Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02
Exécuté par Admin (administrateur) sur DANIEL (LENOVO 20EN0013CA) (30-11-2023 08:38:32)
Exécuté depuis C:\Users\Admin\Desktop\FRST64.exe
Profils chargés: Admin
Plate-forme: Microsoft Windows 11 Professionnel Version 22H2 22621.2715 (X64) Langue: Français (Canada)
Navigateur par défaut: "C:\Program Files\Norton\Browser\Application\NortonBrowser.exe" --single-argument %1
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> ) C:\Program Files\Malwarebytes\Anti-Malware\MBAMCrashHandler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_23285.3703.2471.4627_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.72\msedgewebview2.exe <6>
(Corel Corporation -> WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FNCC3C~1.INF\driver\shtctky.exe
(DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FNCC3C~1.INF\driver\tposd.exe
(explorer.exe ->) (Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office16\ONENOTEM.EXE
(explorer.exe ->) (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(explorer.exe ->) (PresetDemonstration -> ) [Fichier non signé] C:\Users\Admin\AppData\Local\QuickTuneComputer\QuickTuneComputer.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\igfxEM.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_d4f47df9c2216d4d\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
(services.exe ->) (Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\EasyResume.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_244a165970d8f8e8\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_244a165970d8f8e8\NVWMI\nvWmi64.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.30700.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [3177544 2023-10-06] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436704 2023-10-06] (Corel Corporation -> WinZip Computing, S.L.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3187660612-677162194-1757115519-1001\...\Run: [MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896784 2023-11-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3187660612-677162194-1757115519-1001\...\Run: [Opera Stable] => C:\Users\Admin\AppData\Local\Programs\Opera\launcher.exe [2353056 2023-11-22] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-3187660612-677162194-1757115519-1001\...\Run: [QuickTuneComputer] => C:\Users\Admin\AppData\Local\QuickTuneComputer\QuickTuneComputer.exe [25672584 2023-11-16] (PresetDemonstration -> ) [Fichier non signé]
HKU\S-1-5-21-3187660612-677162194-1757115519-1001\...\Run: [NortonBrowserAutoLaunch_D01BFAFE2889505F58D52EABD737E834] => C:\Program Files\Norton\Browser\Application\NortonBrowser.exe [3283976 2023-11-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
HKU\S-1-5-21-3187660612-677162194-1757115519-1001\...\Run: [ut] => "C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED (Pas de fichier)
HKU\S-1-5-21-3187660612-677162194-1757115519-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44529568 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{3A3642E6-DE46-4F68-9887-AA017EEFE426}] -> C:\Program Files\Norton\Browser\Application\119.1.23249.160\Installer\chrmstp.exe [2023-11-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\119.0.6045.161\Installer\chrmstp.exe [2023-11-30] (Google LLC -> Google LLC)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2023-11-19]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2023-11-27]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {F886D016-5C3A-4697-AE1C-000A50C0C453} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {237D1919-829B-4DA8-A29E-A50541EBD3D6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {D2955EF3-9F9F-4CE1-BD97-585AF442E7CD} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "9499b11f-c041-437a-8725-5cf09398b67e" --version "6.18.10838" --silent
Task: {231FA8DD-1DE5-4692-90B5-0082BCB0B957} - System32\Tasks\CCleanerSkipUAC - Admin => C:\Program Files\CCleaner\CCleaner.exe [37546912 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {C9ABCD7E-8509-432B-B7DA-8DDC4D03BAA1} - System32\Tasks\GoogleUpdateTaskMachineCore{C0A7EC58-8C91-4170-8812-E929CEE13F30} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-10-14] (Google LLC -> Google LLC)
Task: {27B93168-027E-43AE-8283-3FDE14F6D18F} - System32\Tasks\GoogleUpdateTaskMachineUA{5A65EA3F-F648-4867-913C-7B324CA9C98D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-10-14] (Google LLC -> Google LLC)
Task: {63BB2159-B2E7-4D5C-9A0D-61EA22C97766} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [129016 2022-12-04] (Lenovo -> Lenovo)
Task: {7BFB9A3D-6A6C-4E4E-8973-D1ACA474799D} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\PowerMgrInst.exe [65016 2022-12-04] (Lenovo -> )
Task: {4183B3C7-00F4-4144-9B97-75E2C67FB75F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Pas de fichier)
Task: {5A2A9260-8B6B-4CF3-81CA-C548150D187C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {75CA1E19-CDD3-49D7-AA8F-0C3E23BEC320} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C208EB18-93B3-413A-8927-6289E769F69E} - System32\Tasks\Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask => {82aa0895-198a-4c1b-b2d1-c16894218afb} C:\Windows\System32\unifiedconsent.dll [311296 2023-11-17] (Microsoft Windows -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier)
Task: {5D4B5F85-5191-4954-ADDE-9F9417D94D2B} - System32\Tasks\Norton Secure Browser Heartbeat Task (Hourly) => C:\Program Files\Norton\Browser\Application\NortonBrowser.exe [3283976 2023-11-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {1D5323A4-CE7F-4534-95AC-8BCF6B88E365} - System32\Tasks\Norton Secure Browser Heartbeat Task (Logon) => C:\Program Files\Norton\Browser\Application\NortonBrowser.exe [3283976 2023-11-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {5B44470A-876E-42FD-973D-4A9FF0D420CA} - System32\Tasks\NortonUpdateTaskMachineCore => C:\Program Files (x86)\Norton\Browser\Update\NortonBrowserUpdate.exe [440608 2023-11-27] (NortonLifeLock Inc. -> Norton LifeLock)
Task: {D6297421-F771-457B-A8D5-E1A42B5F47AB} - System32\Tasks\NortonUpdateTaskMachineUA => C:\Program Files (x86)\Norton\Browser\Update\NortonBrowserUpdate.exe [440608 2023-11-27] (NortonLifeLock Inc. -> Norton LifeLock)
Task: {5B868C1F-6F02-4B1A-A9BE-E929D1571CE6} - System32\Tasks\Opera scheduled Autoupdate 1698617315 => C:\Users\Admin\AppData\Local\Programs\Opera\launcher.exe [2353056 2023-11-22] (Opera Norway AS -> Opera Software)
Task: {FFFC40D7-E7C3-4047-9A2E-2CE9AA60F806} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618088 2020-07-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E7278A27-9E50-424D-B19C-E150A35B0C53} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618088 2020-07-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {089B799A-FA29-4725-8376-C11E3FC501EB} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904552 2023-08-15] (Lenovo -> )
