Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11.06.2024 Exécuté par antoine.paliotti (administrateur) sur PC-ANTOINE (LENOVO 82K2) (13-06-2024 21:43:12) Exécuté depuis C:\Users\antoi\OneDrive\Bureau\FRST64.exe Profils chargés: antoine.paliotti Plate-forme: Microsoft Windows 11 Home Version 23H2 22631.3737 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (A-Volute SAS -> A-Volute) C:\Users\antoi\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\bckp_amgr.exe (C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\monitoring-mini.exe (C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\task-manager.exe (C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH.) C:\Program Files (x86)\Acronis\Agent\bin\adp-agent.exe (C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH.) C:\Program Files (x86)\Acronis\Agent\bin\updater.exe (C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe ->) (Acronis International GmbH -> Acronis International GmbH.) C:\Program Files (x86)\Acronis\Agent\bin\adp-rest-util.exe (C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe (C:\Program Files\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> ) C:\Program Files\TeamViewer\crashpad_handler.exe <2> (C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer.exe (C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_w32.exe (C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_x64.exe (C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe (C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe (C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe (C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2> (Discord Inc. -> Discord Inc.) C:\Users\antoi\AppData\Local\Discord\app-1.0.9149\Discord.exe <6> (DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_28aa207d942a526e\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_28aa207d942a526e\FnHotkeyCapsLKNumLK.exe (DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_28aa207d942a526e\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_28aa207d942a526e\FnHotkeyUtility.exe (DriverStore\FileRepository\u0391129.inf_amd64_7a819ad751ab7622\B390488\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0391129.inf_amd64_7a819ad751ab7622\B390488\atieclxx.exe (explorer.exe ->) (CERTIF_NICOLAS_COOLMAN -> Nicolas Coolman) [Fichier non signé] C:\Users\antoi\OneDrive\Bureau\ZHPSuite.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <68> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\aakore.exe (services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe (services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0391129.inf_amd64_7a819ad751ab7622\B390488\atiesrxx.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe (services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\ENS\ensserver.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\lenovo\UDC\Service\UDClientService.exe (services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_28aa207d942a526e\LenovoUtilityService.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_240c9a0d7a7f0e97\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_4401706d277a86e0\RtkAudUService64.exe <2> (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (services.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files\Common Files\Zoom\Support\CptService.exe (svchost.exe ->) (21E1B422-257A-44A2-9C8F-379165856473 -> ) C:\Program Files\WindowsApps\A-Volute.Nahimic_1.10.1.0_x64__w2gh52qy24etm\Nahimic3.exe (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2423.7.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (83564403-0B26-46B8-9D84-040F43691D31 -> Realtek Semiconductor) C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.48.315.0_x64__dt26b99r8h8gj\RtkUWP.exe (svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe (svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe (TeamViewer Germany GmbH -> ) C:\Windows\Temp\nsyF552.tmp\TvUpdateInfo.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_4401706d277a86e0\RtkAudUService64.exe [1886616 2023-12-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [637784 2022-10-03] (Acronis International GmbH -> Acronis International GmbH) HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3216784 2022-09-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl) HKLM-x32\...\Run: [CyberProtectHomeOfficeMonitor.exe] => C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\CyberProtectHomeOfficeMonitor.exe [6331984 2022-10-04] (Acronis International GmbH -> ) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [446392 2022-10-03] (Acronis International GmbH -> Acronis International GmbH) HKU\S-1-5-21-3816769546-948432771-2859516799-1001\...\Run: [Discord] => C:\Users\antoi\AppData\Local\Discord\Update.exe [1525016 2022-10-21] (Discord Inc. -> GitHub) HKU\S-1-5-21-3816769546-948432771-2859516799-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4379496 2024-05-04] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-3816769546-948432771-2859516799-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1831432 2024-06-02] (Overwolf Ltd -> Overwolf Ltd.) HKU\S-1-5-21-3816769546-948432771-2859516799-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45430176 2024-05-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-3816769546-948432771-2859516799-1001\...\Run: [MicrosoftEdgeAutoLaunch_F70D1747ADA17DF9E373EB21A9A85F09] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [4136912 2024-06-06] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3816769546-948432771-2859516799-1001\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-3816769546-948432771-2859516799-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13991760 2024-04-25] (GOG sp. z o.o -> GOG.com) HKU\S-1-5-21-3816769546-948432771-2859516799-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\antoi\AppData\Local\Microsoft\Teams\Update.exe [2593856 2024-05-29] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-3816769546-948432771-2859516799-1001\...