Publicité
Publicité
Commentaire : FRST
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19.04.2024 01
Exécuté par marin (administrateur) sur LAPTOP-3MT6NL4L (Acer Nitro AN515-43) (14-05-2024 13:31:27)
Exécuté depuis C:\Users\marin\OneDrive\Bureau\FRST64.exe
Profils chargés: marin
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.4355 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(DriverStore\FileRepository\c0366255.inf_amd64_775170fd70343aa9\B365954\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0366255.inf_amd64_775170fd70343aa9\B365954\atieclxx.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <23>
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0366255.inf_amd64_775170fd70343aa9\B365954\atiesrxx.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Qualcomm Atheros, Inc. -> ) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSysSvc64.exe
(svchost.exe ->) (Dragon Boss Solutions LLC -> Chromstera Premium Solutions) C:\Program Files (x86)\Chromstera Browser\ChromsteraUpdater.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2403.5.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Web Browser Solutions) [Fichier non signé] C:\Program Files (x86)\Web Browser Solutions\Web Browser\UniversalUpdater.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSvc64.exe [1464728 2019-01-31] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [CORSAIR iCUE 4 Software] => C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE Launcher.exe [185384 2022-10-07] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1081648 2020-06-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-3680377613-2017001569-3873097527-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37495272 2024-05-02] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3680377613-2017001569-3873097527-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4379496 2024-05-14] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3680377613-2017001569-3873097527-1001\...\Run: [Battle.net] => C:\Users\marin\OneDrive\Documents\Battle.net\Battle.net.exe [1079184 2021-06-09] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-3680377613-2017001569-3873097527-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45380000 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3680377613-2017001569-3873097527-1001\...\Run: [Discord] => C:\Users\marin\AppData\Local\Discord\Update.exe [1525016 2024-04-01] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3680377613-2017001569-3873097527-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2668136 2023-05-31] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3680377613-2017001569-3873097527-1001\...\Run: [Samsung DeX] => D:\Samsung DeX\SamsungDeX.exe [10071360 2023-02-14] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3680377613-2017001569-3873097527-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1790472 2024-04-10] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-3680377613-2017001569-3873097527-1001\...\Run: [MicrosoftEdgeAutoLaunch_773EB89D0548EBFC7C66E974F1D07AB7] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4139976 2023-05-17] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG4200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDB9.DLL [30208 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG4200 series: C:\WINDOWS\system32\CNMLMB9.DLL [389120 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP D711 Status Monitor: C:\WINDOWS\system32\hpinkstsD711LM.dll [393352 2017-03-27] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\111.0.5563.65\Installer\chrmstp.exe [2024-04-28] (Google LLC -> Google LLC)
Startup: C:\Users\marin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2020-05-28]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2024-05-13]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (Pas de fichier)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {01039DA9-A492-41B7-990E-9AC15E65836D} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {D606A8D1-212B-4731-92EF-53D2D30F93E9} - System32\Tasks\ArtificiusUpdater => C:\Program Files (x86)\Web Framework Solutions\Web Framework\ArtificiusUpdater.exe [1271296 2024-05-09] (Web Framework Solutions) [Fichier non signé] -> C:\Program Files (x86)\Web Framework Solutions\Web Framework\\/silentall -nogui -nofreqcheck
Task: {929651AE-6C50-493A-826E-2B0CF8BF1D94} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {9FE93E77-F471-49DA-8326-F8F790924EAD} - System32\Tasks\CCleanerClean => C:\Program Files\CCleaner\CCleaner.exe [39118752 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {4090C554-11A2-4308-935A-510C87842888} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "ba2934fa-d660-4daf-ba7c-4f18fc0ec9d7" --version "6.23.11010" --silent
Task: {3D6D618A-E1CE-464D-9303-4C88AB1A48D2} - System32\Tasks\CCleanerSkipUAC - marin => C:\Program Files\CCleaner\CCleaner.exe [39118752 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {F0E23430-97A9-42A8-9B82-46834C09D6FB} - System32\Tasks\ChromsteraUpdater => C:\Program Files (x86)\Chromstera Browser\ChromsteraUpdater.exe [1204192 2023-08-31] (Dragon Boss Solutions LLC -> Chromstera Premium Solutions)
Task: {7BD7A523-F5F3-42F6-ACCD-ED1589A3AEE0} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem126.0.6425.0{B8D0CEAA-0809-45F3-9722-287DBE45BBF0} => C:\Program Files (x86)\Google\GoogleUpdater\126.0.6425.0\updater.exe [4786464 2024-04-18] (Google LLC -> Google LLC)
Task: {52B0968A-14FF-4091-AA44-7E99D8660B56} - System32\Tasks\HPEA3JOBS => C:\Program -> Files\HP\HP ePrint\hpeprint.exe /CheckJobs
Task: {502D4507-0E71-4C44-8D34-8DEE023FDCD7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {7BC9755A-A7A5-416D-88D4-881D5B44F179} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {8241A4E6-0C63-46DF-A02E-0EECEA7049A3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144272 2023-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {BC7E9573-7AD4-44DF-A428-38FDEDBC192A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144272 2023-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC6E21FA-5CC3-435E-8CD5-66613385B6AE} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168880 2023-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {3133FB86-E3E7-494E-B3AB-7C2440BF9CB6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D66CFBB4-57C2-4818-833C-E2F51556A7C2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C092E380-FF42-4775-A710-ADEC869FC9CF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DAA26A29-3BE6-4118-8EA5-6DE2A7850DCE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D804FD88-01D2-4E14-B4CC-DA5624402AA0} - System32\Tasks\NitroSense => C:\Program Files\Acer\NitroSense Service\PSLauncher.exe [601904 2019-07-19] (Acer Incorporated -> Acer Incorporated)
Task: {E3DDD48C-4802-4968-A9D8-573E7D687F3E} - System32\Tasks\Oem\AcerJumpstartTask => "C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe" /default (Pas de fichier)
