Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 04-08-2022 Exécuté par Florian (administrateur) sur DESKTOP-DJEA3QQ (ASUSTeK COMPUTER INC. GL553VD) (14-08-2022 16:17:34) Exécuté depuis C:\Users\Florian\Downloads Profils chargés: Florian Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1889 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe ->) (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe (C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe ->) (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe (C:\ProgramData\myCANAL\nssm.exe ->) (Groupe Canal+ -> ) C:\ProgramData\myCANAL\myCANAL.Service.exe (DriverStore\FileRepository\igdlh64.inf_amd64_ceba516baea4bed9\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ceba516baea4bed9\igfxEM.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <16> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (services.exe ->) () [Fichier non signé] C:\ProgramData\myCANAL\nssm.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (services.exe ->) (FarStone Technology -> ) C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe (services.exe ->) (Farstone Technology Inc -> ) C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe (services.exe ->) (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (services.exe ->) (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ceba516baea4bed9\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ceba516baea4bed9\IntelCpHDCPSvc.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ceba516baea4bed9\IntelCpHeciSvc.exe (services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.67.21001.0_x64__8wekyb3d8bbwe\gamingservices.exe (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.67.21001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_0563af65101748e9\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe (svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (svchost.exe ->) (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION HKU\S-1-5-21-686184742-4142196940-419817008-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-04-24] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-686184742-4142196940-419817008-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-04-12] (Valve -> Valve Corporation) HKU\S-1-5-21-686184742-4142196940-419817008-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-10-14] (Piriform Ltd -> Piriform Ltd) HKU\S-1-5-21-686184742-4142196940-419817008-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Florian\AppData\Local\Microsoft\Teams\Update.exe [2508552 2022-06-04] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-686184742-4142196940-419817008-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [116060024 2022-05-17] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-686184742-4142196940-419817008-1001\...\Run: [MicrosoftEdgeAutoLaunch_D1E3AC3EE2366DD9456D54F26019181A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827128 2022-08-11] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\Canon MG4200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDB9.DLL [30208 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\104.0.5112.81\Installer\chrmstp.exe [2022-08-09] (Google LLC -> Google LLC) ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {004004EF-C470-46BF-BD8A-DA521C9250CE} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-13] (Microsoft Windows -> Microsoft Corporation) Task: {066F89C8-4260-4C64-8EE8-45EA4C939485} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19786024 2016-08-24] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) Task: {0C637E78-9C61-4250-84AF-1B494A7B7CC8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-11] (Microsoft Corporation -> Microsoft Corporation) Task: {0D022B4B-AD6F-48FE-A7A4-6D929FCD97F5} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-13] (Microsoft Windows -> Microsoft Corporation) Task: {10B27A6F-2947-45B0-BF04-E717BA05F1AA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-10-14] (Piriform Ltd -> Piriform Ltd) Task: {15E825B9-B609-4C4F-A54A-F7C8864865A4} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [909112 2016-07-26] (Intel(R) Trusted Connect Service -> Intel(R) Corporation) Task: {1AFB50AC-F98C-4279-A07A-08DD64861509} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {2C75AA1B-8539-4EF0-9704-013A8E3CBFB5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-08-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {309E3EF8-8C76-4B15-8BA2-267A6707F7A7} - System32\Tasks\WpsKtpcntrQingTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\office6\ktpcntr.exe [1531136 2016-11-11] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd) Task: {35239A76-854F-429C-BACA-559336F4CB0B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {36F095A6-BEDA-4D95-A302-E8B74F7C22D3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3F6320F1-B2CF-4B7B-80BC-2C065FE7791C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-11] (Microsoft Corporation -> Microsoft