\MountPoints2: {6437d06a-5a1e-11ed-9f04-d880833fe978} - "F:\setup.EXE" /AUTORUN HKLM\...\Print\Monitors\HP E511 Status Monitor: C:\Windows\system32\hpinkstsE511LM.dll [399368 2023-09-24] (HP Inc. -> HP Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\chrmstp.exe [2024-06-04] (Google LLC -> Google LLC) ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {EBF26050-F2EF-496C-B598-51ECA92C65BA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.) Task: {FF59292A-661E-4D75-B600-FB9F282C61CB} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [672064 2023-11-21] (Advanced Micro Devices Inc. -> ) Task: {511AFEB6-C16D-4489-8980-92E55562329E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-05-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {9E412E1B-ED7B-4C41-B054-464BCEDFB4F3} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-05-20] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "32ace767-c885-4e9f-9c76-7b39d486d562" --version "6.24.11060" --silent Task: {0354B408-C5FF-48F6-BA14-2AF04CDCA64E} - System32\Tasks\CCleanerSkipUAC - antoine.paliotti => C:\Program Files\CCleaner\CCleaner.exe [39169952 2024-05-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {674C658C-D9BB-4DB4-8BE2-9D56F6C59F66} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{C6342DA6-D11C-483C-86A1-815299114E24} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC) Task: {53B68360-30B3-406E-ADC1-E7A3023DE8BF} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.) Task: {D795E623-84B2-40A6-B346-225FAF62BAB3} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService Task: {D6D16131-130E-4F11-B311-097195EFDE73} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [102400 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {8745EBDA-55E8-427D-8E6F-7D2C89315AB0} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\03952de6-9067-4251-b10d-b87e77fbd0b1 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.) Task: {D553C93E-B46B-4BF9-B1A1-DE59A62D25D6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\305b658d-66e4-4081-ad83-06e9113d7cc6 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.) Task: {4D95667C-8CEF-4C74-B4BB-3A26848452D7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\511a7497-d4af-440a-8569-36dd88392e75 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.) Task: {1ED0A36C-35B4-45A1-B3BD-E9B4FD7108CE} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5ecb6bcb-986b-4983-a3e9-6d65e86eadf9 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.) Task: {2CC45C5F-E12B-4DE4-9141-F03944FCAF81} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\90600fe7-d533-4ae4-a876-dcd86662d9e9 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.) Task: {15E51596-8144-4655-8791-0F78C865C991} - System32\Tasks\Lenovo\UDC\Lenovo UDC Diagnostic Scan => C:\Windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> control udcservice 210 Task: {8B9A466C-3F43-4761-90E3-992C67D6C169} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [90976 2024-04-07] (Lenovo -> Lenovo Group Ltd.) -> C:\windows\system32\drivers\Lenovo\udc\Service\/onidle Task: {6D5314CB-D017-41C0-B132-A78396D4B2A8} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [188656 2024-04-07] (Lenovo -> Lenovo Group Ltd.) Task: {F34B9D2E-6680-4588-AE3F-056DAB5CED84} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28498912 2024-05-26] (Microsoft Corporation -> Microsoft Corporation) Task: {BBCB68FD-523F-4BC2-A726-1BD0121DC217} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28498912 2024-05-26] (Microsoft Corporation -> Microsoft Corporation) Task: {AA218185-8F90-4EAD-922C-3216B2EE7731} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309912 2024-06-02] (Microsoft Corporation -> Microsoft Corporation) Task: {06C88438-90B1-4436-A475-325BD258ECAB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309912 2024-06-02] (Microsoft Corporation -> Microsoft Corporation) Task: {8951FF0D-FD99-450B-9DAD-29D5EFE4C443} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [169648 2024-06-02] (Microsoft Corporation -> Microsoft Corporation) Task: {7EEFC80D-EF1C-4B3A-9051-7A9EA4892618} - System32\Tasks\Microsoft\Windows\Application Experience\PcaWallpaperAppDetect => C:\Windows\system32\rundll32.exe [73728 2024-05-15] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaWallpaperAppDetect Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier) Task: {B33E94B1-932B-40D3-9EE3-AC75AB746563} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {71F253D1-3A7C-4C1E-A69A-48158AE9A58E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {FAC3EBF9-92DE-4202-9CE1-E4E133AA697A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {3FA945A4-CF9A-4628-A757-60A43B572019} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B211E6B5-3C98-45A3-9691-47100F86997A} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [1117336 2023-07-17] (A-Volute SAS -> Nahimic) Task: {B8054A61-21A7-4BC1-81DF-1316A7BA536E} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1437296 2023-07-17] (A-Volute SAS -> Nahimic) Task: {46F58CA8-D71B-4863-BF97-1D3C155EC1D4} - System32\Tasks\NahimicTask32 => C:\Windows\System32\..\SysWOW64\NahimicSvc32.exe [1117336 ] (A-Volute SAS -> Nahimic) Task: {D67A62E1-08C5-43DA-8222-A61DA3A7BC59} - System32\Tasks\NahimicTask64 => C:\Windows\System32\.\NahimicSvc64.exe [1437296 ] (A-Volute SAS -> Nahimic) Task: {39F836A9-FBE5-4B27-89F6-0D857074362B} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2369544 2024-06-02] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{22411c1a-475b-42c5-9f41-e34ac03656ca}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{22411c1a-475b-42c5-9f41-e34ac03656ca}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{22411c1a-475b-42c5-9f41-e34ac03656ca}\14E64627F69646140503246414: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{22411c1a-475b-42c5-9f41-e34ac03656ca}\14E64627F69646140503246414: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{22411c1a-475b-42c5-9f41-e34ac03656ca}\2426F687D22314534343243443: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{22411c1a-475b-42c5-9f41-e34ac03656ca}\2426F687D22314534343243443: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{22411c1a-475b-42c5-9f41-e34ac03656ca}\2426F687D22314534343243443: [DhcpDomain] lan Tcpip\..