Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16.01.2024
Exécuté par user (administrateur) sur DESKTOP-PAJ2E5F (Micro-Star International Co., Ltd. MS-7D91) (16-01-2024 17:22:58)
Exécuté depuis C:\Users\user\Downloads\FRST64.exe
Profils chargés: user
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.3693 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\EaseUS\EaseUS Data Recovery Wizard Professional\DRW.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Fichier non signé] C:\Program Files (x86)\EaseUS\EaseUS Data Recovery Wizard Professional\DRWUI.exe
(C:\Program Files (x86)\EaseUS\EaseUS Data Recovery Wizard Professional\DRWUI.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Fichier non signé] C:\Program Files (x86)\EaseUS\EaseUS Data Recovery Wizard Professional\EUImg.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Process Lasso\srvstub.exe ->) (Bitsum LLC -> Bitsum LLC) C:\Program Files\Process Lasso\ProcessGovernor.exe
(explorer.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Fichier non signé] C:\Program Files (x86)\EaseUS\EaseUS Data Recovery Wizard Professional\DRW.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <42>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Bitsum Technologies (Bitsum LLC) -> Bitsum LLC) C:\Program Files\Process Lasso\srvstub.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_670360bdb5a40a0d\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdig.inf_amd64_6cfb9367f123e3be\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe <2>
(svchost.exe ->) (Bitsum LLC -> Bitsum LLC) C:\Program Files\Process Lasso\bitsumsessionagent.exe
(svchost.exe ->) (Bitsum LLC -> Bitsum LLC) C:\Program Files\Process Lasso\ProcessLasso.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.21.3482.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe [1618320 2022-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Policies\Explorer: [HideRecentlyAddedApps] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKLM\Software\Policies\...\system: [EnableActivityFeed] 0
HKLM\Software\Policies\...\system: [PublishUserActivities] 0
HKLM\Software\Policies\...\system: [UploadUserActivities] 0
HKLM\Software\Policies\...\system: [AllowClipboardHistory] 0
HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 0
HKU\S-1-5-21-4137935891-2799249898-1352076659-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4388200 2024-01-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4137935891-2799249898-1352076659-1001\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-21-4137935891-2799249898-1352076659-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4137935891-2799249898-1352076659-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-4137935891-2799249898-1352076659-1001\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-4137935891-2799249898-1352076659-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Module_installing_the_projector_via_API.lnk [2024-01-15]
ShortcutTarget: Module_installing_the_projector_via_API.lnk -> C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Module_installing_the_projector_via_API\Module_installing_the_projector_via_API.exe () [Fichier non signé]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {4087E12E-2ABE-4A6F-ACBE-F471ECD83DBC} - \ERGVRDVMSK -> Pas de fichier <==== ATTENTION
Task: {54E77746-D674-4553-ABA0-1279FC8EDE89} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-21] (Adobe Inc. -> Adobe Inc.)
Task: {8C36AAE8-7ACE-4B60-9002-E17CAF7F3426} - System32\Tasks\GoogleUpdateTaskMachineCore{7A9CB704-081C-4229-86AC-4992EA4E848F} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-11-28] (Google LLC -> Google LLC)
Task: {06330F23-A9CF-4F8B-9CC8-D8918C48E17B} - System32\Tasks\GoogleUpdateTaskMachineUA{B5B89DC2-5AFB-4CE6-96EF-928D689EBBF9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-11-28] (Google LLC -> Google LLC)
Task: {3BC64503-F3B8-4D9F-B304-7CFE0A5A9E03} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5BD3E172-BB29-49F5-858D-10CFC80D4F39} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5CB03397-C577-4B80-A5EE-4A35F4D59033} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0F2EEFD3-EC7D-487A-9F7C-D3F0E87581FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D6DC0266-B83E-4DF8-9884-F809D96E4D5C} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c (Pas de fichier)
Task: {1C1A1FA0-D547-422D-AA72-1BAA049CCAB6} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler (Pas de fichier)
Task: {763B2643-48FE-499F-A9A3-2755B710CB17} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804312 2023-04-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {DECB4E11-34CE-4918-A2FF-11CB65B06042} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4137935891-2799249898-1352076659-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Pas de fichier)
Task: {67559ED8-9750-45CD-B77E-93F36AFAA930} - System32\Tasks\Process Lasso Management Console (GUI) => C:\Program Files\Process Lasso\processlasso.exe [1854864 2024-01-05] (Bitsum LLC -> Bitsum LLC)
Task: {A7BEB18A-0240-4660-AF50-8DF78C341372} - System32\Tasks\Session agent for Process Lasso => C:\Program Files\Process Lasso\bitsumsessionagent.exe [185744 2024-01-05] (Bitsum LLC -> Bitsum LLC)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bbee04be-07df-45b2-b47a-cdb63b3d2a7f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bbee04be-07df-45b2-b47a-cdb63b3d2a7f}: [DhcpDomain] home
Edge:
=======
Edge Profile: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-28]
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-13] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2024-01-16]
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-12-15]
CHR Extension: (Google Docs hors connexion) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-13]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-01-12]
CHR Extension: (Suntzu - FACEIT Matchmaking Insights) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjjbihoclddloccfhbeioidjfhkanblm [2023-11-28]
CHR Extension: (Repeek (formerly FACEIT Enhancer)) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mokknliiomknodkdmpcellamkopbdmao [2023-12-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-28]
CHR HKU\S-1-5-21-4137935891-2799249898-1352076659-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-21] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15772456 2023-12-04] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2023-12-03] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.)