Corporation) Task: {4AAA5D41-477A-4EB4-8B9F-C834F0C763A7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-08-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4B0E3E04-81E3-4CDD-A4E4-4D6D5C5FA374} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4C48BE33-BAE0-41D8-AF54-028543DAFD51} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-13] (Google Inc -> Google Inc.) Task: {4D0BEDAE-70FD-42AE-84B5-F4D2A2093BFC} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {5211043D-6E3D-4E83-8702-E9E3AF8D31CE} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Pas de fichier) Task: {52A69176-9CAA-45A2-ACD2-B979557201DF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {5EE08B53-5F87-4A5E-86DF-72BD5B745C05} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe (Pas de fichier) Task: {634CD373-987E-4969-B77F-F0658F2D6569} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {6B289746-8E01-40B2-A8A0-1B0F938F9166} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {7ED0AF23-06F6-42B5-B060-9A010104101C} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {83D1AE6A-1545-413B-885F-E8092A3B9CE8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A653C8EB-5460-494D-9525-C844D048CF3E} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-12] (AVAST Software s.r.o. -> AVAST Software) Task: {B1A611CC-E153-4034-8D56-C98AC94FD1FD} - System32\Tasks\ROG Gaming Center => C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe [3868344 2016-10-21] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {B6DBB9AC-19CF-4108-8A3F-C0839E9BB629} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-12] (AVAST Software s.r.o. -> AVAST Software) Task: {BCCFF2B6-80C5-4E71-BE36-D3F56AD756CC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-04-13] (Piriform Software Ltd -> Piriform Software Ltd) Task: {C9265ED8-EE2B-4C37-9C68-71D53D03E7D5} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {CBA82838-748C-4A6E-8035-FA80975384A9} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {CD7DCC0A-2BDD-4426-8E8F-3684FFB0FA60} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-13] (Google Inc -> Google Inc.) Task: {D707EC43-E469-4918-83B8-EBBCE8723AE0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-08-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D9717F60-891E-44CD-B923-F7F324FE009B} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269120 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {D9AAF28C-2185-42DB-8000-E2DFA8F0E437} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe /RunUsoScanOnly (Pas de fichier) Task: {DAE83811-96CB-4F51-B2F8-17B7DF0E009B} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61856 2022-08-11] (Microsoft Corporation -> Microsoft Corporation) Task: {E18EAFC9-11B7-4C13-9974-62945FC30E90} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION Task: {E2887E08-4EA5-49B7-AF16-CB28E7FA12EF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-08-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E39B04FB-3166-494E-B519-06F60D7B1BBC} - System32\Tasks\WpsExternal_20161111081738 => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe [516352 2016-11-11] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd) Task: {E5AA0503-A5CA-47AC-9DD9-034825BFBCF5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-08-13] (Microsoft Corporation -> Microsoft Corporation) Task: {E5CDB769-8F04-44A3-900E-5CAF192DD454} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {E69F6CAC-860C-4E8D-ADEE-A7EE28EB92F3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {EB0B9ED7-F699-4785-9E20-611C682807EC} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {FCB3FD18-6896-41A5-BEC2-3E8DE5DBDAC6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-08-13] (Microsoft Corporation -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\WpsExternal_20161111081738.job => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe Task: C:\WINDOWS\Tasks\WpsKtpcntrQingTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\office6\ktpcntr.exeÃqing 10.1.0.5644 xxx server_url=hxxp:/kdl1.cache.wps.com/ksodl/wpscfg/client/____client____html____service____bubble.html ic_server_url=hxxp:/info.kingsoftstore.com/wpsv6internet/infos.ads ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{3e74093f-db06-4722-95ec-f5021e5aef35}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{59e402fd-1f76-477c-86d4-9d7ee296b8cc}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{5bd251d2-e276-4ba1-a5c9-8d16b719072d}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{c50397cc-ba2a-4dda-b5a7-a10d6f43ec91}: [DhcpNameServer] 192.168.42.129 Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\Florian\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-14] FireFox: ======== FF DefaultProfile: cp2dgq88.default FF ProfilePath: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\y2w1jekf.default-release [2022-08-14] FF ProfilePath: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\cp2dgq88.default [2022-08-14] FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\cp2dgq88.