Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 13-03-2022
Exécuté par charl (administrateur) sur PUTAIN-DE-PC (ASUSTeK COMPUTER INC. UX430UAR) (13-03-2022 21:14:42)
Exécuté depuis C:\Users\charl\OneDrive\Bureau
Profils chargés: charl
Plate-forme: Microsoft Windows 11 Famille Version 21H2 22000.556 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_22042.702.1226.2352_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\99.0.1150.39\msedgewebview2.exe <12>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Scans\MsMpEngCP.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_3bd4cd1d0a01f3b6\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_3bd4cd1d0a01f3b6\igfxEM.exe
(explorer.exe ->) (Developer In A Box -> Developerinabox) C:\Program Files\Agent\AgentTray.exe
(explorer.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP ENVY 5640 series\Bin\ScanToPCActivationApp.exe
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (Developer In A Box -> Developerinabox) C:\Program Files\Agent\Agent.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELANFPService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (ICEpower a/s -> ICEpower A/S) C:\Windows\System32\ICEsoundService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_3bd4cd1d0a01f3b6\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_08f11cc9a4c9585a\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_fc9ac11e55f51133\RstMwService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_8dcb9e12bf961616\Intel_PIE_Service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe
(services.exe ->) (TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ASUS Hello\ASUSHelloBG.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP ENVY 5640 series\Bin\HPNetworkCommunicatorCom.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.14931.20132.0_x86__8wekyb3d8bbwe\Office16\SDXHelperBgt.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.95.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5818592 2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-971027819-1664518825-735723988-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35646080 2022-02-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-971027819-1664518825-735723988-1001\...\Run: [Agent Tray] => C:\Program Files\Agent\AgentTray.exe [921416 2022-02-18] (Developer In A Box -> Developerinabox)
HKU\S-1-5-21-971027819-1664518825-735723988-1001\...\Run: [HP ENVY 5640 series (NET) #2] => C:\Program Files\HP\HP ENVY 5640 series\Bin\ScanToPCActivationApp.exe [3770528 2021-11-15] (HP Inc. -> HP Inc.)
HKLM\...\Windows x64\Print Processors\Canon MG4200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDB9.DLL [30208 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG4200 series: C:\WINDOWS\system32\CNMLMB9.DLL [389120 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP CC11 Status Monitor: C:\WINDOWS\system32\hpinkstsCC11LM.dll [391992 2019-03-15] (HP Inc -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\99.0.4844.51\Installer\chrmstp.exe [2022-02-25] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {006C6FD9-1DA7-4A56-806A-EEB2462244F2} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143160 2019-03-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {40440DCD-BAF7-481A-9BF0-BAB2EAD8ACD8} - System32\Tasks\CCleanerSkipUAC - charl => C:\Program Files\CCleaner\CCleaner.exe [29764224 2022-02-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {49B4F478-6EFD-4397-A2C2-B1ADE716F073} - System32\Tasks\ASUS Hello => C:\Program Files (x86)\ASUS\ASUS Hello\ASUSHelloBG.exe [630160 2018-04-10] (ASUSTeK Computer Inc. -> )
Task: {5808DC4E-D791-4329-9ED2-AA7A7FB04316} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124304 2017-11-23] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {5D2E408B-5619-434C-A3F1-ECF433BD086E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {65B5B1D4-F7FC-479C-BF3A-D9E81FC5873D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {6693AA0C-8D61-403B-8BF1-0EE1376761FE} - System32\Tasks\HPCustParticipation HP ENVY 5640 series => C:\Program Files\HP\HP ENVY 5640 series\Bin\HPCustPartic.exe [6439584 2021-11-15] (HP Inc. -> HP Inc.)
Task: {6BE7BC42-ADC4-4AD5-A4F5-A6BAA29C0B1B} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {6C9B5A2C-2FA7-4B0E-830D-13D9DCE7654F} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617880 2021-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {72014357-CF10-4425-BEC4-4C1A54E92001} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {78FAC41E-B283-4DA0-9997-3CFDCC01A1C1} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617880 2021-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {7DD11FE4-605E-45F7-A69A-D05F8BBEC485} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-15] (Google Inc -> Google Inc.)
Task: {7ED334B6-1C2F-4CD1-9DEA-2767B71FE8A9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {86973918-49E4-449D-9640-439A8723FF84} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-15] (Google Inc -> Google Inc.)
