Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15-08-2022
Exécuté par VasseJulien (administrateur) sur JULIEN (LENOVO 90C2003QFR) (28-08-2022 18:27:50)
Exécuté depuis C:\Users\VasseJulien\Downloads
Profils chargés: VasseJulien
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1889 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files\txgameassistant\appmarket\AppMarket.exe ->) (Tencent Technology(Shenzhen) Company Limited -> Tencent) C:\Program Files\txgameassistant\appmarket\TBSWebRenderer.exe <2>
(C:\Program Files\txgameassistant\appmarket\QMEmulatorService.exe ->) (Tencent Technology(Shenzhen) Company Limited -> Tencent) C:\Program Files\txgameassistant\appmarket\AppMarket.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(C:\Windows\jmesoft\Service.exe ->) () [Fichier non signé] C:\Windows\jmesoft\JME_LOAD.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <18>
(explorer.exe ->) (Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\VasseJulien\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(explorer.exe ->) (Noriyuki Miyazaki -> Crystal Dew World) C:\Program Files\CrystalDiskInfo\DiskInfo64.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo) [Fichier non signé] C:\Windows\jmesoft\hotkey.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) () [Fichier non signé] C:\Windows\jmesoft\Service.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Intel(R) Corporation) [Fichier non signé] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(services.exe ->) (LENOVO -> LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Tencent Technology(Shenzhen) Company Limited -> Tencent) C:\Program Files\txgameassistant\appmarket\QMEmulatorService.exe
(sihost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22062.542.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Tencent Technology(Shenzhen) Company Limited -> ) C:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe <2>
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2013-11-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [jmekey] => C:\WINDOWS\jmesoft\hotkey.exe [118784 2013-07-24] (Lenovo) [Fichier non signé]
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-08-16] () [Fichier non signé]
HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo (Beijing) Limited -> Lenovo)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [317824 2016-01-18] (VTech Electronics North America, LLC -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2098232 2020-09-24] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-06-06] (Adobe Inc. -> )
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1400478732-2064027374-4255688365-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [978456 2016-08-03] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
HKU\S-1-5-21-1400478732-2064027374-4255688365-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1400478732-2064027374-4255688365-1001\...\Run: [BingSvc] => C:\Users\VasseJulien\AppData\Local\Microsoft\BingSvc\BingSvc.exe [146312 2020-08-13] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-1400478732-2064027374-4255688365-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4267432 2021-12-17] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1400478732-2064027374-4255688365-1001\...\Run: [Spotify] => C:\Users\VasseJulien\AppData\Roaming\Spotify\Spotify.exe [25972968 2018-12-24] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1400478732-2064027374-4255688365-1001\...\Run: [Discord] => C:\Users\VasseJulien\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1400478732-2064027374-4255688365-1001\...\Run: [PlariumPlay] => C:\Users\VasseJulien\AppData\Local\Plarium\PlariumPlay\PlariumPlay --args -tray-start (Pas de fichier)
HKU\S-1-5-21-1400478732-2064027374-4255688365-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [677512 2020-09-01] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1400478732-2064027374-4255688365-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33526752 2021-10-28] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1400478732-2064027374-4255688365-1001\...\Run: [MicrosoftEdgeAutoLaunch_DAF6F0B3BD6749852D8B776BD93E2595] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827104 2022-08-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1400478732-2064027374-4255688365-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\VasseJulien\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Pas de fichier)
HKU\S-1-5-21-1400478732-2064027374-4255688365-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\VasseJulien\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Pas de fichier)
HKU\S-1-5-21-1400478732-2064027374-4255688365-1001\...\RunOnce: [Uninstall 22.151.0717.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\VasseJulien\AppData\Local\Microsoft\OneDrive\22.151.0717.0001" (Pas de fichier)
HKLM\...\Windows x64\Print Processors\Canon MG2500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBX.DLL [30208 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2500 series: C:\WINDOWS\system32\CNMLMBX.DLL [391168 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS3100 series: CNMLMDR.DLL
HKLM\Software\...\AppCompatFlags\Custom\chrome.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\...\AppCompatFlags\Custom\explorer.zza: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\104.0.5112.102\Installer\chrmstp.exe [2022-08-23] (Google LLC -> Google LLC)
Startup: C:\Users\VasseJulien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2020-08-29]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\VasseJulien\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {024F7956-E1B8-458D-8062-543FE8A8E61E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier <==== ATTENTION
Task: {04EAB539-65B7-48C0-AF9E-2028205B23E9} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [35584 2014-07-30] (LENOVO -> )
Task: {0CD28087-58AC-40AB-AEB5-0D6C321B5069} - \WPD\SqmUpload_S-1-5-21-1400478732-2064027374-4255688365-1001 -> Pas de fichier <==== ATTENTION
Task: {21962240-ADF4-4D8E-A336-61198ACF2A3E} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [270208 2014-12-01] (LENOVO -> Lenovo)
Task: {2F1D9EAF-802E-40F5-ADA7-30D0A95B21EB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (Pas de fichier)
Task: {3BC9BD58-2A41-4182-8D68-FEC6E66B1B27} - \McAfee\McAfee Idle Detection Task -> Pas de fichier <==== ATTENTION
Task: {4D0311A6-660B-4476-9199-18FF51E4E005} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {4D347FAF-C0EB-411B-B591-6EAEE60004A2} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-10] (Microsoft Windows -> Microsoft Corporation)
Task: {5684D600-2E9B-453C-99A6-E10FE3639AD9} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [148768 2014-12-01] (LENOVO -> )
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {77C9F7E1-4C84-4761-B439-092AD76A2201} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [95192 2013-03-08] (CyberLink Corp. -> CyberLink Corp.)
