Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06-11-2022
Exécuté par tituxx_pc_portable (administrateur) sur PATOU (ASUSTeK Computer Inc. K53SV) (07-11-2022 18:25:02)
Exécuté depuis C:\Users\tituxx_pc_portable\Desktop
Profils chargés: tituxx_pc_portable
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.2193 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCopyAccelerator.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (Atheros Communications Inc. -> Atheros) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(svchost.exe ->) (ADLICE -> ) C:\Program Files\UCheck\UCheck64.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.208.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [MsmqIntCert] => "C:\Windows\System32\regsvr32.exe" /s "C:\Windows\System32\mqrt.dll" (Pas de fichier)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12681320 2011-08-26] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1903344 2016-02-17] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Fichier non signé]
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3259157864-576597493-3506242795-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38789456 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3259157864-576597493-3506242795-1000\...\Run: [MicrosoftEdgeAutoLaunch_D2F68602DFAD40A799C14DC56089BB2F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891624 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MP495 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA9.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TR4500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDEU.DLL [482816 2018-03-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor TR4500 series: C:\Windows\system32\CNCALEU.DLL [254464 2018-03-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP495 series: C:\Windows\system32\CNMLMA9.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP495 series XPS: C:\Windows\system32\CNMXLMA9.DLL [361472 2010-08-25] (CANON INC.) [Fichier non signé]
HKLM\...\Print\Monitors\Canon BJ Language Monitor TR4500 series: C:\Windows\system32\CNMLMEU.DLL [1303040 2018-03-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\107.0.5304.88\Installer\chrmstp.exe [2022-10-30] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2009-08-02] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2011-08-02] (Atheros Communications Inc. -> Atheros Commnucations) [Fichier non signé]
AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvam.inf_amd64_20c0bba34ffd86ca\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvam.inf_amd64_20c0bba34ffd86ca\nvinitx.dll [208800 2018-02-13] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvam.inf_amd64_20c0bba34ffd86ca\nvinit.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvam.inf_amd64_20c0bba34ffd86ca\nvinit.dll [182272 2018-02-13] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {078360AC-16F4-4D2A-98BE-89492198DAA7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier)
Task: {0861595A-CC55-4745-B23E-7538C5F728EA} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier)
Task: {0C73DF41-3B61-4DC8-9F05-3B30CF55F5CD} - System32\Tasks\UCheck => C:\Program Files\UCheck\UCheck64.exe [30807984 2022-10-14] (ADLICE -> )
Task: {12781D23-7EFC-40A3-8999-7F02E2241ADF} - System32\Tasks\Opera scheduled Autoupdate 1609855418 => C:\Users\tituxx_pc_portable\AppData\Local\Programs\Opera\launcher.exe [1937352 2022-11-03] (Opera Norway AS -> Opera Software)
Task: {17743E67-B47C-49EF-B661-91FCB8C9A6C5} - System32\Tasks\{926DF346-D4C2-4287-B1D6-9E2B05D8A305} => C:\Windows\system32\pcalua.exe -a "F:\Driver Detective\DriverDetective_7.0.exe" -d "F:\Driver Detective"
Task: {29A919AE-954D-4E8B-88A9-4071CDEFE9FB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION
Task: {2A4D854B-3537-4DCC-84C7-5EF50D838C4C} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {2F350C7E-0B6F-479B-A3FA-3BE7405B159E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {30422C77-3931-4FF8-90A5-BF783DBE47AF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [147398024 2022-10-12] (Microsoft Windows -> Microsoft Corporation)
Task: {362E53CE-553B-4F99-849B-F671562EECF2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-10-20] (Piriform Software Ltd -> Piriform)
Task: {38161C15-77F2-44AA-B5D6-4BD8D786C895} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe (Pas de fichier)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4D2D38B0-1166-4FF5-BDCD-3E77E41B014A} - System32\Tasks\Opera scheduled assistant Autoupdate 1609855428 => C:\Users\tituxx_pc_portable\AppData\Local\Programs\Opera\launcher.exe [1937352 2022-11-03] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\tituxx_pc_portable\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {4EBAFDE6-88B7-4467-8C16-063868448448} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {4EFEDB32-30AA-429B-8BD4-1BB03024E923} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {5522C3C8-CB65-4D87-9773-1A9E21176EDF} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier)