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-13] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-08-13] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-08-13] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default [2022-08-14] CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-07-27] CHR Extension: (Protection Web Avira) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-08-09] CHR Extension: (Google Docs hors connexion) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-24] CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-07-22] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) R2 AsHidService; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe [126648 2016-06-16] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-12] (AVAST Software s.r.o. -> AVAST Software) S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-12] (AVAST Software s.r.o. -> AVAST Software) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12102608 2022-08-11] (Microsoft Corporation -> Microsoft Corporation) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-04-24] (Disc Soft Ltd -> Disc Soft Ltd) R2 FBAgent; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe [73032 2014-08-13] (FarStone Technology -> ) S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\wtoolex\wpsupdatesvr.exe [133376 2016-11-11] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [8680192 2022-08-14] (Malwarebytes Inc. -> Malwarebytes) R2 myCANAL Server; C:\ProgramData\myCANAL\nssm.exe [294912 2018-12-10] () [Fichier non signé] S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2475312 2019-12-12] (Electronic Arts, Inc. -> Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3352376 2019-12-12] (Electronic Arts, Inc. -> Electronic Arts) S3 ROGGamingCenterService; C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingCenterService.exe [42680 2016-10-21] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH -> TeamViewer GmbH) R2 Tran_Process_Proc; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe [71024 2014-03-25] (Farstone Technology Inc -> ) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-08-14] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-08-14] (Microsoft Windows Publisher -> Microsoft Corporation) S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\WPS Office\wpscloudsvr.exe [162048 2016-11-11] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd) S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [X] R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_0563af65101748e9\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_0563af65101748e9\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem S2 RichVideo64; "C:\Program Files\CyberLink\Shared files\RichVideo64.exe" [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [29312 2016-08-24] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.) R3 AsusHFilter; C:\WINDOWS\System32\drivers\AsusHFilter.sys [30200 2016-12-22] (ASUSTeK Computer Inc. -> ) R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.) R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-06-13] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-06-13] (Disc Soft Ltd -> Disc Soft Ltd) S3 ELO71AIR; C:\WINDOWS\System32\drivers\ELO71AIR.sys [4251552 2020-08-16] (Microsoft Windows Hardware Compatibility Publisher -> C-MEDIA Inc.) S3 farmntio; C:\Windows\system32\drivers\farmntio.sys [25144 2014-03-25] (FarStone Technology -> ) [Fichier non signé] R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-08-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-08-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MpKslb9098356; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0DDF3B5F-D83F-4450-8E42-E1383F05A279}\MpKslDrv.sys [141576 2022-08-14] (Microsoft Windows -> Microsoft Corporation) R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [79504 2016-09-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [338368 2017-12-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-08-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-08-14] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-08-14] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-08-14 16:17 - 2022-08-14 16:18 - 000032950 _____ C:\Users\Florian\Downloads\FRST.txt 2022-08-14 16:13 - 2022-08-14 16:13 - 000353946 _____ C:\Users\Florian\Desktop\ZHPDiag.txt 2022-08-14 13:56 - 2022-08-14 13:56 - 000001536 _____ C:\Users\Florian\Desktop\MBAM.txt 2022-08-14 13:34 - 2022-08-14 13:55 - 000000000 ____D C:\Users\Florian\AppData\LocalLow\IGDump 2022-08-14 13:24 - 2022-08-14 13:24 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-08-14 13:24 - 2022-08-14 13:22 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2022-08-14 13:09 - 2022-08-14 13:12 - 000000000 ____D C:\AdwCleaner 2022-08-14 13:08 - 2022-08-14 13:08 - 008551608 _____ (Malwarebytes) C:\Users\Florian\Downloads\adwcleaner_8.3.2.exe 2022-08-14 12:53 - 2022-08-14 12:53 - 000000879 _____ C:\Users\Florian\Desktop\ZHPCleaner.lnk 2022-08-14 12:52 - 2022-08-14 12:52 - 003303624 _____ (Nicolas Coolman) C:\Users\Florian\Downloads\ZHPCleaner.exe 2022-08-14 10:35 - 2022-08-14 10:35 - 000000000 ____D C:\Users\Florian\AppData\Local\OneDrive 2022-08-14 10:28 - 2022-08-14 15:48 - 000004608 ___RH C:\farstone_pe.letter 2022-08-13 21:50 - 2022-08-14 16:18 - 000000000 ____D C:\FRST 2022-08-13 21:35 - 2022-08-13 21:35 - 002370048 _____ (Farbar) C:\Users\Florian\Downloads\FRST64.exe 2022-08-13 21:29 - 2022-08-14 16:13 - 000000000 ____D C:\Users\Florian\AppData\Roaming\ZHP 2022-08-13 21:29 - 2022-08-14 12:53 - 000000000 ____D C:\Users\Florian\AppData\Local\ZHP 2022-08-13 21:29 - 2022-08-13 21:29 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2022-08-13 21:29 - 2022-08-13 21:29 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2022-08-13 21:29 - 2022-08-13 21:29 - 000000869 _____ C:\Users\Florian\Desktop\ZHPSuite.lnk 2022-08-13 21:28 - 2022-08-13 21:28 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-08-13 21:26 - 2022-08-13 21:26 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2022-08-13 21:25 - 2022-08-13 21:25 - 003489992 _____ (Nicolas Coolman) C:\Users\Florian\Downloads\ZHPSuite.exe 2022-08-13 21:23 - 2022-08-13 21:23 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2022-08-13 21:22 - 2022-08-13 21:22 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-08-13 21:22 - 2022-08-13 21:22 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2022-08-13 21:22 - 2022-08-13 21:22 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2022-08-13 20:11 - 2022-08-13 20:11 - 000000000 ___HD C:\$WinREAgent 2022-07-30 14:10 - 2022-07-30 14:17 - 1106905168 _____ C:\Users\Florian\Downloads\Doctor.Strange.in.the.Multiverse.of.Madness.2022.TRUEFRENCH.BDRip.x264.AC3-Wawacity.red.mp4 2022-07-15 14:54 - 2022-07-15 14:54 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe 2022-07-15 14:54 - 2022-07-15 14:54 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com 2022-07-15 14:54 - 2022-07-15 14:54 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll 2022-07-15 14:54 - 2022-07-15 14:54 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com 2022-07-15 14:54 - 2022-07-15 14:54 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com 2022-07-15 14:53 - 2022-07-15 14:53 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2022-07-15 14:53 - 2022-07-15 14:53 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-07-15 14:53 - 2022-07-15 14:53 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll 2022-07-15 14:53 - 2022-07-15 14:53 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll 2022-07-15 14:53 - 2022-07-15 14:53 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com 2022-07-15 14:53 - 2022-07-15 14:53 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com 2022-07-15 14:53 - 2022-07-15 14:53 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com 2022-07-15 14:52 - 2022-07-15 14:52 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll 2022-07-15 14:51 - 2022-07-15 14:51 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll 2022-07-15 14:50 - 2022-07-15 14:50 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-07-15 14:50 - 2022-07-15 14:50 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll 2022-07-15 14:49 - 2022-07-15 14:49 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll 2022-07-03 19:48 - 2022-07-03 19:48 - 000000000 ____D C:\Users\Florian\.ms-ad 2022-06-17 19:50 - 2022-06-17 19:50 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2022-06-17 19:50 - 2022-06-17 19:50 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll 2022-06-17 19:48 - 2022-06-17 19:48 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2022-06-08 17:24 - 2022-06-08 17:24 - 000001381 _____ C:\Users\Public\Desktop\Skype.lnk 2022-06-08 17:24 - 2022-06-08 17:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2022-06-07 20:25 - 2022-06-07 20:25 - 000000000 ____D C:\Program Files (x86)\Windows Kits 2022-06-07 20:25 - 2022-06-07 20:25 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput 2022-06-03 18:57 - 2022-06-04 12:04 - 000002376 _____ C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2022-06-03 18:57 - 2022-06-03 18:57 - 000000000 ____D C:\Users\Florian\AppData\Roaming\Teams ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-08-14 15:52 - 2017-08-09 22:39 - 000000000 ____D C:\ProgramData\NVIDIA 2022-08-14 15:51 - 2017-06-13 16:42 - 000000000 ____D C:\Program Files (x86)\Google 2022-08-14 15:49 - 2017-06-13 16:32 - 000000000 __SHD C:\Users\Florian\IntelGraphicsProfiles 2022-08-14 15:48 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-08-14 15:47 - 2020-11-03 21:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-08-14 15:47 - 2020-11-03 21:15 - 000008192 ___SH C:\DumpStack.log.tmp 2022-08-14 15:47 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2022-08-14 15:28 - 2016-11-11 10:17 