Task: {3A3CD47A-F926-46AC-9649-83E711CD63FD} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904552 2023-08-15] (Lenovo -> )
Task: {7AE821F3-19E0-4105-86BA-BA5DD9F7913C} - System32\Tasks\WinZip - Outil de déduplication - Documents - Admin => C:\Program Files\WinZip\WzBGTToolsManager64.exe [335456 2023-10-06] (Corel Corporation -> WinZip Computing)
Task: {DCC89BC9-A1A1-4952-B9E2-17E300A7E368} - System32\Tasks\WinZip - Outil de déduplication - Downloads - Admin => C:\Program Files\WinZip\WzBGTToolsManager64.exe [335456 2023-10-06] (Corel Corporation -> WinZip Computing)
Task: {11C5F3B8-7465-43BF-A363-C41C070BE5A7} - System32\Tasks\WinZip - Outil de déduplication - Pictures - Admin => C:\Program Files\WinZip\WzBGTToolsManager64.exe [335456 2023-10-06] (Corel Corporation -> WinZip Computing)
Task: {0D74916E-AE55-4DBF-A28A-3D5262F0D886} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3177544 2023-10-06] (Corel Corporation -> Corel Corporation)
Task: {3D0FB3FC-13E2-482B-95D9-D4CA49A5DCF7} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3177544 2023-10-06] (Corel Corporation -> Corel Corporation)
Task: {030FF65F-25C7-419D-BBF5-9B6414D9120B} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3177544 2023-10-06] (Corel Corporation -> Corel Corporation)
Task: {08D95349-A2ED-4E7E-BA59-EDDECA386A8B} - System32\Tasks\WinZip Updater - Admin => C:\Program Files\WinZip\WzUpdater.exe [446560 2023-10-06] (Corel Corporation -> )
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-30]
Edge Extension: (Google Documents hors connexion) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-14]
Edge Extension: (Edge relevant text changes) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-14]
Edge Extension: (Gestionnaire de mots de passe RoboForm) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ljfpcifpgbbchoddpjefaipoiigpdmag [2023-11-27]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.norton.securebrowser.com/Norton Browser;version=3 -> C:\Program Files (x86)\Norton\Browser\Update\1.8.1649.5\npNortonBrowserUpdate3.dll [2023-11-27] (NortonLifeLock Inc. -> Norton LifeLock)
FF Plugin-x32: @update.norton.securebrowser.com/Norton Browser;version=9 -> C:\Program Files (x86)\Norton\Browser\Update\1.8.1649.5\npNortonBrowserUpdate3.dll [2023-11-27] (NortonLifeLock Inc. -> Norton LifeLock)
Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2023-11-24]
CHR Extension: (Google Docs hors connexion) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-14]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-14]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-3187660612-677162194-1757115519-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S3 CloudBackupRestoreSvc; C:\Windows\System32\CloudRestoreLauncher.dll [1355776 2023-11-17] (Microsoft Windows -> Microsoft Corporation)
S2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [3420376 2023-10-30] (Lavasoft Software Canada Inc. -> ) <==== ATTENTION
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 Lenovo Instant On; C:\Windows\SysWOW64\EasyResume.exe [2352344 2022-12-04] (Lenovo -> Lenovo Group Limited)
S2 LPlatSvc; C:\Windows\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9343840 2023-11-19] (Malwarebytes Inc. -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [895152 2023-11-29] (McAfee, LLC -> McAfee, LLC)
S2 norton; C:\Program Files (x86)\Norton\Browser\Update\NortonBrowserUpdate.exe [440608 2023-11-27] (NortonLifeLock Inc. -> Norton LifeLock)
S3 nortonm; C:\Program Files (x86)\Norton\Browser\Update\NortonBrowserUpdate.exe [440608 2023-11-27] (NortonLifeLock Inc. -> Norton LifeLock)
S3 NortonSecureBrowserElevationService; C:\Program Files\Norton\Browser\Application\119.1.23249.160\elevation_service.exe [1838288 2023-11-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
R2 NVWMI; C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_244a165970d8f8e8\NVWMI\nvWmi64.exe [4508704 2023-07-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534584 2023-11-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 SynaHlp; C:\Windows\System32\SynaHelperService.exe [254920 2022-01-18] (Synaptics Incorporated -> Synaptics Incorporated.)
R2 TPHKLOAD; C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\TPHKLOAD.exe [473760 2021-10-22] (Lenovo -> Lenovo Group Limited)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [27856 2023-10-30] (Lavasoft Software Canada Inc. -> ) <==== ATTENTION
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_244a165970d8f8e8\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_244a165970d8f8e8\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [800672 2023-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [532480 2023-05-05] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [184320 2023-05-05] (Microsoft Corporation) [Fichier non signé]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Fichier non signé]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [222784 2023-11-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-11-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt11.sys [233704 2023-11-30] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [78400 2023-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2023-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [188008 2023-11-30] (Malwarebytes Inc. -> Malwarebytes)
R0 PMDRVS; C:\Windows\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
S4 UCPD; C:\Windows\System32\drivers\UCPD.sys [29184 2023-10-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-11-30 08:38 - 2023-11-30 08:39 - 000025685 _____ C:\Users\Admin\Desktop\FRST.txt
2023-11-30 08:38 - 2023-11-30 08:39 - 000000000 ____D C:\FRST
2023-11-30 08:33 - 2023-11-30 08:36 - 002383872 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2023-11-30 08:13 - 2023-11-30 08:13 - 000769638 _____ C:\Windows\system32\perfh00C.dat
2023-11-30 08:13 - 2023-11-30 08:13 - 000146638 _____ C:\Windows\system32\perfc00C.dat
2023-11-30 08:08 - 2023-11-30 08:08 - 000233704 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt11.sys
2023-11-30 08:08 - 2023-11-30 08:08 - 000188008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2023-11-30 08:02 - 2023-11-30 08:29 - 000000000 ____D C:\Program Files\CCleaner
2023-11-30 08:02 - 2023-11-30 08:08 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-11-30 08:02 - 2023-11-30 08:02 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-11-30 08:02 - 2023-11-30 08:02 - 000003380 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-11-30 08:02 - 2023-11-30 08:02 - 000002886 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Admin
2023-11-30 08:02 - 2023-11-30 08:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-11-29 15:44 - 2023-11-29 15:44 - 001543667 _____ C:\Users\Admin\Downloads\RMI_Modèle.pdf
2023-11-28 08:21 - 2023-11-23 14:29 - 000446217 _____ C:\Users\Admin\Documents\MAS_AIO.cmd