Task: {807E9C62-CA3D-49D2-9EF1-D2A0C34FB863} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {82463BA9-A72F-4886-B428-421F55378BA9} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION
Task: {84517AB2-A1ED-4ABD-A0FA-D6C7107E8AF7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {848764ED-66C9-4B20-B61E-6A2934B23EB7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8D40B6DF-C020-41A7-8581-984C8CEB8E84} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16672 2014-12-01] (LENOVO -> Lenovo)
Task: {8FCE1FA9-F9C0-4F37-8FAF-BB6FDCBD3771} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-10] (Microsoft Windows -> Microsoft Corporation)
Task: {94869C7C-5121-434A-AE42-5B34BBEF90C0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {94D8778D-A3B1-47CC-B9F1-05ED430FE35F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {96FF431E-B535-448D-929A-5148890B5D51} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {98711146-2BAD-46D9-9F8E-7497657BD9DF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {994591F7-2272-4139-B9B8-5B6138124AED} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {9DC41C48-CCB6-4F46-A81B-DA21FC55585B} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2021-11-10] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {A470A5B0-8A11-446D-9C76-251151DD0A83} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A84B36DE-6D47-49F3-9F69-40D0D11930CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-13] (Google Inc -> Google LLC)
Task: {A9725415-C1D8-462C-AB40-DD0C47F6B9D1} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1360672 2014-12-01] (LENOVO -> Lenovo)
Task: {C19343D8-6320-48CF-A349-30ACD8444569} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {C7598E26-7E2A-4DD8-B1D2-A140271C265B} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {C7F804F0-64AF-4883-82D3-AD4EBF6BA1EA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {CA4ED855-0375-4846-9EBA-71D428B03DF3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {CC83ED25-7FDC-4585-9AC5-7659747D2A2D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D29D3D1C-6C58-46CF-9464-06EC894B65D9} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [148768 2014-12-01] (LENOVO -> )
Task: {D5A7549A-F000-4BD7-A135-5A4E01CAC394} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {DE5AB4F9-90AC-4AAC-A4F7-428A3203C7D5} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {E0FF9DE0-9D87-4702-AA01-47E7A8BB5128} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-13] (Google Inc -> Google LLC)
Task: {F057008B-09F3-4C38-8C9F-F963269E2622} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {F4F9761C-13FB-4A61-BFB4-DE413E92D0AB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {FC95844F-B642-49CF-A3C2-A242CB80F419} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184 2014-09-10] (LENOVO -> Lenovo)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ba7357e7-2f69-4b99-a5de-5bc481adc745}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\VasseJulien\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\VasseJulien\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-28]
Edge HomePage: Default -> hxxp://www.google.com
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2021-04-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2021-04-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-09-24] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] (Apple Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [Fichier non signé]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-19] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-19] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-09-24] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Default [2022-08-28]
CHR Notifications: Default -> hxxps://forums.commentcamarche.net; hxxps://search.obtenezemail.com; hxxps://videospornogratuit.fr; hxxps://www.facebook.com; hxxps://www.fnac.com; hxxps://www.ufreegames.com
CHR HomePage: Default -> msn.com
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxp://www.trovigo.com/?gd=&ctid=CT3241952&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=61&CUI=&UM=&UP=SP744F5A02-BFE8-4274-9DD4-C3552DAB90A3&D=112415&SSPV=","hxxp://search.conduit.com/?ctid=CT3241952&SearchSource=48"
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> askwebs
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Extension: (Obtenez Email Facile) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Default\Extensions\agfgliijngcondlifollafonjpcnfhpj [2020-07-15]
CHR Extension: (Jeuxjeuxjeux) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajdcdldijnddfkjdikgbemhnjopehfof [2020-10-08]
CHR Extension: (Adblock360) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjchineajlfhdlaonabjhlllhmdlmdc [2022-07-30]
