Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 28-08-2023
Exécuté par SEBASTIEN SIROT (administrateur) sur SEBASTIENSIROT (ASUSTeK COMPUTER INC. N56VZ) (06-09-2023 19:34:56)
Exécuté depuis C:\Users\SEBASTIEN SIROT\Desktop\FRST64.exe
Profils chargés: UpdatusUser & SEBASTIEN SIROT
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3324 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Windows\AsScrPro.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (CyberLink -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (CyberLink -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (CyberLink -> cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(explorer.exe ->) () [Fichier non signé] C:\Program Files\ROTEL\ROTEL_PC_USB_Driver\ROTELAudioCplApp.exe
(explorer.exe ->) (Alcor Micro Corp.) [Fichier non signé] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(explorer.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(explorer.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (MUSIC Tribe Brands DE GmbH -> ) C:\Program Files\BEHRINGER\UMC_Audio_Driver\W10_x64\UMCAudioCplApp.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <20>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(services.exe ->) (CyberLink -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(services.exe ->) (MAGIX AG) [Fichier non signé] C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21538.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-18] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-17] (Alcor Micro Corp.) [Fichier non signé]
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2661672 2012-02-19] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-02-24] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Fichier non signé]
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (eCareme Technologies, Inc. -> ecareme)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-07] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [ASUS InstantKey] => C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [20456 2012-02-21] (ASUSTeK Computer Inc. -> ASUS) [Fichier non signé]
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2319536 2011-10-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568 2012-02-21] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3058304 2014-04-07] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2011-09-28] (CyberLink -> cyberlink)
HKLM-x32\...\Run: [UpdatePSTShortCut] => "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" (Pas de fichier)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-20] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322176 2012-02-16] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-24] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1708977962-1448600183-860242381-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016584 2021-01-15] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1708977962-1448600183-860242381-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41584544 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1708977962-1448600183-860242381-1001\...\Run: [MicrosoftEdgeAutoLaunch_7939B237C7D54CACEEB56F4FD41695D0] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4108328 2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1708977962-1448600183-860242381-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [581120 2022-08-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => Pas de fichier
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-02-24]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ROTEL Audio Control Panel Autostart.lnk [2017-09-14]
ShortcutTarget: ROTEL Audio Control Panel Autostart.lnk -> C:\Program Files\ROTEL\ROTEL_PC_USB_Driver\ROTELAudioCplApp.exe () [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UMC Control Panel Autostart.lnk [2021-03-21]
ShortcutTarget: UMC Control Panel Autostart.lnk -> C:\Program Files\BEHRINGER\UMC_Audio_Driver\W10_x64\UMCAudioCplApp.exe (MUSIC Tribe Brands DE GmbH -> )
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {1F9F2BF4-1E13-4B10-93A2-6ABB0665F145} - System32\Tasks\{57BD77E1-23EF-4845-B312-0E973A4C4BDE} => c:\program files (x86)\mozilla firefox\firefox.exe [675232 2023-09-01] (Mozilla Corporation -> Mozilla Corporation) -> hxxp://ui.skype.com/ui/0/6.14.0.104/fr/abandoninstall?source=lightinstaller&page=tsInstall
Task: {45DF1E72-85B0-40A4-BA4D-D44E42C8BCD2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {6933F533-305D-428F-93A9-704E719BC1F1} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-05-17] (Adobe Inc. -> Adobe)
Task: {45CAF9C4-385B-40E5-B139-6C23519672CC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-17] (Adobe Inc. -> Adobe)
Task: {5FAF6A76-327B-4F7C-A156-E81C51F5ED0F} - System32\Tasks\AdobeAAMUpdater-1.0-SEBASTIENSIROT-SEBASTIEN SIROT => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {EC2CA4D5-854C-4C7B-926C-926E633A56E5} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1004464 2012-02-16] (ASUSTeK Computer Inc. -> ASUS) [Fichier non signé]
Task: {8A221282-9E09-422F-8299-38D0A668C188} - System32\Tasks\ASUS Quick Gesture => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe [17872 2011-12-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {CA3037A2-9FC6-4C37-990C-1EA56C7D36ED} - System32\Tasks\ASUS Quick Gesture (x64) => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe [18896 2011-12-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {799F5F42-7540-44C3-AEF4-7AD3DD8A8A17} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [473728 2012-02-17] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {93B60016-E742-48ED-85CA-C1D85713AB63} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1121448 2012-02-29] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {F9816AEE-4021-4F60-8DAC-B4B9735B8134} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322176 2012-02-16] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {03D5207C-7915-4A08-B4C7-5872A958C49E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (Pas de fichier)
Task: {473B795E-CF6A-49AD-AFCD-6A0B3A2284BD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {05DEC155-79E5-464D-BFB1-753C94BEE576} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "66817192-569f-4eaa-886f-0b1c6e869735" --version "6.15.10623" --silent
Task: {28725E43-DF53-4C1F-9DE8-DB58CC899C68} - System32\Tasks\CCleanerSkipUAC - SEBASTIEN SIROT => C:\Program Files\CCleaner\CCleaner.exe [34687904 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {97B3B98A-FFA6-434A-9582-D5178421A4EA} - System32\Tasks\Driver Booster SkipUAC (SEBASTIEN SIROT) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe /skipuac (Pas de fichier)