2023-11-28 08:03 - 2023-11-28 08:03 - 000000876 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2023-11-28 07:41 - 2023-11-28 07:41 - 000003954 _____ C:\Windows\system32\Tasks\WinZip - Outil de déduplication - Downloads - Admin
2023-11-28 07:41 - 2023-11-28 07:41 - 000003954 _____ C:\Windows\system32\Tasks\WinZip - Outil de déduplication - Documents - Admin
2023-11-28 07:41 - 2023-11-28 07:41 - 000003952 _____ C:\Windows\system32\Tasks\WinZip - Outil de déduplication - Pictures - Admin
2023-11-28 07:41 - 2023-11-28 07:41 - 000001196 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paramètres des outils WinZip.lnk
2023-11-27 09:48 - 2023-11-27 09:48 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\HTML Help
2023-11-27 09:11 - 2023-11-30 07:48 - 000000000 ____D C:\Users\Admin\AppData\Local\WinZip
2023-11-27 09:11 - 2023-11-29 14:31 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Secure Browser.lnk
2023-11-27 09:11 - 2023-11-27 09:14 - 000000000 ____D C:\Users\Admin\AppData\Roaming\AVG
2023-11-27 09:11 - 2023-11-27 09:11 - 000003832 _____ C:\Windows\system32\Tasks\Norton Secure Browser Heartbeat Task (Hourly)
2023-11-27 09:11 - 2023-11-27 09:11 - 000003626 _____ C:\Windows\system32\Tasks\WinZip Update Notifier 2
2023-11-27 09:11 - 2023-11-27 09:11 - 000003624 _____ C:\Windows\system32\Tasks\WinZip Update Notifier 3
2023-11-27 09:11 - 2023-11-27 09:11 - 000003624 _____ C:\Windows\system32\Tasks\WinZip Update Notifier 1
2023-11-27 09:11 - 2023-11-27 09:11 - 000003248 _____ C:\Windows\system32\Tasks\Norton Secure Browser Heartbeat Task (Logon)
2023-11-27 09:11 - 2023-11-27 09:11 - 000000000 ____D C:\Users\Admin\AppData\Local\Norton
2023-11-27 09:11 - 2023-11-27 09:11 - 000000000 ____D C:\ProgramData\Norton
2023-11-27 09:11 - 2023-11-27 09:11 - 000000000 ____D C:\Program Files\Norton
2023-11-27 09:10 - 2023-11-28 08:17 - 000001104 _____ C:\Users\Public\Desktop\WinZip.lnk
2023-11-27 09:10 - 2023-11-28 08:17 - 000000000 ____D C:\ProgramData\WinZip
2023-11-27 09:10 - 2023-11-28 08:16 - 000000000 ____D C:\Program Files\WinZip
2023-11-27 09:10 - 2023-11-27 09:14 - 000000000 ____D C:\ProgramData\AVG
2023-11-27 09:10 - 2023-11-27 09:11 - 000001924 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip SafeShare.lnk
2023-11-27 09:10 - 2023-11-27 09:11 - 000001914 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Image Manager.lnk
2023-11-27 09:10 - 2023-11-27 09:11 - 000001910 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip PDF Express.lnk
2023-11-27 09:10 - 2023-11-27 09:11 - 000001898 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Secure Backup.lnk
2023-11-27 09:10 - 2023-11-27 09:11 - 000001886 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Duplicate File Finder.lnk
2023-11-27 09:10 - 2023-11-27 09:10 - 000313272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2023-11-27 09:10 - 2023-11-27 09:10 - 000003734 _____ C:\Windows\system32\Tasks\WinZip Updater - Admin
2023-11-27 09:10 - 2023-11-27 09:10 - 000003620 _____ C:\Windows\system32\Tasks\NortonUpdateTaskMachineUA
2023-11-27 09:10 - 2023-11-27 09:10 - 000003496 _____ C:\Windows\system32\Tasks\NortonUpdateTaskMachineCore
2023-11-27 09:10 - 2023-11-27 09:10 - 000002087 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip.lnk
2023-11-27 09:10 - 2023-11-27 09:10 - 000000000 ____D C:\ProgramData\UniqueId
2023-11-27 09:10 - 2023-11-27 09:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2023-11-21 16:21 - 2023-11-27 09:10 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2023-11-21 09:14 - 2023-11-21 09:32 - 000000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2023-11-21 09:12 - 2023-11-21 09:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2023-11-21 09:12 - 2023-11-21 09:12 - 000000000 ____D C:\Program Files\VideoLAN
2023-11-19 15:40 - 2023-11-19 15:40 - 000000000 ____D C:\Users\Admin\Documents\Blocs-notes OneNote
2023-11-19 15:40 - 2023-11-19 15:40 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\OneNote
2023-11-19 15:37 - 2023-11-30 08:10 - 000000000 ____D C:\Users\Admin\AppData\Local\Malwarebytes
2023-11-19 15:37 - 2023-11-19 15:37 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-11-19 15:37 - 2023-11-19 15:37 - 000000000 ____D C:\Users\Admin\AppData\Local\mbam
2023-11-19 15:36 - 2023-11-19 15:36 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-11-19 15:36 - 2023-11-19 15:36 - 000000000 ____D C:\Program Files\Malwarebytes
2023-11-17 09:35 - 2023-11-17 09:37 - 000000000 ____D C:\Users\Admin\Desktop\SkiDoo
2023-11-17 09:34 - 2023-11-17 09:34 - 002186086 _____ C:\Users\Admin\Desktop\Droit Daniel.pdf
2023-11-17 09:26 - 2023-11-17 09:26 - 000016240 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2023-11-17 09:08 - 2023-11-17 09:14 - 000000000 ___HD C:\$WinREAgent
2023-11-16 20:03 - 2023-11-19 15:43 - 000000000 ____D C:\Users\Admin\AppData\Local\QuickTuneComputer
2023-11-02 20:35 - 2023-11-02 20:35 - 000155663 _____ C:\Users\Admin\Downloads\DUED8600IR.pdf
2023-10-31 13:12 - 2023-10-31 13:12 - 000009012 _____ C:\Users\Admin\Downloads\F-154990.pdf
2023-10-31 08:51 - 2023-10-31 08:51 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2023-10-31 07:28 - 2023-10-31 09:08 - 000000000 ____D C:\Users\Admin\Desktop\Marie Anglais MP3
2023-10-31 07:11 - 2023-10-31 07:11 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Lavasoft
2023-10-31 07:08 - 2023-10-31 07:23 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\UProof
2023-10-31 07:08 - 2023-10-31 07:08 - 000000000 ____D C:\Users\Admin\Documents\Modèles Office personnalisés
2023-10-31 07:08 - 2023-10-31 07:08 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Proof
2023-10-31 07:07 - 2023-11-30 07:59 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Word
2023-10-31 07:07 - 2023-10-31 07:07 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Document Building Blocks
2023-10-31 07:07 - 2023-10-31 07:07 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Bibliography
2023-10-31 07:04 - 2023-10-31 07:04 - 000002741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2023-10-31 07:04 - 2023-10-31 07:04 - 000002674 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive Entreprise.lnk
2023-10-31 07:04 - 2023-10-31 07:04 - 000002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2023-10-31 07:04 - 2023-10-31 07:04 - 000002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2023-10-31 07:04 - 2023-10-31 07:04 - 000002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2023-10-31 07:04 - 2023-10-31 07:04 - 000002654 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2023-10-31 07:04 - 2023-10-31 07:04 - 000002640 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2023-10-31 07:04 - 2023-10-31 07:04 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2016
2023-10-31 07:03 - 2023-10-31 07:03 - 000000000 ____D C:\Windows\PCHEALTH
2023-10-31 07:01 - 2023-10-31 07:03 - 000000000 ____D C:\Windows\SHELLNEW