\Interfaces\{22411c1a-475b-42c5-9f41-e34ac03656ca}\4586F627: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{22411c1a-475b-42c5-9f41-e34ac03656ca}\4586F627: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{22411c1a-475b-42c5-9f41-e34ac03656ca}\4586F627: [DhcpDomain] home Tcpip\..\Interfaces\{22411c1a-475b-42c5-9f41-e34ac03656ca}\6427565626F687D2531413346434: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{22411c1a-475b-42c5-9f41-e34ac03656ca}\C496675626F687D293133333: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{22411c1a-475b-42c5-9f41-e34ac03656ca}\C496675626F687D293133333: [DhcpDomain] home Tcpip\..\Interfaces\{cb3a0c74-f7da-43c7-a915-510e6682913b}: [DhcpNameServer] 192.168.1.254 Edge: ======= Edge Profile: C:\Users\antoi\AppData\Local\Microsoft\Edge\User Data\Default [2024-06-13] Edge HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3332200&octid=EB_ORIGINAL_CTID&ISID=MD86FA400-3440-4DD3-8C75-5F8AF3B93F85&SearchSource=55&CUI=&UM=6&UP=SP69EA1F28-FFAA-405E-A862-452A80D2ABB7&SSPV= Edge StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3332200&octid=EB_ORIGINAL_CTID&ISID=MD86FA400-3440-4DD3-8C75-5F8AF3B93F85&SearchSource=55&CUI=&UM=6&UP=SP69EA1F28-FFAA-405E-A862-452A80D2ABB7&SSPV=","hxxp://istart.webssearches.com/?type=hp&ts=1416297964&from=irs&uid=ST500LM012XHN-M500MBB_S2ZYJ9ED901791","hxxps://www.google.com/" Edge Extension: (Google Docs hors connexion) - C:\Users\antoi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-23] Edge Extension: (Edge relevant text changes) - C:\Users\antoi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24] Edge Extension: (Microsoft Power Automate) - C:\Users\antoi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kagpabjoboikccfdghpdlaaopmgpgfdc [2024-03-02] Edge Extension: (Microsoft Power Automate (hérité)) - C:\Users\antoi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\njjljiblognghfjfpcdpdbpbfcmhgafg [2023-08-02] Edge HKU\S-1-5-21-3816769546-948432771-2859516799-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [kagpabjoboikccfdghpdlaaopmgpgfdc] Edge HKU\S-1-5-21-3816769546-948432771-2859516799-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [njjljiblognghfjfpcdpdbpbfcmhgafg] FireFox: ======== FF DefaultProfile: 44m39thw.default FF ProfilePath: C:\Users\antoi\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\44m39thw.default [2023-12-20] FF Extension: (Czech (CZ) Language Pack) - C:\Users\antoi\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\44m39thw.default\Extensions\langpack-cs@bluegriffon.org.xpi [2023-12-20] [] [non signé] FF Extension: (Deutsch (DE) Language Pack) - C:\Users\antoi\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\44m39thw.default\Extensions\langpack-de@bluegriffon.org.xpi [2023-12-20] [] [non signé] FF Extension: (English (US) Language Pack) - C:\Users\antoi\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\44m39thw.default\Extensions\langpack-en-US@bluegriffon.org.xpi [2023-12-20] [] [non signé] FF Extension: (Español (España) Language Pack) - C:\Users\antoi\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\44m39thw.default\Extensions\langpack-es-ES@bluegriffon.org.xpi [2023-12-20] [] [non signé] FF Extension: (Finnish Language Pack) - C:\Users\antoi\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\44m39thw.default\Extensions\langpack-fi@bluegriffon.org.xpi [2023-12-20] [] [non signé] FF Extension: (Français Language Pack) - C:\Users\antoi\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\44m39thw.default\Extensions\langpack-fr@bluegriffon.org.xpi [2023-12-20] [] [non signé] FF Extension: (Galego (España) Language Pack) - C:\Users\antoi\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\44m39thw.default\Extensions\langpack-gl@bluegriffon.org.xpi [2023-12-20] [] [non signé] FF Extension: (Hebrew (IL) Language Pack) - C:\Users\antoi\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\44m39thw.default\Extensions\langpack-he@bluegriffon.org.xpi [2023-12-20] [] [non signé] FF Extension: (Magyar (HU) Language Pack) - C:\Users\antoi\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\44m39thw.default\Extensions\langpack-hu@bluegriffon.org.xpi [2023-12-20] [] [non signé] FF Extension: (Italiano (IT) Language Pack) - C:\Users\antoi\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\44m39thw.default\Extensions\langpack-it@bluegriffon.org.xpi [2023-12-20] [] [non signé] FF Extension: (Japanese Language Pack) - C:\Users\antoi\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\44m39thw.default\Extensions\langpack-ja@bluegriffon.org.xpi [2023-12-20] [] [non signé] FF Extension: (Korean (KR) Language Pack) - C:\Users\antoi\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\44m39thw.default\Extensions\langpack-ko@bluegriffon.org.xpi [2023-12-20] [] [non signé] FF Extension: (Nederlands (NL) Language Pack) - C:\Users\antoi\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\44m39thw.default\Extensions\langpack-nl@bluegriffon.org.xpi [2023-12-20] [] [non signé] FF Extension: (Polski Language Pack) - C:\Users\antoi\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\44m39thw.default\Extensions\langpack-pl@bluegriffon.org.xpi [2023-12-20] [] [non signé] FF Extension: (Russian (RU) Language Pack) - C:\Users\antoi\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\44m39thw.default\Extensions\langpack-ru@bluegriffon.org.xpi [2023-12-20] [] [non signé] FF Extension: (Slovenski jezik Language