Task: {F24CD60D-5F65-4080-9429-E5EB84165499} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209056 2024-05-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {4F6C2A5C-9CF4-41D2-934C-675244112A71} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3680377613-2017001569-3873097527-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209056 2024-05-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {BD76648A-92F1-4726-95A7-C430455855D2} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2644488 2024-04-10] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
Task: {D30E1E2C-B084-4DD7-B584-80E7C1E86C9E} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473880 2020-07-16] (Acer Incorporated -> Acer Incorporated)
Task: {7F9058B4-FB94-4AC9-8B9F-07C20FD2E975} - System32\Tasks\UniversalUpdater => C:\Program Files (x86)\Web Browser Solutions\Web Browser\UniversalUpdater.exe [1271296 2024-05-07] (Web Browser Solutions) [Fichier non signé]
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerClean.job => C:\Program Files\CCleaner\CCleaner.exe
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{dd7d9fcd-56a9-44e6-bf7e-5b9bf1b74d96}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{dd7d9fcd-56a9-44e6-bf7e-5b9bf1b74d96}: [DhcpDomain] home
Tcpip\..\Interfaces\{dd7d9fcd-56a9-44e6-bf7e-5b9bf1b74d96}\D4162796E6567237027416C616879702351303: [DhcpNameServer] 192.168.166.2
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\marin\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-13]
Edge Extension: (MagnusMegaica) - C:\Users\marin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjbdkcefnhbkdbjlcjnmidpjmmaokpkf [2024-05-13] [UpdateUrl:hxxps://crxdragonupdate.com/crx/updates.php] <==== ATTENTION
Edge Extension: (HelioMinien) - C:\Users\marin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oemojmclelockmdcfnmaecfkdljniejb [2024-05-13] [UpdateUrl:hxxps://crxdragonupdate.com/crx/updates.php] <==== ATTENTION
Edge HKLM-x32\...\Edge\Extension: [oemojmclelockmdcfnmaecfkdljniejb] - C:\\Users\\marin\\AppData\\Local\\apps.crx [2024-05-03]
FireFox:
========
FF DefaultProfile: 2aq90dkr.default
FF ProfilePath: C:\Users\marin\AppData\Roaming\Mozilla\Firefox\Profiles\2aq90dkr.default [2024-05-12]
FF Homepage: Mozilla\Firefox\Profiles\2aq90dkr.default -> hxxps://fr.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87dbgpsszvwu2cegikmoxb001720¶m1=y6bdVFVIsvuYsgEClQfz8Oeg2evwTgtkD45B1N7UYtl1i1TGbMZZmhyro3luh2h4Fx5oLGGEqO4WWZSm2nFB%2BBUGhoOTB%2BIrW4ahdrqDOFXEiGeTAyb9Xtkn9LWZasDQnrxFki31NKoGvpJ61PcNRVjsLVDakY9qAsXz3OPrv3X5OOmQendFEcwNIfTbjv00qcwUQIoPWr0Naoct6p5ja2LH%2FnkrUS9EHk8fPSY9dPRcClzM%2BMB%2Fy2z6FgmUo6VXgPgUeVc9N2zHNhbJneqVLYEfbQcZwuIFFGAnfyJ1dKqXrItnZ1uw%2Fmpji%2Fy5Kir%2Br5NrmRpWtEHz9O2PZMFV69hx%2Bo46w4ZXH4Y%2FJCtvknyc%2FoMdYNdh%2BIIll8NKg6u10GZHnAuDE6hqw7wH6VQhzA%3D%3D
FF NewTab: Mozilla\Firefox\Profiles\2aq90dkr.default -> hxxps://fr.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87dbgpsszvwu2cegikmoxb001720¶m1=y6bdVFVIsvuYsgEClQfz8Oeg2evwTgtkD45B1N7UYtl1i1TGbMZZmhyro3luh2h4Fx5oLGGEqO4WWZSm2nFB%2BBUGhoOTB%2BIrW4ahdrqDOFXEiGeTAyb9Xtkn9LWZasDQnrxFki31NKoGvpJ61PcNRVjsLVDakY9qAsXz3OPrv3X5OOmQendFEcwNIfTbjv00qcwUQIoPWr0Naoct6p5ja2LH%2FnkrUS9EHk8fPSY9dPRcClzM%2BMB%2Fy2z6FgmUo6VXgPgUeVc9N2zHNhbJneqVLYEfbQcZwuIFFGAnfyJ1dKqXrItnZ1uw%2Fmpji%2Fy5Kir%2Br5NrmRpWtEHz9O2PZMFV69hx%2Bo46w4ZXH4Y%2FJCtvknyc%2FoMdYNdh%2BIIll8NKg6u10GZHnAuDE6hqw7wH6VQhzA%3D%3D
FF Extension: (Facebook Container) - C:\Users\marin\AppData\Roaming\Mozilla\Firefox\Profiles\2aq90dkr.default\Extensions\@contain-facebook.xpi [2021-05-08]
FF Extension: (Dictionnaire français) - C:\Users\marin\AppData\Roaming\Mozilla\Firefox\Profiles\2aq90dkr.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2020-05-31]
FF Extension: (Français Language Pack) - C:\Users\marin\AppData\Roaming\Mozilla\Firefox\Profiles\2aq90dkr.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2021-05-08]
FF Extension: (Avast Online Security) - C:\Users\marin\AppData\Roaming\Mozilla\Firefox\Profiles\2aq90dkr.default\Extensions\wrc@avast.com.xpi [2021-05-08]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-03-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-03-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-03-22] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\marin\AppData\Local\Google\Chrome\User Data\Default [2024-05-14]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\marin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-04-28]
CHR Extension: (AdBlock sur YouTube™) - C:\Users\marin\AppData\Local\Google\Chrome\User Data\Default\Extensions\emngkmlligggbbiioginlkphcmffbncb [2024-04-28]
CHR Extension: (Closed tabs) - C:\Users\marin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah [2024-04-28]
CHR Extension: (Google Docs hors connexion) - C:\Users\marin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-05-13]
CHR Extension: (SpyHunter® Web Security) - C:\Users\marin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kheeipganhdcpkecibbpgggianpodhkc [2024-05-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\marin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-04-28]
CHR HKLM\...\Chrome\Extension: [dbnekjagmhfhdnboiifafcodjiippljk]
CHR HKLM\...\Chrome\Extension: [lpmnnhmmbcieapakkffeadobioaffhoa]
CHR HKU\S-1-5-21-3680377613-2017001569-3873097527-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dbnekjagmhfhdnboiifafcodjiippljk]
CHR HKU\S-1-5-21-3680377613-2017001569-3873097527-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lpmnnhmmbcieapakkffeadobioaffhoa]
CHR HKLM-x32\...\Chrome\Extension: [dbnekjagmhfhdnboiifafcodjiippljk]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [lpmnnhmmbcieapakkffeadobioaffhoa]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-05-02] (BattlEye Innovations e.K. -> )
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085856 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12634544 2023-04-18] (Microsoft Corporation -> Microsoft Corporation)
R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [613944 2022-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
S4 CorsairLLAService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe [238632 2022-10-07] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S4 CorsairService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe [84008 2022-10-07] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S4 CorsairUniwillService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueUniwillService.exe [108072 2022-10-07] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S4 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11357800 2023-05-31] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1134624 2022-06-07] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [943528 2023-09-05] (EasyAntiCheat Oy -> Epic Games, Inc.)
S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-06-13] (Epic Games Inc. -> Epic Games, Inc.)