2023-10-31 07:01 - 2023-10-31 07:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2023-10-31 07:00 - 2023-10-31 07:00 - 000000000 ____D C:\Users\Admin\AppData\Local\Microsoft Help
2023-10-31 06:59 - 2023-10-31 06:59 - 000000000 ____D C:\Program Files\Microsoft Office
2023-10-31 06:58 - 2023-10-31 06:58 - 000000000 __RHD C:\MSOCache
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-11-30 08:38 - 2023-10-14 18:10 - 000000000 ____D C:\Program Files (x86)\Google
2023-11-30 08:38 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SystemTemp
2023-11-30 08:29 - 2023-10-29 17:50 - 000000000 ____D C:\Users\Admin\Desktop\Raccourcis du Bureau
2023-11-30 08:13 - 2023-10-14 15:54 - 001710106 _____ C:\Windows\system32\PerfStringBackup.INI
2023-11-30 08:13 - 2022-05-07 00:22 - 000000000 ____D C:\Windows\INF
2023-11-30 08:12 - 2023-10-14 16:56 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2023-11-30 08:10 - 2022-05-07 00:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-30 08:10 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\AppReadiness
2023-11-30 08:09 - 2023-10-14 17:03 - 000000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2023-11-30 08:09 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\ServiceState
2023-11-30 08:09 - 2022-05-07 00:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-30 08:08 - 2023-10-14 15:55 - 000000000 ____D C:\ProgramData\NVIDIA
2023-11-30 08:08 - 2023-10-14 15:44 - 000012288 ___SH C:\DumpStack.log.tmp
2023-11-30 08:08 - 2023-10-14 15:44 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-11-30 08:08 - 2022-05-07 00:17 - 000524288 _____ C:\Windows\system32\config\BBI
2023-11-30 07:49 - 2023-10-14 18:10 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-11-29 14:33 - 2023-10-14 18:10 - 000003960 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{5A65EA3F-F648-4867-913C-7B324CA9C98D}
2023-11-29 14:33 - 2023-10-14 18:10 - 000003836 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{C0A7EC58-8C91-4170-8812-E929CEE13F30}
2023-11-29 14:26 - 2023-10-14 15:45 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-29 14:25 - 2023-10-30 07:05 - 000000000 ____D C:\Users\Admin\AppData\Roaming\utorrent
2023-11-29 14:23 - 2023-10-14 15:44 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-11-28 08:04 - 2023-10-30 07:06 - 000000000 ____D C:\Users\Admin\AppData\Local\BitTorrentHelper
2023-11-28 08:03 - 2023-10-14 16:56 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2023-11-28 07:48 - 2023-10-29 17:08 - 000004178 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1698617315
2023-11-28 07:48 - 2023-10-29 17:08 - 000001405 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2023-11-27 09:50 - 2023-10-30 07:01 - 000000000 ____D C:\Users\Admin\Desktop\KMS Tool
2023-11-27 09:11 - 2023-10-14 15:47 - 000000000 ____D C:\ProgramData\Packages
2023-11-27 09:10 - 2022-05-07 00:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-11-24 16:22 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\LiveKernelReports
2023-11-18 00:04 - 2022-05-07 00:24 - 000000000 ____D C:\ProgramData\USOPrivate
2023-11-17 23:46 - 2023-10-14 15:44 - 000471272 _____ C:\Windows\system32\FNTCACHE.DAT
2023-11-17 23:45 - 2023-10-14 17:33 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2023-11-17 23:45 - 2022-05-07 05:32 - 000000000 ___SD C:\Windows\system32\AppV
2023-11-17 23:45 - 2022-05-07 05:32 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-11-17 23:45 - 2022-05-07 05:21 - 000000000 ____D C:\Windows\SysWOW64\fr
2023-11-17 23:45 - 2022-05-07 05:21 - 000000000 ____D C:\Windows\system32\fr
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ___SD C:\Windows\system32\UNP
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ___RD C:\Windows\PrintDialog
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\UUS
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\vi-VN
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\id-ID
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\gl-ES
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\eu-ES
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\ca-ES
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SystemResources
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\vi-VN
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\ShellExperiences
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\Sgrm
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\setup
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\oobe
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\migwiz
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\lv-LV
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\lt-LT
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\id-ID
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\gl-ES
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\eu-ES
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\et-EE
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\es-MX
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\Dism
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\DDFs
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\ca-ES
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\appraiser
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\ShellExperiences
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\ShellComponents
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\Provisioning
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\DiagTrack
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\bcastdvr
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Program Files\Common Files\System
2023-11-17 23:45 - 2022-05-07 00:17 - 000000000 ____D C:\Windows\servicing
2023-11-17 09:58 - 2023-10-14 16:59 - 000000000 ____D C:\Windows\system32\MRT
2023-11-17 09:40 - 2023-10-14 16:59 - 182871392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-11-17 09:40 - 2022-05-07 00:17 - 000000000 ____D C:\Windows\CbsTemp
2023-11-17 09:39 - 2022-05-07 05:32 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2023-11-17 09:39 - 2022-05-07 00:25 - 000209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2023-11-17 09:39 - 2022-05-07 00:24 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2023-11-17 09:30 - 2023-10-14 15:49 - 003212800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-11-07 06:43 - 2023-10-14 15:44 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-11-04 07:46 - 2023-10-14 16:59 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-10-31 13:16 - 2023-10-14 18:16 - 000000000 ____D C:\Users\Admin\AppData\Local\Adobe
2023-10-31 07:23 - 2023-10-30 07:41 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Office
2023-10-31 07:03 - 2023-10-30 07:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-10-31 07:00 - 2022-05-07 00:24 - 000000167 _____ C:\Windows\win.ini