Pack) - C:\Users\antoi\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\44m39thw.default\Extensions\langpack-sl@bluegriffon.org.xpi [2023-12-20] [] [non signé] FF Extension: (српски (sr) Language Pack) - C:\Users\antoi\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\44m39thw.default\Extensions\langpack-sr@bluegriffon.org.xpi [2023-12-20] [] [non signé] FF Extension: (Svenska (SE) Language Pack) - C:\Users\antoi\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\44m39thw.default\Extensions\langpack-sv-SE@bluegriffon.org.xpi [2023-12-20] [] [non signé] FF Extension: (Chinese Simplified (zh-CN) Language Pack) - C:\Users\antoi\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\44m39thw.default\Extensions\langpack-zh-CN@bluegriffon.org.xpi [2023-12-20] [] [non signé] FF Extension: (Traditional Chinese (zh-TW) Language Pack) - C:\Users\antoi\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\44m39thw.default\Extensions\langpack-zh-TW@bluegriffon.org.xpi [2023-12-20] [] [non signé] FF Plugin: @java.com/DTPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\dtplugin\npDeployJava1.dll [Pas de fichier] FF Plugin: @java.com/JavaPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\plugin2\npjp2.dll [Pas de fichier] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-05-12] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\antoi\AppData\Local\Google\Chrome\User Data\Default [2024-06-13] CHR Notifications: Default -> hxxps://assautdesgobelins.forumactif.com; hxxps://assiste.com; hxxps://blizzardwatch.com; hxxps://calendar.google.com; hxxps://cinema.jeuxactu.com; hxxps://ew.com; hxxps://formalites-administratives.ooreka.fr; hxxps://fr.shein.com; hxxps://fr.shopping.rakuten.com; hxxps://kami-labs.fr; hxxps://magfeminin.com; hxxps://mail.google.com; hxxps://meet.google.com; hxxps://monuadz.com; hxxps://mtg.cardsrealm.com; hxxps://mtgrocks.com; hxxps://pdf.wondershare.net; hxxps://securecaptchatop.top; hxxps://tchat.chaat.fr; hxxps://teams.microsoft.com; hxxps://web.skype.com; hxxps://web.snapchat.com; hxxps://www.allocine.fr; hxxps://www.animal.ch; hxxps://www.beaboss.fr; hxxps://www.bonial.fr; hxxps://www.burgerking.fr; hxxps://www.cnetfrance.fr; hxxps://www.dcplanet.fr; hxxps://www.doctissimo.fr; hxxps://www.facebook.com; hxxps://www.floabank.fr; hxxps://www.fnac.com; hxxps://www.gentside.com; hxxps://www.igv.com; hxxps://www.instagram.com; hxxps://www.jeuxvideo.com; hxxps://www.jules.com; hxxps://www.king-jouet.com; hxxps://www.ldlc.com; hxxps://www.leclercdrive.fr; hxxps://www.micromania.fr; hxxps://www.millenium.org; hxxps://www.netflix.com; hxxps://www.norauto.fr; hxxps://www.pinterest.fr; hxxps://www.reddit.com; hxxps://www.tf1.fr; hxxps://www.tiktok.com; hxxps://www.tophebergeur.com; hxxps://www.trucs-et-astuces.co; hxxps://www.youtube.com; hxxps://www.zdnet.fr CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3332200&octid=EB_ORIGINAL_CTID&ISID=MD86FA400-3440-4DD3-8C75-5F8AF3B93F85&SearchSource=55&CUI=&UM=6&UP=SP69EA1F28-FFAA-405E-A862-452A80D2ABB7&SSPV= CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3332200&octid=EB_ORIGINAL_CTID&ISID=MD86FA400-3440-4DD3-8C75-5F8AF3B93F85&SearchSource=55&CUI=&UM=6&UP=SP69EA1F28-FFAA-405E-A862-452A80D2ABB7&SSPV=","hxxp://istart.webssearches.com/?type=hp&ts=1416297964&from=irs&uid=ST500LM012XHN-M500MBB_S2ZYJ9ED901791","hxxps://www.google.com/" CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/search?fr=mcafee&type=E211FR1316G0&p={searchTerms} CHR DefaultSearchKeyword: Default -> mcafee CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/gossip/gossip-fr-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms} CHR Session Restore: Default -> est activé. CHR Extension: (Search and Replace) - C:\Users\antoi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bldchfkhmnkoimaciljpilanilmbnofo [2024-04-11] CHR Extension: (Google Docs hors connexion) - C:\Users\antoi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-20] CHR Extension: (Microsoft Power Automate (hérité)) - C:\Users\antoi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjgfobnenmnljakmhboildkafdkicala [2023-04-21] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\antoi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-27] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKU\S-1-5-21-3816769546-948432771-2859516799-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gjgfobnenmnljakmhboildkafdkicala] CHR HKU\S-1-5-21-3816769546-948432771-2859516799-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ljglajjnnkapghbckkcmodicjhacbfhk] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] Brave: ======= BRA Profile: C:\Users\antoi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-05-22] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 aakore; C:\Program Files (x86)\Acronis\Agent\aakore.exe [9031480 2022-10-03] (Acronis International GmbH -> Acronis International GmbH) R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [13720736 2022-10-03] (Acronis International GmbH -> ) S4 AcronisCyberProtectionService; C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe [1406624 2022-10-03] (Acronis International GmbH -> Acronis International GmbH) R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1704216 2022-10-03] (Acronis International GmbH -> Acronis International GmbH) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.) R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6391536 2022-10-27] (Acronis International GmbH -> ) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.) S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [2567304 2024-05-08] (Blizzard Entertainment, Inc. -> Blizzard Entertainment) S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085856 2024-05-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14012520 2024-05-26] (Microsoft Corporation -> Microsoft Corporation) R2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [26512 