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2022-08-14 15:27 - 2020-11-03 21:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-08-14 13:31 - 2018-12-14 19:17 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2022-08-14 13:26 - 2018-06-24 20:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-08-14 13:24 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-08-14 13:24 - 2018-12-14 19:17 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2022-08-14 13:22 - 2018-12-14 19:17 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2022-08-14 13:22 - 2017-10-26 19:40 - 000000000 ____D C:\Program Files\Malwarebytes 2022-08-14 13:19 - 2019-04-13 17:30 - 000000000 ____D C:\Program Files (x86)\BraveSoftware 2022-08-14 13:14 - 2017-01-05 16:03 - 000000000 ____D C:\Program Files\CyberLink 2022-08-14 13:12 - 2016-11-11 10:17 - 000000000 ____D C:\Program Files (x86)\ASUS 2022-08-14 12:52 - 2017-06-13 17:37 - 000000000 ____D C:\Users\Florian\AppData\Local\CrashDumps 2022-08-14 12:51 - 2017-01-05 15:33 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2022-08-14 12:49 - 2017-01-05 16:01 - 000000000 ____D C:\ProgramData\CyberLink 2022-08-14 12:47 - 2017-06-13 20:40 - 000000000 ____D C:\Program Files (x86)\Construction Simulator 2015 2022-08-14 12:46 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-08-14 12:45 - 2017-06-13 16:35 - 000000200 _____ C:\Users\Florian\AppData\Roaming\sp_data.sys 2022-08-14 10:45 - 2019-04-13 17:29 - 000000000 ____D C:\Users\Florian\AppData\Local\BraveSoftware 2022-08-14 10:43 - 2017-09-05 16:58 - 000000000 ____D C:\Users\Florian\AppData\Roaming\discord 2022-08-14 10:42 - 2017-09-05 16:57 - 000000000 ____D C:\Users\Florian\AppData\Local\Discord 2022-08-14 10:37 - 2021-12-13 21:16 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-686184742-4142196940-419817008-1001 2022-08-14 10:37 - 2020-11-03 21:51 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-686184742-4142196940-419817008-1001 2022-08-14 10:37 - 2020-11-03 21:23 - 000002425 _____ C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-08-14 10:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-08-14 10:31 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-08-13 22:23 - 2020-11-03 21:51 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2022-08-13 22:20 - 2020-11-03 21:34 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-08-13 22:20 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat 2022-08-13 22:20 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat 2022-08-13 22:14 - 2020-11-03 21:15 - 000472736 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-08-13 22:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2022-08-13 22:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-08-13 22:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-08-13 22:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2022-08-13 22:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2022-08-13 22:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-08-13 22:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-08-13 22:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-08-13 22:09 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2022-08-13 22:09 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-08-13 22:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-08-13 21:45 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-08-13 21:39 - 2019-08-15 17:32 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab 2022-08-13 21:27 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2022-08-13 21:27 - 2019-08-15 17:33 - 000000000 ____D C:\Program Files\Common Files\AV 2022-08-13 21:26 - 2021-10-14 20:58 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-08-13 21:25 - 2018-06-24 20:27 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2022-08-13 21:22 - 2020-11-03 21:19 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-08-13 21:20 - 2018-04-12 21:27 - 000000000 ____D C:\Users\Florian\AppData\Local\Packages 2022-08-13 21:15 - 2019-04-13 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2022-08-13 21:15 - 2019-04-13 17:34 - 000000000 ____D C:\Program Files (x86)\Java 2022-08-13 21:14 - 2019-04-13 17:35 - 000168144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2022-08-13 21:07 - 2019-04-13 20:21 - 000000000 ____D C:\Users\Florian\AppData\Roaming\vlc 2022-08-13 20:15 - 2020-06-25 19:49 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-08-13 20:15 - 2020-06-25 19:49 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-08-13 20:12 - 2017-01-05 16:08 - 000000000 ____D C:\Program Files\Microsoft Office 2022-08-11 20:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2022-08-11 19:33 - 2017-06-15 10:33 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-08-11 19:27 - 2017-06-15 10:33 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-08-09 19:08 - 2017-10-03 13:32 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2022-07-30 14:17 - 2021-11-24 21:54 - 