Task: {8BDDB50A-894A-44C8-8F18-AC996B599520} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (Pas de fichier)
Task: {0B3022E3-1822-42D2-853B-060D9B16FE85} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (Pas de fichier)
Task: {D0F34B5F-C623-452C-84FB-DD24AAB96E92} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233224 2011-11-25] (Intel® Services Manager -> Intel Corporation)
Task: {BF266FF5-FA56-4FAA-9926-C7A2CCF014CF} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233224 2011-11-25] (Intel® Services Manager -> Intel Corporation)
Task: {59A2D932-FBFE-4733-9A8E-CBDEF265CDA5} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {5ACEFF16-BEAD-4D40-8A4D-6BE3D0F14D0D} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => %windir%\system32\sipnotify.exe -LogonOrUnlock (Pas de fichier)
Task: {5632114C-8814-4E00-8FF1-BCD5DE78792E} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => %windir%\system32\sipnotify.exe -Daily (Pas de fichier)
Task: {29308477-8F7E-4D4F-92D5-F1534E61B6F5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Pas de fichier)
Task: {FFEE4F98-789F-4BC5-9EBF-91D4AC658C46} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier)
Task: {773492A6-4F08-4DAF-9C1B-778BC17ACAED} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Pas de fichier)
Task: {FACB8164-0888-403B-B4E6-7F59329EA90F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe /DRMInit (Pas de fichier)
Task: {78588675-6CF3-4E50-B5B1-1EC34EAA2F6B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier)
Task: {0837D897-84CB-4E30-A8DD-807937A81DFC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate $(Arg0) (Pas de fichier)
Task: {7D6006B8-C289-4E5D-8230-9086C4256401} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15 (Pas de fichier)
Task: {FBC8485F-A585-489F-8E2C-C65FEABC1BEF} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier)
Task: {01C995FF-D178-4E7B-AC4A-9E950006A207} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier)
Task: {148318FC-5974-4508-A415-B3AFD16E5DDB} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier)
Task: {6FECF9BE-AED8-4627-80ED-91FF5361960F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier)
Task: {3C9616B2-742C-4820-AFAE-F3D2459E9677} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier)
Task: {7DDF9673-8D0B-4652-B795-1BEAD1206B65} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier)
Task: {E959E007-A71C-4952-8EA8-22DE146D6227} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier)
Task: {0F1FC558-90E6-41AA-8D37-4FBE69053762} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe -pscn 0 (Pas de fichier)
Task: {F0496437-71B1-4E96-9E9C-3BC2F52CDE46} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier)
Task: {C778374C-94FE-41B0-B705-5FC952201AC0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe -PvrSchedule (Pas de fichier)
Task: {DD548504-31EE-43FF-A573-1E9BCB56DC76} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec /RestartRecording (Pas de fichier)
Task: {3D966D87-5FE5-4FBC-8E90-DB0F48E454DB} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier)
Task: {3E3E65EA-6693-4ACC-947D-206853F50D65} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier)
Task: {42145BE5-4059-431F-919A-1A381C5966DE} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier)
Task: {ABE3A6B6-3190-4F70-9C0F-DC4C36B582B3} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec /StartRecording (Pas de fichier)
Task: {AA921623-B84A-4EC8-A6DA-5D46323FC6D9} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier)
Task: {99ADB0CA-672E-4FEC-86C4-E8DC868BFA5F} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {78823C90-9A38-4B3A-A476-4FD59D7C0A70} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {E2C9DB2C-E6DF-4214-9035-617D37295C1D} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {7CE3F3E0-3E4E-47D1-9EDA-BC6D0E9CE54C} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {16C686BB-011A-4C44-8941-40D2CC2D982F} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {4019AF6B-2E4E-4351-B60D-F6F8E66C1FC2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2C61C779-A71E-4E2D-93B7-B5C8EC2B5A49} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0B8ACA85-D0D8-4592-B26B-DA98DB39BA21} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B555A4D0-CC35-43CB-A2A8-6CA9B75071E4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {99371091-EF6D-4217-B79A-5B1327A80DFE} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [675232 2023-09-01] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {B0BCECAE-C8AB-42A2-AC8D-0D473A5C91BC} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [722336 2023-09-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {6D685E7C-AD5D-4F7D-92CD-39A098722569} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe /addGadget (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1708977962-1448600183-860242381-1001Core.job => C:\Users\SEBASTIEN SIROT\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1708977962-1448600183-860242381-1001UA.job => C:\Users\SEBASTIEN SIROT\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 83.255.255.1 83.255.255.2
Tcpip\..\Interfaces\{5AA18F9F-46A5-445C-B95A-A548407386C0}: [DhcpNameServer] 83.255.255.1 83.255.255.2
Tcpip\..\Interfaces\{8803A509-6E9E-4CAB-9B7F-D8AB693675CF}: [DhcpNameServer] 193.150.193.150 83.255.245.11
Edge:
=======
DownloadDir: C:\Users\SEBASTIEN SIROT\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\SEBASTIEN SIROT\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-06]
Edge Extension: (Google Docs hors connexion) - C:\Users\SEBASTIEN SIROT\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-06]
Edge Extension: (Edge relevant text changes) - C:\Users\SEBASTIEN SIROT\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-06]
FireFox:
========
FF DefaultProfile: 383jrw1r.default-1587062510840
FF ProfilePath: C:\Users\SEBASTIEN SIROT\AppData\Roaming\Mozilla\Firefox\Profiles\383jrw1r.default-1587062510840 [2023-09-06]
FF DownloadDir: C:\Users\SEBASTIEN SIROT\Desktop
FF Session Restore: Mozilla\Firefox\Profiles\383jrw1r.default-1587062510840 -> est activé.
FF Notifications: Mozilla\Firefox\Profiles\383jrw1r.default-1587062510840 -> hxxps://partenaire.interflora.fr; hxxps://www.interflora.fr; hxxps://monjardinmamaison.maison-travaux.fr; hxxps://www.corsematin.com
FF Extension: (Spring Singer) - C:\Users\SEBASTIEN SIROT\AppData\Roaming\Mozilla\Firefox\Profiles\383jrw1r.default-1587062510840\Extensions\{cfaa60c2-536c-4035-b23b-3b10d9517577}.xpi [2020-05-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_371.dll [2020-05-17] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-08-19] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_371.dll [2020-05-17] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll [2006-11-03] (Yahoo! Inc. -> Yahoo! Inc.)