S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [70988680 2023-12-26] (FACE IT LIMITED -> )
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmdig.inf_amd64_6cfb9367f123e3be\Display.NvContainer\NVDisplay.Container.exe [1274888 2023-11-10] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ProcessGovernor; C:\Program Files\Process Lasso\processgovernor.exe [1282968 2024-01-05] (Bitsum LLC -> Bitsum LLC)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534584 2023-11-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-01-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-01-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 edgeupdate; "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc [X]
S4 edgeupdatem; "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /medsvc [X]
S4 MicrosoftEdgeElevationService; "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\elevation_service.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 e2fexpress; C:\Windows\System32\DriverStore\FileRepository\e2f.inf_amd64_0f2d4ef9c63375f3\e2f.sys [527024 2022-12-18] (Intel Corporation -> Intel Corporation)
R1 FACEIT; C:\Program Files\FACEIT AC\FACEIT_AC.sys [77297328 2023-12-26] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 iaLPSS2_GPIO2_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_774a66f35d00ad3d\iaLPSS2_GPIO2_ADL.sys [140960 2022-06-22] (Intel Corporation -> Intel Corporation)
R3 IntelGNA; C:\Windows\System32\DriverStore\FileRepository\gna.inf_amd64_04d4eecc5838a558\gna.sys [88760 2022-06-21] (Intel Corporation -> Intel Corporation)
R3 MpKsla0cd83a6; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CF7455BE-9CBB-471B-98DD-C90D7F252083}\MpKslDrv.sys [263560 2024-01-16] (Microsoft Windows -> Microsoft Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 RtkUsbAD_2347; C:\Windows\System32\DriverStore\FileRepository\rtdusbad_msi.inf_amd64_4ef5c78c2dee4eab\RtUsbA64.sys [498016 2022-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55856 2024-01-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [594304 2024-01-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105856 2024-01-15] (Microsoft Windows -> Microsoft Corporation)
U4 Origin Client Service; pas de ImagePath
U4 Origin Web Helper Service; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-01-16 17:22 - 2024-01-16 17:25 - 000016673 _____ C:\Users\user\Downloads\FRST.txt
2024-01-16 17:20 - 2024-01-16 17:24 - 000000000 ____D C:\FRST
2024-01-16 17:19 - 2024-01-16 17:19 - 002389504 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2024-01-15 13:34 - 2024-01-15 13:34 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2024-01-15 12:59 - 2024-01-16 00:04 - 000000000 ____D C:\Users\user\Desktop\Nouveau dossier
2024-01-15 12:17 - 2024-01-15 12:17 - 000000144 _____ C:\scanparam.json
2024-01-15 11:59 - 2024-01-15 11:59 - 000000016 _____ C:\ProgramData\mntemp
2024-01-15 11:58 - 2024-01-15 12:20 - 000000000 ____D C:\ProgramData\Wondershare
2024-01-15 11:58 - 2024-01-15 12:20 - 000000000 ____D C:\Program Files\Wondershare
2024-01-15 11:58 - 2024-01-15 11:59 - 000000000 ____D C:\Users\user\AppData\Roaming\Wondershare
2024-01-15 11:58 - 2024-01-15 11:58 - 001802744 _____ C:\Users\user\Downloads\recoverit_setup_full4159.exe
2024-01-15 11:58 - 2024-01-15 11:58 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2024-01-15 11:21 - 2024-01-15 11:32 - 000001505 _____ C:\Windows\GA_OF.dat
2024-01-15 11:20 - 2024-01-15 11:32 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant
2024-01-15 11:20 - 2024-01-15 11:20 - 000001212 _____ C:\Users\Public\Desktop\AOMEI Partition Assistant 8.9.lnk
2024-01-15 11:20 - 2024-01-15 11:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant 8.9
2024-01-15 11:20 - 2020-08-12 15:02 - 002201768 _____ C:\Windows\ampa.exe
2024-01-15 11:20 - 2017-02-28 14:20 - 000038320 _____ C:\Windows\system32\ampa.sys
2024-01-15 11:20 - 2016-12-27 18:45 - 000035760 _____ C:\Windows\system32\ddmdrv.sys
2024-01-15 11:20 - 2016-12-27 18:45 - 000033200 _____ C:\Windows\SysWOW64\ddmdrv.sys
2024-01-15 11:20 - 2016-09-29 09:44 - 001298584 _____ C:\Windows\ddmmain.exe
2024-01-15 11:19 - 2024-01-15 11:20 - 025165928 _____ (AOMEI International Network Limited. ) C:\Users\user\Downloads\Aomei_Setup.exe
2024-01-15 11:18 - 2024-01-15 11:19 - 000000625 _____ C:\Windows\PAGa4.dat
2024-01-15 11:17 - 2024-01-15 11:17 - 060607552 _____ (AOMEI International Network Limited. ) C:\Users\user\Downloads\PAssist_Std.exe
2024-01-15 11:14 - 2024-01-15 11:32 - 000001024 ____H C:\AMTAG.BIN