002754000 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll 2022-07-30 14:17 - 2021-11-24 21:54 - 000402904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll 2022-07-30 14:17 - 2021-11-24 21:54 - 000234960 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll 2022-07-30 14:17 - 2021-11-24 21:54 - 000198096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll 2022-07-30 14:17 - 2021-11-24 21:54 - 000144856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll 2022-07-30 14:17 - 2021-11-24 21:54 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2022-07-30 14:17 - 2021-11-24 21:54 - 000067032 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe 2022-07-22 18:56 - 2020-11-03 21:51 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-07-15 20:48 - 2017-11-01 19:34 - 000000000 ____D C:\Program Files\CCleaner 2022-07-15 20:45 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2022-07-15 20:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2022-07-15 20:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-07-15 20:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2022-07-15 20:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents ==================== Fichiers à la racine de certains dossiers ======== 2017-06-13 16:35 - 2022-08-14 12:45 - 000000200 _____ () C:\Users\Florian\AppData\Roaming\sp_data.sys 2017-10-29 12:33 - 2017-12-03 16:30 - 000007601 _____ () C:\Users\Florian\AppData\Local\Resmon.ResmonCfg ==================== SigCheckExt ========================= 2016-07-16 13:42 - 2016-07-16 13:42 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AllJoynDiscoveryPlugin.dll 2017-06-15 10:31 - 2017-03-28 07:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll 2021-11-24 21:54 - 2022-07-30 14:17 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2017-06-15 10:32 - 2017-03-04 08:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-07-16 13:43 - 2016-07-17 00:54 - 003584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll 2016-07-16 13:42 - 2016-07-16 13:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDiscoveryPlugin.dll 2016-07-16 13:42 - 2016-07-16 13:42 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiOnboardingPlugin.dll 2018-01-30 12:01 - 2012-01-16 15:21 - 000103424 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_B9U.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\configmanager2.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coredpus.dll 2017-06-15 10:32 - 2017-03-04 08:18 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2016-07-16 13:44 - 2016-07-17 00:54 - 002549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll 2022-08-13 21:35 - 2022-08-13 21:35 - 002370048 _____ (Farbar) C:\Users\Florian\Downloads\FRST64.exe 2022-08-14 12:52 - 2022-08-14 12:52 - 003303624 _____ (Nicolas Coolman) C:\Users\Florian\Downloads\ZHPCleaner.exe 2022-08-13 21:25 - 2022-08-13 21:25 - 003489992 _____ (Nicolas Coolman) C:\Users\Florian\Downloads\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {a29adf6f-6643-11e7-a101-c8215827dca0} {a29adf70-6643-11e7-a101-c8215827dca0} {a29adf71-6643-11e7-a101-c8215827dca0} timeout 1 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {e11e4994-1e08-11eb-876b-c0b0260b6ecf} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {a29adf6f-6643-11e7-a101-c8215827dca0} description UEFI:CD/DVD Drive Application logicielle (101fffff) -------------------------------- identificateur {a29adf70-6643-11e7-a101-c8215827dca0} description UEFI:Removable Device Application logicielle (101fffff) -------------------------------- identificateur {a29adf71-6643-11e7-a101-c8215827dca0} description UEFI:Network Device Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {e11e4996-1e08-11eb-876b-c0b0260b6ecf} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {e11e4994-1e08-11eb-876b-c0b0260b6ecf} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {e11e4996-1e08-11eb-876b-c0b0260b6ecf} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{e11e4997-1e08-11eb-876b-c0b0260b6ecf} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{e11e4997-1e08-11eb-876b-c0b0260b6ecf} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {e58df062-d347-11e6-a0e9-2c4d54bf4b62} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{e58df063-d347-11e6-a0e9-2c4d54bf4b62} path \windows\system32\winload.efi description Windows Recovery Environment locale en-us inherit {bootloadersettings} displaymessage Recovery displaymessageoverride Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{e58df063-d347-11e6-a0e9-2c4d54bf4b62} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {e11e4994-1e08-11eb-876b-c0b0260b6ecf} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {e11e4996-1e08-11eb-876b-c0b0260b6ecf} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} integrityservices Enable ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {e11e4997-1e08-11eb-876b-c0b0260b6ecf} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================