Task: {9309F958-2295-47E9-8E0C-7DE325254B9F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {99622DDA-05FA-4DBD-8521-D084D1F66F6D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-02-14] (Piriform Software Ltd -> Piriform)
Task: {BDEC9062-4F59-4D4A-8074-09885FA6877B} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124304 2017-11-23] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {BF42A9AA-4CB1-481C-96B2-3B71E606842B} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Pas de fichier)
Task: {CE528B46-C752-4D49-A9EF-207E02E96BF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DA2B1573-86C6-4F7C-AC6A-EA2FB22C9379} - System32\Tasks\S-1-5-21-971027819-1664518825-735723988-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{48f8d972-ce54-45d0-a7f5-04529d82235a}: [DhcpNameServer] 10.66.24.1
Tcpip\..\Interfaces\{4f71179e-08df-4233-880c-b511e4286223}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{9156c541-5ff2-454a-9591-075887b6db2d}: [DhcpNameServer] 103.86.99.99 103.86.96.96 103.86.96.100 103.86.99.100
Tcpip\..\Interfaces\{ed347644-bb86-426d-aa24-0b95f0ab73c6}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\charl\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-971027819-1664518825-735723988-1001 -> about:tabs
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (uBlock Origin) -> EdgeExtension_37833NikRollsuBlockOrigin_f8jsg5mm64m62 => C:\Program Files\WindowsApps\37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2018-09-18]
Edge Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) -> EdgeExtension_GhosteryGhostery_kzkqe0pn505dg => C:\Program Files\WindowsApps\Ghostery.Ghostery_8.4.6.0_neutral__kzkqe0pn505dg [2019-12-29]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Translator pour Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.51.0_neutral__8wekyb3d8bbwe [2021-11-23]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\charl\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-13]
Edge HomePage: Default -> about:tabs
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: n4cxli1y.default
FF ProfilePath: C:\Users\charl\AppData\Roaming\Mozilla\Firefox\Profiles\tmr8a6ls.Appf06b929c4b2241bc8d88783d3260720d [2022-03-13]
FF ProfilePath: C:\Users\charl\AppData\Roaming\Mozilla\Firefox\Profiles\n4cxli1y.default [2022-03-13]
FF DownloadDir: C:\Users\charl\OneDrive\Bureau
FF Homepage: Mozilla\Firefox\Profiles\n4cxli1y.default -> hxxps://duckduckgo.com/
FF NewTab: Mozilla\Firefox\Profiles\n4cxli1y.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF Notifications: Mozilla\Firefox\Profiles\n4cxli1y.default -> hxxps://messages.android.com; hxxps://web.whatsapp.com; hxxps://www.messenger.com; hxxps://smsmms.orange.fr; hxxps://www.instagram.com
FF Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\charl\AppData\Roaming\Mozilla\Firefox\Profiles\n4cxli1y.default\Extensions\firefox@ghostery.com.xpi [2022-02-14]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\charl\AppData\Roaming\Mozilla\Firefox\Profiles\n4cxli1y.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2022-02-01]
FF Extension: (uBlock Origin) - C:\Users\charl\AppData\Roaming\Mozilla\Firefox\Profiles\n4cxli1y.default\Extensions\uBlock0@raymondhill.net.xpi [2022-03-10]
FF Extension: (ImTranslator: Traducteur, Dictionnaire, Voix) - C:\Users\charl\AppData\Roaming\Mozilla\Firefox\Profiles\n4cxli1y.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2021-12-21]
FF Extension: (Adobe Flash) - C:\Users\charl\AppData\Roaming\Mozilla\Firefox\Profiles\n4cxli1y.default\Extensions\{abf6a41a-5038-4dd9-abef-b66ae700fe88}.xpi [2019-05-13]
FF SearchPlugin: C:\Users\charl\AppData\Roaming\Mozilla\Firefox\Profiles\n4cxli1y.default\searchplugins\Poshukach Engin Search.xml [2021-09-07]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi => non trouvé(e)
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-07-23]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-09-07] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-09-07] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\charl\AppData\Local\Google\Chrome\User Data\Default [2022-03-13]
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
CHR DefaultSearchKeyword: Default -> poshukach engin search
CHR DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\charl\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-02-20]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\charl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-08]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842480 2021-09-07] (Adobe Inc. -> Adobe Inc.)