2023-10-31 06:59 - 2022-05-07 00:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Admin (administrateur) sur DANIEL (LENOVO 20EN0013CA) (30-11-2023 08:38:32)
Exécuté depuis C:\Users\Admin\Desktop\FRST64.exe
Profils chargés: Admin
Plate-forme: Microsoft Windows 11 Professionnel Version 22H2 22621.2715 (X64) Langue: Français (Canada)
Navigateur par défaut: "C:\Program Files\Norton\Browser\Application\NortonBrowser.exe" --single-argument %1
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> ) C:\Program Files\Malwarebytes\Anti-Malware\MBAMCrashHandler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_23285.3703.2471.4627_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.72\msedgewebview2.exe <6>
(Corel Corporation -> WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FNCC3C~1.INF\driver\shtctky.exe
(DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FNCC3C~1.INF\driver\tposd.exe
(explorer.exe ->) (Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office16\ONENOTEM.EXE
(explorer.exe ->) (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(explorer.exe ->) (PresetDemonstration -> ) [Fichier non signé] C:\Users\Admin\AppData\Local\QuickTuneComputer\QuickTuneComputer.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\igfxEM.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_d4f47df9c2216d4d\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
(services.exe ->) (Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\EasyResume.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_244a165970d8f8e8\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_244a165970d8f8e8\NVWMI\nvWmi64.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.30700.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [3177544 2023-10-06] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436704 2023-10-06] (Corel Corporation -> WinZip Computing, S.L.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3187660612-677162194-1757115519-1001\...\Run: [MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896784 2023-11-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3187660612-677162194-1757115519-1001\...\Run: [Opera Stable] => C:\Users\Admin\AppData\Local\Programs\Opera\launcher.exe [2353056 2023-11-22] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-3187660612-677162194-1757115519-1001\...\Run: [QuickTuneComputer] => C:\Users\Admin\AppData\Local\QuickTuneComputer\QuickTuneComputer.exe [25672584 2023-11-16] (PresetDemonstration -> ) [Fichier non signé]
HKU\S-1-5-21-3187660612-677162194-1757115519-1001\...\Run: [NortonBrowserAutoLaunch_D01BFAFE2889505F58D52EABD737E834] => C:\Program Files\Norton\Browser\Application\NortonBrowser.exe [3283976 2023-11-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
HKU\S-1-5-21-3187660612-677162194-1757115519-1001\...\Run: [ut] => "C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED (Pas de fichier)
HKU\S-1-5-21-3187660612-677162194-1757115519-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44529568 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{3A3642E6-DE46-4F68-9887-AA017EEFE426}] -> C:\Program Files\Norton\Browser\Application\119.1.23249.160\Installer\chrmstp.exe [2023-11-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\119.0.6045.161\Installer\chrmstp.exe [2023-11-30] (Google LLC -> Google LLC)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2023-11-19]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2023-11-27]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {F886D016-5C3A-4697-AE1C-000A50C0C453} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {237D1919-829B-4DA8-A29E-A50541EBD3D6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {D2955EF3-9F9F-4CE1-BD97-585AF442E7CD} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "9499b11f-c041-437a-8725-5cf09398b67e" --version "6.18.10838" --silent
Task: {231FA8DD-1DE5-4692-90B5-0082BCB0B957} - System32\Tasks\CCleanerSkipUAC - Admin => C:\Program Files\CCleaner\CCleaner.exe [37546912 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {C9ABCD7E-8509-432B-B7DA-8DDC4D03BAA1} - System32\Tasks\GoogleUpdateTaskMachineCore{C0A7EC58-8C91-4170-8812-E929CEE13F30} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-10-14] (Google LLC -> Google LLC)
Task: {27B93168-027E-43AE-8283-3FDE14F6D18F} - System32\Tasks\GoogleUpdateTaskMachineUA{5A65EA3F-F648-4867-913C-7B324CA9C98D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-10-14] (Google LLC -> Google LLC)
Task: {63BB2159-B2E7-4D5C-9A0D-61EA22C97766} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [129016 2022-12-04] (Lenovo -> Lenovo)
Task: {7BFB9A3D-6A6C-4E4E-8973-D1ACA474799D} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\PowerMgrInst.exe [65016 2022-12-04] (Lenovo -> )
Task: {4183B3C7-00F4-4144-9B97-75E2C67FB75F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Pas de fichier)
Task: {5A2A9260-8B6B-4CF3-81CA-C548150D187C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {75CA1E19-CDD3-49D7-AA8F-0C3E23BEC320} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C208EB18-93B3-413A-8927-6289E769F69E} - System32\Tasks\Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask => {82aa0895-198a-4c1b-b2d1-c16894218afb} C:\Windows\System32\unifiedconsent.dll [311296 2023-11-17] (Microsoft Windows -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier)
Task: {5D4B5F85-5191-4954-ADDE-9F9417D94D2B} - System32\Tasks\Norton Secure Browser Heartbeat Task (Hourly) => C:\Program Files\Norton\Browser\Application\NortonBrowser.exe [3283976 2023-11-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {1D5323A4-CE7F-4534-95AC-8BCF6B88E365} - System32\Tasks\Norton Secure Browser Heartbeat Task (Logon) => C:\Program Files\Norton\Browser\Application\NortonBrowser.exe [3283976 2023-11-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {5B44470A-876E-42FD-973D-4A9FF0D420CA} - System32\Tasks\NortonUpdateTaskMachineCore => C:\Program Files (x86)\Norton\Browser\Update\NortonBrowserUpdate.exe [440608 2023-11-27] (NortonLifeLock Inc. -> Norton LifeLock)
Task: {D6297421-F771-457B-A8D5-E1A42B5F47AB} - System32\Tasks\NortonUpdateTaskMachineUA => C:\Program Files (x86)\Norton\Browser\Update\NortonBrowserUpdate.exe [440608 2023-11-27] (NortonLifeLock Inc. -> Norton LifeLock)
Task: {5B868C1F-6F02-4B1A-A9BE-E929D1571CE6} - System32\Tasks\Opera scheduled Autoupdate 1698617315 => C:\Users\Admin\AppData\Local\Programs\Opera\launcher.exe [2353056 2023-11-22] (Opera Norway AS -> Opera Software)
Task: {FFFC40D7-E7C3-4047-9A2E-2CE9AA60F806} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618088 2020-07-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E7278A27-9E50-424D-B19C-E150A35B0C53} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618088 2020-07-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {089B799A-FA29-4725-8376-C11E3FC501EB} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904552 2023-08-15] (Lenovo -> )