S4 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.076.0414.0005\FileSyncHelper.exe [3506704 2024-05-07] (Microsoft Corporation -> Microsoft Corporation)
S2 GoogleUpdaterInternalService126.0.6425.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6425.0\updater.exe [4786464 2024-04-18] (Google LLC -> Google LLC)
S2 GoogleUpdaterService126.0.6425.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6425.0\updater.exe [4786464 2024-04-18] (Google LLC -> Google LLC)
S4 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-05-09] (HP Inc. -> HP Inc.)
S4 iCUEDevicePluginHost; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUEDevicePluginHost.exe [459816 2022-10-07] (Corsair Memory, Inc. -> Corsair)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpDefenderCoreService.exe [1459968 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.076.0414.0005\OneDriveUpdaterService.exe [3846560 2024-05-07] (Microsoft Corporation -> Microsoft Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2575064 2022-03-31] (Electronic Arts, Inc. -> Electronic Arts)
S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3494672 2022-03-31] (Electronic Arts, Inc. -> Electronic Arts)
S4 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2644488 2024-04-10] (Overwolf Ltd -> Overwolf LTD)
S4 PSSvc; C:\Program Files\Acer\NitroSense Service\PSSvc.exe [820016 2019-07-19] (Acer Incorporated -> Acer Incorporated)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [189768 2022-09-08] (Qualcomm Atheros, Inc. -> )
S4 Rockstar Service; D:\Launcher\RockstarService.exe [2219416 2021-06-09] (Rockstar Games, Inc. -> Rockstar Games)
S4 SmartSwitchService; C:\Program Files\Samsung\SmartSwitch\qvWindowsService.exe [296816 2023-05-10] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2022-09-14] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2022-09-14] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
S3 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [345400 2023-03-30] (Twitch Interactive, Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 ZoomCptService; "C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\marin\AppData\Roaming\Zoom"
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [36800 2022-06-01] (Acer Incorporated -> Acer Incorporated)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [35344 2022-09-09] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [63032 2022-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccessC2D033F14715AA7325305EA42FBFC65BF867CC1D; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairLLAccess64.sys [21752 2022-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [47032 2022-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [22968 2022-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ElgatoVAD; C:\WINDOWS\System32\drivers\ElgatoVAD.sys [39208 2020-11-08] (Elgato Systems LLC -> Elgato Systems GmbH)
S3 HoYoProtect; C:\WINDOWS\system32\HoYoKProtect.sys [3676720 2024-04-28] (Microsoft Windows Hardware Compatibility Publisher -> miHoYo)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20936 2024-04-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601376 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105760 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-05-14 13:31 - 2024-05-14 13:31 - 000028902 _____ C:\Users\marin\OneDrive\Bureau\FRST.txt
2024-05-14 13:29 - 2024-05-14 13:31 - 000064278 _____ C:\Users\marin\Downloads\Addition.txt
2024-05-14 13:28 - 2024-05-14 13:26 - 002394112 _____ (Farbar) C:\Users\marin\OneDrive\Bureau\FRST64.exe
2024-05-14 13:27 - 2024-05-14 13:31 - 000043242 _____ C:\Users\marin\Downloads\FRST.txt
2024-05-14 13:27 - 2024-05-14 13:31 - 000000000 ____D C:\FRST
2024-05-14 13:26 - 2024-05-14 13:26 - 002394112 _____ (Farbar) C:\Users\marin\Downloads\FRST64.exe
2024-05-13 21:12 - 2024-05-13 21:12 - 000000000 ___RD C:\Users\marin\Downloads\WavesAudio.20761030F5EAC_fh4rh281wavaa!App
2024-05-13 21:00 - 2024-05-13 21:00 - 000000000 ____D C:\ProgramData\Web Framework Solutions
2024-05-13 20:31 - 2024-05-13 20:31 - 000000000 ____D C:\Program Files (x86)\Web Framework Solutions
2024-05-11 20:46 - 2024-05-11 20:46 - 000032240 _____ C:\WINDOWS\system32\lc.dat
2024-05-09 16:00 - 2024-05-09 16:00 - 000000000 ____D C:\ProgramData\Web Browser Solutions
2024-05-09 15:02 - 2024-05-09 15:02 - 000000000 ____D C:\Program Files (x86)\Web Browser Solutions
2024-05-09 14:08 - 2024-05-09 14:08 - 000027376 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_149625835129708.dll
2024-05-08 17:08 - 2024-05-08 17:08 - 000000000 ____D C:\Users\marin\OneDrive\Documents\Lettres
2024-05-08 17:07 - 2024-05-08 17:07 - 002758332 _____ C:\Users\marin\Downloads\SpicyLetter.pdf
2024-05-08 17:07 - 2024-05-08 17:07 - 002674386 _____ C:\Users\marin\Downloads\HalsinLetter.pdf
2024-05-08 17:07 - 2024-05-08 17:07 - 002370852 _____ C:\Users\marin\Downloads\LoveLetterUpdate.pdf
2024-05-08 17:07 - 2024-05-08 17:07 - 002327570 _____ C:\Users\marin\Downloads\ValentinesLetter.pdf
2024-05-08 17:05 - 2024-05-08 17:05 - 006344325 _____ C:\Users\marin\Downloads\LetterfromKarlach.pdf
2024-05-07 15:39 - 2024-05-07 15:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoom
2024-05-03 20:34 - 2024-05-13 22:31 - 000012756 _____ C:\Users\marin\AppData\Local\apps.crx
2024-05-03 12:18 - 2024-05-03 12:18 - 007195168 _____ (EnigmaSoft Limited) C:\Users\marin\Downloads\SpyHunter-Installer.exe
2024-05-03 12:18 - 2024-05-03 12:18 - 007195168 _____ (EnigmaSoft Limited) C:\Users\marin\Downloads\SpyHunter-Installer (1).exe
2024-05-02 14:26 - 2024-05-02 14:26 - 000000000 ___HD C:\$WinREAgent
2024-05-02 14:21 - 2024-05-02 14:21 - 000027344 _____ C:\Users\marin\OneDrive\Documents\lc.dat
2024-05-02 14:06 - 2024-05-02 14:06 - 000013146 _____ C:\Users\marin\OneDrive\Documents\cc_20240502_140601.reg
2024-05-02 14:06 - 2024-05-02 14:06 - 000000294 _____ C:\Users\marin\OneDrive\Documents\cc_20240502_140614.reg
2024-05-02 00:01 - 2024-05-02 14:23 - 000000280 _____ C:\WINDOWS\Tasks\CCleanerClean.job
2024-05-02 00:01 - 2024-05-02 00:01 - 000003124 _____ C:\WINDOWS\system32\Tasks\CCleanerClean
2024-05-01 14:00 - 2024-05-01 14:00 - 000000000 ____D C:\ProgramData\Artificius Web Solutions
2024-05-01 00:00 - 2024-05-13 22:31 - 000004306 _____ C:\WINDOWS\system32\Tasks\ArtificiusUpdater
2024-05-01 00:00 - 2024-05-13 22:31 - 000000000 ____D C:\appsDDhelper
