Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2023 Exécuté par giott (administrateur) sur LAPTOP-COSPC6SL (HUAWEI NBLK-WAX9X) (26-10-2023 10:47:21) Exécuté depuis C:\Users\giott\Desktop\FRST64.exe Profils chargés: giott Plate-forme: Microsoft Windows 11 Famille Version 21H2 22000.2538 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files\Huawei\PCManager\HwMdcCenter.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\DFSSearchService.exe (C:\Program Files\Huawei\PCManager\HwMdcCenter.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\HwMdcUI.exe (C:\Program Files\Huawei\PCManager\MateBookService.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\HwMdcCenter.exe (C:\Program Files\Huawei\PCManager\MateBookService.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\MBAMessageCenter.exe (C:\Program Files\Huawei\PCManager\MateBookService.exe ->) (Huawei Technologies Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\Hiview\HiviewService.exe (C:\Program Files\Huawei\PCManager\MBAMessageCenter.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\MessageCenterUI.exe (C:\Program Files\Huawei\PCManager\MBAMessageCenter.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\PerfWndMonHelper.exe (C:\Program Files\Huawei\PCManager\MBAMessageCenter.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\PerfWndMonHelper_x86.exe (C:\Program Files\WindowsApps\MicrosoftTeams_23258.705.2453.6430_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\118.0.2088.69\msedgewebview2.exe <12> (DriverStore\FileRepository\u0355756.inf_amd64_5146fc3a012e7afa\B354291\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0355756.inf_amd64_5146fc3a012e7afa\B354291\atieclxx.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0355756.inf_amd64_5146fc3a012e7afa\B354291\atiesrxx.exe (services.exe ->) (Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2> (services.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\BasicService\BasicService.exe (services.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\HwLcdEnhancement\LCD_Service.exe (services.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\HiConnectivityService.exe (services.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\HwDistributedMainService.exe (services.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\MateBookService.exe (services.exe ->) (Huawei Technologies Co., Ltd. -> ) C:\Windows\System32\RPC\OSD\osdservice.exe (services.exe ->) (Huawei Technologies Co., Ltd. -> Huawei Technologies Co., Ltd.) C:\Program Files\Huawei\wucs\WUCSProxyService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\drivers\SessionService.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3> (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.23500.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [971552 2019-09-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKU\S-1-5-21-1481358650-130493648-779896752-1001\...\Run: [MicrosoftEdgeAutoLaunch_22BBB5992453DBD7F8EBF5F4CE944546] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4187176 2023-10-24] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Print\Monitors\HP c111 Status Monitor: C:\WINDOWS\system32\hpinkstsc111LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\WINDOWS\system32\PEPrinterMonitor.dll [285232 2021-04-06] (Wondershare Technology Co.,Ltd -> Wondershare Software) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\118.0.5993.117\Installer\chrmstp.exe [2023-10-25] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.40\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> Startup: C:\Users\giott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Deskjet 1510 series.lnk [2023-10-25] ShortcutAndArgument: Alertes de surveillance de l'encre - HP Deskjet 1510 series.