Task: {593213BA-BCD9-428B-B1D8-F0D91A67A4E2} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5D58538B-2AC0-4267-927B-97A8CB9AF557} - System32\Tasks\{44AC226A-EB1A-4CE6-9A2E-9621BEC4C5EC} => C:\Windows\system32\pcalua.exe -a "E:\drivers pc portable asus\Lan_realtec_Win7_32_64_Z703801132011.zip-downloader.exe" -d "E:\drivers pc portable asus"
Task: {5EC6E052-F86B-4503-A7D9-89DFD831C725} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "e66d4698-7da6-45be-b418-97413101bc40" --version "6.05.10110" --silent
Task: {5EF81BC0-ED2B-4666-824B-344F36D525C9} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier)
Task: {5FB5188B-FDB5-4E09-BF60-226CCB694813} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {679ADAAE-26F5-4FCC-B7B0-9A5F28C570D6} - System32\Tasks\CCleanerSkipUAC - tituxx_pc_portable => C:\Program Files\CCleaner\CCleaner.exe [32472400 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {6D846EBF-0FF0-4275-85B8-201BD688C366} - System32\Tasks\{F4A9CB92-56F6-4DAB-B050-8E9D16CCD0D8} => C:\Windows\system32\pcalua.exe -a C:\Users\tituxx_pc_portable\Desktop\snuninst.exe -d C:\Users\tituxx_pc_portable\Desktop
Task: {774DF76B-F9FB-4C9C-9971-6C6E3DCC9FCC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {796A08D3-8465-4C24-8B17-505B69F52752} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUSTeK Computer Inc. -> ASUS)
Task: {7B6AFEDB-D1FA-4008-BEB4-D72FE7E796B1} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {8411AC76-0EAA-43F2-9A7F-5FD0ABC865A0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier <==== ATTENTION
Task: {86C361A9-94B5-476A-8939-2DBFF0C64CE3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2250576 2022-05-25] (Avast Software s.r.o. -> Avast Software)
Task: {89796E05-BB83-455C-B2D7-F82D5468A749} - System32\Tasks\RunSpeccy => C:\Program Files\Speccy\Speccy64.exe [7117464 2018-05-02] (Piriform Ltd -> Piriform Ltd)
Task: {8F836547-AD85-4A89-8692-86AA47E3E956} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {913E6031-D40D-4B3E-8D87-726A021C588B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {95A4DDDD-8646-4E57-88C3-2AB0809E84AB} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Pas de fichier <==== ATTENTION
Task: {97865C0C-BC2B-4266-86A5-2F2D12474D78} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Pas de fichier)
Task: {9DBD0CE8-CF8B-4616-A361-FA26FE26472D} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Pas de fichier)
Task: {A2A62135-51EC-46EF-AF45-611A6F09C41C} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier)
Task: {A56904D0-CC7F-443B-97D7-CA7F0B2A36AA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A6BC560A-961A-4B7A-AF4A-5E77893640F8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {A984F0D7-65C4-41C4-830C-EF2EFBCF5DD9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier)
Task: {A9ADA529-C712-4066-AD04-260DD8BAEF0B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier)
Task: {A9E7B3D1-A03F-46FE-BFA4-EAE740A21EE9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-07] (Google LLC -> Google LLC)
Task: {AAFD99ED-8255-4A33-90FA-F9470A72CB2B} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {ACFF692A-C681-41FA-B928-0F5E09AEDB4D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {AFB953ED-D4F0-4F96-A62F-7C69BD734E91} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-07] (Google LLC -> Google LLC)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B0DECC46-F656-4113-B387-5939E9A063D1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B1B2148C-D4C9-4ADE-A4F1-5A1EA604C7C4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {B35958BE-6A4A-4F75-B7FD-2A3D0C558F2E} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier)
Task: {B3EB6E84-AB83-4A69-BC7F-192E0978BAED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B794AA19-2DB4-481B-8339-123CF88EAD91} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier)
Task: {BFAD8A9C-F922-4968-8194-8BC7EE3212CE} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Pas de fichier)
Task: {C0F7FF80-DAAF-4D63-8F8F-1443F967BE53} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier)
Task: {C2D51CF4-1335-48D8-A485-9DE48F57172A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier)
Task: {C536E32B-C315-47CC-973F-F0E0DAF2ECC6} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {CBC73373-1F07-41F0-AAF6-30DA3EF6F876} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Pas de fichier)