2024-01-15 11:11 - 2024-01-15 11:19 - 000000000 ____D C:\ProgramData\AOMEIPA
2024-01-15 11:11 - 2024-01-15 11:14 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-01-15 11:11 - 2024-01-15 11:11 - 060911384 _____ (AOMEI International Network Limited. ) C:\Users\user\Downloads\PAssist_ProDemo_20240115.9398114.exe
2024-01-15 11:11 - 2024-01-15 11:11 - 000000000 ____D C:\ProgramData\AomeiBR
2024-01-15 11:11 - 2017-02-28 14:20 - 000038320 _____ C:\Windows\SysWOW64\ampa.sys
2024-01-15 11:06 - 2024-01-15 11:06 - 027575526 _____ C:\Users\user\Downloads\testdisk-7.2-WIP.win.zip
2024-01-15 11:06 - 2024-01-15 11:06 - 000000000 ____D C:\Users\user\Downloads\testdisk-7.2-WIP
2024-01-15 10:50 - 2024-01-15 10:50 - 000002343 _____ C:\Users\user\Desktop\EaseUS Data Recovery Wizard 11.8 Professional.lnk
2024-01-15 10:49 - 2024-01-15 10:49 - 000000000 ____D C:\Users\user\AppData\Local\unali-1759640
2024-01-15 10:49 - 2024-01-15 10:49 - 000000000 ____D C:\Users\user\AppData\Local\unali-1759421
2024-01-15 10:44 - 2024-01-15 10:44 - 000000000 ____D C:\Users\user\AppData\Local\unali-1514046
2024-01-15 10:44 - 2024-01-15 10:44 - 000000000 ____D C:\Users\user\AppData\Local\unali-1513843
2024-01-15 10:31 - 2024-01-15 10:31 - 000000000 ____D C:\Users\user\AppData\Local\unali-703250
2024-01-15 10:31 - 2024-01-15 10:31 - 000000000 ____D C:\Users\user\AppData\Local\unali-703046
2024-01-15 10:27 - 2024-01-15 10:27 - 000000000 ____D C:\Users\user\AppData\Local\unali-443906
2024-01-15 10:27 - 2024-01-15 10:27 - 000000000 ____D C:\Users\user\AppData\Local\unali-443703
2024-01-15 10:16 - 2024-01-15 10:19 - 000000000 ____D C:\ProgramData\Avast Software
2024-01-15 10:16 - 2024-01-15 10:16 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll
2024-01-15 10:13 - 2024-01-15 19:30 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2024-01-15 10:01 - 2024-01-15 10:01 - 000000000 ____D C:\Users\user\AppData\Local\mbam
2024-01-15 09:54 - 2024-01-15 09:54 - 000000000 ____D C:\Users\user\AppData\Local\Yandex
2024-01-15 09:53 - 2024-01-15 10:12 - 000000000 __SHD C:\ProgramData\SystemPropertiesDataExecutionPrevention
2024-01-15 09:53 - 2024-01-15 09:53 - 000000000 ____D C:\ProgramData\Corporation
2024-01-15 09:52 - 2024-01-15 09:52 - 000000000 ____D C:\Users\user\AppData\Roaming\tdh
2024-01-15 09:50 - 2024-01-15 09:50 - 000000000 ____D C:\Users\user\AppData\Roaming\WinRAR
2024-01-15 09:50 - 2024-01-15 09:50 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-01-15 09:50 - 2024-01-15 09:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-01-15 09:50 - 2024-01-15 09:50 - 000000000 ____D C:\Program Files\WinRAR
2024-01-15 09:27 - 2024-01-15 09:27 - 000000000 ____D C:\Users\user\AppData\Local\unali-4725750
2024-01-15 09:27 - 2024-01-15 09:27 - 000000000 ____D C:\Users\user\AppData\Local\unali-4725640
2024-01-15 08:25 - 2024-01-15 10:50 - 000000000 ____D C:\Program Files (x86)\EaseUS
2024-01-15 08:25 - 2024-01-15 08:25 - 000000000 ____D C:\Users\user\AppData\Roaming\EaseUS
2024-01-15 08:25 - 2024-01-15 08:25 - 000000000 ____D C:\ProgramData\SystemAcCrux
2024-01-15 08:25 - 2024-01-15 08:25 - 000000000 ____D C:\Program Files\EaseUS
2024-01-15 08:18 - 2024-01-15 08:18 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\MMC
2024-01-09 00:05 - 2024-01-09 00:10 - 000000000 ____D C:\Users\user\AppData\Roaming\obs-studio
2024-01-09 00:05 - 2024-01-09 00:05 - 136048416 _____ (OBS Project) C:\Users\user\Downloads\OBS-Studio-30.0.2-Full-Installer-x64.exe
2024-01-09 00:05 - 2024-01-09 00:05 - 000000000 ____D C:\ProgramData\obs-studio-hook
2024-01-09 00:05 - 2024-01-09 00:05 - 000000000 ____D C:\ProgramData\obs-studio
2024-01-09 00:05 - 2024-01-09 00:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2024-01-09 00:05 - 2024-01-09 00:05 - 000000000 ____D C:\Program Files\obs-studio
2024-01-09 00:02 - 2014-01-10 14:38 - 000000096 _____ C:\Users\user\Downloads\vakarm description autres actions sur la demo.txt
2024-01-09 00:02 - 2014-01-03 15:11 - 023816403 _____ C:\Users\user\Downloads\Most-19500-de_nuke.dem
2024-01-03 13:42 - 2024-01-03 13:42 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2024-01-02 14:21 - 2024-01-02 14:21 - 011955684 _____ C:\Users\user\Downloads\Most-19500-de_nuke (1).rar
2024-01-02 14:20 - 2024-01-02 14:20 - 011955684 _____ C:\Users\user\Downloads\Most-19500-de_nuke.rar
2023-12-21 21:43 - 2023-12-21 21:43 - 000027376 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_2225077072217.dll
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-01-16 17:23 - 2023-11-28 14:46 - 000000000 ____D C:\Program Files (x86)\Steam