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 1510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN49M193CR05YR;CONNECTION=USB;MONITOR=1; ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {BAA3CDFC-4834-4BD8-BD1F-6ABDA6EE4B25} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-21] (Adobe Inc. -> Adobe Inc.) Task: {A1CEEB07-FE21-40D9-BF4C-67F2AAD52396} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-20] (Google LLC -> Google LLC) Task: {4CD7B85C-B6DD-4367-AD25-1EF613739DAA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-20] (Google LLC -> Google LLC) Task: {BA412502-AA35-4553-AB15-F305B22DC206} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [5745672 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.) Task: {3ABDA11D-2784-4576-85D4-74CBF5D795E1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26977976 2023-10-25] (Microsoft Corporation -> Microsoft Corporation) Task: {A3BFEE9B-43A7-472F-A0EC-81DDA9BC3E4F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26977976 2023-10-25] (Microsoft Corporation -> Microsoft Corporation) Task: {4365346A-933E-4554-A9BF-6C838BEB6068} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160736 2023-10-25] (Microsoft Corporation -> Microsoft Corporation) Task: {871F2513-ECB6-4004-81DC-8E543F993B6C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160736 2023-10-25] (Microsoft Corporation -> Microsoft Corporation) Task: {EAE663C2-10B9-4AAB-AA5E-DCE22937E8A2} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169136 2023-10-25] (Microsoft Corporation -> Microsoft Corporation) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Pas de fichier) Task: {F17F8112-F5CE-4007-8BA8-E50FA67644B6} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} Task: {7993B7CE-08AD-49CD-B31C-C8C7B36EE21D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-21] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7848FF0D-37BF-4624-AE17-AB81E244901C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-21] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A2E0C184-37C2-4B40-A50B-37A71356876D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-21] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B440232B-C1D9-44AD-A4C5-A104DDA294F5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-21] (Microsoft Windows Publisher -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{c057b409-099f-4c5b-bd93-540e0f3fc2d5}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{f512d62d-2de6-4479-acb1-5a345a9fa1f8}: [DhcpNameServer] 40.41.1.12 Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\giott\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-26] Edge DownloadDir: Default -> C:\Users\giott\Desktop Edge Notifications: Default -> hxxps://www.auto-doc.fr Edge Session Restore: Default -> est activé. Edge Extension: (Google Docs hors connexion) - C:\Users\giott\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-20] Edge Extension: (Edge relevant text changes) - C:\Users\giott\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-20] FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-09-20] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-10-25] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\giott\AppData\Local\Google\Chrome\User Data\Default [2023-10-25] CHR HomePage: Default -> hxxp://start.mysearchdial.com/?f=1&a=tele_14_26_ff&cd=2XzuyEtN2Y1L1Qzu0B0E0E0EyB0B0AtCtCtD0C0EyD0C0CyDtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFyEtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDyByCyC0E0EtD0BtGtAzzyEzytG0C0EyCtAtGzyzzzytDtGyC0C0BtDtDtD0DtC0FyE0EtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyCyCtC0B0AzytDtGyEzyyE0FtGzzyEtA0AtGtByEzy0BtGyE0B0A0EyCtCzzyCyDzy0D0B2Q&cr=1921040990&ir= CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Extension: (Free Ad Blocker Pro pour Chrome™) - C:\Users\giott\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbeplhdfbnhldomfdjhfnpaghdjdeadp [2023-09-10] CHR Extension: (anonymoX) - C:\Users\giott\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpklikeghomkemdellmmkoifgfbakio [2021-01-10] CHR Extension: (Flash® Player for YouTube™) - C:\Users\giott\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajdkhdcndkniopfefocbgbkofflagpm [2021-01-10] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\giott\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Profile: C:\Users\giott\AppData\Local\Google\Chrome\User Data\System Profile [2021-05-14] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-21] (Adobe Inc. -> Adobe Inc.) S2 BatteryFirmwareUpgrade; C:\Program Files\Huawei\BatteryParaModify2\MainService.exe [256136 2023-10-25] (Huawei Device Co., Ltd. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12860928 2023-10-25] (Microsoft Corporation -> Microsoft Corporation) R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1641416 2019-05-07] (Dolby Laboratories, Inc. -> ) R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [360320 2019-09-05] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) R2 HiConnectivityService; C:\Program Files\Huawei\PCManager\HiConnectivityService.exe [1701240 2023-06-06] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) R2 Huawei_OSDServer; C:\Windows\system32\RPC\OSD\osdservice.exe [217072 2019-08-16] (Huawei Technologies Co., Ltd. -> ) R2 HwDistributedMainService; C:\Program Files\Huawei\PCManager\HwDistributedMainService.exe [1600376 2023-06-06] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) R2 HwPCCoreService; C:\Program Files\Huawei\BasicService\BasicService.exe [630136 2023-06-02] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) R2 LCD_Service; C:\Program Files\Huawei\HwLcdEnhancement\LCD_Service.exe [44408 2023-05-26] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) R2 MBAMainService; C:\Program Files\Huawei\PCManager\MateBookService.exe [598392 2023-06-06] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16184216 2022-06-23] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe [3116904 2023-10-21] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe [133584 2023-10-21] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WUCSProxy; C:\Program Files\Huawei\wucs\WUCSProxyService.exe [7148616 2023-05-18] (Huawei Technologies Co., Ltd. -> Huawei Technologies Co., Ltd.) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 HwOs2ECx64; C:\Program Files\Huawei\PCManager\HwOs2EC10x64.sys [50808 2023-06-06] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) R3 virtbus; C:\WINDOWS\System32\drivers\virtbus.sys [42928 2023-06-06] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-10-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572712 2023-10-21] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105872 2023-10-21] (Microsoft Windows -> Microsoft Corporation) R2 WUCS; C:\WINDOWS\system32\drivers\WUCSDriver.sys [969664 2023-05-18] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 MpKsl281c44b4; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1C16A424-8522-440A-8E58-6AEACD51F500}\MpKslDrv.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) Erreur lors de la lecture du fichier: "C:\WINDOWS\system32\RtkCfg64.dll" Erreur lors de la lecture du fichier: "C:\WINDOWS\system32\RtkAudUService64.exe" Erreur lors de la lecture du fichier: "C:\WINDOWS\system32\RtkApi64U.dll" Erreur lors de la lecture du fichier: "C:\WINDOWS\system32\RtDataProc64.dll" Erreur lors de la lecture du fichier: "C:\WINDOWS\system32\RtCOM64.dll" Erreur lors de la lecture du fichier: "C:\WINDOWS\system32\RltkAPOU64.dll" 2023-10-25 22:04 - 2023-10-25 22:04 - 000000000 ___HD C:\$WinREAgent 2023-10-25 21:48 - 2023-10-25 21:48 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2023-10-25 21:46 - 2023-10-25 21:46 - 000000020 ___SH C:\Users\giott\ntuser.ini 2023-10-25 21:45 - 2023-10-25 23:19 - 001709664 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-10-25 21:45 - 2023-10-25 23:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-10-25 21:45 - 2023-10-25 21:45 - 000017148 _____ C:\WINDOWS\diagwrn.xml 2023-10-25 21:45 - 2023-10-25 21:45 - 000017148 _____ C:\WINDOWS\diagerr.xml 2023-10-25 21:45 - 2023-10-25 21:45 - 000003618 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-10-25 21:45 - 2023-10-25 21:45 - 000003526 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2023-10-25 21:45 - 2023-10-25 21:45 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2023-10-25 21:45 - 2023-10-25 21:45 - 000003394 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-10-25 21:45 - 2023-10-25 21:45 - 000003302 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2023-10-25 