Task: {CDCCA935-43FF-4D63-8393-BC5A37A8B764} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {D256C645-A678-4FFF-AEA8-05DBF34C4B7D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {D41E2AB2-1B85-45F6-BAC5-1820783795BF} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier)
Task: {DE1139C5-1348-4DAA-9326-C9F20A1F8CD5} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Pas de fichier)
Task: {DE51FDBD-429E-4912-94E8-A34478C10B70} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (Pas de fichier)
Task: {E0E5F97E-5881-48AD-877A-66B54EABAD6A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Pas de fichier)
Task: {E66B4CAF-4BB3-478F-AEAB-F27E83EC24F4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {E6F2C053-40ED-45D9-B0AA-C95A019A638E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier)
Task: {EADF2FEF-7E1D-4595-9F29-4C73AA31E0BD} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Pas de fichier)
Task: {F1923E0D-42E3-4667-8998-282083309501} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Pas de fichier)
Task: {FA65D7A0-C290-43A7-A695-5D3F68C030EA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{dcbfadbe-66f0-4fdd-9afa-e62180771312}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fca609b1-4ba1-4fa8-9568-f72277e0eb72}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\tituxx_pc_portable\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-07]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 464azwrb.default
FF ProfilePath: C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default [2022-11-07]
FF DownloadDir: C:\Users\tituxx_pc_portable\Desktop
FF Homepage: Mozilla\Firefox\Profiles\464azwrb.default -> hxxps://www.google.fr/
FF Extension: (AdBlocker Ultimate) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\adblockultimate@adblockultimate.net.xpi [2022-09-30]
FF Extension: (AdGuard AdBlocker) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\adguardadblocker@adguard.com.xpi [2022-10-26]
FF Extension: (Dictionnaire français) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2020-06-01]
FF Extension: (PDF Mage) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\jid1-GeRCnsiDhZiTvA@jetpack.xpi [2021-11-17]
FF Extension: (I don't care about cookies) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2022-10-30]
FF Extension: (Show my Password) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\jid1-ytAaKUpYnPSfGA@jetpack.xpi [2021-02-25]
FF Extension: (Français Language Pack) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2022-11-07]
FF Extension: (Gestionnaire de téléchargements (S3)) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\s3download@statusbar.xpi [2019-07-10]
FF Extension: (Google Translator for Firefox) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\translator@zoli.bod.xpi [2018-12-03]
FF Extension: (Flagfox) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2022-11-02]
FF Extension: (Toolbar Button for Facebook) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\{72c9fdff-bccd-4fac-a08e-857103c6e721}.xpi [2021-04-14]
FF Extension: (Two little birds) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\{a78f47b9-eac6-4996-bc9a-54701987af18}.xpi [2019-06-15]
FF Extension: (Video DownloadHelper) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-01]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-08-29]
FF Plugin: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2022-10-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2022-10-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-10-16] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.15 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\tituxx_pc_portable\AppData\Local\Google\Chrome\User Data\Default [2022-11-07]
CHR Extension: (Avira Password Manager) - C:\Users\tituxx_pc_portable\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2022-10-21]
CHR Extension: (Protection Web Avira) - C:\Users\tituxx_pc_portable\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-10-21]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\tituxx_pc_portable\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-15]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
StartMenuInternet: Google Chrome.TQR4JTVDNLWOI3ZCHB2JW5WWMA - C:\Users\tituxx_pc_portable\AppData\Local\Google\Chrome\Application\chrome.exe
Opera:
=======
OPR Profile: C:\Users\tituxx_pc_portable\AppData\Roaming\Opera Software\Opera Stable [2022-11-07]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\tituxx_pc_portable\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-10-21]
OPR Extension: (Opera Wallet) - C:\Users\tituxx_pc_portable\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-10-21]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\tituxx_pc_portable\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-17]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-08-02] (Atheros Communications Inc. -> Atheros) [Fichier non signé]