2024-01-16 17:07 - 2023-11-28 10:52 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-01-16 14:00 - 2023-11-29 11:13 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-01-16 14:00 - 2023-11-29 11:13 - 000002076 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-01-16 11:56 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-16 11:24 - 2022-09-08 04:12 - 000000000 ____D C:\Windows\SystemTemp
2024-01-15 13:21 - 2023-11-28 10:54 - 001681370 _____ C:\Windows\system32\PerfStringBackup.INI
2024-01-15 13:21 - 2019-12-07 15:50 - 000755174 _____ C:\Windows\system32\perfh00C.dat
2024-01-15 13:21 - 2019-12-07 15:50 - 000141980 _____ C:\Windows\system32\perfc00C.dat
2024-01-15 13:21 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2024-01-15 13:17 - 2023-11-28 14:33 - 000000000 ____D C:\ProgramData\NVIDIA
2024-01-15 13:17 - 2023-11-28 10:52 - 000008192 ___SH C:\DumpStack.log.tmp
2024-01-15 13:17 - 2023-11-28 10:52 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-01-15 13:17 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2024-01-15 13:16 - 2023-11-28 15:08 - 000003140 _____ C:\Windows\system32\Tasks\MSIAfterburner
2024-01-15 13:16 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-01-15 10:30 - 2023-11-28 10:52 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-01-15 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2024-01-15 10:16 - 2023-11-28 14:54 - 000918944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2024-01-15 10:16 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-01-12 10:05 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2024-01-11 18:49 - 2023-11-28 15:41 - 000000000 ____D C:\Users\user\AppData\Roaming\TS3Client
2024-01-10 16:42 - 2023-11-28 15:07 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2024-01-10 16:42 - 2023-11-28 14:47 - 000000000 ____D C:\Users\user\AppData\Local\D3DSCache
2024-01-10 16:40 - 2023-11-28 15:04 - 000000000 ____D C:\Program Files\Process Lasso
2024-01-09 17:42 - 2023-12-03 14:33 - 000000000 ____D C:\Users\user\AppData\Roaming\EasyAntiCheat
2024-01-09 08:05 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-07 12:15 - 2023-11-29 11:13 - 000000000 ____D C:\Users\user\AppData\LocalLow\Adobe
2024-01-02 23:19 - 2023-12-11 13:57 - 000000000 ____D C:\Users\user\AppData\Roaming\discord
2024-01-02 22:41 - 2023-12-11 13:57 - 000000000 ____D C:\Users\user\AppData\Local\Discord
2024-01-02 22:41 - 2023-12-03 15:52 - 000000000 ____D C:\Program Files\FACEIT AC
2024-01-02 11:49 - 2023-11-29 11:08 - 000000000 ____D C:\Users\user\Desktop\urssaf pole emploi
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
Exécuté par user (administrateur) sur DESKTOP-PAJ2E5F (Micro-Star International Co., Ltd. MS-7D91) (16-01-2024 17:22:58)
Exécuté depuis C:\Users\user\Downloads\FRST64.exe
Profils chargés: user
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.3693 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\EaseUS\EaseUS Data Recovery Wizard Professional\DRW.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Fichier non signé] C:\Program Files (x86)\EaseUS\EaseUS Data Recovery Wizard Professional\DRWUI.exe
(C:\Program Files (x86)\EaseUS\EaseUS Data Recovery Wizard Professional\DRWUI.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Fichier non signé] C:\Program Files (x86)\EaseUS\EaseUS Data Recovery Wizard Professional\EUImg.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Process Lasso\srvstub.exe ->) (Bitsum LLC -> Bitsum LLC) C:\Program Files\Process Lasso\ProcessGovernor.exe
(explorer.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Fichier non signé] C:\Program Files (x86)\EaseUS\EaseUS Data Recovery Wizard Professional\DRW.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <42>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Bitsum Technologies (Bitsum LLC) -> Bitsum LLC) C:\Program Files\Process Lasso\srvstub.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_670360bdb5a40a0d\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdig.inf_amd64_6cfb9367f123e3be\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe <2>
(svchost.exe ->) (Bitsum LLC -> Bitsum LLC) C:\Program Files\Process Lasso\bitsumsessionagent.exe
(svchost.exe ->) (Bitsum LLC -> Bitsum LLC) C:\Program Files\Process Lasso\ProcessLasso.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.21.3482.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe [1618320 2022-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Policies\Explorer: [HideRecentlyAddedApps] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKLM\Software\Policies\...\system: [EnableActivityFeed] 0