2024-05-01 00:00 - 2024-05-01 00:00 - 000000000 ____D C:\Program Files (x86)\Artificius Web Solutions
2024-04-30 21:23 - 2024-04-30 21:23 - 000027376 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_189892945188824.dll
2024-04-28 20:00 - 2024-04-28 20:00 - 000000000 ____D C:\ProgramData\Universal Browser Solutions
2024-04-28 19:01 - 2024-05-09 15:02 - 000004420 _____ C:\WINDOWS\system32\Tasks\UniversalUpdater
2024-04-28 19:01 - 2024-04-28 19:01 - 000000000 ____D C:\Program Files (x86)\Universal Browser Solutions
2024-04-22 14:10 - 2024-04-22 14:10 - 000000000 ____D C:\Program Files\Bonjour
2024-04-22 14:10 - 2024-04-22 14:10 - 000000000 ____D C:\Program Files (x86)\Bonjour
2024-04-22 14:07 - 2024-04-22 14:07 - 000000000 ____D C:\Program Files (x86)\Zoom
2024-04-22 14:01 - 2024-04-22 14:01 - 000014238 _____ C:\Users\marin\OneDrive\Documents\cc_20240422_140156.reg
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-05-14 13:31 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2024-05-14 13:25 - 2020-01-07 19:17 - 000000000 ____D C:\Program Files (x86)\Steam
2024-05-14 13:13 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-05-13 22:44 - 2020-01-07 00:20 - 000000000 ____D C:\Users\marin\AppData\Roaming\Discord
2024-05-13 22:29 - 2023-02-27 20:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-05-13 22:08 - 2024-04-03 17:26 - 000000000 ____D C:\Users\marin\AppData\Local\Discord
2024-05-13 09:49 - 2021-03-01 00:03 - 000000000 ____D C:\Program Files\Genshin Impact
2024-05-13 08:39 - 2023-02-27 20:26 - 000000000 ____D C:\Users\marin\AppData\Local\D3DSCache
2024-05-13 08:00 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-05-13 08:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-05-12 15:24 - 2024-02-18 00:45 - 000267784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll
2024-05-12 15:24 - 2022-10-25 18:25 - 000108040 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-05-12 15:24 - 2022-10-25 18:25 - 000075272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-05-12 15:24 - 2021-11-23 23:18 - 000206344 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-05-12 15:24 - 2020-05-27 00:07 - 000722440 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-05-12 15:24 - 2020-04-19 20:52 - 002729592 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-05-12 15:24 - 2020-04-19 20:52 - 000218632 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-05-12 15:24 - 2020-04-19 20:52 - 000145008 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-05-11 20:45 - 2020-05-22 21:57 - 000000000 ____D C:\Program Files\CCleaner
2024-05-11 15:28 - 2023-02-27 20:29 - 001770970 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-05-11 15:28 - 2019-12-07 16:49 - 000792842 _____ C:\WINDOWS\system32\perfh00C.dat
2024-05-11 15:28 - 2019-12-07 16:49 - 000149972 _____ C:\WINDOWS\system32\perfc00C.dat
2024-05-11 01:36 - 2023-02-27 20:20 - 000000000 ____D C:\Users\marin
2024-05-11 00:01 - 2020-01-09 04:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-05-10 23:59 - 2023-02-27 20:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-05-09 17:09 - 2021-05-07 18:53 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-05-08 17:06 - 2020-01-06 23:23 - 000000000 ____D C:\Users\marin\AppData\Local\Packages
2024-05-07 20:36 - 2024-04-03 17:26 - 000002257 _____ C:\Users\marin\OneDrive\Bureau\Discord.lnk
2024-05-07 20:36 - 2023-02-27 20:26 - 000003130 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3680377613-2017001569-3873097527-1001
2024-05-07 20:36 - 2023-02-27 20:26 - 000002776 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-05-07 20:36 - 2020-01-07 19:26 - 000000000 ____D C:\Users\marin\AppData\Local\Steam
2024-05-07 20:35 - 2022-11-08 21:48 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-05-07 15:38 - 2022-09-05 20:38 - 000002250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-05-07 15:37 - 2020-02-12 23:46 - 000000000 ____D C:\Users\marin\AppData\Local\CrashDumps
2024-05-06 21:28 - 2024-04-06 20:13 - 000003330 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2024-05-06 20:50 - 2024-04-06 20:13 - 000002331 _____ C:\Users\marin\OneDrive\Bureau\Thunderstore Mod Manager.lnk
2024-05-06 20:50 - 2024-04-06 20:13 - 000002331 _____ C:\Users\marin\OneDrive\Bureau\Baldurs Map.lnk
2024-05-06 20:50 - 2024-04-06 20:12 - 000000000 ____D C:\Users\marin\AppData\Local\Overwolf
2024-05-02 15:02 - 2023-02-27 20:18 - 000444200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-05-02 15:02 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-05-02 15:02 - 2019-11-14 07:45 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2024-05-02 15:01 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Portable Devices
2024-05-02 15:01 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2024-05-02 15:01 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2024-05-02 15:01 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-05-02 15:01 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2024-05-02 14:40 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-05-02 14:34 - 2023-02-27 20:19 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-04-28 19:19 - 2023-03-24 16:04 - 003676720 _____ (miHoYo) C:\WINDOWS\system32\HoYoKProtect.sys
2024-04-28 19:10 - 2020-01-07 20:21 - 000000000 ____D C:\Users\marin\AppData\Local\ElevatedDiagnostics
2024-04-28 19:01 - 2020-05-11 19:01 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-04-28 19:00 - 2023-02-27 20:12 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-04-28 19:00 - 2020-09-19 19:46 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-04-28 18:59 - 2020-02-11 21:57 - 000000000 ____D C:\Program Files (x86)\Google
2024-04-28 18:52 - 2023-02-27 20:26 - 000004362 _____ C:\WINDOWS\system32\Tasks\Software Update Application
2024-04-28 18:51 - 2022-10-02 19:17 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-04-28 18:49 - 2024-04-06 20:13 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-04-28 18:49 - 2020-02-11 21:58 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-04-28 18:48 - 2020-11-16 21:30 - 000000000 ____D C:\Users\marin\AppData\Roaming\Zoom
2024-04-22 14:06 - 2019-11-14 07:45 - 000000000 ____D C:\ProgramData\Package Cache
2024-04-22 14:05 - 2019-11-14 07:34 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-04-22 14:04 - 2020-04-28 17:04 - 000000000 ____D C:\ProgramData\Origin