CHR Extension: (OnlineMapFinder) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceopoaldcnmhechacafgagdkklcogkgd [2020-07-15]
CHR Extension: (SlitherPlus - Zoom, Skin Creator, Mod, Bots) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpbghpalffgmgocmnigfhalghmaemffo [2020-06-22]
CHR Extension: (Tampermonkey) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2022-05-12]
CHR Extension: (Slither.io Mods, Zoom, Unlock Skins, Bots) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkphlfniignanbnklkbjikhnknihljpc [2018-01-31]
CHR Extension: (Slither.io Mods, Zoom, Unlock Skins, Bots) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Default\Extensions\eogeabecipmckmihpmkgjbghbffcebcf [2019-11-20]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2022-05-22]
CHR Extension: (FreeMaps) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkgedicakildehepikeopegehmojomfk [2020-07-15]
CHR Extension: (Return YouTube Dislike) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2022-08-09]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-08-28]
CHR Extension: (Roblox+) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfbnmfgkohlfclfnplnlenbalpppohkm [2022-03-15]
CHR Extension: (Ask Web Search) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp [2020-08-28]
CHR Extension: (EasyDocMerge) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Default\Extensions\mabloidgodmbnmnhoenmhlcjkfelomgp [2020-07-15]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Slither IO Unblocked Play Hacks Mods Sandbox) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Default\Extensions\oogebldajafnknnoemjhkmcmhhacjibg [2017-12-21]
CHR Profile: C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-03-01]
CHR Profile: C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-03-01]
CHR HomePage: Profile 1 -> msn.com
CHR DefaultSearchURL: Profile 1 -> hxxps://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSuggestURL: Profile 1 -> hxxps://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Extension: (Docs) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-08-28]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2020-08-28]
CHR Extension: (Google Docs hors connexion) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-08-28]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-08-28]
CHR Extension: (Chrome Media Router) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-08-28]
CHR Profile: C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-03-02]
CHR HomePage: Profile 2 -> msn.com
CHR DefaultSearchURL: Profile 2 -> hxxps://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSuggestURL: Profile 2 -> hxxps://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Extension: (Slides) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-15]
CHR Extension: (Docs) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-15]
CHR Extension: (Google Drive) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-15]
CHR Extension: (YouTube) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-15]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-03-02]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2020-10-15]
CHR Extension: (Sheets) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-15]
CHR Extension: (Google Docs hors connexion) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-02]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-02]
CHR Extension: (Gmail) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-02]
CHR Profile: C:\Users\VasseJulien\AppData\Local\Google\Chrome\User Data\System Profile [2021-03-01]
CHR HKU\S-1-5-21-1400478732-2064027374-4255688365-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2020-09-24] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3863256 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3701464 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-03-02] (BattlEye Innovations e.K. -> )
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [445976 2016-08-03] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [425496 2016-08-03] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [462360 2016-08-03] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2020-01-25] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GameforgeClientService; C:\Program Files (x86)\GameforgeClient\gfservice.exe [562848 2020-08-06] (Gameforge 4D GmbH -> )
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] (Canon Inc. -> )
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Fichier non signé]
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-16] () [Fichier non signé]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [619776 2014-12-05] (LENOVO -> Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-07-30] (LENOVO -> LENOVO INCORPORATED.)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-12-01] (LENOVO -> )