21:45 - 2023-10-25 21:45 - 000003058 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1481358650-130493648-779896752-1001 2023-10-25 21:45 - 2023-10-25 21:45 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1481358650-130493648-779896752-1001 2023-10-25 21:45 - 2023-10-25 21:45 - 000002704 _____ C:\WINDOWS\system32\Tasks\HPCustParticipation HP Deskjet 1510 series 2023-10-25 21:45 - 2023-10-25 21:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime 2023-10-25 21:43 - 2023-10-25 21:43 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network 2023-10-25 21:42 - 2023-10-26 10:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-10-25 21:42 - 2023-10-25 22:51 - 000000000 ____D C:\Windows.old 2023-10-25 21:42 - 2023-10-25 21:42 - 000470448 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-10-25 21:33 - 2023-10-25 21:42 - 000000000 ____D C:\Users\giott\AppData\Roaming\Microsoft\Crypto 2023-10-25 21:33 - 2023-10-25 21:42 - 000000000 ____D C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Crypto 2023-10-25 21:33 - 2023-10-25 21:33 - 000000000 ____D C:\Users\giott\AppData\Roaming\Microsoft\SystemCertificates 2023-10-25 21:33 - 2023-10-25 21:33 - 000000000 ____D C:\Users\giott\AppData\Roaming\Microsoft\Network 2023-10-25 21:33 - 2023-10-25 21:33 - 000000000 ____D C:\Users\defaultuser100000\AppData\Roaming\Microsoft\SystemCertificates 2023-10-25 21:33 - 2023-10-25 21:33 - 000000000 ____D C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Network 2023-10-25 21:31 - 2023-10-25 21:42 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2023-10-25 21:30 - 2023-10-25 21:48 - 000000000 ____D C:\Users\giott\AppData\Roaming\Microsoft\Windows 2023-10-25 21:30 - 2023-10-25 21:46 - 000000000 ____D C:\Users\giott 2023-10-25 21:30 - 2023-10-25 21:43 - 000000000 ____D C:\Users\defaultuser100000 2023-10-25 21:30 - 2023-10-25 21:42 - 000000000 ____D C:\Users\giott\AppData\Roaming\Microsoft\Spelling 2023-10-25 21:30 - 2023-10-25 21:30 - 000000000 _SHDL C:\Users\giott\Voisinage réseau 2023-10-25 21:30 - 2023-10-25 21:30 - 000000000 _SHDL C:\Users\giott\Voisinage d'impression 2023-10-25 21:30 - 2023-10-25 21:30 - 000000000 _SHDL C:\Users\giott\Modèles 2023-10-25 21:30 - 2023-10-25 21:30 - 000000000 _SHDL C:\Users\giott\Mes documents 2023-10-25 21:30 - 2023-10-25 21:30 - 000000000 _SHDL C:\Users\giott\Menu Démarrer 2023-10-25 21:30 - 2023-10-25 21:30 - 000000000 _SHDL C:\Users\giott\Documents\Mes vidéos 2023-10-25 21:30 - 2023-10-25 21:30 - 000000000 _SHDL C:\Users\giott\Documents\Mes images 2023-10-25 21:30 - 2023-10-25 21:30 - 000000000 _SHDL C:\Users\giott\Documents\Ma musique 2023-10-25 21:30 - 2023-10-25 21:30 - 000000000 _SHDL C:\Users\giott\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2023-10-25 21:30 - 2023-10-25 21:30 - 000000000 _SHDL C:\Users\giott\AppData\Local\Historique 2023-10-25 21:30 - 2023-10-25 21:30 - 000000000 _SHDL C:\Users\defaultuser100000\Voisinage réseau 2023-10-25 21:30 - 2023-10-25 21:30 - 000000000 _SHDL C:\Users\defaultuser100000\Voisinage d'impression 2023-10-25 21:30 - 2023-10-25 21:30 - 000000000 _SHDL C:\Users\defaultuser100000\Modèles 2023-10-25 21:30 - 2023-10-25 21:30 - 000000000 _SHDL C:\Users\defaultuser100000\Mes documents 2023-10-25 21:30 - 2023-10-25 21:30 - 000000000 _SHDL C:\Users\defaultuser100000\Menu Démarrer 2023-10-25 21:30 - 2023-10-25 21:30 - 000000000 _SHDL C:\Users\defaultuser100000\Documents\Mes vidéos 2023-10-25 21:30 - 2023-10-25 21:30 - 000000000 _SHDL C:\Users\defaultuser100000\Documents\Mes images 2023-10-25 21:30 - 2023-10-25 21:30 - 000000000 _SHDL C:\Users\defaultuser100000\Documents\Ma musique 2023-10-25 21:30 - 2023-10-25 21:30 - 000000000 _SHDL C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2023-10-25 21:30 - 2023-10-25 21:30 - 000000000 _SHDL C:\Users\defaultuser100000\AppData\Local\Historique 2023-10-25 21:30 - 2023-10-25 21:30 - 000000000 ____D C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows 2023-10-25 21:30 - 2021-06-05 14:10 - 000000000 ____D C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Spelling 2023-10-25 21:29 - 2023-10-25 21:31 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2023-10-25 21:29 - 2023-10-25 21:29 - 000000000 ____D C:\WINDOWS\system32\dolbyaposvc 2023-10-25 21:29 - 2023-10-25 21:29 - 000000000 ____D C:\WINDOWS\system32\AMD 2023-10-25 21:25 - 2023-10-25 21:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient 2023-10-25 21:20 - 2023-10-25 21:20 - 000009522 _____ C:\WINDOWS\system32\ResPriUHMImageList 2023-10-25 21:20 - 2023-10-25 21:20 - 000009522 _____ C:\WINDOWS\system32\ResPriImageList 2023-10-25 21:20 - 2023-10-25 21:20 - 000009522 _____ C:\WINDOWS\system32\ResPriHMImageList 2023-10-25 21:20 - 2023-10-25 21:20 - 000009402 _____ C:\WINDOWS\system32\ResPriHMImageListLowCost 2023-10-25 21:20 - 2023-10-25 21:20 - 000008964 _____ C:\WINDOWS\system32\ResPriLMImageList 2023-10-25 21:20 - 2023-10-25 21:20 - 000008870 _____ C:\WINDOWS\system32\ResPriImageListLowCost 2023-10-25 21:19 - 2023-10-25 21:19 - 000041594 _____ C:\WINDOWS\SysWOW64\ctac.json 2023-10-25 21:17 - 2023-10-25 21:17 - 000041594 _____ C:\WINDOWS\system32\ctac.json 2023-10-25 21:07 - 2023-10-25 21:07 - 000000000 ____D C:\ProgramData\Huawei 2023-10-25 21:01 - 2023-10-25 21:01 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2023-10-25 20:48 - 2023-10-26 10:12 - 000000000 ____D C:\Users\giott\AppData\Roaming\PCManager 2023-10-25 20:48 - 2023-10-25 20:48 - 000000000 ____D C:\Users\giott\PCManger 2023-10-25 20:47 - 2023-10-25 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HUAWEI 2023-10-25 20:47 - 2023-10-25 20:47 - 000000991 _____ C:\Users\Public\Desktop\Huawei PC Manager.lnk 2023-10-25 20:46 - 2023-10-25 20:46 - 000000000 ____D C:\Users\giott\Downloads\PCManager_Setup_13.0.6.330(C001)_x64 2023-10-25 20:42 - 2023-10-25 20:45 - 321148368 _____ C:\Users\giott\Downloads\PCManager_Setup_13.0.6.330(C001)_x64.zip 2023-10-25 20:38 - 2023-10-25 21:46 - 000000000 ___DC C:\WINDOWS\Panther 2023-10-25 18:59 - 2023-10-25 18:59 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2023-10-24 20:08 - 2023-10-24 20:08 - 000034032 _____ C:\Users\giott\Desktop\Shortcut.txt 2023-10-24 20:07 - 2023-10-24 20:08 - 000029542 _____ C:\Users\giott\Desktop\Addition.txt 2023-10-24 20:05 - 2023-10-26 10:48 - 000019913 _____ C:\Users\giott\Desktop\FRST.txt 2023-10-24 20:00 - 2023-10-26 10:47 - 000000000 ____D C:\FRST 2023-10-24 19:57 - 2023-10-24 19:57 - 002383360 _____ (Farbar) C:\Users\giott\Desktop\FRST64.exe ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-10-26 10:48 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps 2023-10-26 10:48 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemTemp 2023-10-26 10:48 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-10-26 10:48 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-10-26 10:48 - 2021-06-05 14:09 - 000000000 ____D C:\WINDOWS\INF 2023-10-26 10:43 - 2021-05-17 10:19 - 000000000 ____D C:\Program Files\TeamViewer 2023-10-26 10:39 - 2020-08-16 04:57 - 000000000 ____D C:\Users\giott\AppData\Local\D3DSCache 2023-10-26 10:32 - 2020-12-20 17:12 - 000000000 ____D C:\Program Files (x86)\Google 2023-10-26 10:21 - 2020-08-16 03:42 - 000000000 ____D C:\ProgramData\Goodix 2023-10-26 10:19 - 2020-08-16 04:45 - 000000000 ____D C:\ProgramData\Packages 2023-10-26 10:17 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\appcompat 2023-10-26 10:12 - 2020-08-16 04:59 - 000000000 ___RD C:\Users\giott\OneDrive 2023-10-25 23:19 - 2021-06-05 20:14 - 000771102 _____ C:\WINDOWS\system32\perfh00C.dat 2023-10-25 23:19 - 2021-06-05 20:14 - 000148364 _____ C:\WINDOWS\system32\perfc00C.dat 2023-10-25 23:12 - 2021-06-06 00:24 - 000012288 ___SH C:\DumpStack.log.tmp 2023-10-25 23:12 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ServiceState 2023-10-25 23:12 - 2020-08-16 03:47 - 000000134 _____ C:\WINDOWS\system32\regtest.txt 2023-10-25 23:11 - 2021-06-05 14:01 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2023-10-25 23:11 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-10-25 22:58 - 2020-12-20 17:03 - 000000000 ____D C:\Users\giott\AppData\Local\CrashDumps 2023-10-25 22:04 - 2020-11-27 15:54 