S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [785408 2022-11-06] (Microsoft Windows -> Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Fichier non signé]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] (Canon Inc. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8879024 2022-11-07] (Malwarebytes Inc. -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-11-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\NisSrv.exe [3191224 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MsMpEng.exe [133536 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [17024 2010-07-26] (ASUSTeK Computer Inc. -> ASUS)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2009-12-18] (Intel(R) Graphics DSS -> )
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ezplay; C:\WINDOWS\System32\Drivers\ezplay.sys [118400 2011-09-11] (VSO-SOFTWARE -> VSO Software)
S3 IntcDAud; C:\WINDOWS\System32\DRIVERS\IntcDAud.sys [317440 2010-10-15] (Intel(R) Corporation) [Fichier non signé]
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [75216 2022-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181992 2022-10-30] (Malwarebytes Inc. -> Malwarebytes)
S3 pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [82816 2011-09-11] (VSO Software) [Fichier non signé]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469280 2022-11-02] (Microsoft Windows -> Microsoft Corporation)
R3 wdkmd; C:\WINDOWS\System32\drivers\WDKMD.sys [42392 2010-12-01] (Wireless Display -> Intel Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-02] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; pas de ImagePath
S3 MpKsl199220e1; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DD042703-C870-476D-8BF9-2D482DEA18C0}\MpKslDrv.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-11-07 18:25 - 2022-11-07 18:27 - 000035969 _____ C:\Users\tituxx_pc_portable\Desktop\FRST.txt
2022-11-07 18:23 - 2022-11-07 18:26 - 000000000 ____D C:\FRST
2022-11-07 18:20 - 2022-11-07 18:20 - 002374656 _____ (Farbar) C:\Users\tituxx_pc_portable\Desktop\FRST64.exe
2022-11-07 18:15 - 2021-04-13 10:08 - 000000150 _____ C:\Users\tituxx_pc_portable\Desktop\pc infopratique.txt
2022-11-07 16:07 - 2022-11-07 16:07 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-11-07 15:29 - 2022-11-07 15:29 - 000004534 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1609855428
2022-11-07 12:03 - 2022-11-07 12:03 - 000000000 ____D C:\ProgramData\ASUS
2022-11-07 11:58 - 2021-07-07 18:17 - 000001984 _____ C:\Users\tituxx_pc_portable\Desktop\PC Health Check.lnk
2022-11-07 11:48 - 2022-11-07 11:48 - 014278656 _____ C:\Users\tituxx_pc_portable\Downloads\WindowsPCHealthCheckSetup.msi
2022-11-07 11:27 - 2022-11-07 11:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-11-06 15:35 - 2022-11-07 16:20 - 000003416 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-11-06 15:35 - 2022-11-07 16:20 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-11-06 14:45 - 2022-11-06 14:45 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-06 14:44 - 2022-11-06 14:44 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-06 14:44 - 2022-11-06 14:44 - 000012263 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-06 14:42 - 2022-11-06 14:42 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-03 12:01 - 2022-11-03 12:01 - 000000000 ___HD C:\$WinREAgent
2022-10-30 13:54 - 2022-10-30 13:54 - 000075216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-10-30 13:53 - 2022-10-30 13:53 - 000181992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-10-27 10:44 - 2022-10-27 10:44 - 000136685 _____ C:\Users\tituxx_pc_portable\Documents\doc95292937 prise de sang.pdf
2022-10-27 10:42 - 2022-10-27 10:43 - 000136685 _____ C:\Users\tituxx_pc_portable\Downloads\doc95292937.pdf
2022-10-26 11:06 - 2022-10-26 11:06 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-10-26 11:06 - 2022-04-23 16:48 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-10-19 11:16 - 2022-10-19 11:16 - 000002228 _____ C:\Users\tituxx_pc_portable\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk
2022-10-17 09:46 - 2022-10-17 09:48 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.4
2022-10-17 09:46 - 2022-10-17 09:46 - 000001197 _____ C:\Users\Public\Desktop\LibreOffice 7.4.lnk
2022-10-17 09:42 - 2022-10-17 09:44 - 000000000 ____D C:\Program Files\LibreOffice
2022-10-14 11:46 - 2022-10-24 14:34 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-10-14 11:46 - 2022-10-24 14:34 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2022-10-12 13:23 - 2022-10-12 13:23 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-11-07 18:29 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-07 18:22 - 2017-07-09 22:33 - 000000000 ____D C:\Users\tituxx_pc_portable\AppData\LocalLow\Mozilla