2024-04-01] (CHENGDU YIWO Tech Development Co., Ltd. -> ) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2348880 2024-04-25] (GOG sp. z o.o -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178064 2024-04-25] (GOG sp. z o.o -> GOG.com) S2 GoogleUpdaterInternalService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC) S2 GoogleUpdaterService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-05-09] (HP Inc. -> HP Inc.) R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.) R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_28aa207d942a526e\LenovoUtilityService.exe [171232 2024-04-08] (Lenovo -> Lenovo) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [879456 2024-06-13] (McAfee, LLC -> McAfee, LLC) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe [1505416 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation) R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4882992 2022-10-03] (Acronis International GmbH -> Acronis International GmbH) S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2022-10-03] (Acronis International GmbH -> Acronis International GmbH) S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\mobile_backup_status_server.exe [2146936 2022-10-03] (Acronis International GmbH -> ) R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1912472 2023-07-17] (A-Volute SAS -> Nahimic) S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2369544 2024-06-02] (Overwolf Ltd -> Overwolf LTD) R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7403104 2022-10-03] (Acronis International GmbH -> ) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [21675320 2024-06-10] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [5910328 2022-10-03] (Acronis International GmbH -> Acronis International GmbH) S3 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [345400 2023-03-18] (Twitch Interactive, Inc. -> ) R2 UDCService; C:\WINDOWS\system32\DRIVERS\Lenovo\udc\Service\UDClientService.exe [72432 2024-04-07] (Lenovo -> Lenovo Group Ltd.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_240c9a0d7a7f0e97\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_240c9a0d7a7f0e97\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem R2 ZoomCptService; "C:\Program Files\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\antoi\AppData\Roaming\Zoom" ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [35344 2022-09-09] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) S3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0391129.inf_amd64_7a819ad751ab7622\B390488\amdkmdag.sys [94634376 2023-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [802976 2022-10-03] (Bitdefender SRL -> Bitdefender) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 FBNetFilter; C:\WINDOWS\System32\drivers\FBNetFlt.sys [60784 2023-12-06] (Lenovo -> Lenovo) R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [730696 2022-10-27] (Acronis International GmbH -> Acronis International GmbH) R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [395216 2022-10-27] (Acronis International GmbH -> Acronis International GmbH) R0 fltsrv; C:\WINDOWS\System32\DRIVERS\fltsrv.sys [183944 2022-10-27] (Acronis International GmbH -> Acronis International GmbH) R3 MTKBTFilterX64; C:\WINDOWS\system32\DRIVERS\mtkbtfilterx.sys [373784 2023-05-29] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.) R3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1645104 2023-05-29] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.) R3 NahimicBTLink; C:\WINDOWS\System32\drivers\NahimicBTLink.sys [86200 2022-08-19] (A-Volute SAS -> Windows (R) Win 7 DDK provider) R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [86224 2022-08-19] (A-Volute SAS -> Windows (R) Win 7 DDK provider) S0 ngelam; C:\WINDOWS\System32\drivers\ngelam.sys [16344 2022-10-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Acronis International GmbH) R1 ngscan; C:\WINDOWS\System32\DRIVERS\ngscan.sys [214448 2022-10-03] (Acronis International GmbH -> Acronis International GmbH) R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [248400 2023-09-22] (NVIDIA Corporation -> NVIDIA Corporation) R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_3037ec512dc36c3a\rt68cx21x64.sys [656328 2023-02-15] (Realtek Semiconductor Corp. -> Realtek) S3 rtux64w10; C:\WINDOWS\System32\DriverStore\FileRepository\rtux64w10.inf_amd64_03831aeaaa2c730e\rtux64w10.sys [683520 2022-05-07] (Microsoft Windows -> Realtek Corporation) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [175648 2022-10-27] (Acronis International GmbH -> Acronis International GmbH) R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [340488 2022-10-27] (Acronis International GmbH -> Acronis International GmbH) R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [251016 2022-10-27] (Acronis International GmbH -> Acronis International GmbH) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602520 2024-06-05] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-06-05] (Microsoft Windows -> Microsoft Corporation) S3 adlocknetdrv; \??