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
R2 QMEmulatorService; C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [198736 2020-08-15] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7793960 2021-04-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-06-13] (Bluestack Systems, Inc -> Bluestack System Inc.)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [320744 2021-11-10] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2019-02-02] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [126624 2019-01-28] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72536 2019-01-28] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [113016 2019-01-30] (Malwarebytes Corporation -> Malwarebytes)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85656 2016-09-09] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S2 vcs; C:\Program Files (x86)\Common Files\Avnex\vcs64.sys [4096 2020-06-28] () [Fichier non signé]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-23] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-23] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-08-28 18:26 - 2022-08-28 18:26 - 002371072 _____ (Farbar) C:\Users\VasseJulien\Downloads\FRST64 (1).exe
2022-08-28 18:25 - 2022-08-28 18:26 - 002074112 _____ (Farbar) C:\Users\VasseJulien\Downloads\FRST (1).exe
2022-08-28 18:25 - 2022-08-28 18:25 - 002074112 _____ (Farbar) C:\Users\VasseJulien\Downloads\FRST.exe
2022-08-28 18:23 - 2022-08-28 18:23 - 000001839 _____ C:\Users\VasseJulien\Desktop\CrystalDiskInfo.lnk
2022-08-28 18:23 - 2022-08-28 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2022-08-28 18:23 - 2022-08-28 18:23 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2022-08-28 18:21 - 2022-08-28 18:21 - 004707136 _____ (Crystal Dew World ) C:\Users\VasseJulien\Downloads\CrystalDiskInfo8_11_2.exe
2022-08-19 13:16 - 2022-08-19 13:16 - 000442223 _____ C:\Users\VasseJulien\Desktop\certificat provisoire.pdf
2022-08-19 13:15 - 2022-08-19 13:15 - 000449850 _____ C:\Users\VasseJulien\Documents\IMG_20220819_0001.pdf
2022-08-19 13:06 - 2022-08-19 13:06 - 000218436 _____ C:\Users\VasseJulien\Downloads\CA_Attestation_Scolaire_Habitation (1).pdf
2022-08-10 02:07 - 2022-08-10 02:07 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-08-10 02:07 - 2022-08-10 02:07 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-08-10 02:07 - 2022-08-10 02:07 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-08-10 02:06 - 2022-08-10 02:06 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-08-10 02:06 - 2022-08-10 02:06 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-08-10 02:06 - 2022-08-10 02:06 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-08-10 02:06 - 2022-08-10 02:06 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-08-10 02:06 - 2022-08-10 02:06 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-08-10 01:29 - 2022-08-10 01:29 - 000000000 ___HD C:\$WinREAgent
2022-08-07 18:08 - 2022-08-07 18:08 - 000000481 _____ C:\Users\VasseJulien\Downloads\csTimerExport_20220807_180829.csv
2022-08-07 14:08 - 2022-08-07 14:08 - 000000002 _____ C:\Users\VasseJulien\Desktop\test.html
2022-08-06 20:02 - 2022-08-06 20:02 - 000000000 ____D C:\Users\VasseJulien\AppData\Local\cache
2022-08-06 20:01 - 2022-08-10 21:49 - 000001302 _____ C:\Users\VasseJulien\Desktop\Roblox Studio.lnk
2022-08-06 19:57 - 2022-08-06 19:57 - 001817600 _____ (Roblox Corporation) C:\Users\VasseJulien\Downloads\RobloxStudioLauncherBeta.exe
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-08-28 18:31 - 2020-04-02 11:16 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-08-28 18:31 - 2019-01-17 11:46 - 000036827 _____ C:\Users\VasseJulien\Downloads\FRST.txt
2022-08-28 18:30 - 2015-11-24 12:42 - 000000000 ____D C:\FRST
2022-08-28 18:20 - 2019-12-13 20:43 - 000000000 ____D C:\Program Files (x86)\Google
2022-08-28 18:19 - 2021-03-29 13:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-08-28 18:19 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-27 12:30 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-27 12:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-08-27 11:34 - 2020-06-18 08:22 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-27 10:37 - 2020-11-07 12:36 - 000000000 ____D C:\ProgramData\CanonIJPLM
2022-08-27 01:19 - 2021-12-13 18:49 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1400478732-2064027374-4255688365-1001
2022-08-27 01:19 - 2021-05-16 11:39 - 000002487 _____ C:\Users\VasseJulien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-27 01:19 - 2021-03-29 13:51 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1400478732-2064027374-4255688365-1001
2022-08-23 20:40 - 2021-03-29 13:51 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-08-19 12:54 - 2016-10-23 12:35 - 000000000 ____D C:\ProgramData\NVIDIA