2022-11-07 18:16 - 2022-02-09 10:53 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-11-07 18:13 - 2011-09-11 18:28 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-07 16:28 - 2016-03-15 22:19 - 000000000 ____D C:\ProgramData\NVIDIA
2022-11-07 16:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-07 16:20 - 2021-10-21 09:54 - 000000000 ____D C:\Program Files\CCleaner
2022-11-07 16:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2022-11-07 16:06 - 2021-12-10 11:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-07 16:06 - 2021-11-03 23:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2022-11-07 16:06 - 2020-07-14 22:50 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-07 16:06 - 2018-07-05 16:43 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-11-07 16:06 - 2018-07-05 16:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-07 16:05 - 2021-12-10 10:39 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2022-11-07 16:05 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-11-07 15:29 - 2022-09-22 15:40 - 000001542 _____ C:\Users\tituxx_pc_portable\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2022-11-07 15:29 - 2021-12-10 11:16 - 000004280 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1609855418
2022-11-07 15:15 - 2020-10-02 11:01 - 000000000 ____D C:\Users\tituxx_pc_portable\Documents\Nouveau dossier
2022-11-07 15:13 - 2021-10-24 15:45 - 000000000 ____D C:\Users\tituxx_pc_portable\Documents\paoier contrat apprentissage gaetan
2022-11-07 15:13 - 2021-01-26 21:18 - 000000000 ____D C:\Users\tituxx_pc_portable\Documents\papier pour permis gaetan
2022-11-07 14:49 - 2021-12-10 10:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-07 12:28 - 2011-09-13 20:51 - 000000000 ____D C:\Users\tituxx_pc_portable\AppData\Local\CrashDumps
2022-11-07 12:20 - 2019-02-19 14:55 - 000001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2022-11-07 11:58 - 2021-07-07 18:17 - 000001446 _____ C:\Users\tituxx_pc_portable\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-11-07 11:58 - 2021-07-07 18:17 - 000000000 ___RD C:\Users\tituxx_pc_portable\AppData\Local\PCHealthCheck
2022-11-07 11:51 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-07 11:26 - 2018-07-05 16:43 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-11-07 11:17 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-06 15:34 - 2021-12-10 11:05 - 002036638 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-06 15:34 - 2019-12-07 15:50 - 000877926 _____ C:\WINDOWS\system32\perfh00C.dat
2022-11-06 15:34 - 2019-12-07 15:50 - 000183412 _____ C:\WINDOWS\system32\perfc00C.dat
2022-11-06 15:27 - 2021-12-10 10:39 - 000632320 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-06 15:22 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-06 15:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-06 15:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-06 15:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-06 15:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-06 15:21 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-06 15:21 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-06 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-06 15:01 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-06 14:43 - 2011-09-11 20:24 - 000415708 __RSH C:\bootmgr
2022-11-06 14:41 - 2021-12-10 10:45 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-02 12:35 - 2018-07-06 12:36 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-02 10:09 - 2021-12-21 14:45 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk
2022-11-02 10:00 - 2019-10-05 16:44 - 000000000 ____D C:\ProgramData\CanonIJPLM
2022-10-31 17:30 - 2021-12-10 09:14 - 000000000 ____D C:\Users\tituxx_pc_portable
2022-10-31 12:17 - 2021-02-20 10:19 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-10-30 15:29 - 2022-02-04 15:28 - 000002276 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-10-30 15:29 - 2021-01-07 14:03 - 000002317 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-27 10:27 - 2022-01-25 10:28 - 000001266 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2022-10-27 10:27 - 2021-08-26 12:38 - 000001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2022-10-26 11:07 - 2021-05-29 11:47 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-10-26 11:07 - 2021-05-29 11:47 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-10-26 11:06 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-10-26 10:55 - 2021-05-29 11:46 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-10-26 10:55 - 2018-07-05 20:13 - 000000000 ____D C:\Program Files\Malwarebytes
2022-10-24 15:15 - 2021-02-17 14:33 - 000000837 _____ C:\Users\Public\Desktop\UCheck.lnk