HKLM\Software\Policies\...\system: [PublishUserActivities] 0
HKLM\Software\Policies\...\system: [UploadUserActivities] 0
HKLM\Software\Policies\...\system: [AllowClipboardHistory] 0
HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 0
HKU\S-1-5-21-4137935891-2799249898-1352076659-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4388200 2024-01-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4137935891-2799249898-1352076659-1001\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-21-4137935891-2799249898-1352076659-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4137935891-2799249898-1352076659-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-4137935891-2799249898-1352076659-1001\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-4137935891-2799249898-1352076659-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Module_installing_the_projector_via_API.lnk [2024-01-15]
ShortcutTarget: Module_installing_the_projector_via_API.lnk -> C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Module_installing_the_projector_via_API\Module_installing_the_projector_via_API.exe () [Fichier non signé]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {4087E12E-2ABE-4A6F-ACBE-F471ECD83DBC} - \ERGVRDVMSK -> Pas de fichier <==== ATTENTION
Task: {54E77746-D674-4553-ABA0-1279FC8EDE89} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-21] (Adobe Inc. -> Adobe Inc.)
Task: {8C36AAE8-7ACE-4B60-9002-E17CAF7F3426} - System32\Tasks\GoogleUpdateTaskMachineCore{7A9CB704-081C-4229-86AC-4992EA4E848F} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-11-28] (Google LLC -> Google LLC)
Task: {06330F23-A9CF-4F8B-9CC8-D8918C48E17B} - System32\Tasks\GoogleUpdateTaskMachineUA{B5B89DC2-5AFB-4CE6-96EF-928D689EBBF9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-11-28] (Google LLC -> Google LLC)
Task: {3BC64503-F3B8-4D9F-B304-7CFE0A5A9E03} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5BD3E172-BB29-49F5-858D-10CFC80D4F39} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5CB03397-C577-4B80-A5EE-4A35F4D59033} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0F2EEFD3-EC7D-487A-9F7C-D3F0E87581FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D6DC0266-B83E-4DF8-9884-F809D96E4D5C} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c (Pas de fichier)
Task: {1C1A1FA0-D547-422D-AA72-1BAA049CCAB6} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler (Pas de fichier)
Task: {763B2643-48FE-499F-A9A3-2755B710CB17} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804312 2023-04-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {DECB4E11-34CE-4918-A2FF-11CB65B06042} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4137935891-2799249898-1352076659-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Pas de fichier)
Task: {67559ED8-9750-45CD-B77E-93F36AFAA930} - System32\Tasks\Process Lasso Management Console (GUI) => C:\Program Files\Process Lasso\processlasso.exe [1854864 2024-01-05] (Bitsum LLC -> Bitsum LLC)
Task: {A7BEB18A-0240-4660-AF50-8DF78C341372} - System32\Tasks\Session agent for Process Lasso => C:\Program Files\Process Lasso\bitsumsessionagent.exe [185744 2024-01-05] (Bitsum LLC -> Bitsum LLC)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bbee04be-07df-45b2-b47a-cdb63b3d2a7f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bbee04be-07df-45b2-b47a-cdb63b3d2a7f}: [DhcpDomain] home
Edge:
=======
Edge Profile: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-28]
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-13] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2024-01-16]
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-12-15]
CHR Extension: (Google Docs hors connexion) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-13]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-01-12]
CHR Extension: (Suntzu - FACEIT Matchmaking Insights) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjjbihoclddloccfhbeioidjfhkanblm [2023-11-28]
CHR Extension: (Repeek (formerly FACEIT Enhancer)) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mokknliiomknodkdmpcellamkopbdmao [2023-12-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-28]
CHR HKU\S-1-5-21-4137935891-2799249898-1352076659-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-21] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15772456 2023-12-04] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2023-12-03] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.)