Task: {3A3CD47A-F926-46AC-9649-83E711CD63FD} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904552 2023-08-15] (Lenovo -> )
Task: {7AE821F3-19E0-4105-86BA-BA5DD9F7913C} - System32\Tasks\WinZip - Outil de déduplication - Documents - Admin => C:\Program Files\WinZip\WzBGTToolsManager64.exe [335456 2023-10-06] (Corel Corporation -> WinZip Computing)
Task: {DCC89BC9-A1A1-4952-B9E2-17E300A7E368} - System32\Tasks\WinZip - Outil de déduplication - Downloads - Admin => C:\Program Files\WinZip\WzBGTToolsManager64.exe [335456 2023-10-06] (Corel Corporation -> WinZip Computing)
Task: {11C5F3B8-7465-43BF-A363-C41C070BE5A7} - System32\Tasks\WinZip - Outil de déduplication - Pictures - Admin => C:\Program Files\WinZip\WzBGTToolsManager64.exe [335456 2023-10-06] (Corel Corporation -> WinZip Computing)
Task: {0D74916E-AE55-4DBF-A28A-3D5262F0D886} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3177544 2023-10-06] (Corel Corporation -> Corel Corporation)
Task: {3D0FB3FC-13E2-482B-95D9-D4CA49A5DCF7} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3177544 2023-10-06] (Corel Corporation -> Corel Corporation)
Task: {030FF65F-25C7-419D-BBF5-9B6414D9120B} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3177544 2023-10-06] (Corel Corporation -> Corel Corporation)
Task: {08D95349-A2ED-4E7E-BA59-EDDECA386A8B} - System32\Tasks\WinZip Updater - Admin => C:\Program Files\WinZip\WzUpdater.exe [446560 2023-10-06] (Corel Corporation -> )
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-30]
Edge Extension: (Google Documents hors connexion) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-14]
Edge Extension: (Edge relevant text changes) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-14]
Edge Extension: (Gestionnaire de mots de passe RoboForm) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ljfpcifpgbbchoddpjefaipoiigpdmag [2023-11-27]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.norton.securebrowser.com/Norton Browser;version=3 -> C:\Program Files (x86)\Norton\Browser\Update\1.8.1649.5\npNortonBrowserUpdate3.dll [2023-11-27] (NortonLifeLock Inc. -> Norton LifeLock)
FF Plugin-x32: @update.norton.securebrowser.com/Norton Browser;version=9 -> C:\Program Files (x86)\Norton\Browser\Update\1.8.1649.5\npNortonBrowserUpdate3.dll [2023-11-27] (NortonLifeLock Inc. -> Norton LifeLock)
Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2023-11-24]
CHR Extension: (Google Docs hors connexion) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-14]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-14]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-3187660612-677162194-1757115519-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S3 CloudBackupRestoreSvc; C:\Windows\System32\CloudRestoreLauncher.dll [1355776 2023-11-17] (Microsoft Windows -> Microsoft Corporation)
S2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [3420376 2023-10-30] (Lavasoft Software Canada Inc. -> ) <==== ATTENTION
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 Lenovo Instant On; C:\Windows\SysWOW64\EasyResume.exe [2352344 2022-12-04] (Lenovo -> Lenovo Group Limited)
S2 LPlatSvc; C:\Windows\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9343840 2023-11-19] (Malwarebytes Inc. -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [895152 2023-11-29] (McAfee, LLC -> McAfee, LLC)
S2 norton; C:\Program Files (x86)\Norton\Browser\Update\NortonBrowserUpdate.exe [440608 2023-11-27] (NortonLifeLock Inc. -> Norton LifeLock)
S3 nortonm; C:\Program Files (x86)\Norton\Browser\Update\NortonBrowserUpdate.exe [440608 2023-11-27] (NortonLifeLock Inc. -> Norton LifeLock)
S3 NortonSecureBrowserElevationService; C:\Program Files\Norton\Browser\Application\119.1.23249.160\elevation_service.exe [1838288 2023-11-24] (NortonLifeLock Inc. -> NortonLifeLock Inc)
R2 NVWMI; C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_244a165970d8f8e8\NVWMI\nvWmi64.exe [4508704 2023-07-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534584 2023-11-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 SynaHlp; C:\Windows\System32\SynaHelperService.exe [254920 2022-01-18] (Synaptics Incorporated -> Synaptics Incorporated.)
R2 TPHKLOAD; C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\TPHKLOAD.exe [473760 2021-10-22] (Lenovo -> Lenovo Group Limited)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [27856 2023-10-30] (Lavasoft Software Canada Inc. -> ) <==== ATTENTION
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_244a165970d8f8e8\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_244a165970d8f8e8\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [800672 2023-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [532480 2023-05-05] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [184320 2023-05-05] (Microsoft Corporation) [Fichier non signé]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Fichier non signé]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [222784 2023-11-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-11-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt11.sys [233704 2023-11-30] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [78400 2023-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2023-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [188008 2023-11-30] (Malwarebytes Inc. -> Malwarebytes)
R0 PMDRVS; C:\Windows\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
S4 UCPD; C:\Windows\System32\drivers\UCPD.sys [29184 2023-10-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-11-30 08:38 - 2023-11-30 08:39 - 000025685 _____ C:\Users\Admin\Desktop\FRST.txt
2023-11-30 08:38 - 2023-11-30 08:39 - 000000000 ____D C:\FRST
2023-11-30 08:33 - 2023-11-30 08:36 - 002383872 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2023-11-30 08:13 - 2023-11-30 08:13 - 000769638 _____ C:\Windows\system32\perfh00C.dat
2023-11-30 08:13 - 2023-11-30 08:13 - 000146638 _____ C:\Windows\system32\perfc00C.dat
2023-11-30 08:08 - 2023-11-30 08:08 - 000233704 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt11.sys
2023-11-30 08:08 - 2023-11-30 08:08 - 000188008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2023-11-30 08:02 - 2023-11-30 08:29 - 000000000 ____D C:\Program Files\CCleaner
2023-11-30 08:02 - 2023-11-30 08:08 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-11-30 08:02 - 2023-11-30 08:02 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-11-30 08:02 - 2023-11-30 08:02 - 000003380 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-11-30 08:02 - 2023-11-30 08:02 - 000002886 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Admin
2023-11-30 08:02 - 2023-11-30 08:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-11-29 15:44 - 2023-11-29 15:44 - 001543667 _____ C:\Users\Admin\Downloads\RMI_Modèle.pdf
2023-11-28 08:21 - 2023-11-23 14:29 - 000446217 _____ C:\Users\Admin\Documents\MAS_AIO.cmd