2022-10-24 15:15 - 2020-07-15 02:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UCheck
2022-10-24 15:15 - 2020-07-15 02:08 - 000000000 ____D C:\Program Files\UCheck
2022-10-24 14:37 - 2022-01-13 07:18 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-10-24 14:16 - 2021-12-10 11:16 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-10-24 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-23 16:03 - 2022-08-05 17:28 - 000000000 ____D C:\WINDOWS\Minidump
2022-10-23 15:59 - 2015-08-16 11:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-10-23 15:59 - 2013-03-09 16:13 - 000000000 ____D C:\Program Files\Java
2022-10-23 15:58 - 2016-03-15 18:48 - 000195232 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2022-10-14 11:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-12 10:37 - 2021-12-10 11:16 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-12 10:25 - 2021-12-10 11:16 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-12 10:11 - 2013-09-07 16:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-12 09:39 - 2011-09-11 00:51 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Fichiers à la racine de certains dossiers ========
2020-02-05 14:09 - 2019-09-19 09:39 - 030570784 _____ (Adlice Software ) C:\Users\tituxx_pc_portable\UCheck_setup.exe
2011-09-11 19:50 - 2015-12-14 10:10 - 000007833 _____ () C:\Users\tituxx_pc_portable\AppData\Roaming\ezplay.cat
2011-09-11 19:50 - 2015-12-14 10:10 - 000001127 _____ () C:\Users\tituxx_pc_portable\AppData\Roaming\ezplay.inf
2011-09-11 19:50 - 2011-09-11 19:50 - 000000125 _____ () C:\Users\tituxx_pc_portable\AppData\Roaming\ezplay.ini
2011-09-11 19:50 - 2015-12-14 10:10 - 000000033 _____ () C:\Users\tituxx_pc_portable\AppData\Roaming\ezplay.log
2011-09-11 19:47 - 2015-12-14 10:04 - 000007859 _____ () C:\Users\tituxx_pc_portable\AppData\Roaming\pcouffin.cat
2011-09-11 19:47 - 2015-12-14 10:04 - 000001167 _____ () C:\Users\tituxx_pc_portable\AppData\Roaming\pcouffin.inf
2011-09-11 19:47 - 2015-12-14 10:04 - 000000033 _____ () C:\Users\tituxx_pc_portable\AppData\Roaming\pcouffin.log
2019-07-16 17:30 - 2019-08-16 09:58 - 050616672 _____ (Sony) C:\Users\tituxx_pc_portable\AppData\Local\pcc.exe
2016-03-16 13:25 - 2016-03-16 13:25 - 000001265 _____ () C:\Users\tituxx_pc_portable\AppData\Local\PDLSetup.20160316.132545.txt
2016-03-16 13:25 - 2016-03-16 13:25 - 000001265 _____ () C:\Users\tituxx_pc_portable\AppData\Local\PDLSetup.20160316.132554.txt
2016-03-16 13:26 - 2016-03-16 13:26 - 000000673 _____ () C:\Users\tituxx_pc_portable\AppData\Local\PDLSetup.20160316.132647.txt
2016-03-16 13:27 - 2016-03-16 13:27 - 000001567 _____ () C:\Users\tituxx_pc_portable\AppData\Local\PDLSetup.20160316.132717.txt
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=C:
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {49f041ff-5997-11ec-8f59-14dae9279401}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {5d9f7faa-599d-11ec-8f5a-ebeac29a386b}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {49f041ff-5997-11ec-8f59-14dae9279401}
nx OptIn
bootmenupolicy Standard
hypervisorlaunchtype Auto
Chargeur de d‚marrage Windows
-----------------------------
identificateur {5d9f7faa-599d-11ec-8f5a-ebeac29a386b}
device ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{5d9f7fab-599d-11ec-8f5a-ebeac29a386b}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{5d9f7fab-599d-11ec-8f5a-ebeac29a386b}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {9c8cc5be-dcab-11e0-8ffa-96b67b4d915b}
device ramdisk=[C:]\Recovery\9c8cc5be-dcab-11e0-8ffa-96b67b4d915b\Winre.wim,{9c8cc5bf-dcab-11e0-8ffa-96b67b4d915b}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\9c8cc5be-dcab-11e0-8ffa-96b67b4d915b\Winre.wim,{9c8cc5bf-dcab-11e0-8ffa-96b67b4d915b}
systemroot \windows
nx OptIn
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {b58a3a6c-810b-11e8-a669-fcff3203c98a}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{b58a3a6d-810b-11e8-a669-fcff3203c98a}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{b58a3a6d-810b-11e8-a669-fcff3203c98a}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {49f041ff-5997-11ec-8f59-14dae9279401}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {5d9f7faa-599d-11ec-8f5a-ebeac29a386b}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=C:
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {5d9f7fab-599d-11ec-8f5a-ebeac29a386b}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume2
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options de p‚riph‚rique
-----------------------
identificateur {9c8cc5bf-dcab-11e0-8ffa-96b67b4d915b}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\9c8cc5be-dcab-11e0-8ffa-96b67b4d915b\boot.sdi
==================== Fin de FRST.txt ========================