\C:\WINDOWS\system32\drivers\adlocknetdrv.sys [X] S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-06-13 21:43 - 2024-06-13 21:43 - 000045054 _____ C:\Users\antoi\OneDrive\Bureau\FRST.txt 2024-06-13 21:42 - 2024-06-13 21:43 - 000000000 ____D C:\FRST 2024-06-13 21:42 - 2024-06-13 21:42 - 002395136 _____ (Farbar) C:\Users\antoi\OneDrive\Bureau\FRST64.exe 2024-06-13 21:42 - 2024-06-13 21:42 - 002395136 _____ (Farbar) C:\Users\antoi\Downloads\FRST64 (1).exe 2024-06-13 21:37 - 2024-06-13 21:37 - 000337577 _____ C:\Users\antoi\OneDrive\Bureau\ZHPDiag.txt 2024-06-13 21:30 - 2024-06-13 21:37 - 000000000 ____D C:\Users\antoi\AppData\Roaming\ZHP 2024-06-13 21:30 - 2024-06-13 21:30 - 000000882 _____ C:\Users\antoi\OneDrive\Bureau\ZHPSuite.lnk 2024-06-13 21:30 - 2024-06-13 21:30 - 000000000 ____D C:\Users\antoi\AppData\Local\ZHP 2024-06-13 21:29 - 2024-06-13 21:29 - 003539104 _____ (Nicolas Coolman) C:\Users\antoi\OneDrive\Bureau\ZHPSuite.exe 2024-06-12 19:55 - 2024-06-12 19:55 - 000772824 _____ C:\WINDOWS\system32\perfh00C.dat 2024-06-12 19:55 - 2024-06-12 19:55 - 000148916 _____ C:\WINDOWS\system32\perfc00C.dat 2024-06-12 17:25 - 2024-06-12 17:25 - 000024821 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-06-12 17:23 - 2024-06-12 17:23 - 000024821 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2024-06-02 16:05 - 2024-06-02 16:05 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2024-06-01 20:02 - 2024-06-01 20:02 - 000065449 _____ C:\Users\antoi\Downloads\Avis_d_echeance_Facture 01_05_2024-31_05_2024.pdf 2024-05-30 14:44 - 2024-05-30 14:44 - 000000000 ____D C:\ProgramData\obs-studio 2024-05-29 14:13 - 2024-06-13 19:58 - 000000000 ____D C:\Users\antoi\AppData\Roaming\Microsoft\Teams 2024-05-29 14:13 - 2024-05-29 14:13 - 000002425 _____ C:\Users\antoi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams classic (work or school).lnk 2024-05-28 11:37 - 2024-05-28 11:37 - 000021350 _____ C:\Users\antoi\Downloads\GOomPXWWgAAGF9M.webp 2024-05-27 23:25 - 2024-05-27 23:25 - 000000000 _____ C:\Users\antoi\OneDrive\Bureau\Nouveau Document texte (4).txt 2024-05-27 19:45 - 2024-05-27 19:51 - 000000000 ____D C:\Users\antoi\OneDrive\Bureau\Artogreen - Comptes étudiants-profs 2024-05-27 16:01 - 2024-05-27 16:01 - 000001185 _____ C:\Users\antoi\OneDrive\Bureau\Save.txt 2024-05-26 01:04 - 2024-05-26 01:04 - 075699008 _____ C:\Users\antoi\Downloads\artogreen.sql 2024-05-26 00:59 - 2024-05-26 00:59 - 011155498 _____ C:\Users\antoi\Downloads\phpMyAdmin-4.9.11-all-languages.zip 2024-05-26 00:59 - 2024-05-26 00:59 - 011155498 _____ C:\Users\antoi\Downloads\phpMyAdmin-4.9.11-all-languages (1).zip 2024-05-24 22:41 - 2024-05-24 22:41 - 000010658 _____ C:\Users\antoi\OneDrive\Bureau\register.txt 2024-05-16 15:17 - 2024-05-16 15:17 - 000211598 _____ C:\Users\antoi\Downloads\Facture-Annuelle.pdf 2024-05-15 01:42 - 2024-05-15 01:42 - 000000000 ____D C:\Users\antoi\AppData\Roaming\EaseUS 2024-05-15 01:42 - 2024-05-15 01:42 - 000000000 ____D C:\ProgramData\SystemAcCrux 2024-05-15 01:42 - 2024-05-15 01:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard 2024-05-15 01:42 - 2024-05-15 01:42 - 000000000 ____D C:\Program Files\EaseUS 2024-05-15 01:42 - 2024-05-15 01:42 - 000000000 ____D C:\Program Files (x86)\EaseUS 2024-05-15 01:36 - 2024-05-15 01:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2024-05-15 00:45 - 2024-05-15 00:45 - 000000000 ____D C:\Users\antoi\AppData\Local\cache 2024-05-15 00:44 - 2024-05-15 00:44 - 000000000 ____D C:\Users\antoi\AppData\Local\D-Back 2024-05-15 00:44 - 2024-05-15 00:44 - 000000000 ____D C:\Program Files\Common Files\Apple 2024-05-15 00:43 - 2024-05-15 00:43 - 000000000 ____D C:\Users\antoi\AppData\Roaming\Apple Computer 2024-05-15 00:43 - 2024-05-15 00:43 - 000000000 ____D C:\Users\antoi\AppData\Local\ProductData 2024-05-15 00:43 - 2024-05-15 00:43 - 000000000 ____D C:\Users\antoi\AppData\Local\imyfoneSet 2024-05-15 00:43 - 2024-05-15 00:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMyFone 2024-05-15 00:43 - 2024-05-15 00:43 - 000000000 ____D C:\Program Files (x86)\imyfone_down 2024-05-15 00:43 - 2024-05-15 00:43 - 000000000 ____D C:\Program Files (x86)\iMyFone 2024-05-15 00:43 - 2024-05-15 00:43 - 000000000 ____D C:\iMyFone_Backup 2024-05-15 00:43 - 2024-05-15 00:43 - 000000000 ____D C:\iMyFone D-Back 2024-05-14 01:22 - 2024-05-14 01:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Might and Magic 4 Complete [GOG.com] 2024-05-13 18:38 - 2024-05-13 18:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout 3 [GOG.com] 2024-05-13 11:53 - 2024-05-13 11:53 - 000000000 ____D C:\WINDOWS\Panther 2024-05-12 14:10 - 2024-05-13 18:38 - 000000000 ____D C:\Users\antoi\OneDrive\Documents\My Games 2024-05-12 13:08 - 2024-05-12 14:10 - 000000000 ____D C:\ProgramData\GOG.com 2024-05-12 13:08 - 2024-05-12 13:08 - 000000000 ____D C:\Users\antoi\AppData\Local\GOG.com 2024-05-12 13:08 - 2024-05-12 13:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2024-05-12 13:08 - 2024-05-12 13:08 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy 2024-05-10 02:19 - 2024-06-04 01:15 - 000000000 ____D C:\Users\antoi\AppData\Roaming\vlc 2024-05-10 02:19 - 2024-05-10 02:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2024-05-10 02:18 - 2024-05-10 02:18 - 000000000 ____D C:\Program Files\VideoLAN 2024-04-29 22:41 - 2024-05-20 14:48 - 000000000 ___HD C:\Users\antoi\OneDrive\Bureau\Menaces 2024-04-14 00:47 - 2024-04-14 00:47 - 000000000 ____D C:\WINDOWS\SysWOW64\DDFs ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-06-13 20:57 - 2022-10-27 21:16 - 000000000 ____D C:\Users\antoi\AppData\Local\Discord 2024-06-13 20:49 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-06-13 20:36 - 2023-01-27 21:51 - 000000000 ____D C:\Program Files\TeamViewer 2024-06-13 20:36 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF 2024-06-13 20:22 - 2022-10-27 21:16 - 000000000 ____D C:\Users\antoi\AppData\Roaming\discord 2024-06-13 20:03 - 2022-10-27 20:13 - 000000000 ____D C:\Users\antoi\AppData\Local\CrashDumps 2024-06-13 20:00 - 2024-02-07 05:10 - 000000000 ____D C:\Users\antoi\AppData\Local\D3DSCache 2024-06-13 20:00 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-06-13 19:57 - 2023-03-05 00:51 - 000000000 ____D C:\Program Files\CCleaner 2024-06-13 14:48 - 2024-02-07 05:17 - 000000000 ____D C:\ProgramData\NVIDIA 2024-06-13 13:41 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-06-12 19:55 - 2022-10-28 02:39 - 001713450 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-06-12 19:49 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps 2024-06-12 19:48 - 2023-03-11 00:24 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK 2024-06-12 19:48 - 2022-10-28 02:35 - 000003108 _____ C:\WINDOWS\system32\Tasks\NahimicTask32 2024-06-12 19:48 - 2022-10-28 02:35 - 000003088 _____ C:\WINDOWS\system32\Tasks\NahimicTask64 2024-06-12 19:48 - 2022-10-28 02:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-06-12 19:48 - 2022-10-28 02:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-06-12 19:48 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState 2024-06-12 19:48 - 2021-09-29 23:08 - 000012288 ___SH C:\DumpStack.log.tmp 2024-06-12 17:38 - 2022-05-07 07:17 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2024-06-12 17:37 - 2023-12-13 16:47 - 000000000 ____D C:\WINDOWS\InboxApps 2024-06-12 17:37 - 2023-10-18 15:18 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2024-06-12 17:37 - 2022-10-28 02:30 - 000494440 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-06-12 17:37 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\UNP 2024-06-12 17:37 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\PrintDialog 2024-06-12 17:37 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-06-12 17:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS 2024-06-12 17:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2024-06-12 17:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2024-06-12 17:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2024-06-12 17:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources 2024-06-12 17:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2024-06-12 17:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2024-06-12 17:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2024-06-12 17:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2024-06-12 17:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\setup 2024-06-12 17:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2024-06-12 17:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-06-12 17:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\migwiz 2024-06-12 17:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism 2024-06-12 17:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser 2024-06-12 17:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences 2024-06-12 17:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents 2024-06-12 17:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\BrowserCore 2024-06-12 17:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-06-12 17:37 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\servicing 2024-06-12 17:36 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate 2024-06-12 17:30 - 2022-05-07 12:31 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2024-06-12 17:30 - 2022-05-07 12:31 - 000024383 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2024-06-12 17:30 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-06-12 17:25 - 2022-10-28 02:31 - 003216384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2024-06-12 16:50 - 2022-10-27 19:48 - 000002260 _____ C:\Users\antoi\OneDrive\Bureau\Discord.lnk 2024-06-11 18:04 - 2022-12-09 21:11 - 000001907 _____ C:\Users\antoi\OneDrive\Bureau\MTG Arena.lnk 2024-06-11 18:03 - 2023-03-28 00:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTG Arena 2024-06-10 05:49 - 2022-10-28 00:21 - 000000888 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk 2024-06-10 05:49 - 2022-10-28 00:21 - 000000000 ____D C:\Users\antoi\AppData\Roaming\Notepad++ 2024-06-10 05:49 - 2022-10-27 19:27 - 000000000 ____D C:\Users\antoi\AppData\Local\Packages 2024-06-10 05:49 - 2022-10-27 19:27 - 000000000 ____D C:\ProgramData\Packages 2024-06-09 22:41 - 2023-02-03 01:38 - 000002334 _____ C:\Users\antoi\OneDrive\Bureau\Arena Tutor.lnk 2024-06-09 22:41 - 2022-11-05 22:02 - 000000000 ____D C:\Program Files (x86)\Overwolf 2024-06-09 22:41 - 2022-11-05 22:01 - 000000000 ____D C:\Users\antoi\AppData\Local\Overwolf 2024-06-09 10:05 - 2022-12-10 00:31 - 000000000 ____D C:\Users\antoi\AppData\Local\Deployment 2024-06-08 22:19 - 2021-09-29 23:09 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-06-07 13:02 - 2021-06-05 14:10 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2024-06-07 02:38 - 2022-10-27 20:55 - 000000000 ____D C:\Users\antoi\AppData\Roaming\KeePass 2024-06-06 22:13 - 2022-10-28 02:35 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-06-06 22:13 - 2022-10-28 02:35 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-06-06 05:03 - 2022-10-28 02:31 - 000000000 ____D C:\Users\antoi 2024-06-06 05:00 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2024-06-05 20:32 - 2021-09-29 23:09 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2024-06-02 16:04 - 2022-05-05 20:03 - 000000000 ____D C:\Program Files\Microsoft Office 2024-05-31 16:41 - 2022-10-27 19:59 - 000000000 ____D C:\Users\antoi\AppData\Local\TortoiseGit 2024-05-31 13:39 - 2022-12-19 18:53 - 000000000 ____D C:\Users\antoi\AppData\Roaming\Twitch Studio 2024-05-30 17:35 - 2024-02-07 05:15 - 000000000 ____D C:\Users\antoi\AppData\Local\Battle.net 2024-05-30 12:42 - 2022-10-28 00:12 - 000000000 ____D C:\Program Files (x86)\World of Warcraft 2024-05-30 12:42 - 2022-10-27 23:59 - 000000000 ____D C:\Program Files (x86)\Battle.net 2024-05-29 14:14 - 2023-01-27 21:58 - 000000000 ____D C:\Users\antoi\AppData\Roaming\Zoom 2024-05-29 14:13 - 2022-10-27 21:16 - 000000000 ____D C:\Users\antoi\AppData\Local\SquirrelTemp 2024-05-28 04:43 - 2022-10-30 01:47 - 000000000 ____D C:\Users\antoi\AppData\Roaming\Microsoft\Excel 2024-05-28 01:23 - 2024-01-22 16:29 - 000001104 _____ C:\Users\antoi\OneDrive\Bureau\KULT-ULTIMATE.lnk 2024-05-28 01:23 - 2022-10-27 19:48 - 000002456 _____ C:\Users\antoi\OneDrive\Bureau\Word.lnk 2024-05-28 01:23 - 2022-10-27 19:48 - 000002446 _____ C:\Users\antoi\OneDrive\Bureau\Excel.lnk 2024-05-28 01:23 - 2022-10-27 19:27 - 000002371 _____ C:\Users\antoi\OneDrive\Bureau\Microsoft Edge - Copie.lnk 2024-05-24 23:40 - 2023-03-05 00:52 