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2023-10-25 22:04 - 2020-08-16 04:57 - 000000000 ____D C:\Users\giott\AppData\Local\Packages 2023-10-25 22:03 - 2021-06-05 14:10 - 000000000 ___RD C:\WINDOWS\PrintDialog 2023-10-25 22:01 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth 2023-10-25 22:01 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\servicing 2023-10-25 21:48 - 2020-11-18 14:45 - 000000000 ____D C:\Users\giott\AppData\Local\PlaceholderTileLogoFolder 2023-10-25 21:46 - 2021-06-05 14:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-10-25 21:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-10-25 21:46 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files\Windows NT 2023-10-25 21:46 - 2021-06-05 14:01 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2023-10-25 21:46 - 2020-08-16 04:10 - 000000000 __RHD C:\Users\Public\AccountPictures 2023-10-25 21:45 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files\Windows Defender 2023-10-25 21:44 - 2020-12-20 17:12 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-10-25 21:44 - 2020-12-20 17:12 - 000002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2023-10-25 21:43 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2023-10-25 21:43 - 2020-12-20 16:57 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-10-25 21:42 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2023-10-25 21:42 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\spool 2023-10-25 21:42 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\NDF 2023-10-25 21:42 - 2021-06-05 14:08 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2023-10-25 21:42 - 2021-05-23 23:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2023-10-25 21:42 - 2020-12-24 14:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2023-10-25 21:42 - 2020-12-20 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2023-10-25 21:42 - 2020-11-18 14:47 - 000000000 ____D C:\Program Files\UNP 2023-10-25 21:42 - 2020-08-16 03:44 - 000000000 ____D C:\WINDOWS\system32\RPC 2023-10-25 21:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2023-10-25 21:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2023-10-25 21:38 - 2021-06-05 14:14 - 000000000 ____D C:\WINDOWS\Setup 2023-10-25 21:34 - 2021-06-05 14:10 - 000000000 __RHD C:\Users\Public\Libraries 2023-10-25 21:34 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\USOPrivate 2023-10-25 21:31 - 2021-07-18 19:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2023-10-25 21:31 - 2021-06-05 14:10 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows 2023-10-25 21:30 - 2023-04-10 19:18 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\Packages 2023-10-25 21:29 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2023-10-25 21:26 - 2021-06-05 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\fr 2023-10-25 21:26 - 2021-06-05 20:14 - 000000000 ____D C:\WINDOWS\system32\fr 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\system32\UNP 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\system32\F12 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\WUModels 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemResources 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\vi-VN 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\setup 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\migwiz 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\id-ID 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\gl-ES 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\eu-ES 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\et-EE 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\es-MX 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Dism 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\DDFs 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Com 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\ca-ES 2023-10-25 21:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\appraiser 2023-10-25 21:25 - 2021-06-05 20:22 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2023-10-25 21:25 - 2021-06-05 20:22 