2023-11-28 08:03 - 2023-11-28 08:03 - 000000876 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2023-11-28 07:41 - 2023-11-28 07:41 - 000003954 _____ C:\Windows\system32\Tasks\WinZip - Outil de déduplication - Downloads - Admin
2023-11-28 07:41 - 2023-11-28 07:41 - 000003954 _____ C:\Windows\system32\Tasks\WinZip - Outil de déduplication - Documents - Admin
2023-11-28 07:41 - 2023-11-28 07:41 - 000003952 _____ C:\Windows\system32\Tasks\WinZip - Outil de déduplication - Pictures - Admin
2023-11-28 07:41 - 2023-11-28 07:41 - 000001196 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paramètres des outils WinZip.lnk
2023-11-27 09:48 - 2023-11-27 09:48 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\HTML Help
2023-11-27 09:11 - 2023-11-30 07:48 - 000000000 ____D C:\Users\Admin\AppData\Local\WinZip
2023-11-27 09:11 - 2023-11-29 14:31 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Secure Browser.lnk
2023-11-27 09:11 - 2023-11-27 09:14 - 000000000 ____D C:\Users\Admin\AppData\Roaming\AVG
2023-11-27 09:11 - 2023-11-27 09:11 - 000003832 _____ C:\Windows\system32\Tasks\Norton Secure Browser Heartbeat Task (Hourly)
2023-11-27 09:11 - 2023-11-27 09:11 - 000003626 _____ C:\Windows\system32\Tasks\WinZip Update Notifier 2
2023-11-27 09:11 - 2023-11-27 09:11 - 000003624 _____ C:\Windows\system32\Tasks\WinZip Update Notifier 3
2023-11-27 09:11 - 2023-11-27 09:11 - 000003624 _____ C:\Windows\system32\Tasks\WinZip Update Notifier 1
2023-11-27 09:11 - 2023-11-27 09:11 - 000003248 _____ C:\Windows\system32\Tasks\Norton Secure Browser Heartbeat Task (Logon)
2023-11-27 09:11 - 2023-11-27 09:11 - 000000000 ____D C:\Users\Admin\AppData\Local\Norton
2023-11-27 09:11 - 2023-11-27 09:11 - 000000000 ____D C:\ProgramData\Norton
2023-11-27 09:11 - 2023-11-27 09:11 - 000000000 ____D C:\Program Files\Norton
2023-11-27 09:10 - 2023-11-28 08:17 - 000001104 _____ C:\Users\Public\Desktop\WinZip.lnk
2023-11-27 09:10 - 2023-11-28 08:17 - 000000000 ____D C:\ProgramData\WinZip
2023-11-27 09:10 - 2023-11-28 08:16 - 000000000 ____D C:\Program Files\WinZip
2023-11-27 09:10 - 2023-11-27 09:14 - 000000000 ____D C:\ProgramData\AVG
2023-11-27 09:10 - 2023-11-27 09:11 - 000001924 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip SafeShare.lnk
2023-11-27 09:10 - 2023-11-27 09:11 - 000001914 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Image Manager.lnk
2023-11-27 09:10 - 2023-11-27 09:11 - 000001910 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip PDF Express.lnk
2023-11-27 09:10 - 2023-11-27 09:11 - 000001898 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Secure Backup.lnk
2023-11-27 09:10 - 2023-11-27 09:11 - 000001886 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Duplicate File Finder.lnk
2023-11-27 09:10 - 2023-11-27 09:10 - 000313272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2023-11-27 09:10 - 2023-11-27 09:10 - 000003734 _____ C:\Windows\system32\Tasks\WinZip Updater - Admin
2023-11-27 09:10 - 2023-11-27 09:10 - 000003620 _____ C:\Windows\system32\Tasks\NortonUpdateTaskMachineUA
2023-11-27 09:10 - 2023-11-27 09:10 - 000003496 _____ C:\Windows\system32\Tasks\NortonUpdateTaskMachineCore
2023-11-27 09:10 - 2023-11-27 09:10 - 000002087 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip.lnk
2023-11-27 09:10 - 2023-11-27 09:10 - 000000000 ____D C:\ProgramData\UniqueId
2023-11-27 09:10 - 2023-11-27 09:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2023-11-21 16:21 - 2023-11-27 09:10 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2023-11-21 09:14 - 2023-11-21 09:32 - 000000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2023-11-21 09:12 - 2023-11-21 09:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2023-11-21 09:12 - 2023-11-21 09:12 - 000000000 ____D C:\Program Files\VideoLAN
2023-11-19 15:40 - 2023-11-19 15:40 - 000000000 ____D C:\Users\Admin\Documents\Blocs-notes OneNote
2023-11-19 15:40 - 2023-11-19 15:40 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\OneNote
2023-11-19 15:37 - 2023-11-30 08:10 - 000000000 ____D C:\Users\Admin\AppData\Local\Malwarebytes
2023-11-19 15:37 - 2023-11-19 15:37 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-11-19 15:37 - 2023-11-19 15:37 - 000000000 ____D C:\Users\Admin\AppData\Local\mbam
2023-11-19 15:36 - 2023-11-19 15:36 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-11-19 15:36 - 2023-11-19 15:36 - 000000000 ____D C:\Program Files\Malwarebytes
2023-11-17 09:35 - 2023-11-17 09:37 - 000000000 ____D C:\Users\Admin\Desktop\SkiDoo
2023-11-17 09:34 - 2023-11-17 09:34 - 002186086 _____ C:\Users\Admin\Desktop\Droit Daniel.pdf
2023-11-17 09:26 - 2023-11-17 09:26 - 000016240 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2023-11-17 09:08 - 2023-11-17 09:14 - 000000000 ___HD C:\$WinREAgent
2023-11-16 20:03 - 2023-11-19 15:43 - 000000000 ____D C:\Users\Admin\AppData\Local\QuickTuneComputer
2023-11-02 20:35 - 2023-11-02 20:35 - 000155663 _____ C:\Users\Admin\Downloads\DUED8600IR.pdf
2023-10-31 13:12 - 2023-10-31 13:12 - 000009012 _____ C:\Users\Admin\Downloads\F-154990.pdf
2023-10-31 08:51 - 2023-10-31 08:51 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2023-10-31 07:28 - 2023-10-31 09:08 - 000000000 ____D C:\Users\Admin\Desktop\Marie Anglais MP3
2023-10-31 07:11 - 2023-10-31 07:11 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Lavasoft
2023-10-31 07:08 - 2023-10-31 07:23 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\UProof
2023-10-31 07:08 - 2023-10-31 07:08 - 000000000 ____D C:\Users\Admin\Documents\Modèles Office personnalisés
2023-10-31 07:08 - 2023-10-31 07:08 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Proof
2023-10-31 07:07 - 2023-11-30 07:59 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Word
2023-10-31 07:07 - 2023-10-31 07:07 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Document Building Blocks
2023-10-31 07:07 - 2023-10-31 07:07 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Bibliography
2023-10-31 07:04 - 2023-10-31 07:04 - 000002741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2023-10-31 07:04 - 2023-10-31 07:04 - 000002674 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive Entreprise.lnk
2023-10-31 07:04 - 2023-10-31 07:04 - 000002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2023-10-31 07:04 - 2023-10-31 07:04 - 000002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2023-10-31 07:04 - 2023-10-31 07:04 - 000002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2023-10-31 07:04 - 2023-10-31 07:04 - 000002654 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2023-10-31 07:04 - 2023-10-31 07:04 - 000002640 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2023-10-31 07:04 - 2023-10-31 07:04 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2016
2023-10-31 07:03 - 2023-10-31 07:03 - 000000000 ____D C:\Windows\PCHEALTH
2023-10-31 07:01 - 2023-10-31 07:03 - 000000000 ____D C:\Windows\SHELLNEW