S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [70988680 2023-12-26] (FACE IT LIMITED -> )
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmdig.inf_amd64_6cfb9367f123e3be\Display.NvContainer\NVDisplay.Container.exe [1274888 2023-11-10] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ProcessGovernor; C:\Program Files\Process Lasso\processgovernor.exe [1282968 2024-01-05] (Bitsum LLC -> Bitsum LLC)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534584 2023-11-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-01-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-01-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 edgeupdate; "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc [X]
S4 edgeupdatem; "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /medsvc [X]
S4 MicrosoftEdgeElevationService; "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\elevation_service.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 e2fexpress; C:\Windows\System32\DriverStore\FileRepository\e2f.inf_amd64_0f2d4ef9c63375f3\e2f.sys [527024 2022-12-18] (Intel Corporation -> Intel Corporation)
R1 FACEIT; C:\Program Files\FACEIT AC\FACEIT_AC.sys [77297328 2023-12-26] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 iaLPSS2_GPIO2_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_774a66f35d00ad3d\iaLPSS2_GPIO2_ADL.sys [140960 2022-06-22] (Intel Corporation -> Intel Corporation)
R3 IntelGNA; C:\Windows\System32\DriverStore\FileRepository\gna.inf_amd64_04d4eecc5838a558\gna.sys [88760 2022-06-21] (Intel Corporation -> Intel Corporation)
R3 MpKsla0cd83a6; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CF7455BE-9CBB-471B-98DD-C90D7F252083}\MpKslDrv.sys [263560 2024-01-16] (Microsoft Windows -> Microsoft Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 RtkUsbAD_2347; C:\Windows\System32\DriverStore\FileRepository\rtdusbad_msi.inf_amd64_4ef5c78c2dee4eab\RtUsbA64.sys [498016 2022-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55856 2024-01-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [594304 2024-01-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105856 2024-01-15] (Microsoft Windows -> Microsoft Corporation)
U4 Origin Client Service; pas de ImagePath
U4 Origin Web Helper Service; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-01-16 17:22 - 2024-01-16 17:25 - 000016673 _____ C:\Users\user\Downloads\FRST.txt
2024-01-16 17:20 - 2024-01-16 17:24 - 000000000 ____D C:\FRST
2024-01-16 17:19 - 2024-01-16 17:19 - 002389504 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2024-01-15 13:34 - 2024-01-15 13:34 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2024-01-15 12:59 - 2024-01-16 00:04 - 000000000 ____D C:\Users\user\Desktop\Nouveau dossier
2024-01-15 12:17 - 2024-01-15 12:17 - 000000144 _____ C:\scanparam.json
2024-01-15 11:59 - 2024-01-15 11:59 - 000000016 _____ C:\ProgramData\mntemp
2024-01-15 11:58 - 2024-01-15 12:20 - 000000000 ____D C:\ProgramData\Wondershare
2024-01-15 11:58 - 2024-01-15 12:20 - 000000000 ____D C:\Program Files\Wondershare
2024-01-15 11:58 - 2024-01-15 11:59 - 000000000 ____D C:\Users\user\AppData\Roaming\Wondershare
2024-01-15 11:58 - 2024-01-15 11:58 - 001802744 _____ C:\Users\user\Downloads\recoverit_setup_full4159.exe
2024-01-15 11:58 - 2024-01-15 11:58 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2024-01-15 11:21 - 2024-01-15 11:32 - 000001505 _____ C:\Windows\GA_OF.dat
2024-01-15 11:20 - 2024-01-15 11:32 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant
2024-01-15 11:20 - 2024-01-15 11:20 - 000001212 _____ C:\Users\Public\Desktop\AOMEI Partition Assistant 8.9.lnk
2024-01-15 11:20 - 2024-01-15 11:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant 8.9
2024-01-15 11:20 - 2020-08-12 15:02 - 002201768 _____ C:\Windows\ampa.exe
2024-01-15 11:20 - 2017-02-28 14:20 - 000038320 _____ C:\Windows\system32\ampa.sys