R2 Agent; C:\Program Files\Agent\Agent.exe [17385288 2022-02-18] (Developer In A Box -> Developerinabox)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3779840 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3547904 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [260256 2022-01-31] (HP Inc. -> HP Inc.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [269584 2020-07-10] (TEFINCOM S.A. -> TEFINCOM S.A.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.243\WsAppService.exe [495392 2019-06-13] (Wondershare Technology Co.,Ltd -> Wondershare)
S4 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-07-09] (Wondershare Technology Co.,Ltd -> Wondershare)
S4 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [130336 2019-08-29] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [113496 2021-01-14] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2022-02-14] (Microsoft Windows -> Microsoft Corporation)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_skl.inf_amd64_2a35efc43f1a612e\iaLPSS2_GPIO2_ICL.sys [132872 2020-04-27] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_skl.inf_amd64_363c7132639e12a6\iaLPSS2_I2C_ICL.sys [200456 2020-04-27] (Intel Corporation -> Intel Corporation)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-21] (Intel Corporation -> Intel Corporation)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-07-10] (TEFINCOM S.A. -> TEFINCOM S.A.)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 UcmCxRtk; C:\WINDOWS\System32\drivers\UcmCxRtk.sys [119384 2020-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-02-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [438520 2022-02-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-02-14] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-03-13 21:13 - 2022-03-13 21:15 - 000000000 ____D C:\FRST
2022-03-11 16:03 - 2022-03-11 16:10 - 000000000 ____D C:\Users\charl\AppData\Local\_
2022-03-10 10:31 - 2022-03-10 10:31 - 000000000 ____D C:\HP
2022-03-09 08:12 - 2022-03-09 08:12 - 000000000 ___HD C:\$WinREAgent
2022-03-08 19:38 - 2022-03-08 19:38 - 000210432 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2022-03-08 19:38 - 2022-03-08 19:38 - 000015016 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-02-20 12:35 - 2022-02-20 12:40 - 000000000 ____D C:\Program Files\Agent
2022-02-20 12:35 - 2022-02-20 12:35 - 000000894 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2022-02-18 18:07 - 2022-02-19 16:57 - 000271360 _____ C:\Users\charl\OneDrive\Documents\Outlook.pst
2022-02-18 18:06 - 2022-02-18 18:32 - 000000000 ____D C:\Users\charl\OneDrive\Documents\Fichiers Outlook
2022-02-14 20:27 - 2022-02-14 20:27 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2022-02-14 19:12 - 2022-02-14 19:12 - 000311296 _____ C:\WINDOWS\system32\EsclScan.dll
2022-02-14 19:12 - 2022-02-14 19:12 - 000188416 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-02-14 19:11 - 2022-02-14 19:11 - 000077824 _____ C:\WINDOWS\system32\APMonUI.dll
2022-02-14 19:08 - 2022-02-14 19:08 - 000339968 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-14 18:10 - 2022-03-13 18:21 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-01-31 18:40 - 2022-03-13 19:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-01-15 21:00 - 2022-01-15 21:00 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-15 21:00 - 2022-01-15 21:00 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-15 21:00 - 2022-01-15 21:00 - 000339968 _____ C:\WINDOWS\system32\pku2u.dll
2022-01-15 21:00 - 2022-01-15 21:00 - 000247808 _____ C:\WINDOWS\SysWOW64\pku2u.dll
2021-12-24 20:03 - 2021-12-24 20:03 - 000203936 _____ (Adobe Systems Inc) C:\WINDOWS\system32\AdobePDF.dll
2021-12-24 20:03 - 2021-12-24 20:03 - 000146592 _____ (Adobe Systems Inc.) C:\WINDOWS\system32\AdobePDFUI.dll
2021-12-20 17:52 - 2021-12-20 17:52 - 000040960 _____ C:\WINDOWS\system32\prxyqry.dll
2021-12-20 17:52 - 2021-12-20 17:52 - 000013824 _____ C:\WINDOWS\SysWOW64\prxyqry.dll
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-03-13 21:15 - 2021-11-23 23:44 - 001800200 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-13 21:15 - 2021-06-05 19:14 - 000809232 _____ C:\WINDOWS\system32\perfh00C.dat
2022-03-13 21:15 - 2021-06-05 19:14 - 000156838 _____ C:\WINDOWS\system32\perfc00C.dat
2022-03-13 21:15 - 2021-06-05 13:09 - 000000000 ____D C:\WINDOWS\INF
2022-03-13 21:10 - 2021-09-13 08:37 - 000000000 ____D C:\Program Files\CCleaner
2022-03-13 21:10 - 2018-12-15 18:09 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-13 21:09 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-13 21:09 - 2018-09-18 18:28 - 000000000 ____D C:\Users\charl\AppData\LocalLow\Mozilla
2022-03-13 21:08 - 2021-11-23 23:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-13 21:08 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-03-13 21:08 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ServiceState
2022-03-13 21:08 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-13 21:08 - 2021-03-13 23:25 - 000012288 ___SH C:\DumpStack.log.tmp
2022-03-13 21:08 - 2018-09-18 17:34 - 000000000 __SHD C:\Users\charl\IntelGraphicsProfiles
2022-03-13 21:08 - 2018-07-25 16:44 - 000000000 ___HD C:\Intel
2022-03-13 21:07 - 2021-10-09 11:20 - 000000000 ____D C:\Users\charl\AppData\Roaming\ZHP
2022-03-13 21:07 - 2021-06-05 13:01 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-03-13 21:01 - 2021-09-07 13:04 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-03-13 18:59 - 2021-10-09 11:20 - 000000000 ____D C:\Users\charl\AppData\Local\ZHP
2022-03-13 18:25 - 2019-09-26 05:27 - 000000000 ____D C:\Users\charl\AppData\Roaming\HP_Easy_Start