FF Plugin HKU\S-1-5-21-1708977962-1448600183-860242381-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\SEBASTIEN SIROT\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Software Sarl -> Skype Limited)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
Opera:
=======
OPR Profile: C:\Users\SEBASTIEN SIROT\AppData\Roaming\Opera Software\Opera Stable [2022-09-11]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\SEBASTIEN SIROT\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-09-11]
OPR Extension: (Opera Crypto Wallet) - C:\Users\SEBASTIEN SIROT\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-09-11]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\SEBASTIEN SIROT\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-09-11]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-17] (Adobe Inc. -> Adobe)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-02-17] (ASUSTeK Computer Inc. -> ASUS)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink -> CyberLink)
S3 DialComService; C:\Program Files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe [2183440 2014-12-10] (DIAL -> DIAL GmbH)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [Fichier non signé]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Fichier non signé]
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit Information Technology -> IObit)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] (CyberLink -> )
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-09-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-09-01] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R3 AMPPAL; C:\WINDOWS\System32\drivers\AMPPAL.sys [195584 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\WINDOWS\system32\DRIVERS\amppal.sys [195584 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-26] (ASUSTeK Computer Inc. -> )
R3 AsusVBus; C:\WINDOWS\System32\drivers\AsusVBus.sys [35968 2011-12-21] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
R3 AsusVTouch; C:\WINDOWS\System32\drivers\AsusVTouch.sys [16512 2011-11-08] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-05-03] (Martin Malik - REALiX -> REALiX(tm))
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [15416 2009-07-20] (ASUSTeK Computer Inc. -> )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55872 2023-09-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [574872 2023-09-01] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2023-09-01] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-09-06 19:34 - 2023-09-06 19:37 - 000037792 _____ C:\Users\SEBASTIEN SIROT\Desktop\FRST.txt
2023-09-06 19:31 - 2023-09-06 19:32 - 002382336 _____ (Farbar) C:\Users\SEBASTIEN SIROT\Desktop\FRST64.exe
2023-09-01 19:19 - 2023-09-01 19:19 - 000001004 _____ C:\Users\Public\Desktop\CEWE Fotoredigering.lnk
2023-09-01 19:19 - 2023-09-01 19:19 - 000000989 _____ C:\Users\Public\Desktop\CEWE Fotoprogram.lnk
2023-09-01 19:19 - 2023-09-01 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEWE Fotoprogram
2023-09-01 19:13 - 2023-09-01 19:13 - 000000000 ____D C:\Users\SEBASTIEN SIROT\AppData\Roaming\hps-install
2023-09-01 18:15 - 2023-09-01 18:15 - 000001314 _____ C:\Users\Public\Desktop\Logiciel de création CEWE Livrephoto.lnk
2023-09-01 18:15 - 2023-09-01 18:15 - 000001224 _____ C:\Users\Public\Desktop\Galerie Photo CEWE.lnk
2023-09-01 18:15 - 2023-09-01 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logiciel de création CEWE Livrephoto
2023-09-01 17:32 - 2023-09-01 17:32 - 000000000 _____ C:\Users\SEBASTIEN SIROT\Downloads\lOxvmbMI.htm
2023-08-30 20:20 - 2023-08-30 20:20 - 000000000 ____D C:\Users\SEBASTIEN SIROT\AppData\Local\{20C902A5-7610-456F-8A6E-BA23EDB8323D}
2023-08-27 20:48 - 2023-08-27 20:48 - 000178614 _____ C:\Users\SEBASTIEN SIROT\Downloads\AlvsjoAIKGympaforening_Facture_21562.pdf
2023-08-26 19:01 - 2023-08-26 19:01 - 000086552 _____ C:\Users\SEBASTIEN SIROT\Downloads\Stockholm Burlesque Festival.pdf
2023-08-26 19:01 - 2023-08-26 19:01 - 000086552 _____ C:\Users\SEBASTIEN SIROT\Desktop\Stockholm Burlesque Festival.pdf
2023-08-25 15:26 - 2023-08-25 15:26 - 000000000 ____D C:\WINDOWS\LastGood
2023-08-24 21:22 - 2023-08-24 21:22 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2023-08-23 16:35 - 2023-08-23 16:35 - 000043361 _____ C:\Users\SEBASTIEN SIROT\Desktop\I_AvisDOperation_PDF.pdf
2023-08-23 16:19 - 2023-08-23 16:19 - 000021254 _____ C:\Users\SEBASTIEN SIROT\Desktop\Extrait de comptes Compte 37531 000115967.. COMPTE COURANT M SIROT SEBASTIEN au 2023-08-11.pdf
2023-08-23 16:18 - 2023-08-23 16:18 - 000021254 _____ C:\Users\SEBASTIEN SIROT\Downloads\Extrait de comptes Compte 37531 000115967.. COMPTE COURANT M SIROT SEBASTIEN au 2023-08-11.pdf
2023-08-21 21:04 - 2023-08-21 21:04 - 000083330 _____ C:\Users\SEBASTIEN SIROT\Downloads\4760012247600122.pdf
2023-08-21 21:03 - 2023-08-21 21:03 - 000071285 _____ C:\Users\SEBASTIEN SIROT\Downloads\7087169070871690.pdf
2023-08-21 20:59 - 2023-08-21 21:01 - 000000000 ____D C:\Users\SEBASTIEN SIROT\Desktop\Citroen DS
2023-08-09 20:05 - 2023-09-05 20:43 - 000000000 ____D C:\Users\SEBASTIEN SIROT\Desktop\Vacances 2023
2023-08-09 17:16 - 2023-08-09 17:16 - 000000000 ___HD C:\$WinREAgent
2023-08-08 16:54 - 2023-09-06 17:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-09-06 19:36 - 2018-01-04 17:55 - 000000000 ____D C:\FRST
2023-09-06 19:20 - 2020-09-10 22:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-09-06 18:50 - 2014-04-06 20:43 - 000000387 _____ C:\Users\SEBASTIEN SIROT\AppData\Roaming\sp_data.sys
2023-09-06 18:20 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-06 18:00 - 2022-02-09 16:25 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-09-06 17:53 - 2019-12-08 15:30 - 000000000 ___RD C:\Users\SEBASTIEN SIROT\OneDrive
2023-09-06 17:53 - 2018-06-15 21:30 - 000000000 ____D C:\Users\SEBASTIEN SIROT\AppData\Roaming\Microsoft\Skype for Desktop
2023-09-06 17:52 - 2015-10-21 20:29 - 000000000 ____D C:\Program Files\CCleaner
2023-09-06 17:51 - 2019-12-11 19:10 - 000000000 __SHD C:\Users\SEBASTIEN SIROT\IntelGraphicsProfiles
2023-09-06 17:49 - 2020-09-10 22:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-06 17:49 - 2019-12-08 14:59 - 000142832 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_38F51D56.sys
2023-09-06 17:49 - 2017-10-05 20:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-09-06 17:49 - 2014-04-07 06:07 - 000000000 ____D C:\ProgramData\NVIDIA
2023-09-06 17:48 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-09-06 16:35 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-06 16:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-05 19:57 - 2019-12-08 15:08 - 000000000 ____D C:\Users\SEBASTIEN SIROT\AppData\Local\Packages
