local\Steam
2023-11-27 12:03 - 2021-11-20 14:11 - 000000000 ____D C:\Users\pault\AppData\Roaming\Microsoft\Office
2023-11-27 12:01 - 2021-11-20 14:11 - 000000000 ____D C:\Users\pault\AppData\Roaming\Microsoft\Word
2023-11-26 15:23 - 2021-11-20 17:01 - 000000000 ___RD C:\Users\pault\OneDrive\Images\Documents\Captures d’écran
2023-11-26 15:17 - 2021-11-20 17:01 - 000000000 ___RD C:\Users\pault\OneDrive
2023-11-26 14:51 - 2021-11-20 14:14 - 000000172 ____R C:\Users\pault\OneDrive\Images\Documents\Ordinateur portable de paul.url
2023-11-26 12:28 - 2021-11-20 16:59 - 000000000 ____D C:\Users\pault\AppData\Local\Packages
2023-11-26 10:38 - 2023-01-25 00:52 - 000000000 ____D C:\Users\pault\AppData\Local\Opera Software
2023-11-26 10:37 - 2023-01-25 00:52 - 000000000 ____D C:\Users\pault\AppData\Roaming\Opera Software
2023-11-22 16:31 - 2020-11-21 13:43 - 000000000 ____D C:\Program Files\Microsoft Office
2023-11-21 10:44 - 2023-06-17 21:56 - 000000000 ____D C:\Users\pault\AppData\Roaming\Canva
2023-11-21 10:04 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-11-20 19:28 - 2020-11-21 13:38 - 000440096 _____ C:\Windows\system32\FNTCACHE.DAT
2023-11-20 19:27 - 2020-11-21 13:06 - 000000000 ____D C:\Windows\SysWOW64\fr
2023-11-20 19:27 - 2020-11-21 13:06 - 000000000 ____D C:\Windows\system32\fr
2023-11-20 19:27 - 2019-12-07 10:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-11-20 19:27 - 2019-12-07 10:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\F12
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Com
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Sysprep
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Com
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellComponents
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\IME
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-11-20 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-11-20 19:27 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2023-11-20 19:08 - 2023-02-22 14:49 - 000002415 _____ C:\Users\pault\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-11-20 19:08 - 2021-12-31 16:09 - 000003580 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1170345104-389755362-35519030-1002
2023-11-20 19:08 - 2021-11-20 17:01 - 000003374 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1170345104-389755362-35519030-1002
2023-11-20 18:45 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-11-20 18:43 - 2019-12-07 10:52 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2023-11-20 18:43 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2023-11-20 18:43 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2023-11-20 18:34 - 2020-11-21 13:40 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-11-20 18:10 - 2021-11-23 20:08 - 182871392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-11-20 09:16 - 2022-09-21 10:01 - 000000000 ____D C:\Users\pault\AppData\Roaming\Microsoft\Access
2023-11-18 15:06 - 2020-11-21 13:40 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-15 09:37 - 2023-03-19 15:02 - 000000000 ____D C:\Program Files\Oracle
2023-11-14 16:50 - 2023-03-30 17:45 - 000003992 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{415F9E5F-BDB8-4F23-87DD-53C2809B5504}
2023-11-14 16:50 - 2023-03-30 17:45 - 000003868 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{42FF87EC-4CA7-46E5-B6FD-41FAD98EFCB8}
2023-11-12 13:34 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2023-11-12 13:18 - 2021-11-20 16:59 - 000000000 ____D C:\Users\pault\AppData\Local\VirtualStore
2023-11-12 13:12 - 2021-11-20 14:42 - 000000000 ____D C:\ProgramData\Packages
2023-11-12 13:10 - 2021-11-20 12:30 - 000000000 ____D C:\Users\pault\AppData\Local\PlaceholderTileLogoFolder
2023-11-11 16:02 - 2021-11-23 20:25 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-11-08 13:34 - 2020-11-21 13:38 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-11-06 11:44 - 2022-01-08 21:45 - 000000000 ____D C:\Users\pault\AppData\Roaming\GeoGebra
2023-11-03 11:50 - 2021-09-01 04:53 - 000004122 _____ C:\Windows\system32\Tasks\ASUS Update Checker 2.0
2023-11-03 11:50 - 2021-09-01 04:53 - 000003756 _____ C:\Windows\system32\Tasks\ASUS Optimization 36D18D69AFC3
2023-11-01 17:43 - 2020-11-21 13:40 - 000003688 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-11-01 17:43 - 2020-11-21 13:40 - 000003564 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== Fichiers à la racine de certains dossiers ========
2023-01-22 21:57 - 2023-01-26 22:21 - 000000396 _____ () C:\Users\pault\AppData\Roaming\jjv5conf.json
2023-11-15 09:59 - 2023-11-15 09:59 - 000000015 _____ () C:\Users\pault\AppData\Roaming\obs-virtualcam.txt
2023-11-29 15:34 - 2023-11-29 15:34 - 002117632 _____ () C:\Users\pault\AppData\Local\Averil.exe
2023-11-29 15:34 - 2023-11-29 15:34 - 002117632 _____ () C:\Users\pault\AppData\Local\Notify.exe
2023-11-29 15:34 - 2023-11-29 15:34 - 000742188 _____ () C:\Users\pault\AppData\Local\pulido.exe
2022-11-20 12:58 - 2022-11-20 12:58 - 000007627 _____ () C:\Users\pault\AppData\Local\Resmon.ResmonCfg
2021-11-24 11:48 - 2021-11-24 11:48 - 000193912 _____ (NirSoft) C:\Users\pault\AppData\Local\SoundVolumeView.exe
2021-11-24 11:23 - 2021-11-24 11:23 - 000143224 _____ (NirSoft) C:\Users\pault\AppData\Local\SoundVolumeView64.exe
2021-11-20 17:06 - 2021-11-20 17:06 - 000138680 _____ (Microsoft Corporation) C:\Users\pault\AppData\Local\WebView2Loader.dll
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================