2022-03-13 17:57 - 2021-11-23 23:42 - 000003706 _____ C:\WINDOWS\system32\Tasks\HPCustParticipation HP ENVY 5640 series
2022-03-13 17:57 - 2021-09-14 14:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2022-03-13 17:57 - 2018-09-18 18:00 - 000000000 ____D C:\ProgramData\HP
2022-03-13 17:57 - 2018-09-18 18:00 - 000000000 ____D C:\Program Files (x86)\HP
2022-03-13 17:42 - 2021-11-23 23:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-13 11:09 - 2018-09-23 05:08 - 000000000 ____D C:\Users\charl\AppData\Local\D3DSCache
2022-03-12 13:47 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-12 13:47 - 2020-07-08 20:25 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-12 13:46 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-03-11 23:45 - 2021-12-12 18:41 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-971027819-1664518825-735723988-1001
2022-03-11 23:45 - 2021-11-23 23:42 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-971027819-1664518825-735723988-1001
2022-03-11 23:45 - 2021-03-13 23:26 - 000002463 _____ C:\Users\charl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-11 16:39 - 2020-04-28 14:22 - 000000000 ____D C:\Users\charl\AppData\Local\BitTorrentHelper
2022-03-11 16:37 - 2018-09-19 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2022-03-11 15:52 - 2018-09-18 18:28 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-03-10 10:32 - 2021-10-22 16:27 - 000000000 ____D C:\Users\charl\AppData\Local\CrashDumps
2022-03-10 09:39 - 2021-12-11 18:25 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7e0ceeadeab30
2022-03-10 09:39 - 2021-11-23 23:42 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-09 08:14 - 2021-10-09 12:36 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-09 08:14 - 2018-09-18 18:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-09 08:12 - 2018-09-18 18:07 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-03-08 19:57 - 2021-11-23 23:36 - 000322504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-08 19:57 - 2021-06-05 13:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-08 19:57 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-03-08 19:57 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-08 19:57 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-08 19:57 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-03-08 19:57 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-03-08 19:57 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-08 19:57 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-08 19:41 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-08 19:38 - 2021-11-23 23:37 - 003102208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-07 19:36 - 2018-09-19 19:24 - 000000000 ____D C:\Users\charl\AppData\Roaming\vlc
2022-03-07 19:35 - 2018-09-18 18:20 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-03-07 19:21 - 2021-09-07 14:05 - 000002116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2022-03-07 19:21 - 2021-09-07 14:05 - 000002105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-03-01 00:36 - 2021-10-09 12:36 - 000504136 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-03-01 00:36 - 2021-10-09 12:36 - 000491848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-02-20 12:50 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-02-17 16:51 - 2021-11-23 19:12 - 000000000 ___DC C:\WINDOWS\Panther
2022-02-17 16:49 - 2021-11-23 23:42 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-02-14 20:27 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\servicing
2022-02-14 18:07 - 2018-09-19 00:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== Fichiers à la racine de certains dossiers ========
2021-10-19 17:34 - 2021-10-19 17:34 - 003476632 _____ (Nicolas Coolman) C:\Users\charl\ZHPSuite.exe
2019-10-04 20:25 - 2019-10-04 21:44 - 000000716 ____H () C:\Users\charl\AppData\Roaming\{B2425D9A-3AD2-518C-B63A-81E4953DD355}
2021-09-07 14:06 - 2021-09-07 14:06 - 000000000 _____ () C:\Users\charl\AppData\Local\oobelibMkey.log
2019-09-13 18:00 - 2019-09-13 18:00 - 009276713 _____ () C:\Users\charl\AppData\Local\SelfExtractible.zip
2018-12-01 02:53 - 2018-12-28 17:06 - 000000124 _____ () C:\Users\charl\AppData\Local\uts.ini
==================== SigCheckExt =========================
2021-10-19 17:34 - 2021-10-19 17:34 - 003476632 _____ (Nicolas Coolman) C:\Users\charl\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{d796b32a-9020-11e8-a0a4-806e6f6e6963}
{d796b32b-9020-11e8-a0a4-806e6f6e6963}
{d796b32c-9020-11e8-a0a4-806e6f6e6963}
timeout 1
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {9f8d213f-4cad-11ec-a12f-fe4d6973e752}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {d796b32a-9020-11e8-a0a4-806e6f6e6963}
description UEFI:CD/DVD Drive
isolatedcontext Yes
Application logicielle (101fffff)
--------------------------------
identificateur {d796b32b-9020-11e8-a0a4-806e6f6e6963}
description UEFI:Removable Device
isolatedcontext Yes
Application logicielle (101fffff)
--------------------------------
identificateur {d796b32c-9020-11e8-a0a4-806e6f6e6963}
description UEFI:Network Device
isolatedcontext Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 11
locale fr-FR
inherit {bootloadersettings}
recoverysequence {dd6c5160-4cad-11ec-a130-cee2360280c7}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {9f8d213f-4cad-11ec-a12f-fe4d6973e752}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {dd6c5160-4cad-11ec-a130-cee2360280c7}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{dd6c5161-4cad-11ec-a130-cee2360280c7}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{dd6c5161-4cad-11ec-a130-cee2360280c7}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {9f8d213f-4cad-11ec-a12f-fe4d6973e752}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {dd6c5160-4cad-11ec-a130-cee2360280c7}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