2023-09-05 19:53 - 2019-12-08 15:27 - 000000000 ____D C:\ProgramData\Packages
2023-09-03 19:04 - 2020-07-17 16:10 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-03 18:54 - 2016-05-03 07:58 - 000000000 ____D C:\ProgramData\ProductData
2023-09-01 19:14 - 2016-01-15 17:50 - 000000000 ____D C:\ProgramData\tmp
2023-09-01 18:20 - 2016-01-15 17:50 - 000000000 ____D C:\ProgramData\hps
2023-09-01 18:15 - 2019-06-01 17:58 - 000000000 ____D C:\Users\SEBASTIEN SIROT\AppData\Local\CEWE
2023-09-01 16:17 - 2019-12-08 15:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-09-01 16:15 - 2021-12-11 23:28 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1708977962-1448600183-860242381-1001
2023-09-01 16:15 - 2020-09-10 22:58 - 000003396 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1708977962-1448600183-860242381-1001
2023-09-01 16:15 - 2020-09-10 22:41 - 000002449 _____ C:\Users\SEBASTIEN SIROT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-01 16:10 - 2017-10-05 20:29 - 000001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-08-30 17:13 - 2020-08-29 11:43 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-08-25 15:27 - 2020-09-10 22:52 - 001923838 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-25 15:27 - 2019-12-07 16:49 - 000833030 _____ C:\WINDOWS\system32\perfh00C.dat
2023-08-25 15:27 - 2019-12-07 16:49 - 000167760 _____ C:\WINDOWS\system32\perfc00C.dat
2023-08-25 15:27 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-08-24 17:32 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-24 17:11 - 2022-10-11 16:11 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-08-24 17:11 - 2022-10-11 16:11 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-08-24 17:11 - 2020-09-10 22:58 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-08-23 20:59 - 2022-09-20 16:58 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-08-16 16:36 - 2022-09-20 16:58 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-08-16 16:36 - 2020-09-10 22:58 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-08-09 20:53 - 2020-09-10 22:34 - 005943656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-09 20:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-09 20:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-09 20:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-09 20:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-09 20:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-09 20:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-09 20:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-09 20:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-09 17:46 - 2020-09-10 22:38 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-08-09 17:06 - 2016-04-25 17:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-09 16:49 - 2016-04-25 17:56 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Fichiers à la racine de certains dossiers ========
2015-10-19 17:42 - 2015-11-09 16:27 - 000035425 _____ () C:\Users\SEBASTIEN SIROT\AppData\Roaming\LW_sebastiens@wanadoo.fr.sd
2015-10-19 17:42 - 2015-11-09 16:22 - 000035396 _____ () C:\Users\SEBASTIEN SIROT\AppData\Roaming\LW_sebastiens@wanadoo.fr.sd0
2015-10-19 17:42 - 2015-11-09 16:02 - 000035396 _____ () C:\Users\SEBASTIEN SIROT\AppData\Roaming\LW_sebastiens@wanadoo.fr.sd1
2014-04-06 20:43 - 2023-09-06 18:50 - 000000387 _____ () C:\Users\SEBASTIEN SIROT\AppData\Roaming\sp_data.sys
2014-05-11 20:49 - 2014-05-11 20:49 - 000001456 _____ () C:\Users\SEBASTIEN SIROT\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs
2016-06-16 15:52 - 2018-05-03 17:31 - 000001456 _____ () C:\Users\SEBASTIEN SIROT\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2018-01-07 19:21 - 2018-01-07 19:21 - 000007609 _____ () C:\Users\SEBASTIEN SIROT\AppData\Local\Resmon.ResmonCfg
2018-04-05 18:18 - 2018-04-05 18:18 - 000000000 _____ () C:\Users\SEBASTIEN SIROT\AppData\Local\{A2486B41-B745-4EF4-9B27-28EEC08FBBC4}
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{246548ce-0afd-11e6-b95a-806e6f6e6963}
timeout 2
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {4c48adb5-f3ad-11ea-bad4-e65cbb4c1d88}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {246548ce-0afd-11e6-b95a-806e6f6e6963}
description CD/DVD Drive
Chargeur de démarrage Windows
-----------------------------
identificateur {149da029-c231-11e1-b782-685d437176f3}
device ramdisk=[C:]\Recovery\149da029-c231-11e1-b782-685d437176f3\Winre.wim,{149da02a-c231-11e1-b782-685d437176f3}
path \windows\system32\winload.efi
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\149da029-c231-11e1-b782-685d437176f3\Winre.wim,{149da02a-c231-11e1-b782-685d437176f3}
systemroot \windows
nx OptIn
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {38d3b393-f3a5-11ea-92b0-fcc70e50e00f}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{38d3b394-f3a5-11ea-92b0-fcc70e50e00f}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{38d3b394-f3a5-11ea-92b0-fcc70e50e00f}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {4ae464d7-b60e-11e1-a72b-8b540dbd7c57}
device ramdisk=[\Device\HarddiskVolume6]\sources\boot.wim,{ramdiskoptions}
path \windows\system32\boot\winload.efi
description WinPE
osdevice ramdisk=[\Device\HarddiskVolume6]\sources\boot.wim,{ramdiskoptions}
systemroot \windows
detecthal Yes
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {38d3b393-f3a5-11ea-92b0-fcc70e50e00f}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {4c48adb5-f3ad-11ea-bad4-e65cbb4c1d88}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {cf5ff18a-b61c-11e1-aad3-ae64aeee7f57}
device ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\winre.wim,{cf1fac63-b61c-11e1-aad3-ae64aeee7f57}
path \windows\system32\winload.efi
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\winre.wim,{cf1fac63-b61c-11e1-aad3-ae64aeee7f57}
systemroot \windows
nx OptIn
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {4c48adb5-f3ad-11ea-bad4-e65cbb4c1d88}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {38d3b393-f3a5-11ea-92b0-fcc70e50e00f}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {149da02a-c231-11e1-b782-685d437176f3}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\149da029-c231-11e1-b782-685d437176f3\boot.sdi
Options de périphérique
-----------------------
identificateur {38d3b394-f3a5-11ea-92b0-fcc70e50e00f}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options Ramdisk du programme d'installation
-------------------------------------------
identificateur {ramdiskoptions}
description Ramdisk options
ramdisksdidevice partition=\Device\HarddiskVolume6
ramdisksdipath \boot\boot.sdi
Options de périphérique
-----------------------
identificateur {cf1fac63-b61c-11e1-aad3-ae64aeee7f57}
description Ramdisk options
ramdisksdidevice partition=\Device\HarddiskVolume6