2023-10-31 07:01 - 2023-10-31 07:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2023-10-31 07:00 - 2023-10-31 07:00 - 000000000 ____D C:\Users\Admin\AppData\Local\Microsoft Help
2023-10-31 06:59 - 2023-10-31 06:59 - 000000000 ____D C:\Program Files\Microsoft Office
2023-10-31 06:58 - 2023-10-31 06:58 - 000000000 __RHD C:\MSOCache
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-11-30 08:38 - 2023-10-14 18:10 - 000000000 ____D C:\Program Files (x86)\Google
2023-11-30 08:38 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SystemTemp
2023-11-30 08:29 - 2023-10-29 17:50 - 000000000 ____D C:\Users\Admin\Desktop\Raccourcis du Bureau
2023-11-30 08:13 - 2023-10-14 15:54 - 001710106 _____ C:\Windows\system32\PerfStringBackup.INI
2023-11-30 08:13 - 2022-05-07 00:22 - 000000000 ____D C:\Windows\INF
2023-11-30 08:12 - 2023-10-14 16:56 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2023-11-30 08:10 - 2022-05-07 00:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-30 08:10 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\AppReadiness
2023-11-30 08:09 - 2023-10-14 17:03 - 000000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2023-11-30 08:09 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\ServiceState
2023-11-30 08:09 - 2022-05-07 00:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-30 08:08 - 2023-10-14 15:55 - 000000000 ____D C:\ProgramData\NVIDIA
2023-11-30 08:08 - 2023-10-14 15:44 - 000012288 ___SH C:\DumpStack.log.tmp
2023-11-30 08:08 - 2023-10-14 15:44 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-11-30 08:08 - 2022-05-07 00:17 - 000524288 _____ C:\Windows\system32\config\BBI
2023-11-30 07:49 - 2023-10-14 18:10 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-11-29 14:33 - 2023-10-14 18:10 - 000003960 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{5A65EA3F-F648-4867-913C-7B324CA9C98D}
2023-11-29 14:33 - 2023-10-14 18:10 - 000003836 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{C0A7EC58-8C91-4170-8812-E929CEE13F30}
2023-11-29 14:26 - 2023-10-14 15:45 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-29 14:25 - 2023-10-30 07:05 - 000000000 ____D C:\Users\Admin\AppData\Roaming\utorrent
2023-11-29 14:23 - 2023-10-14 15:44 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-11-28 08:04 - 2023-10-30 07:06 - 000000000 ____D C:\Users\Admin\AppData\Local\BitTorrentHelper
2023-11-28 08:03 - 2023-10-14 16:56 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2023-11-28 07:48 - 2023-10-29 17:08 - 000004178 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1698617315
2023-11-28 07:48 - 2023-10-29 17:08 - 000001405 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2023-11-27 09:50 - 2023-10-30 07:01 - 000000000 ____D C:\Users\Admin\Desktop\KMS Tool
2023-11-27 09:11 - 2023-10-14 15:47 - 000000000 ____D C:\ProgramData\Packages
2023-11-27 09:10 - 2022-05-07 00:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-11-24 16:22 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\LiveKernelReports
2023-11-18 00:04 - 2022-05-07 00:24 - 000000000 ____D C:\ProgramData\USOPrivate
2023-11-17 23:46 - 2023-10-14 15:44 - 000471272 _____ C:\Windows\system32\FNTCACHE.DAT
2023-11-17 23:45 - 2023-10-14 17:33 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2023-11-17 23:45 - 2022-05-07 05:32 - 000000000 ___SD C:\Windows\system32\AppV
2023-11-17 23:45 - 2022-05-07 05:32 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-11-17 23:45 - 2022-05-07 05:21 - 000000000 ____D C:\Windows\SysWOW64\fr
2023-11-17 23:45 - 2022-05-07 05:21 - 000000000 ____D C:\Windows\system32\fr
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ___SD C:\Windows\system32\UNP
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ___RD C:\Windows\PrintDialog
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\UUS
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\vi-VN
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\id-ID
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\gl-ES
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\eu-ES
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SysWOW64\ca-ES
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SystemResources
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\vi-VN
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\ShellExperiences
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\Sgrm
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\setup
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\oobe
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\migwiz
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\lv-LV
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\lt-LT
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\id-ID
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\gl-ES
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\eu-ES
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\et-EE
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\es-MX
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\Dism
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\DDFs
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\ca-ES
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\appraiser
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\ShellExperiences
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\ShellComponents
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\Provisioning
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\DiagTrack
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\bcastdvr
2023-11-17 23:45 - 2022-05-07 00:24 - 000000000 ____D C:\Program Files\Common Files\System
2023-11-17 23:45 - 2022-05-07 00:17 - 000000000 ____D C:\Windows\servicing
2023-11-17 09:58 - 2023-10-14 16:59 - 000000000 ____D C:\Windows\system32\MRT
2023-11-17 09:40 - 2023-10-14 16:59 - 182871392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-11-17 09:40 - 2022-05-07 00:17 - 000000000 ____D C:\Windows\CbsTemp
2023-11-17 09:39 - 2022-05-07 05:32 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2023-11-17 09:39 - 2022-05-07 00:25 - 000209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2023-11-17 09:39 - 2022-05-07 00:24 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2023-11-17 09:30 - 2023-10-14 15:49 - 003212800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-11-07 06:43 - 2023-10-14 15:44 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-11-04 07:46 - 2023-10-14 16:59 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-10-31 13:16 - 2023-10-14 18:16 - 000000000 ____D C:\Users\Admin\AppData\Local\Adobe
2023-10-31 07:23 - 2023-10-30 07:41 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Office
2023-10-31 07:03 - 2023-10-30 07:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-10-31 07:00 - 2022-05-07 00:24 - 000000167 _____ C:\Windows\win.ini
2023-10-31 06:59 - 2022-05-07 00:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================