2024-04-22 14:02 - 2023-02-27 20:26 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-04-22 14:02 - 2023-02-27 20:26 - 000003382 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-04-22 13:59 - 2023-10-25 20:07 - 000000000 ____D C:\WINDOWS\Minidump
2024-04-16 22:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2024-04-14 00:08 - 2024-02-18 00:45 - 000263784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll.0
==================== Fichiers à la racine de certains dossiers ========
2020-11-14 21:31 - 2021-01-08 17:59 - 000000016 _____ () C:\Users\marin\AppData\Roaming\obs-virtualcam.txt
2024-05-03 20:34 - 2024-05-13 22:31 - 000012756 _____ () C:\Users\marin\AppData\Local\apps.crx
2020-06-06 21:34 - 2020-06-06 21:34 - 000000000 _____ () C:\Users\marin\AppData\Local\BIT3CC2.tmp
2020-08-18 21:48 - 2020-08-18 21:48 - 000000000 _____ () C:\Users\marin\AppData\Local\BIT44EE.tmp
2020-09-01 20:29 - 2020-09-01 20:29 - 000000000 _____ () C:\Users\marin\AppData\Local\BIT6459.tmp
2020-09-01 20:29 - 2020-09-01 20:29 - 000000000 _____ () C:\Users\marin\AppData\Local\BIT6489.tmp
2020-08-11 13:24 - 2020-08-11 13:24 - 000000000 _____ () C:\Users\marin\AppData\Local\BIT6B6E.tmp
2020-08-08 00:46 - 2020-08-08 00:46 - 000000000 _____ () C:\Users\marin\AppData\Local\BIT7066.tmp
2020-06-09 21:09 - 2020-06-09 21:09 - 000000000 _____ () C:\Users\marin\AppData\Local\BIT7E1A.tmp
2020-07-21 23:44 - 2020-07-21 23:44 - 000000000 _____ () C:\Users\marin\AppData\Local\BIT9559.tmp
2020-09-19 18:40 - 2020-09-19 18:40 - 000000000 _____ () C:\Users\marin\AppData\Local\BITC43.tmp
2020-09-19 18:40 - 2020-09-19 18:40 - 000000000 _____ () C:\Users\marin\AppData\Local\BITC63.tmp
2020-06-19 21:47 - 2020-06-19 21:47 - 000000000 _____ () C:\Users\marin\AppData\Local\BITE531.tmp
2021-04-12 16:00 - 2021-04-12 16:00 - 000001003 _____ () C:\Users\marin\AppData\Local\recently-used.xbel
2020-04-09 20:33 - 2020-04-09 20:40 - 000000069 _____ () C:\Users\marin\AppData\Local\update_progress.txt
2020-06-17 11:59 - 2020-06-17 11:59 - 000000000 _____ () C:\Users\marin\AppData\Local\{3B348185-4497-4F59-8053-E3FEA928F53D}
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par marin (administrateur) sur LAPTOP-3MT6NL4L (Acer Nitro AN515-43) (14-05-2024 13:31:27)
Exécuté depuis C:\Users\marin\OneDrive\Bureau\FRST64.exe
Profils chargés: marin
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.4355 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(DriverStore\FileRepository\c0366255.inf_amd64_775170fd70343aa9\B365954\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0366255.inf_amd64_775170fd70343aa9\B365954\atieclxx.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <23>
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0366255.inf_amd64_775170fd70343aa9\B365954\atiesrxx.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Qualcomm Atheros, Inc. -> ) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSysSvc64.exe
(svchost.exe ->) (Dragon Boss Solutions LLC -> Chromstera Premium Solutions) C:\Program Files (x86)\Chromstera Browser\ChromsteraUpdater.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2403.5.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Web Browser Solutions) [Fichier non signé] C:\Program Files (x86)\Web Browser Solutions\Web Browser\UniversalUpdater.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo77ac.inf_amd64_d5839c9d7c0bda64\WavesSvc64.exe [1464728 2019-01-31] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [CORSAIR iCUE 4 Software] => C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE Launcher.exe [185384 2022-10-07] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1081648 2020-06-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-3680377613-2017001569-3873097527-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37495272 2024-05-02] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3680377613-2017001569-3873097527-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4379496 2024-05-14] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3680377613-2017001569-3873097527-1001\...\Run: [Battle.net] => C:\Users\marin\OneDrive\Documents\Battle.net\Battle.net.exe [1079184 2021-06-09] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-3680377613-2017001569-3873097527-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45380000 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3680377613-2017001569-3873097527-1001\...\Run: [Discord] => C:\Users\marin\AppData\Local\Discord\Update.exe [1525016 2024-04-01] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3680377613-2017001569-3873097527-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2668136 2023-05-31] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3680377613-2017001569-3873097527-1001\...\Run: [Samsung DeX] => D:\Samsung DeX\SamsungDeX.exe [10071360 2023-02-14] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3680377613-2017001569-3873097527-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1790472 2024-04-10] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-3680377613-2017001569-3873097527-1001\...\Run: [MicrosoftEdgeAutoLaunch_773EB89D0548EBFC7C66E974F1D07AB7] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4139976 2023-05-17] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG4200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDB9.DLL [30208 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG4200 series: C:\WINDOWS\system32\CNMLMB9.DLL [389120 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP D711 Status Monitor: C:\WINDOWS\system32\hpinkstsD711LM.dll [393352 2017-03-27] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\111.0.5563.65\Installer\chrmstp.exe [2024-04-28] (Google LLC -> Google LLC)
Startup: C:\Users\marin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2020-05-28]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2024-05-13]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (Pas de fichier)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {01039DA9-A492-41B7-990E-9AC15E65836D} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {D606A8D1-212B-4731-92EF-53D2D30F93E9} - System32\Tasks\ArtificiusUpdater => C:\Program Files (x86)\Web Framework Solutions\Web Framework\ArtificiusUpdater.exe [1271296 2024-05-09] (Web Framework Solutions) [Fichier non signé] -> C:\Program Files (x86)\Web Framework Solutions\Web Framework\\/silentall -nogui -nofreqcheck