custom:21000026 partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
isolatedcontext Yes
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
isolatedcontext Yes
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
isolatedcontext Yes
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {dd6c5161-4cad-11ec-a130-cee2360280c7}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par charl (administrateur) sur PUTAIN-DE-PC (ASUSTeK COMPUTER INC. UX430UAR) (13-03-2022 21:14:42)
Exécuté depuis C:\Users\charl\OneDrive\Bureau
Profils chargés: charl
Plate-forme: Microsoft Windows 11 Famille Version 21H2 22000.556 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_22042.702.1226.2352_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\99.0.1150.39\msedgewebview2.exe <12>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Scans\MsMpEngCP.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_3bd4cd1d0a01f3b6\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_3bd4cd1d0a01f3b6\igfxEM.exe
(explorer.exe ->) (Developer In A Box -> Developerinabox) C:\Program Files\Agent\AgentTray.exe
(explorer.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP ENVY 5640 series\Bin\ScanToPCActivationApp.exe
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (Developer In A Box -> Developerinabox) C:\Program Files\Agent\Agent.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELANFPService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (ICEpower a/s -> ICEpower A/S) C:\Windows\System32\ICEsoundService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_3bd4cd1d0a01f3b6\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_08f11cc9a4c9585a\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_fc9ac11e55f51133\RstMwService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_8dcb9e12bf961616\Intel_PIE_Service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe
(services.exe ->) (TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ASUS Hello\ASUSHelloBG.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP ENVY 5640 series\Bin\HPNetworkCommunicatorCom.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.14931.20132.0_x86__8wekyb3d8bbwe\Office16\SDXHelperBgt.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.95.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5818592 2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-971027819-1664518825-735723988-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35646080 2022-02-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-971027819-1664518825-735723988-1001\...\Run: [Agent Tray] => C:\Program Files\Agent\AgentTray.exe [921416 2022-02-18] (Developer In A Box -> Developerinabox)
HKU\S-1-5-21-971027819-1664518825-735723988-1001\...\Run: [HP ENVY 5640 series (NET) #2] => C:\Program Files\HP\HP ENVY 5640 series\Bin\ScanToPCActivationApp.exe [3770528 2021-11-15] (HP Inc. -> HP Inc.)
HKLM\...\Windows x64\Print Processors\Canon MG4200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDB9.DLL [30208 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG4200 series: C:\WINDOWS\system32\CNMLMB9.DLL [389120 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP CC11 Status Monitor: C:\WINDOWS\system32\hpinkstsCC11LM.dll [391992 2019-03-15] (HP Inc -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\99.0.4844.51\Installer\chrmstp.exe [2022-02-25] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {006C6FD9-1DA7-4A56-806A-EEB2462244F2} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143160 2019-03-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {40440DCD-BAF7-481A-9BF0-BAB2EAD8ACD8} - System32\Tasks\CCleanerSkipUAC - charl => C:\Program Files\CCleaner\CCleaner.exe [29764224 2022-02-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {49B4F478-6EFD-4397-A2C2-B1ADE716F073} - System32\Tasks\ASUS Hello => C:\Program Files (x86)\ASUS\ASUS Hello\ASUSHelloBG.exe [630160 2018-04-10] (ASUSTeK Computer Inc. -> )
Task: {5808DC4E-D791-4329-9ED2-AA7A7FB04316} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124304 2017-11-23] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {5D2E408B-5619-434C-A3F1-ECF433BD086E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {65B5B1D4-F7FC-479C-BF3A-D9E81FC5873D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {6693AA0C-8D61-403B-8BF1-0EE1376761FE} - System32\Tasks\HPCustParticipation HP ENVY 5640 series => C:\Program Files\HP\HP ENVY 5640 series\Bin\HPCustPartic.exe [6439584 2021-11-15] (HP Inc. -> HP Inc.)
Task: {6BE7BC42-ADC4-4AD5-A4F5-A6BAA29C0B1B} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {6C9B5A2C-2FA7-4B0E-830D-13D9DCE7654F} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617880 2021-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {72014357-CF10-4425-BEC4-4C1A54E92001} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {78FAC41E-B283-4DA0-9997-3CFDCC01A1C1} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617880 2021-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {7DD11FE4-605E-45F7-A69A-D05F8BBEC485} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-15] (Google Inc -> Google Inc.)
Task: {7ED334B6-1C2F-4CD1-9DEA-2767B71FE8A9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {86973918-49E4-449D-9640-439A8723FF84} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-15] (Google Inc -> Google Inc.)