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2023-10-25 21:25 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemApps 2023-10-25 21:25 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellExperiences 2023-10-25 21:25 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellComponents 2023-10-25 21:25 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\Provisioning 2023-10-25 21:25 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2023-10-25 21:25 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\IME 2023-10-25 21:25 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\DiagTrack 2023-10-25 21:25 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\BrowserCore 2023-10-25 21:25 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-10-25 21:25 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files\Common Files\System 2023-10-25 21:24 - 2021-06-05 20:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2023-10-25 21:24 - 2021-06-05 20:22 - 000021047 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2023-10-25 21:24 - 2021-06-05 14:08 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2023-10-25 21:24 - 2021-06-05 14:08 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2023-10-25 21:17 - 2021-06-05 14:04 - 000058896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HalExtIntcLpioDMA.dll 2023-10-25 21:17 - 2021-06-05 14:04 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\HalExtIntcPseDMA.dll 2023-10-25 21:17 - 2021-06-05 14:04 - 000054800 _____ (Microsoft Corporation) C:\WINDOWS\system32\HalExtPL080.dll 2023-10-25 21:12 - 2021-06-05 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm 2023-10-25 21:12 - 2021-06-05 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN 2023-10-25 21:12 - 2021-06-05 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr 2023-10-25 21:12 - 2021-06-05 20:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2023-10-25 21:12 - 2021-06-05 20:14 - 000000000 ____D C:\WINDOWS\system32\winrm 2023-10-25 21:12 - 2021-06-05 20:14 - 000000000 ____D C:\WINDOWS\system32\WCN 2023-10-25 21:12 - 2021-06-05 20:14 - 000000000 ____D C:\WINDOWS\system32\slmgr 2023-10-25 21:12 - 2021-06-05 20:14 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2023-10-25 21:12 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\system32\dsc 2023-10-25 21:12 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\OCR 2023-10-25 21:12 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2023-10-25 20:51 - 2020-08-16 03:44 - 000000000 ____D C:\Program Files\Huawei 2023-10-25 20:48 - 2020-08-16 03:44 - 000000000 ____D C:\ProgramData\Comms 2023-10-25 18:58 - 2020-05-07 18:23 - 000000000 ____D C:\Program Files\Microsoft Office 2023-10-25 18:55 - 2020-11-29 11:48 - 000000000 ____D C:\Users\giott\AppData\Roaming\HwSynergy 2023-10-24 20:23 - 2022-10-17 00:34 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk 2023-10-24 20:23 - 2022-10-17 00:34 - 000002131 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk 2023-10-24 15:52 - 2020-08-16 04:57 - 000000000 ____D C:\Users\giott\AppData\Local\ConnectedDevicesPlatform 2023-10-24 12:01 - 2022-04-23 08:20 - 000000000 ____D C:\Program Files\RUXIM 2023-10-24 12:01 - 2020-11-27 15:44 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-10-24 11:41 - 2020-11-27 15:44 - 181553176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-10-21 17:59 - 2020-05-07 18:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2023-10-20 17:19 - 2021-06-06 00:25 - 000002424 _____ C:\Users\giott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de démarrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {724ab873-93d0-11ea-bf45-fc4482d28530} {724ab874-93d0-11ea-bf45-fc4482d28530} {724ab875-93d0-11ea-bf45-fc4482d28530} bootsequence {d66fa4d9-c64c-11eb-8fce-db8ff2eaa5a2} timeout 0 Gestionnaire de démarrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {d66fa4d4-c64c-11eb-8fce-db8ff2eaa5a2} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {724ab873-93d0-11ea-bf45-fc4482d28530} description EFI USB Device Application logicielle (101fffff) -------------------------------- identificateur {724ab874-93d0-11ea-bf45-fc4482d28530} description EFI DVD/CDROM Application logicielle (101fffff) -------------------------------- identificateur {724ab875-93d0-11ea-bf45-fc4482d28530} description EFI Network Application logicielle (101fffff) -------------------------------- identificateur {724ab876-93d0-11ea-bf45-fc4482d28530} description LAN(00E04C68E3BB)-IPv4 Application logicielle (101fffff) -------------------------------- identificateur {c0a7d4be-df61-11ea-8fbd-806e6f6e6963} description LAN(00E04C68E3BB)-IPv6 Application logicielle (101fffff) -------------------------------- identificateur {d66fa4d9-c64c-11eb-8fce-db8ff2eaa5a2} device partition=\Device\HarddiskVolume1 path \EFI\HUAWEI\CapAgent.efi description Huawei Firmware Update Program Installation de Windows ----------------------- identificateur {7254a080-1510-4e85-ac0f-e7fb3d444736} device ramdisk=[C:]\$WINDOWS.~BT\Sources\SafeOS\winre.wim,{d66fa4d6-c64c-11eb-8fce-db8ff2eaa5a2} bootstatdevice partition=C: custom:11000083 partition=C: path \windows\system32\winload.efi description Windows Rollback locale fr-FR bootstatfilepath \$WINDOWS.~BT\Sources\SafeOS\bootstat.dat inherit {bootloadersettings} restartonfailure No osdevice ramdisk=[C:]\$WINDOWS.~BT\Sources\SafeOS\winre.wim,{d66fa4d6-c64c-11eb-8fce-db8ff2eaa5a2} custom:21000152 partition=C: systemroot \windows nx OptIn bootmenupolicy Standard bootstatuspolicy AlwaysDisplayStartupFailures winpe Yes Chargeur de démarrage Windows ----------------------------- identificateur {d66fa4d2-c64c-11eb-8fce-db8ff2eaa5a2} device ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{d66fa4d3-c64c-11eb-8fce-db8ff2eaa5a2} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{d66fa4d3-c64c-11eb-8fce-db8ff2eaa5a2} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de démarrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 11 locale fr-FR inherit {bootloadersettings} recoverysequence {d66fa4d7-c64c-11eb-8fce-db8ff2eaa5a2} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {d66fa4d4-c64c-11eb-8fce-db8ff2eaa5a2} nx OptIn bootmenupolicy Standard Chargeur de démarrage Windows ----------------------------- identificateur {d66fa4d7-c64c-11eb-8fce-db8ff2eaa5a2} device ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{d66fa4d8-c64c-11eb-8fce-db8ff2eaa5a2} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{d66fa4d8-c64c-11eb-8fce-db8ff2eaa5a2} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {2b6e31e4-c655-11eb-ab7c-a38aedbb1d64} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {d66fa4d2-c64c-11eb-8fce-db8ff2eaa5a2} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {d66fa4d4-c64c-11eb-8fce-db8ff2eaa5a2} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {d66fa4d7-c64c-11eb-8fce-db8ff2eaa5a2} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: custom:21000026 partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de mémoire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics mémoire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes Paramètres EMS -------------- identificateur {emssettings} bootems No Paramètres du débogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de mémoire RAM ---------------------- identificateur {badmemory} Paramètres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Paramètres du chargeur de démarrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Paramètres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Paramètres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de périphérique ----------------------- identificateur {d66fa4d3-c64c-11eb-8fce-db8ff2eaa5a2} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume7 ramdisksdipath \Recovery\WindowsRE\boot.sdi Options de périphérique ----------------------- identificateur {d66fa4d6-c64c-11eb-8fce-db8ff2eaa5a2} description Windows Setup ramdisksdidevice partition=C: ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi Options de périphérique ----------------------- identificateur {d66fa4d8-c64c-11eb-8fce-db8ff2eaa5a2} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume7 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================