2024-01-15 11:20 - 2016-12-27 18:45 - 000035760 _____ C:\Windows\system32\ddmdrv.sys
2024-01-15 11:20 - 2016-12-27 18:45 - 000033200 _____ C:\Windows\SysWOW64\ddmdrv.sys
2024-01-15 11:20 - 2016-09-29 09:44 - 001298584 _____ C:\Windows\ddmmain.exe
2024-01-15 11:19 - 2024-01-15 11:20 - 025165928 _____ (AOMEI International Network Limited. ) C:\Users\user\Downloads\Aomei_Setup.exe
2024-01-15 11:18 - 2024-01-15 11:19 - 000000625 _____ C:\Windows\PAGa4.dat
2024-01-15 11:17 - 2024-01-15 11:17 - 060607552 _____ (AOMEI International Network Limited. ) C:\Users\user\Downloads\PAssist_Std.exe
2024-01-15 11:14 - 2024-01-15 11:32 - 000001024 ____H C:\AMTAG.BIN
2024-01-15 11:11 - 2024-01-15 11:19 - 000000000 ____D C:\ProgramData\AOMEIPA
2024-01-15 11:11 - 2024-01-15 11:14 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-01-15 11:11 - 2024-01-15 11:11 - 060911384 _____ (AOMEI International Network Limited. ) C:\Users\user\Downloads\PAssist_ProDemo_20240115.9398114.exe
2024-01-15 11:11 - 2024-01-15 11:11 - 000000000 ____D C:\ProgramData\AomeiBR
2024-01-15 11:11 - 2017-02-28 14:20 - 000038320 _____ C:\Windows\SysWOW64\ampa.sys
2024-01-15 11:06 - 2024-01-15 11:06 - 027575526 _____ C:\Users\user\Downloads\testdisk-7.2-WIP.win.zip
2024-01-15 11:06 - 2024-01-15 11:06 - 000000000 ____D C:\Users\user\Downloads\testdisk-7.2-WIP
2024-01-15 10:50 - 2024-01-15 10:50 - 000002343 _____ C:\Users\user\Desktop\EaseUS Data Recovery Wizard 11.8 Professional.lnk
2024-01-15 10:49 - 2024-01-15 10:49 - 000000000 ____D C:\Users\user\AppData\Local\unali-1759640
2024-01-15 10:49 - 2024-01-15 10:49 - 000000000 ____D C:\Users\user\AppData\Local\unali-1759421
2024-01-15 10:44 - 2024-01-15 10:44 - 000000000 ____D C:\Users\user\AppData\Local\unali-1514046
2024-01-15 10:44 - 2024-01-15 10:44 - 000000000 ____D C:\Users\user\AppData\Local\unali-1513843
2024-01-15 10:31 - 2024-01-15 10:31 - 000000000 ____D C:\Users\user\AppData\Local\unali-703250
2024-01-15 10:31 - 2024-01-15 10:31 - 000000000 ____D C:\Users\user\AppData\Local\unali-703046
2024-01-15 10:27 - 2024-01-15 10:27 - 000000000 ____D C:\Users\user\AppData\Local\unali-443906
2024-01-15 10:27 - 2024-01-15 10:27 - 000000000 ____D C:\Users\user\AppData\Local\unali-443703
2024-01-15 10:16 - 2024-01-15 10:19 - 000000000 ____D C:\ProgramData\Avast Software
2024-01-15 10:16 - 2024-01-15 10:16 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll
2024-01-15 10:13 - 2024-01-15 19:30 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2024-01-15 10:01 - 2024-01-15 10:01 - 000000000 ____D C:\Users\user\AppData\Local\mbam
2024-01-15 09:54 - 2024-01-15 09:54 - 000000000 ____D C:\Users\user\AppData\Local\Yandex
2024-01-15 09:53 - 2024-01-15 10:12 - 000000000 __SHD C:\ProgramData\SystemPropertiesDataExecutionPrevention
2024-01-15 09:53 - 2024-01-15 09:53 - 000000000 ____D C:\ProgramData\Corporation
2024-01-15 09:52 - 2024-01-15 09:52 - 000000000 ____D C:\Users\user\AppData\Roaming\tdh
2024-01-15 09:50 - 2024-01-15 09:50 - 000000000 ____D C:\Users\user\AppData\Roaming\WinRAR
2024-01-15 09:50 - 2024-01-15 09:50 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-01-15 09:50 - 2024-01-15 09:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-01-15 09:50 - 2024-01-15 09:50 - 000000000 ____D C:\Program Files\WinRAR
2024-01-15 09:27 - 2024-01-15 09:27 - 000000000 ____D C:\Users\user\AppData\Local\unali-4725750
2024-01-15 09:27 - 2024-01-15 09:27 - 000000000 ____D C:\Users\user\AppData\Local\unali-4725640
2024-01-15 08:25 - 2024-01-15 10:50 - 000000000 ____D C:\Program Files (x86)\EaseUS
2024-01-15 08:25 - 2024-01-15 08:25 - 000000000 ____D C:\Users\user\AppData\Roaming\EaseUS
2024-01-15 08:25 - 2024-01-15 08:25 - 000000000 ____D C:\ProgramData\SystemAcCrux
2024-01-15 08:25 - 2024-01-15 08:25 - 000000000 ____D C:\Program Files\EaseUS
2024-01-15 08:18 - 2024-01-15 08:18 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\MMC
2024-01-09 00:05 - 2024-01-09 00:10 - 000000000 ____D C:\Users\user\AppData\Roaming\obs-studio