Task: {929651AE-6C50-493A-826E-2B0CF8BF1D94} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {9FE93E77-F471-49DA-8326-F8F790924EAD} - System32\Tasks\CCleanerClean => C:\Program Files\CCleaner\CCleaner.exe [39118752 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {4090C554-11A2-4308-935A-510C87842888} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "ba2934fa-d660-4daf-ba7c-4f18fc0ec9d7" --version "6.23.11010" --silent
Task: {3D6D618A-E1CE-464D-9303-4C88AB1A48D2} - System32\Tasks\CCleanerSkipUAC - marin => C:\Program Files\CCleaner\CCleaner.exe [39118752 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {F0E23430-97A9-42A8-9B82-46834C09D6FB} - System32\Tasks\ChromsteraUpdater => C:\Program Files (x86)\Chromstera Browser\ChromsteraUpdater.exe [1204192 2023-08-31] (Dragon Boss Solutions LLC -> Chromstera Premium Solutions)
Task: {7BD7A523-F5F3-42F6-ACCD-ED1589A3AEE0} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem126.0.6425.0{B8D0CEAA-0809-45F3-9722-287DBE45BBF0} => C:\Program Files (x86)\Google\GoogleUpdater\126.0.6425.0\updater.exe [4786464 2024-04-18] (Google LLC -> Google LLC)
Task: {52B0968A-14FF-4091-AA44-7E99D8660B56} - System32\Tasks\HPEA3JOBS => C:\Program -> Files\HP\HP ePrint\hpeprint.exe /CheckJobs
Task: {502D4507-0E71-4C44-8D34-8DEE023FDCD7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {7BC9755A-A7A5-416D-88D4-881D5B44F179} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {8241A4E6-0C63-46DF-A02E-0EECEA7049A3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144272 2023-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {BC7E9573-7AD4-44DF-A428-38FDEDBC192A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144272 2023-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC6E21FA-5CC3-435E-8CD5-66613385B6AE} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168880 2023-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {3133FB86-E3E7-494E-B3AB-7C2440BF9CB6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D66CFBB4-57C2-4818-833C-E2F51556A7C2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C092E380-FF42-4775-A710-ADEC869FC9CF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DAA26A29-3BE6-4118-8EA5-6DE2A7850DCE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D804FD88-01D2-4E14-B4CC-DA5624402AA0} - System32\Tasks\NitroSense => C:\Program Files\Acer\NitroSense Service\PSLauncher.exe [601904 2019-07-19] (Acer Incorporated -> Acer Incorporated)
Task: {E3DDD48C-4802-4968-A9D8-573E7D687F3E} - System32\Tasks\Oem\AcerJumpstartTask => "C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe" /default (Pas de fichier)
Task: {F24CD60D-5F65-4080-9429-E5EB84165499} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209056 2024-05-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {4F6C2A5C-9CF4-41D2-934C-675244112A71} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3680377613-2017001569-3873097527-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209056 2024-05-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {BD76648A-92F1-4726-95A7-C430455855D2} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2644488 2024-04-10] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
Task: {D30E1E2C-B084-4DD7-B584-80E7C1E86C9E} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473880 2020-07-16] (Acer Incorporated -> Acer Incorporated)
Task: {7F9058B4-FB94-4AC9-8B9F-07C20FD2E975} - System32\Tasks\UniversalUpdater => C:\Program Files (x86)\Web Browser Solutions\Web Browser\UniversalUpdater.exe [1271296 2024-05-07] (Web Browser Solutions) [Fichier non signé]
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerClean.job => C:\Program Files\CCleaner\CCleaner.exe
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{dd7d9fcd-56a9-44e6-bf7e-5b9bf1b74d96}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{dd7d9fcd-56a9-44e6-bf7e-5b9bf1b74d96}: [DhcpDomain] home
Tcpip\..\Interfaces\{dd7d9fcd-56a9-44e6-bf7e-5b9bf1b74d96}\D4162796E6567237027416C616879702351303: [DhcpNameServer] 192.168.166.2
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\marin\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-13]
Edge Extension: (MagnusMegaica) - C:\Users\marin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjbdkcefnhbkdbjlcjnmidpjmmaokpkf [2024-05-13] [UpdateUrl:hxxps://crxdragonupdate.com/crx/updates.php] <==== ATTENTION
Edge Extension: (HelioMinien) - C:\Users\marin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oemojmclelockmdcfnmaecfkdljniejb [2024-05-13] [UpdateUrl:hxxps://crxdragonupdate.com/crx/updates.php] <==== ATTENTION
Edge HKLM-x32\...\Edge\Extension: [oemojmclelockmdcfnmaecfkdljniejb] - C:\\Users\\marin\\AppData\\Local\\apps.crx [2024-05-03]
FireFox:
========
FF DefaultProfile: 2aq90dkr.default
FF ProfilePath: C:\Users\marin\AppData\Roaming\Mozilla\Firefox\Profiles\2aq90dkr.default [2024-05-12]
FF Homepage: Mozilla\Firefox\Profiles\2aq90dkr.default -> hxxps://fr.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87dbgpsszvwu2cegikmoxb001720¶m1=y6bdVFVIsvuYsgEClQfz8Oeg2evwTgtkD45B1N7UYtl1i1TGbMZZmhyro3luh2h4Fx5oLGGEqO4WWZSm2nFB%2BBUGhoOTB%2BIrW4ahdrqDOFXEiGeTAyb9Xtkn9LWZasDQnrxFki31NKoGvpJ61PcNRVjsLVDakY9qAsXz3OPrv3X5OOmQendFEcwNIfTbjv00qcwUQIoPWr0Naoct6p5ja2LH%2FnkrUS9EHk8fPSY9dPRcClzM%2BMB%2Fy2z6FgmUo6VXgPgUeVc9N2zHNhbJneqVLYEfbQcZwuIFFGAnfyJ1dKqXrItnZ1uw%2Fmpji%2Fy5Kir%2Br5NrmRpWtEHz9O2PZMFV69hx%2Bo46w4ZXH4Y%2FJCtvknyc%2FoMdYNdh%2BIIll8NKg6u10GZHnAuDE6hqw7wH6VQhzA%3D%3D
FF NewTab: Mozilla\Firefox\Profiles\2aq90dkr.default -> hxxps://fr.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87dbgpsszvwu2cegikmoxb001720¶m1=y6bdVFVIsvuYsgEClQfz8Oeg2evwTgtkD45B1N7UYtl1i1TGbMZZmhyro3luh2h4Fx5oLGGEqO4WWZSm2nFB%2BBUGhoOTB%2BIrW4ahdrqDOFXEiGeTAyb9Xtkn9LWZasDQnrxFki31NKoGvpJ61PcNRVjsLVDakY9qAsXz3OPrv3X5OOmQendFEcwNIfTbjv00qcwUQIoPWr0Naoct6p5ja2LH%2FnkrUS9EHk8fPSY9dPRcClzM%2BMB%2Fy2z6FgmUo6VXgPgUeVc9N2zHNhbJneqVLYEfbQcZwuIFFGAnfyJ1dKqXrItnZ1uw%2Fmpji%2Fy5Kir%2Br5NrmRpWtEHz9O2PZMFV69hx%2Bo46w4ZXH4Y%2FJCtvknyc%2FoMdYNdh%2BIIll8NKg6u10GZHnAuDE6hqw7wH6VQhzA%3D%3D
FF Extension: (Facebook Container) - C:\Users\marin\AppData\Roaming\Mozilla\Firefox\Profiles\2aq90dkr.default\Extensions\@contain-facebook.xpi [2021-05-08]
FF Extension: (Dictionnaire français) - C:\Users\marin\AppData\Roaming\Mozilla\Firefox\Profiles\2aq90dkr.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2020-05-31]
FF Extension: (Français Language Pack) - C:\Users\marin\AppData\Roaming\Mozilla\Firefox\Profiles\2aq90dkr.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2021-05-08]