Task: {9309F958-2295-47E9-8E0C-7DE325254B9F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {99622DDA-05FA-4DBD-8521-D084D1F66F6D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-02-14] (Piriform Software Ltd -> Piriform)
Task: {BDEC9062-4F59-4D4A-8074-09885FA6877B} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124304 2017-11-23] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {BF42A9AA-4CB1-481C-96B2-3B71E606842B} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Pas de fichier)
Task: {CE528B46-C752-4D49-A9EF-207E02E96BF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DA2B1573-86C6-4F7C-AC6A-EA2FB22C9379} - System32\Tasks\S-1-5-21-971027819-1664518825-735723988-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{48f8d972-ce54-45d0-a7f5-04529d82235a}: [DhcpNameServer] 10.66.24.1
Tcpip\..\Interfaces\{4f71179e-08df-4233-880c-b511e4286223}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{9156c541-5ff2-454a-9591-075887b6db2d}: [DhcpNameServer] 103.86.99.99 103.86.96.96 103.86.96.100 103.86.99.100
Tcpip\..\Interfaces\{ed347644-bb86-426d-aa24-0b95f0ab73c6}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\charl\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-971027819-1664518825-735723988-1001 -> about:tabs
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (uBlock Origin) -> EdgeExtension_37833NikRollsuBlockOrigin_f8jsg5mm64m62 => C:\Program Files\WindowsApps\37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2018-09-18]
Edge Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) -> EdgeExtension_GhosteryGhostery_kzkqe0pn505dg => C:\Program Files\WindowsApps\Ghostery.Ghostery_8.4.6.0_neutral__kzkqe0pn505dg [2019-12-29]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Translator pour Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.51.0_neutral__8wekyb3d8bbwe [2021-11-23]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\charl\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-13]
Edge HomePage: Default -> about:tabs
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: n4cxli1y.default
FF ProfilePath: C:\Users\charl\AppData\Roaming\Mozilla\Firefox\Profiles\tmr8a6ls.Appf06b929c4b2241bc8d88783d3260720d [2022-03-13]
FF ProfilePath: C:\Users\charl\AppData\Roaming\Mozilla\Firefox\Profiles\n4cxli1y.default [2022-03-13]
FF DownloadDir: C:\Users\charl\OneDrive\Bureau
FF Homepage: Mozilla\Firefox\Profiles\n4cxli1y.default -> hxxps://duckduckgo.com/
FF NewTab: Mozilla\Firefox\Profiles\n4cxli1y.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF Notifications: Mozilla\Firefox\Profiles\n4cxli1y.default -> hxxps://messages.android.com; hxxps://web.whatsapp.com; hxxps://www.messenger.com; hxxps://smsmms.orange.fr; hxxps://www.instagram.com
FF Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\charl\AppData\Roaming\Mozilla\Firefox\Profiles\n4cxli1y.default\Extensions\firefox@ghostery.com.xpi [2022-02-14]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\charl\AppData\Roaming\Mozilla\Firefox\Profiles\n4cxli1y.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2022-02-01]
FF Extension: (uBlock Origin) - C:\Users\charl\AppData\Roaming\Mozilla\Firefox\Profiles\n4cxli1y.default\Extensions\uBlock0@raymondhill.net.xpi [2022-03-10]
FF Extension: (ImTranslator: Traducteur, Dictionnaire, Voix) - C:\Users\charl\AppData\Roaming\Mozilla\Firefox\Profiles\n4cxli1y.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2021-12-21]
FF Extension: (Adobe Flash) - C:\Users\charl\AppData\Roaming\Mozilla\Firefox\Profiles\n4cxli1y.default\Extensions\{abf6a41a-5038-4dd9-abef-b66ae700fe88}.xpi [2019-05-13]
FF SearchPlugin: C:\Users\charl\AppData\Roaming\Mozilla\Firefox\Profiles\n4cxli1y.default\searchplugins\Poshukach Engin Search.xml [2021-09-07]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi => non trouvé(e)
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-07-23]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-09-07] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-09-07] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\charl\AppData\Local\Google\Chrome\User Data\Default [2022-03-13]
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
CHR DefaultSearchKeyword: Default -> poshukach engin search
CHR DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\charl\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-02-20]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\charl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-08]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842480 2021-09-07] (Adobe Inc. -> Adobe Inc.)