2022-08-17 08:29 - 2021-03-29 13:51 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-08-17 08:29 - 2021-03-29 13:51 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-08-14 13:55 - 2015-11-21 19:15 - 000000000 ____D C:\Users\VasseJulien\AppData\Local\ElevatedDiagnostics
2022-08-12 13:35 - 2019-11-30 14:27 - 000000000 ____D C:\Users\VasseJulien\AppData\Roaming\Discord
2022-08-12 13:35 - 2019-11-30 14:26 - 000000000 ____D C:\Users\VasseJulien\AppData\Local\Discord
2022-08-10 21:49 - 2019-12-21 15:32 - 000000000 ____D C:\Users\VasseJulien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-08-10 02:59 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-08-10 02:51 - 2021-03-29 13:34 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-08-10 02:51 - 2019-12-07 16:49 - 000791594 _____ C:\WINDOWS\system32\perfh00C.dat
2022-08-10 02:51 - 2019-12-07 16:49 - 000149760 _____ C:\WINDOWS\system32\perfc00C.dat
2022-08-10 02:44 - 2021-03-29 13:13 - 000483264 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-08-10 02:43 - 2021-03-29 13:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-08-10 02:43 - 2021-03-29 13:13 - 000008192 ___SH C:\DumpStack.log.tmp
2022-08-10 02:42 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-08-10 02:41 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-08-10 02:41 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-08-10 02:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-08-10 02:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-08-10 02:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-08-10 02:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-08-10 02:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-08-10 02:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-08-10 02:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-08-10 02:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-08-10 02:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-08-10 02:17 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-08-10 02:06 - 2021-03-29 13:16 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-08-10 01:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-08-10 01:12 - 2015-11-23 22:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-08-10 01:04 - 2015-11-23 22:33 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-08-07 14:12 - 2020-06-08 17:01 - 000000000 ____D C:\Users\VasseJulien\Desktop\flo
2022-08-06 20:22 - 2020-06-21 18:24 - 000000000 ____D C:\Users\VasseJulien\Documents\ROBLOX
2022-08-06 20:07 - 2019-12-21 15:32 - 000000000 ____D C:\Users\VasseJulien\AppData\Local\Roblox
2022-08-06 20:04 - 2019-12-21 15:32 - 000000255 _____ C:\Users\VasseJulien\AppData\LocalLow\rbxcsettings.rbx
==================== Fichiers à la racine de certains dossiers ========
2015-11-22 01:41 - 2022-07-12 22:15 - 000000125 _____ () C:\Users\VasseJulien\AppData\Roaming\D2Info0
2015-12-06 22:37 - 2018-04-07 09:42 - 000000129 _____ () C:\Users\VasseJulien\AppData\Roaming\D2Info1
2015-11-22 01:41 - 2022-07-10 21:31 - 000000008 _____ () C:\Users\VasseJulien\AppData\Roaming\DofusAppId0_1
2015-11-22 02:11 - 2022-07-12 23:27 - 000000008 _____ () C:\Users\VasseJulien\AppData\Roaming\DofusAppId0_2
2015-11-22 02:12 - 2018-08-29 16:05 - 000000008 _____ () C:\Users\VasseJulien\AppData\Roaming\DofusAppId0_3
2015-11-22 02:12 - 2017-04-11 19:34 - 000000008 _____ () C:\Users\VasseJulien\AppData\Roaming\DofusAppId0_4
2015-11-22 12:20 - 2016-05-16 14:18 - 000000008 _____ () C:\Users\VasseJulien\AppData\Roaming\DofusAppId0_5
2016-05-16 14:32 - 2016-05-16 15:19 - 000000008 _____ () C:\Users\VasseJulien\AppData\Roaming\DofusAppId0_6
2015-12-06 22:37 - 2018-03-25 10:36 - 000000008 _____ () C:\Users\VasseJulien\AppData\Roaming\DofusAppId1_1
2015-12-13 16:10 - 2018-04-07 09:46 - 000000008 _____ () C:\Users\VasseJulien\AppData\Roaming\DofusAppId1_2
2016-01-24 13:40 - 2018-03-24 11:27 - 000000008 _____ () C:\Users\VasseJulien\AppData\Roaming\DofusAppId1_3
2016-03-06 20:02 - 2016-06-05 20:43 - 000000008 _____ () C:\Users\VasseJulien\AppData\Roaming\DofusAppId1_4
2016-06-06 00:06 - 2016-06-06 00:41 - 000000008 _____ () C:\Users\VasseJulien\AppData\Roaming\DofusAppId1_5
2018-09-30 16:44 - 2018-10-03 14:00 - 000000011 _____ () C:\Users\VasseJulien\AppData\Roaming\RegPorts-0
2015-11-21 23:36 - 2015-11-21 23:36 - 000000045 _____ () C:\Users\VasseJulien\AppData\Roaming\WB.CFG
2020-04-02 11:14 - 2020-04-02 11:14 - 000000410 _____ () C:\Users\VasseJulien\AppData\Local\oobelibMkey.log
2018-02-15 11:24 - 2018-02-15 11:25 - 050090848 _____ (Sony) C:\Users\VasseJulien\AppData\Local\pcc.exe
2020-03-02 16:46 - 2020-03-02 16:50 - 000012477 _____ () C:\Users\VasseJulien\AppData\Local\PlariumPlay.log
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================