2024-01-09 00:05 - 2024-01-09 00:05 - 136048416 _____ (OBS Project) C:\Users\user\Downloads\OBS-Studio-30.0.2-Full-Installer-x64.exe
2024-01-09 00:05 - 2024-01-09 00:05 - 000000000 ____D C:\ProgramData\obs-studio-hook
2024-01-09 00:05 - 2024-01-09 00:05 - 000000000 ____D C:\ProgramData\obs-studio
2024-01-09 00:05 - 2024-01-09 00:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2024-01-09 00:05 - 2024-01-09 00:05 - 000000000 ____D C:\Program Files\obs-studio
2024-01-09 00:02 - 2014-01-10 14:38 - 000000096 _____ C:\Users\user\Downloads\vakarm description autres actions sur la demo.txt
2024-01-09 00:02 - 2014-01-03 15:11 - 023816403 _____ C:\Users\user\Downloads\Most-19500-de_nuke.dem
2024-01-03 13:42 - 2024-01-03 13:42 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2024-01-02 14:21 - 2024-01-02 14:21 - 011955684 _____ C:\Users\user\Downloads\Most-19500-de_nuke (1).rar
2024-01-02 14:20 - 2024-01-02 14:20 - 011955684 _____ C:\Users\user\Downloads\Most-19500-de_nuke.rar
2023-12-21 21:43 - 2023-12-21 21:43 - 000027376 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_2225077072217.dll
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-01-16 17:23 - 2023-11-28 14:46 - 000000000 ____D C:\Program Files (x86)\Steam
2024-01-16 17:07 - 2023-11-28 10:52 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-01-16 14:00 - 2023-11-29 11:13 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-01-16 14:00 - 2023-11-29 11:13 - 000002076 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-01-16 11:56 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-16 11:24 - 2022-09-08 04:12 - 000000000 ____D C:\Windows\SystemTemp
2024-01-15 13:21 - 2023-11-28 10:54 - 001681370 _____ C:\Windows\system32\PerfStringBackup.INI
2024-01-15 13:21 - 2019-12-07 15:50 - 000755174 _____ C:\Windows\system32\perfh00C.dat
2024-01-15 13:21 - 2019-12-07 15:50 - 000141980 _____ C:\Windows\system32\perfc00C.dat
2024-01-15 13:21 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2024-01-15 13:17 - 2023-11-28 14:33 - 000000000 ____D C:\ProgramData\NVIDIA
2024-01-15 13:17 - 2023-11-28 10:52 - 000008192 ___SH C:\DumpStack.log.tmp
2024-01-15 13:17 - 2023-11-28 10:52 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-01-15 13:17 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2024-01-15 13:16 - 2023-11-28 15:08 - 000003140 _____ C:\Windows\system32\Tasks\MSIAfterburner
2024-01-15 13:16 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-01-15 10:30 - 2023-11-28 10:52 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-01-15 10:29 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2024-01-15 10:16 - 2023-11-28 14:54 - 000918944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2024-01-15 10:16 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-01-12 10:05 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2024-01-11 18:49 - 2023-11-28 15:41 - 000000000 ____D C:\Users\user\AppData\Roaming\TS3Client
2024-01-10 16:42 - 2023-11-28 15:07 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2024-01-10 16:42 - 2023-11-28 14:47 - 000000000 ____D C:\Users\user\AppData\Local\D3DSCache
2024-01-10 16:40 - 2023-11-28 15:04 - 000000000 ____D C:\Program Files\Process Lasso
2024-01-09 17:42 - 2023-12-03 14:33 - 000000000 ____D C:\Users\user\AppData\Roaming\EasyAntiCheat
2024-01-09 08:05 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-07 12:15 - 2023-11-29 11:13 - 000000000 ____D C:\Users\user\AppData\LocalLow\Adobe
2024-01-02 23:19 - 2023-12-11 13:57 - 000000000 ____D C:\Users\user\AppData\Roaming\discord
2024-01-02 22:41 - 2023-12-11 13:57 - 000000000 ____D C:\Users\user\AppData\Local\Discord
2024-01-02 22:41 - 2023-12-03 15:52 - 000000000 ____D C:\Program Files\FACEIT AC
2024-01-02 11:49 - 2023-11-29 11:08 - 000000000 ____D C:\Users\user\Desktop\urssaf pole emploi
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)