R2 Agent; C:\Program Files\Agent\Agent.exe [17385288 2022-02-18] (Developer In A Box -> Developerinabox)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3779840 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3547904 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [260256 2022-01-31] (HP Inc. -> HP Inc.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [269584 2020-07-10] (TEFINCOM S.A. -> TEFINCOM S.A.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.243\WsAppService.exe [495392 2019-06-13] (Wondershare Technology Co.,Ltd -> Wondershare)
S4 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-07-09] (Wondershare Technology Co.,Ltd -> Wondershare)
S4 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [130336 2019-08-29] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [113496 2021-01-14] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2022-02-14] (Microsoft Windows -> Microsoft Corporation)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_skl.inf_amd64_2a35efc43f1a612e\iaLPSS2_GPIO2_ICL.sys [132872 2020-04-27] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_skl.inf_amd64_363c7132639e12a6\iaLPSS2_I2C_ICL.sys [200456 2020-04-27] (Intel Corporation -> Intel Corporation)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-21] (Intel Corporation -> Intel Corporation)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-07-10] (TEFINCOM S.A. -> TEFINCOM S.A.)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 UcmCxRtk; C:\WINDOWS\System32\drivers\UcmCxRtk.sys [119384 2020-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-02-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [438520 2022-02-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-02-14] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-03-13 21:13 - 2022-03-13 21:15 - 000000000 ____D C:\FRST
2022-03-11 16:03 - 2022-03-11 16:10 - 000000000 ____D C:\Users\charl\AppData\Local\_
2022-03-10 10:31 - 2022-03-10 10:31 - 000000000 ____D C:\HP
2022-03-09 08:12 - 2022-03-09 08:12 - 000000000 ___HD C:\$WinREAgent
2022-03-08 19:38 - 2022-03-08 19:38 - 000210432 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2022-03-08 19:38 - 2022-03-08 19:38 - 000015016 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-02-20 12:35 - 2022-02-20 12:40 - 000000000 ____D C:\Program Files\Agent
2022-02-20 12:35 - 2022-02-20 12:35 - 000000894 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2022-02-18 18:07 - 2022-02-19 16:57 - 000271360 _____ C:\Users\charl\OneDrive\Documents\Outlook.pst
2022-02-18 18:06 - 2022-02-18 18:32 - 000000000 ____D C:\Users\charl\OneDrive\Documents\Fichiers Outlook
2022-02-14 20:27 - 2022-02-14 20:27 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2022-02-14 19:12 - 2022-02-14 19:12 - 000311296 _____ C:\WINDOWS\system32\EsclScan.dll
2022-02-14 19:12 - 2022-02-14 19:12 - 000188416 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-02-14 19:11 - 2022-02-14 19:11 - 000077824 _____ C:\WINDOWS\system32\APMonUI.dll
2022-02-14 19:08 - 2022-02-14 19:08 - 000339968 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-14 18:10 - 2022-03-13 18:21 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-01-31 18:40 - 2022-03-13 19:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-01-15 21:00 - 2022-01-15 21:00 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-15 21:00 - 2022-01-15 21:00 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-15 21:00 - 2022-01-15 21:00 - 000339968 _____ C:\WINDOWS\system32\pku2u.dll
2022-01-15 21:00 - 2022-01-15 21:00 - 000247808 _____ C:\WINDOWS\SysWOW64\pku2u.dll
2021-12-24 20:03 - 2021-12-24 20:03 - 000203936 _____ (Adobe Systems Inc) C:\WINDOWS\system32\AdobePDF.dll
2021-12-24 20:03 - 2021-12-24 20:03 - 000146592 _____ (Adobe Systems Inc.) C:\WINDOWS\system32\AdobePDFUI.dll
2021-12-20 17:52 - 2021-12-20 17:52 - 000040960 _____ C:\WINDOWS\system32\prxyqry.dll
2021-12-20 17:52 - 2021-12-20 17:52 - 000013824 _____ C:\WINDOWS\SysWOW64\prxyqry.dll
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-03-13 21:15 - 2021-11-23 23:44 - 001800200 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-13 21:15 - 2021-06-05 19:14 - 000809232 _____ C:\WINDOWS\system32\perfh00C.dat
2022-03-13 21:15 - 2021-06-05 19:14 - 000156838 _____ C:\WINDOWS\system32\perfc00C.dat
2022-03-13 21:15 - 2021-06-05 13:09 - 000000000 ____D C:\WINDOWS\INF
2022-03-13 21:10 - 2021-09-13 08:37 - 000000000 ____D C:\Program Files\CCleaner
2022-03-13 21:10 - 2018-12-15 18:09 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-13 21:09 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-13 21:09 - 2018-09-18 18:28 - 000000000 ____D C:\Users\charl\AppData\LocalLow\Mozilla
2022-03-13 21:08 - 2021-11-23 23:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-13 21:08 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-03-13 21:08 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ServiceState
2022-03-13 21:08 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-13 21:08 - 2021-03-13 23:25 - 000012288 ___SH C:\DumpStack.log.tmp
2022-03-13 21:08 - 2018-09-18 17:34 - 000000000 __SHD C:\Users\charl\IntelGraphicsProfiles
2022-03-13 21:08 - 2018-07-25 16:44 - 000000000 ___HD C:\Intel
2022-03-13 21:07 - 2021-10-09 11:20 - 000000000 ____D C:\Users\charl\AppData\Roaming\ZHP
2022-03-13 21:07 - 2021-06-05 13:01 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-03-13 21:01 - 2021-09-07 13:04 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-03-13 18:59 - 2021-10-09 11:20 - 000000000 ____D C:\Users\charl\AppData\Local\ZHP
2022-03-13 18:25 - 2019-09-26 05:27 - 000000000 ____D C:\Users\charl\AppData\Roaming\HP_Easy_Start
2022-03-13 17:57 - 2021-11-23 23:42 - 000003706 _____ C:\WINDOWS\system32\Tasks\HPCustParticipation HP ENVY 5640 series
2022-03-13 17:57 - 2021-09-14 14:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2022-03-13 17:57 - 2018-09-18 18:00 - 000000000 ____D C:\ProgramData\HP
2022-03-13 17:57 - 2018-09-18 18:00 - 000000000 ____D C:\Program Files (x86)\HP