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par SEBASTIEN SIROT (administrateur) sur SEBASTIENSIROT (ASUSTeK COMPUTER INC. N56VZ) (06-09-2023 19:34:56)
Exécuté depuis C:\Users\SEBASTIEN SIROT\Desktop\FRST64.exe
Profils chargés: UpdatusUser & SEBASTIEN SIROT
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3324 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Windows\AsScrPro.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (CyberLink -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (CyberLink -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (CyberLink -> cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(explorer.exe ->) () [Fichier non signé] C:\Program Files\ROTEL\ROTEL_PC_USB_Driver\ROTELAudioCplApp.exe
(explorer.exe ->) (Alcor Micro Corp.) [Fichier non signé] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(explorer.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(explorer.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (MUSIC Tribe Brands DE GmbH -> ) C:\Program Files\BEHRINGER\UMC_Audio_Driver\W10_x64\UMCAudioCplApp.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <20>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(services.exe ->) (CyberLink -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(services.exe ->) (MAGIX AG) [Fichier non signé] C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21538.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-18] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-17] (Alcor Micro Corp.) [Fichier non signé]
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2661672 2012-02-19] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-02-24] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Fichier non signé]
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (eCareme Technologies, Inc. -> ecareme)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-07] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [ASUS InstantKey] => C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [20456 2012-02-21] (ASUSTeK Computer Inc. -> ASUS) [Fichier non signé]
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2319536 2011-10-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568 2012-02-21] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3058304 2014-04-07] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2011-09-28] (CyberLink -> cyberlink)
HKLM-x32\...\Run: [UpdatePSTShortCut] => "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" (Pas de fichier)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-20] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322176 2012-02-16] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-24] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1708977962-1448600183-860242381-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016584 2021-01-15] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1708977962-1448600183-860242381-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41584544 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1708977962-1448600183-860242381-1001\...\Run: [MicrosoftEdgeAutoLaunch_7939B237C7D54CACEEB56F4FD41695D0] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4108328 2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1708977962-1448600183-860242381-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [581120 2022-08-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => Pas de fichier
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-02-24]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ROTEL Audio Control Panel Autostart.lnk [2017-09-14]
ShortcutTarget: ROTEL Audio Control Panel Autostart.lnk -> C:\Program Files\ROTEL\ROTEL_PC_USB_Driver\ROTELAudioCplApp.exe () [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UMC Control Panel Autostart.lnk [2021-03-21]
ShortcutTarget: UMC Control Panel Autostart.lnk -> C:\Program Files\BEHRINGER\UMC_Audio_Driver\W10_x64\UMCAudioCplApp.exe (MUSIC Tribe Brands DE GmbH -> )
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {1F9F2BF4-1E13-4B10-93A2-6ABB0665F145} - System32\Tasks\{57BD77E1-23EF-4845-B312-0E973A4C4BDE} => c:\program files (x86)\mozilla firefox\firefox.exe [675232 2023-09-01] (Mozilla Corporation -> Mozilla Corporation) -> hxxp://ui.skype.com/ui/0/6.14.0.104/fr/abandoninstall?source=lightinstaller&page=tsInstall
Task: {45DF1E72-85B0-40A4-BA4D-D44E42C8BCD2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {6933F533-305D-428F-93A9-704E719BC1F1} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-05-17] (Adobe Inc. -> Adobe)
Task: {45CAF9C4-385B-40E5-B139-6C23519672CC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-17] (Adobe Inc. -> Adobe)
Task: {5FAF6A76-327B-4F7C-A156-E81C51F5ED0F} - System32\Tasks\AdobeAAMUpdater-1.0-SEBASTIENSIROT-SEBASTIEN SIROT => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {EC2CA4D5-854C-4C7B-926C-926E633A56E5} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1004464 2012-02-16] (ASUSTeK Computer Inc. -> ASUS) [Fichier non signé]
Task: {8A221282-9E09-422F-8299-38D0A668C188} - System32\Tasks\ASUS Quick Gesture => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe [17872 2011-12-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {CA3037A2-9FC6-4C37-990C-1EA56C7D36ED} - System32\Tasks\ASUS Quick Gesture (x64) => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe [18896 2011-12-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {799F5F42-7540-44C3-AEF4-7AD3DD8A8A17} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [473728 2012-02-17] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {93B60016-E742-48ED-85CA-C1D85713AB63} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1121448 2012-02-29] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {F9816AEE-4021-4F60-8DAC-B4B9735B8134} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322176 2012-02-16] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {03D5207C-7915-4A08-B4C7-5872A958C49E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (Pas de fichier)
Task: {473B795E-CF6A-49AD-AFCD-6A0B3A2284BD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {05DEC155-79E5-464D-BFB1-753C94BEE576} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "66817192-569f-4eaa-886f-0b1c6e869735" --version "6.15.10623" --silent
Task: {28725E43-DF53-4C1F-9DE8-DB58CC899C68} - System32\Tasks\CCleanerSkipUAC - SEBASTIEN SIROT => C:\Program Files\CCleaner\CCleaner.exe [34687904 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {97B3B98A-FFA6-434A-9582-D5178421A4EA} - System32\Tasks\Driver Booster SkipUAC (SEBASTIEN SIROT) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe /skipuac (Pas de fichier)