FF Extension: (Avast Online Security) - C:\Users\marin\AppData\Roaming\Mozilla\Firefox\Profiles\2aq90dkr.default\Extensions\wrc@avast.com.xpi [2021-05-08]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-03-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-03-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-03-22] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\marin\AppData\Local\Google\Chrome\User Data\Default [2024-05-14]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\marin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-04-28]
CHR Extension: (AdBlock sur YouTube™) - C:\Users\marin\AppData\Local\Google\Chrome\User Data\Default\Extensions\emngkmlligggbbiioginlkphcmffbncb [2024-04-28]
CHR Extension: (Closed tabs) - C:\Users\marin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah [2024-04-28]
CHR Extension: (Google Docs hors connexion) - C:\Users\marin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-05-13]
CHR Extension: (SpyHunter® Web Security) - C:\Users\marin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kheeipganhdcpkecibbpgggianpodhkc [2024-05-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\marin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-04-28]
CHR HKLM\...\Chrome\Extension: [dbnekjagmhfhdnboiifafcodjiippljk]
CHR HKLM\...\Chrome\Extension: [lpmnnhmmbcieapakkffeadobioaffhoa]
CHR HKU\S-1-5-21-3680377613-2017001569-3873097527-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dbnekjagmhfhdnboiifafcodjiippljk]
CHR HKU\S-1-5-21-3680377613-2017001569-3873097527-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lpmnnhmmbcieapakkffeadobioaffhoa]
CHR HKLM-x32\...\Chrome\Extension: [dbnekjagmhfhdnboiifafcodjiippljk]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [lpmnnhmmbcieapakkffeadobioaffhoa]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-05-02] (BattlEye Innovations e.K. -> )
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085856 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12634544 2023-04-18] (Microsoft Corporation -> Microsoft Corporation)
R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [613944 2022-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
S4 CorsairLLAService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe [238632 2022-10-07] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S4 CorsairService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe [84008 2022-10-07] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S4 CorsairUniwillService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueUniwillService.exe [108072 2022-10-07] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S4 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11357800 2023-05-31] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1134624 2022-06-07] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [943528 2023-09-05] (EasyAntiCheat Oy -> Epic Games, Inc.)
S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-06-13] (Epic Games Inc. -> Epic Games, Inc.)
S4 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.076.0414.0005\FileSyncHelper.exe [3506704 2024-05-07] (Microsoft Corporation -> Microsoft Corporation)
S2 GoogleUpdaterInternalService126.0.6425.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6425.0\updater.exe [4786464 2024-04-18] (Google LLC -> Google LLC)
S2 GoogleUpdaterService126.0.6425.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6425.0\updater.exe [4786464 2024-04-18] (Google LLC -> Google LLC)
S4 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-05-09] (HP Inc. -> HP Inc.)
S4 iCUEDevicePluginHost; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUEDevicePluginHost.exe [459816 2022-10-07] (Corsair Memory, Inc. -> Corsair)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpDefenderCoreService.exe [1459968 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.076.0414.0005\OneDriveUpdaterService.exe [3846560 2024-05-07] (Microsoft Corporation -> Microsoft Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2575064 2022-03-31] (Electronic Arts, Inc. -> Electronic Arts)
S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3494672 2022-03-31] (Electronic Arts, Inc. -> Electronic Arts)
S4 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2644488 2024-04-10] (Overwolf Ltd -> Overwolf LTD)
S4 PSSvc; C:\Program Files\Acer\NitroSense Service\PSSvc.exe [820016 2019-07-19] (Acer Incorporated -> Acer Incorporated)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [189768 2022-09-08] (Qualcomm Atheros, Inc. -> )
S4 Rockstar Service; D:\Launcher\RockstarService.exe [2219416 2021-06-09] (Rockstar Games, Inc. -> Rockstar Games)
S4 SmartSwitchService; C:\Program Files\Samsung\SmartSwitch\qvWindowsService.exe [296816 2023-05-10] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2022-09-14] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2022-09-14] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
S3 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [345400 2023-03-30] (Twitch Interactive, Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 ZoomCptService; "C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\marin\AppData\Roaming\Zoom"
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [36800 2022-06-01] (Acer Incorporated -> Acer Incorporated)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [35344 2022-09-09] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [63032 2022-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccessC2D033F14715AA7325305EA42FBFC65BF867CC1D; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairLLAccess64.sys [21752 2022-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [47032 2022-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [22968 2022-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ElgatoVAD; C:\WINDOWS\System32\drivers\ElgatoVAD.sys [39208 2020-11-08] (Elgato Systems LLC -> Elgato Systems GmbH)
S3 HoYoProtect; C:\WINDOWS\system32\HoYoKProtect.sys [3676720 2024-04-28] (Microsoft Windows Hardware Compatibility Publisher -> miHoYo)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20936 2024-04-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601376 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105760 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-05-14 13:31 - 2024-05-14 13:31 - 000028902 _____ C:\Users\marin\OneDrive\Bureau\FRST.txt