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2024-05-24 11:20 - 2023-03-05 00:52 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2024-05-24 11:20 - 2023-03-05 00:52 - 000003380 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2024-05-16 19:22 - 2022-10-28 04:02 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2024-05-16 19:22 - 2022-10-28 04:02 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2024-05-15 03:20 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2024-05-15 03:20 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2024-05-15 03:20 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\F12 2024-05-15 03:20 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2024-05-15 03:20 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2024-05-15 03:20 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemApps 2024-05-15 03:20 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2024-05-15 03:20 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient 2024-05-15 01:36 - 2023-05-01 14:36 - 000000000 ____D C:\ProgramData\Wondershare 2024-05-15 01:36 - 2023-05-01 14:36 - 000000000 ____D C:\Program Files\Wondershare 2024-05-15 01:28 - 2022-10-27 19:28 - 000000000 ____D C:\Users\antoi\AppData\Local\PlaceholderTileLogoFolder 2024-05-15 00:55 - 2022-10-31 01:37 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-05-15 00:51 - 2022-10-31 01:37 - 196465576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2024-05-15 00:44 - 2022-10-27 19:32 - 000000000 ____D C:\ProgramData\Apple 2024-05-14 16:35 - 2022-10-27 23:59 - 000000000 ____D C:\Program Files (x86)\Steam ==================== Fichiers à la racine de certains dossiers ======== 2022-10-27 23:12 - 2022-10-27 23:12 - 000000084 _____ () C:\Users\antoi\AppData\Roaming\Camdata.ini 2022-10-27 23:12 - 2022-10-27 23:12 - 000000408 _____ () C:\Users\antoi\AppData\Roaming\CamLayout.ini 2022-10-27 23:12 - 2022-10-27 23:12 - 000000408 _____ () C:\Users\antoi\AppData\Roaming\CamShapes.ini 2022-10-27 23:12 - 2022-10-27 23:12 - 000004536 _____ () C:\Users\antoi\AppData\Roaming\CamStudio.cfg 2023-03-11 00:53 - 2023-03-11 00:57 - 000000049 _____ () C:\Users\antoi\AppData\Roaming\MCVi2UserDetail.ini 2022-10-27 23:02 - 2022-10-27 23:02 - 000000096 _____ () C:\Users\antoi\AppData\Roaming\version2.xml ==================== FLock ============================== 2024-06-13 19:58 C:\Users\antoi\AppData\Roaming\Microsoft\Teams ==================== SigCheckExt ========================= 2024-06-13 21:42 - 2024-06-13 21:42 - 002395136 _____ (Farbar) C:\Users\antoi\OneDrive\Bureau\FRST64.exe 2024-06-13 21:29 - 2024-06-13 21:29 - 003539104 _____ (Nicolas Coolman) C:\Users\antoi\OneDrive\Bureau\ZHPSuite.exe 2024-06-13 21:42 - 2024-06-13 21:42 - 002395136 _____ (Farbar) C:\Users\antoi\Downloads\FRST64 (1).exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de démarrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {1d2b4bcc-ccf0-11ec-a2de-e4a8dfc1f615} {1d2b4bcd-ccf0-11ec-a2de-e4a8dfc1f615} {1d2b4bce-ccf0-11ec-a2de-e4a8dfc1f615} timeout 0 Gestionnaire de démarrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {1606d200-5660-11ed-bf3f-ec7644527fe2} displayorder {current} toolsdisplayorder {memdiag} timeout 0 Application logicielle (101fffff) -------------------------------- identificateur {1d2b4bcc-ccf0-11ec-a2de-e4a8dfc1f615} description EFI USB Device Application logicielle (101fffff) -------------------------------- identificateur {1d2b4bcd-ccf0-11ec-a2de-e4a8dfc1f615} description EFI DVD/CDROM Application logicielle (101fffff) -------------------------------- identificateur {1d2b4bce-ccf0-11ec-a2de-e4a8dfc1f615} description EFI Network Application logicielle (101fffff) -------------------------------- identificateur {1d2b4bcf-ccf0-11ec-a2de-e4a8dfc1f615} description EFI PXE 0 for IPv4 (E4-A8-DF-C1-F6-15) Application logicielle (101fffff) -------------------------------- identificateur {1d2b4bd0-ccf0-11ec-a2de-e4a8dfc1f615} description EFI PXE 0 for IPv6 (E4-A8-DF-C1-F6-15) Application logicielle (101fffff) -------------------------------- identificateur {1d2b4bd1-ccf0-11ec-a2de-e4a8dfc1f615} device unknown path \EFI\Microsoft\Boot\bootmgfw.efi description EFI USB Device (Generic Flash Disk) Chargeur de démarrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 11 locale fr-FR inherit {bootloadersettings} recoverysequence {c4e20a0b-5657-11ed-9efc-a0f1efde36e0} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {1606d200-5660-11ed-bf3f-ec7644527fe2} nx OptIn bootmenupolicy Standard Chargeur de démarrage Windows ----------------------------- identificateur {c4e20a0b-5657-11ed-9efc-a0f1efde36e0} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{c4e20a0c-5657-11ed-9efc-a0f1efde36e0} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{c4e20a0c-5657-11ed-9efc-a0f1efde36e0} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {1606d200-5660-11ed-bf3f-ec7644527fe2} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {c4e20a0b-5657-11ed-9efc-a0f1efde36e0} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: custom:21000026 partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de mémoire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics mémoire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes Paramètres EMS -------------- identificateur {emssettings} bootems No Paramètres du débogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de mémoire RAM ---------------------- identificateur {badmemory} Paramètres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Paramètres du chargeur de démarrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Paramètres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Paramètres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de périphérique ----------------------- identificateur {c4e20a0c-5657-11ed-9efc-a0f1efde36e0} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================