Task: {8BDDB50A-894A-44C8-8F18-AC996B599520} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (Pas de fichier)
Task: {0B3022E3-1822-42D2-853B-060D9B16FE85} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (Pas de fichier)
Task: {D0F34B5F-C623-452C-84FB-DD24AAB96E92} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233224 2011-11-25] (Intel® Services Manager -> Intel Corporation)
Task: {BF266FF5-FA56-4FAA-9926-C7A2CCF014CF} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233224 2011-11-25] (Intel® Services Manager -> Intel Corporation)
Task: {59A2D932-FBFE-4733-9A8E-CBDEF265CDA5} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {5ACEFF16-BEAD-4D40-8A4D-6BE3D0F14D0D} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => %windir%\system32\sipnotify.exe -LogonOrUnlock (Pas de fichier)
Task: {5632114C-8814-4E00-8FF1-BCD5DE78792E} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => %windir%\system32\sipnotify.exe -Daily (Pas de fichier)
Task: {29308477-8F7E-4D4F-92D5-F1534E61B6F5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Pas de fichier)
Task: {FFEE4F98-789F-4BC5-9EBF-91D4AC658C46} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier)
Task: {773492A6-4F08-4DAF-9C1B-778BC17ACAED} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Pas de fichier)
Task: {FACB8164-0888-403B-B4E6-7F59329EA90F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe /DRMInit (Pas de fichier)
Task: {78588675-6CF3-4E50-B5B1-1EC34EAA2F6B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier)
Task: {0837D897-84CB-4E30-A8DD-807937A81DFC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate $(Arg0) (Pas de fichier)
Task: {7D6006B8-C289-4E5D-8230-9086C4256401} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15 (Pas de fichier)
Task: {FBC8485F-A585-489F-8E2C-C65FEABC1BEF} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier)
Task: {01C995FF-D178-4E7B-AC4A-9E950006A207} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier)
Task: {148318FC-5974-4508-A415-B3AFD16E5DDB} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier)
Task: {6FECF9BE-AED8-4627-80ED-91FF5361960F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier)
Task: {3C9616B2-742C-4820-AFAE-F3D2459E9677} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier)
Task: {7DDF9673-8D0B-4652-B795-1BEAD1206B65} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier)
Task: {E959E007-A71C-4952-8EA8-22DE146D6227} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier)
Task: {0F1FC558-90E6-41AA-8D37-4FBE69053762} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe -pscn 0 (Pas de fichier)
Task: {F0496437-71B1-4E96-9E9C-3BC2F52CDE46} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier)
Task: {C778374C-94FE-41B0-B705-5FC952201AC0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe -PvrSchedule (Pas de fichier)
Task: {DD548504-31EE-43FF-A573-1E9BCB56DC76} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec /RestartRecording (Pas de fichier)
Task: {3D966D87-5FE5-4FBC-8E90-DB0F48E454DB} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier)
Task: {3E3E65EA-6693-4ACC-947D-206853F50D65} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier)
Task: {42145BE5-4059-431F-919A-1A381C5966DE} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier)
Task: {ABE3A6B6-3190-4F70-9C0F-DC4C36B582B3} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec /StartRecording (Pas de fichier)
Task: {AA921623-B84A-4EC8-A6DA-5D46323FC6D9} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier)
Task: {99ADB0CA-672E-4FEC-86C4-E8DC868BFA5F} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {78823C90-9A38-4B3A-A476-4FD59D7C0A70} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {E2C9DB2C-E6DF-4214-9035-617D37295C1D} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {7CE3F3E0-3E4E-47D1-9EDA-BC6D0E9CE54C} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {16C686BB-011A-4C44-8941-40D2CC2D982F} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {4019AF6B-2E4E-4351-B60D-F6F8E66C1FC2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2C61C779-A71E-4E2D-93B7-B5C8EC2B5A49} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0B8ACA85-D0D8-4592-B26B-DA98DB39BA21} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B555A4D0-CC35-43CB-A2A8-6CA9B75071E4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {99371091-EF6D-4217-B79A-5B1327A80DFE} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [675232 2023-09-01] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {B0BCECAE-C8AB-42A2-AC8D-0D473A5C91BC} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [722336 2023-09-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {6D685E7C-AD5D-4F7D-92CD-39A098722569} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe /addGadget (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1708977962-1448600183-860242381-1001Core.job => C:\Users\SEBASTIEN SIROT\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1708977962-1448600183-860242381-1001UA.job => C:\Users\SEBASTIEN SIROT\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 83.255.255.1 83.255.255.2
Tcpip\..\Interfaces\{5AA18F9F-46A5-445C-B95A-A548407386C0}: [DhcpNameServer] 83.255.255.1 83.255.255.2
Tcpip\..\Interfaces\{8803A509-6E9E-4CAB-9B7F-D8AB693675CF}: [DhcpNameServer] 193.150.193.150 83.255.245.11
Edge:
=======
DownloadDir: C:\Users\SEBASTIEN SIROT\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\SEBASTIEN SIROT\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-06]
Edge Extension: (Google Docs hors connexion) - C:\Users\SEBASTIEN SIROT\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-06]
Edge Extension: (Edge relevant text changes) - C:\Users\SEBASTIEN SIROT\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-06]
FireFox:
========
FF DefaultProfile: 383jrw1r.default-1587062510840
FF ProfilePath: C:\Users\SEBASTIEN SIROT\AppData\Roaming\Mozilla\Firefox\Profiles\383jrw1r.default-1587062510840 [2023-09-06]
FF DownloadDir: C:\Users\SEBASTIEN SIROT\Desktop
FF Session Restore: Mozilla\Firefox\Profiles\383jrw1r.default-1587062510840 -> est activé.
FF Notifications: Mozilla\Firefox\Profiles\383jrw1r.default-1587062510840 -> hxxps://partenaire.interflora.fr; hxxps://www.interflora.fr; hxxps://monjardinmamaison.maison-travaux.fr; hxxps://www.corsematin.com
FF Extension: (Spring Singer) - C:\Users\SEBASTIEN SIROT\AppData\Roaming\Mozilla\Firefox\Profiles\383jrw1r.default-1587062510840\Extensions\{cfaa60c2-536c-4035-b23b-3b10d9517577}.xpi [2020-05-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_371.dll [2020-05-17] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-08-19] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_371.dll [2020-05-17] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll [2006-11-03] (Yahoo! Inc. -> Yahoo! Inc.)