2022-03-13 17:42 - 2021-11-23 23:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-13 11:09 - 2018-09-23 05:08 - 000000000 ____D C:\Users\charl\AppData\Local\D3DSCache
2022-03-12 13:47 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-12 13:47 - 2020-07-08 20:25 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-12 13:46 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-03-11 23:45 - 2021-12-12 18:41 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-971027819-1664518825-735723988-1001
2022-03-11 23:45 - 2021-11-23 23:42 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-971027819-1664518825-735723988-1001
2022-03-11 23:45 - 2021-03-13 23:26 - 000002463 _____ C:\Users\charl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-11 16:39 - 2020-04-28 14:22 - 000000000 ____D C:\Users\charl\AppData\Local\BitTorrentHelper
2022-03-11 16:37 - 2018-09-19 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2022-03-11 15:52 - 2018-09-18 18:28 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-03-10 10:32 - 2021-10-22 16:27 - 000000000 ____D C:\Users\charl\AppData\Local\CrashDumps
2022-03-10 09:39 - 2021-12-11 18:25 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7e0ceeadeab30
2022-03-10 09:39 - 2021-11-23 23:42 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-09 08:14 - 2021-10-09 12:36 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-09 08:14 - 2018-09-18 18:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-09 08:12 - 2018-09-18 18:07 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-03-08 19:57 - 2021-11-23 23:36 - 000322504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-08 19:57 - 2021-06-05 13:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-08 19:57 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-03-08 19:57 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-08 19:57 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-08 19:57 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-03-08 19:57 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-03-08 19:57 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-08 19:57 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-08 19:41 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-08 19:38 - 2021-11-23 23:37 - 003102208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-07 19:36 - 2018-09-19 19:24 - 000000000 ____D C:\Users\charl\AppData\Roaming\vlc
2022-03-07 19:35 - 2018-09-18 18:20 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-03-07 19:21 - 2021-09-07 14:05 - 000002116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2022-03-07 19:21 - 2021-09-07 14:05 - 000002105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-03-01 00:36 - 2021-10-09 12:36 - 000504136 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-03-01 00:36 - 2021-10-09 12:36 - 000491848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-02-20 12:50 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-02-17 16:51 - 2021-11-23 19:12 - 000000000 ___DC C:\WINDOWS\Panther
2022-02-17 16:49 - 2021-11-23 23:42 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-02-14 20:27 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\servicing
2022-02-14 18:07 - 2018-09-19 00:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== Fichiers à la racine de certains dossiers ========
2021-10-19 17:34 - 2021-10-19 17:34 - 003476632 _____ (Nicolas Coolman) C:\Users\charl\ZHPSuite.exe
2019-10-04 20:25 - 2019-10-04 21:44 - 000000716 ____H () C:\Users\charl\AppData\Roaming\{B2425D9A-3AD2-518C-B63A-81E4953DD355}
2021-09-07 14:06 - 2021-09-07 14:06 - 000000000 _____ () C:\Users\charl\AppData\Local\oobelibMkey.log
2019-09-13 18:00 - 2019-09-13 18:00 - 009276713 _____ () C:\Users\charl\AppData\Local\SelfExtractible.zip
2018-12-01 02:53 - 2018-12-28 17:06 - 000000124 _____ () C:\Users\charl\AppData\Local\uts.ini
==================== SigCheckExt =========================
2021-10-19 17:34 - 2021-10-19 17:34 - 003476632 _____ (Nicolas Coolman) C:\Users\charl\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{d796b32a-9020-11e8-a0a4-806e6f6e6963}
{d796b32b-9020-11e8-a0a4-806e6f6e6963}
{d796b32c-9020-11e8-a0a4-806e6f6e6963}
timeout 1
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {9f8d213f-4cad-11ec-a12f-fe4d6973e752}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {d796b32a-9020-11e8-a0a4-806e6f6e6963}
description UEFI:CD/DVD Drive
isolatedcontext Yes
Application logicielle (101fffff)
--------------------------------
identificateur {d796b32b-9020-11e8-a0a4-806e6f6e6963}
description UEFI:Removable Device
isolatedcontext Yes
Application logicielle (101fffff)
--------------------------------
identificateur {d796b32c-9020-11e8-a0a4-806e6f6e6963}
description UEFI:Network Device
isolatedcontext Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 11
locale fr-FR
inherit {bootloadersettings}
recoverysequence {dd6c5160-4cad-11ec-a130-cee2360280c7}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {9f8d213f-4cad-11ec-a12f-fe4d6973e752}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {dd6c5160-4cad-11ec-a130-cee2360280c7}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{dd6c5161-4cad-11ec-a130-cee2360280c7}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{dd6c5161-4cad-11ec-a130-cee2360280c7}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {9f8d213f-4cad-11ec-a12f-fe4d6973e752}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {dd6c5160-4cad-11ec-a130-cee2360280c7}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
custom:21000026 partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
isolatedcontext Yes
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
isolatedcontext Yes
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
isolatedcontext Yes
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {dd6c5161-4cad-11ec-a130-cee2360280c7}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================