FF Plugin HKU\S-1-5-21-1708977962-1448600183-860242381-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\SEBASTIEN SIROT\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Software Sarl -> Skype Limited)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
Opera:
=======
OPR Profile: C:\Users\SEBASTIEN SIROT\AppData\Roaming\Opera Software\Opera Stable [2022-09-11]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\SEBASTIEN SIROT\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-09-11]
OPR Extension: (Opera Crypto Wallet) - C:\Users\SEBASTIEN SIROT\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-09-11]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\SEBASTIEN SIROT\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-09-11]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-17] (Adobe Inc. -> Adobe)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-02-17] (ASUSTeK Computer Inc. -> ASUS)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink -> CyberLink)
S3 DialComService; C:\Program Files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe [2183440 2014-12-10] (DIAL -> DIAL GmbH)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [Fichier non signé]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Fichier non signé]
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit Information Technology -> IObit)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] (CyberLink -> )
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-09-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-09-01] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R3 AMPPAL; C:\WINDOWS\System32\drivers\AMPPAL.sys [195584 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\WINDOWS\system32\DRIVERS\amppal.sys [195584 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-26] (ASUSTeK Computer Inc. -> )
R3 AsusVBus; C:\WINDOWS\System32\drivers\AsusVBus.sys [35968 2011-12-21] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
R3 AsusVTouch; C:\WINDOWS\System32\drivers\AsusVTouch.sys [16512 2011-11-08] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-05-03] (Martin Malik - REALiX -> REALiX(tm))
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [15416 2009-07-20] (ASUSTeK Computer Inc. -> )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55872 2023-09-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [574872 2023-09-01] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2023-09-01] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-09-06 19:34 - 2023-09-06 19:37 - 000037792 _____ C:\Users\SEBASTIEN SIROT\Desktop\FRST.txt
2023-09-06 19:31 - 2023-09-06 19:32 - 002382336 _____ (Farbar) C:\Users\SEBASTIEN SIROT\Desktop\FRST64.exe
2023-09-01 19:19 - 2023-09-01 19:19 - 000001004 _____ C:\Users\Public\Desktop\CEWE Fotoredigering.lnk
2023-09-01 19:19 - 2023-09-01 19:19 - 000000989 _____ C:\Users\Public\Desktop\CEWE Fotoprogram.lnk
2023-09-01 19:19 - 2023-09-01 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEWE Fotoprogram
2023-09-01 19:13 - 2023-09-01 19:13 - 000000000 ____D C:\Users\SEBASTIEN SIROT\AppData\Roaming\hps-install
2023-09-01 18:15 - 2023-09-01 18:15 - 000001314 _____ C:\Users\Public\Desktop\Logiciel de création CEWE Livrephoto.lnk
2023-09-01 18:15 - 2023-09-01 18:15 - 000001224 _____ C:\Users\Public\Desktop\Galerie Photo CEWE.lnk
2023-09-01 18:15 - 2023-09-01 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logiciel de création CEWE Livrephoto
2023-09-01 17:32 - 2023-09-01 17:32 - 000000000 _____ C:\Users\SEBASTIEN SIROT\Downloads\lOxvmbMI.htm
2023-08-30 20:20 - 2023-08-30 20:20 - 000000000 ____D C:\Users\SEBASTIEN SIROT\AppData\Local\{20C902A5-7610-456F-8A6E-BA23EDB8323D}
2023-08-27 20:48 - 2023-08-27 20:48 - 000178614 _____ C:\Users\SEBASTIEN SIROT\Downloads\AlvsjoAIKGympaforening_Facture_21562.pdf
2023-08-26 19:01 - 2023-08-26 19:01 - 000086552 _____ C:\Users\SEBASTIEN SIROT\Downloads\Stockholm Burlesque Festival.pdf
2023-08-26 19:01 - 2023-08-26 19:01 - 000086552 _____ C:\Users\SEBASTIEN SIROT\Desktop\Stockholm Burlesque Festival.pdf
2023-08-25 15:26 - 2023-08-25 15:26 - 000000000 ____D C:\WINDOWS\LastGood
2023-08-24 21:22 - 2023-08-24 21:22 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2023-08-23 16:35 - 2023-08-23 16:35 - 000043361 _____ C:\Users\SEBASTIEN SIROT\Desktop\I_AvisDOperation_PDF.pdf
2023-08-23 16:19 - 2023-08-23 16:19 - 000021254 _____ C:\Users\SEBASTIEN SIROT\Desktop\Extrait de comptes Compte 37531 000115967.. COMPTE COURANT M SIROT SEBASTIEN au 2023-08-11.pdf
2023-08-23 16:18 - 2023-08-23 16:18 - 000021254 _____ C:\Users\SEBASTIEN SIROT\Downloads\Extrait de comptes Compte 37531 000115967.. COMPTE COURANT M SIROT SEBASTIEN au 2023-08-11.pdf
2023-08-21 21:04 - 2023-08-21 21:04 - 000083330 _____ C:\Users\SEBASTIEN SIROT\Downloads\4760012247600122.pdf
2023-08-21 21:03 - 2023-08-21 21:03 - 000071285 _____ C:\Users\SEBASTIEN SIROT\Downloads\7087169070871690.pdf
2023-08-21 20:59 - 2023-08-21 21:01 - 000000000 ____D C:\Users\SEBASTIEN SIROT\Desktop\Citroen DS
2023-08-09 20:05 - 2023-09-05 20:43 - 000000000 ____D C:\Users\SEBASTIEN SIROT\Desktop\Vacances 2023
2023-08-09 17:16 - 2023-08-09 17:16 - 000000000 ___HD C:\$WinREAgent
2023-08-08 16:54 - 2023-09-06 17:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-09-06 19:36 - 2018-01-04 17:55 - 000000000 ____D C:\FRST
2023-09-06 19:20 - 2020-09-10 22:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-09-06 18:50 - 2014-04-06 20:43 - 000000387 _____ C:\Users\SEBASTIEN SIROT\AppData\Roaming\sp_data.sys
2023-09-06 18:20 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-06 18:00 - 2022-02-09 16:25 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-09-06 17:53 - 2019-12-08 15:30 - 000000000 ___RD C:\Users\SEBASTIEN SIROT\OneDrive
2023-09-06 17:53 - 2018-06-15 21:30 - 000000000 ____D C:\Users\SEBASTIEN SIROT\AppData\Roaming\Microsoft\Skype for Desktop
2023-09-06 17:52 - 2015-10-21 20:29 - 000000000 ____D C:\Program Files\CCleaner
2023-09-06 17:51 - 2019-12-11 19:10 - 000000000 __SHD C:\Users\SEBASTIEN SIROT\IntelGraphicsProfiles
2023-09-06 17:49 - 2020-09-10 22:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-06 17:49 - 2019-12-08 14:59 - 000142832 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_38F51D56.sys
2023-09-06 17:49 - 2017-10-05 20:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-09-06 17:49 - 2014-04-07 06:07 - 000000000 ____D C:\ProgramData\NVIDIA
2023-09-06 17:48 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-09-06 16:35 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-06 16:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-05 19:57 - 2019-12-08 15:08 - 000000000 ____D C:\Users\SEBASTIEN SIROT\AppData\Local\Packages
2023-09-05 19:53 - 2019-12-08 15:27 - 000000000 ____D C:\ProgramData\Packages
2023-09-03 19:04 - 2020-07-17 16:10 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-03 18:54 - 2016-05-03 07:58 - 000000000 ____D C:\ProgramData\ProductData
2023-09-01 19:14 - 2016-01-15 17:50 - 000000000 ____D C:\ProgramData\tmp
2023-09-01 18:20 - 2016-01-15 17:50 - 000000000 ____D C:\ProgramData\hps
2023-09-01 18:15 - 2019-06-01 17:58 - 000000000 ____D C:\Users\SEBASTIEN SIROT\AppData\Local\CEWE
2023-09-01 16:17 - 2019-12-08 15:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-09-01 16:15 - 2021-12-11 23:28 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1708977962-1448600183-860242381-1001
2023-09-01 16:15 - 2020-09-10 22:58 - 000003396 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1708977962-1448600183-860242381-1001
2023-09-01 16:15 - 2020-09-10 22:41 - 000002449 _____ C:\Users\SEBASTIEN SIROT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-01 16:10 - 2017-10-05 20:29 - 000001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-08-30 17:13 - 2020-08-29 11:43 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-08-25 15:27 - 2020-09-10 22:52 - 001923838 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-25 15:27 - 2019-12-07 16:49 - 000833030 _____ C:\WINDOWS\system32\perfh00C.dat
2023-08-25 15:27 - 2019-12-07 16:49 - 000167760 _____ C:\WINDOWS\system32\perfc00C.dat
2023-08-25 15:27 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-08-24 17:32 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-24 17:11 - 2022-10-11 16:11 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-08-24 17:11 - 2022-10-11 16:11 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-08-24 17:11 - 2020-09-10 22:58 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-08-23 20:59 - 2022-09-20 16:58 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-08-16 16:36 - 2022-09-20 16:58 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-08-16 16:36 - 2020-09-10 22:58 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-08-09 20:53 - 2020-09-10 22:34 - 005943656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-09 20:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-09 20:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-09 20:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-09 20:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-09 20:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-09 20:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-09 20:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-09 20:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-09 17:46 - 2020-09-10 22:38 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-08-09 17:06 - 2016-04-25 17:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-09 16:49 - 2016-04-25 17:56 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Fichiers à la racine de certains dossiers ========
2015-10-19 17:42 - 2015-11-09 16:27 - 000035425 _____ () C:\Users\SEBASTIEN SIROT\AppData\Roaming\LW_sebastiens@wanadoo.fr.sd
2015-10-19 17:42 - 2015-11-09 16:22 - 000035396 _____ () C:\Users\SEBASTIEN SIROT\AppData\Roaming\LW_sebastiens@wanadoo.fr.sd0
2015-10-19 17:42 - 2015-11-09 16:02 - 000035396 _____ () C:\Users\SEBASTIEN SIROT\AppData\Roaming\LW_sebastiens@wanadoo.fr.sd1
2014-04-06 20:43 - 2023-09-06 18:50 - 000000387 _____ () C:\Users\SEBASTIEN SIROT\AppData\Roaming\sp_data.sys
2014-05-11 20:49 - 2014-05-11 20:49 - 000001456 _____ () C:\Users\SEBASTIEN SIROT\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs
2016-06-16 15:52 - 2018-05-03 17:31 - 000001456 _____ () C:\Users\SEBASTIEN SIROT\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2018-01-07 19:21 - 2018-01-07 19:21 - 000007609 _____ () C:\Users\SEBASTIEN SIROT\AppData\Local\Resmon.ResmonCfg
2018-04-05 18:18 - 2018-04-05 18:18 - 000000000 _____ () C:\Users\SEBASTIEN SIROT\AppData\Local\{A2486B41-B745-4EF4-9B27-28EEC08FBBC4}
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{246548ce-0afd-11e6-b95a-806e6f6e6963}
timeout 2
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {4c48adb5-f3ad-11ea-bad4-e65cbb4c1d88}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {246548ce-0afd-11e6-b95a-806e6f6e6963}
description CD/DVD Drive
Chargeur de démarrage Windows
-----------------------------
identificateur {149da029-c231-11e1-b782-685d437176f3}
device ramdisk=[C:]\Recovery\149da029-c231-11e1-b782-685d437176f3\Winre.wim,{149da02a-c231-11e1-b782-685d437176f3}
path \windows\system32\winload.efi
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\149da029-c231-11e1-b782-685d437176f3\Winre.wim,{149da02a-c231-11e1-b782-685d437176f3}
systemroot \windows
nx OptIn
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {38d3b393-f3a5-11ea-92b0-fcc70e50e00f}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{38d3b394-f3a5-11ea-92b0-fcc70e50e00f}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{38d3b394-f3a5-11ea-92b0-fcc70e50e00f}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {4ae464d7-b60e-11e1-a72b-8b540dbd7c57}
device ramdisk=[\Device\HarddiskVolume6]\sources\boot.wim,{ramdiskoptions}
path \windows\system32\boot\winload.efi
description WinPE
osdevice ramdisk=[\Device\HarddiskVolume6]\sources\boot.wim,{ramdiskoptions}
systemroot \windows
detecthal Yes
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {38d3b393-f3a5-11ea-92b0-fcc70e50e00f}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {4c48adb5-f3ad-11ea-bad4-e65cbb4c1d88}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {cf5ff18a-b61c-11e1-aad3-ae64aeee7f57}
device ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\winre.wim,{cf1fac63-b61c-11e1-aad3-ae64aeee7f57}
path \windows\system32\winload.efi
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\winre.wim,{cf1fac63-b61c-11e1-aad3-ae64aeee7f57}
systemroot \windows
nx OptIn
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {4c48adb5-f3ad-11ea-bad4-e65cbb4c1d88}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {38d3b393-f3a5-11ea-92b0-fcc70e50e00f}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {149da02a-c231-11e1-b782-685d437176f3}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\149da029-c231-11e1-b782-685d437176f3\boot.sdi
Options de périphérique
-----------------------
identificateur {38d3b394-f3a5-11ea-92b0-fcc70e50e00f}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options Ramdisk du programme d'installation
-------------------------------------------
identificateur {ramdiskoptions}
description Ramdisk options
ramdisksdidevice partition=\Device\HarddiskVolume6
ramdisksdipath \boot\boot.sdi
Options de périphérique
-----------------------
identificateur {cf1fac63-b61c-11e1-aad3-ae64aeee7f57}
description Ramdisk options
ramdisksdidevice partition=\Device\HarddiskVolume6
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================