2024-05-14 13:29 - 2024-05-14 13:31 - 000064278 _____ C:\Users\marin\Downloads\Addition.txt
2024-05-14 13:28 - 2024-05-14 13:26 - 002394112 _____ (Farbar) C:\Users\marin\OneDrive\Bureau\FRST64.exe
2024-05-14 13:27 - 2024-05-14 13:31 - 000043242 _____ C:\Users\marin\Downloads\FRST.txt
2024-05-14 13:27 - 2024-05-14 13:31 - 000000000 ____D C:\FRST
2024-05-14 13:26 - 2024-05-14 13:26 - 002394112 _____ (Farbar) C:\Users\marin\Downloads\FRST64.exe
2024-05-13 21:12 - 2024-05-13 21:12 - 000000000 ___RD C:\Users\marin\Downloads\WavesAudio.20761030F5EAC_fh4rh281wavaa!App
2024-05-13 21:00 - 2024-05-13 21:00 - 000000000 ____D C:\ProgramData\Web Framework Solutions
2024-05-13 20:31 - 2024-05-13 20:31 - 000000000 ____D C:\Program Files (x86)\Web Framework Solutions
2024-05-11 20:46 - 2024-05-11 20:46 - 000032240 _____ C:\WINDOWS\system32\lc.dat
2024-05-09 16:00 - 2024-05-09 16:00 - 000000000 ____D C:\ProgramData\Web Browser Solutions
2024-05-09 15:02 - 2024-05-09 15:02 - 000000000 ____D C:\Program Files (x86)\Web Browser Solutions
2024-05-09 14:08 - 2024-05-09 14:08 - 000027376 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_149625835129708.dll
2024-05-08 17:08 - 2024-05-08 17:08 - 000000000 ____D C:\Users\marin\OneDrive\Documents\Lettres
2024-05-08 17:07 - 2024-05-08 17:07 - 002758332 _____ C:\Users\marin\Downloads\SpicyLetter.pdf
2024-05-08 17:07 - 2024-05-08 17:07 - 002674386 _____ C:\Users\marin\Downloads\HalsinLetter.pdf
2024-05-08 17:07 - 2024-05-08 17:07 - 002370852 _____ C:\Users\marin\Downloads\LoveLetterUpdate.pdf
2024-05-08 17:07 - 2024-05-08 17:07 - 002327570 _____ C:\Users\marin\Downloads\ValentinesLetter.pdf
2024-05-08 17:05 - 2024-05-08 17:05 - 006344325 _____ C:\Users\marin\Downloads\LetterfromKarlach.pdf
2024-05-07 15:39 - 2024-05-07 15:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoom
2024-05-03 20:34 - 2024-05-13 22:31 - 000012756 _____ C:\Users\marin\AppData\Local\apps.crx
2024-05-03 12:18 - 2024-05-03 12:18 - 007195168 _____ (EnigmaSoft Limited) C:\Users\marin\Downloads\SpyHunter-Installer.exe
2024-05-03 12:18 - 2024-05-03 12:18 - 007195168 _____ (EnigmaSoft Limited) C:\Users\marin\Downloads\SpyHunter-Installer (1).exe
2024-05-02 14:26 - 2024-05-02 14:26 - 000000000 ___HD C:\$WinREAgent
2024-05-02 14:21 - 2024-05-02 14:21 - 000027344 _____ C:\Users\marin\OneDrive\Documents\lc.dat
2024-05-02 14:06 - 2024-05-02 14:06 - 000013146 _____ C:\Users\marin\OneDrive\Documents\cc_20240502_140601.reg
2024-05-02 14:06 - 2024-05-02 14:06 - 000000294 _____ C:\Users\marin\OneDrive\Documents\cc_20240502_140614.reg
2024-05-02 00:01 - 2024-05-02 14:23 - 000000280 _____ C:\WINDOWS\Tasks\CCleanerClean.job
2024-05-02 00:01 - 2024-05-02 00:01 - 000003124 _____ C:\WINDOWS\system32\Tasks\CCleanerClean
2024-05-01 14:00 - 2024-05-01 14:00 - 000000000 ____D C:\ProgramData\Artificius Web Solutions
2024-05-01 00:00 - 2024-05-13 22:31 - 000004306 _____ C:\WINDOWS\system32\Tasks\ArtificiusUpdater
2024-05-01 00:00 - 2024-05-13 22:31 - 000000000 ____D C:\appsDDhelper
2024-05-01 00:00 - 2024-05-01 00:00 - 000000000 ____D C:\Program Files (x86)\Artificius Web Solutions
2024-04-30 21:23 - 2024-04-30 21:23 - 000027376 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_189892945188824.dll
2024-04-28 20:00 - 2024-04-28 20:00 - 000000000 ____D C:\ProgramData\Universal Browser Solutions
2024-04-28 19:01 - 2024-05-09 15:02 - 000004420 _____ C:\WINDOWS\system32\Tasks\UniversalUpdater
2024-04-28 19:01 - 2024-04-28 19:01 - 000000000 ____D C:\Program Files (x86)\Universal Browser Solutions
2024-04-22 14:10 - 2024-04-22 14:10 - 000000000 ____D C:\Program Files\Bonjour
2024-04-22 14:10 - 2024-04-22 14:10 - 000000000 ____D C:\Program Files (x86)\Bonjour
2024-04-22 14:07 - 2024-04-22 14:07 - 000000000 ____D C:\Program Files (x86)\Zoom
2024-04-22 14:01 - 2024-04-22 14:01 - 000014238 _____ C:\Users\marin\OneDrive\Documents\cc_20240422_140156.reg
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-05-14 13:31 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2024-05-14 13:25 - 2020-01-07 19:17 - 000000000 ____D C:\Program Files (x86)\Steam
2024-05-14 13:13 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-05-13 22:44 - 2020-01-07 00:20 - 000000000 ____D C:\Users\marin\AppData\Roaming\Discord
2024-05-13 22:29 - 2023-02-27 20:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-05-13 22:08 - 2024-04-03 17:26 - 000000000 ____D C:\Users\marin\AppData\Local\Discord
2024-05-13 09:49 - 2021-03-01 00:03 - 000000000 ____D C:\Program Files\Genshin Impact
2024-05-13 08:39 - 2023-02-27 20:26 - 000000000 ____D C:\Users\marin\AppData\Local\D3DSCache
2024-05-13 08:00 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-05-13 08:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-05-12 15:24 - 2024-02-18 00:45 - 000267784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll
2024-05-12 15:24 - 2022-10-25 18:25 - 000108040 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-05-12 15:24 - 2022-10-25 18:25 - 000075272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-05-12 15:24 - 2021-11-23 23:18 - 000206344 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-05-12 15:24 - 2020-05-27 00:07 - 000722440 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-05-12 15:24 - 2020-04-19 20:52 - 002729592 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-05-12 15:24 - 2020-04-19 20:52 - 000218632 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-05-12 15:24 - 2020-04-19 20:52 - 000145008 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-05-11 20:45 - 2020-05-22 21:57 - 000000000 ____D C:\Program Files\CCleaner
2024-05-11 15:28 - 2023-02-27 20:29 - 001770970 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-05-11 15:28 - 2019-12-07 16:49 - 000792842 _____ C:\WINDOWS\system32\perfh00C.dat
2024-05-11 15:28 - 2019-12-07 16:49 - 000149972 _____ C:\WINDOWS\system32\perfc00C.dat
2024-05-11 01:36 - 2023-02-27 20:20 - 000000000 ____D C:\Users\marin
2024-05-11 00:01 - 2020-01-09 04:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-05-10 23:59 - 2023-02-27 20:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-05-09 17:09 - 2021-05-07 18:53 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-05-08 17:06 - 2020-01-06 23:23 - 000000000 ____D C:\Users\marin\AppData\Local\Packages
2024-05-07 20:36 - 2024-04-03 17:26 - 000002257 _____ C:\Users\marin\OneDrive\Bureau\Discord.lnk
2024-05-07 20:36 - 2023-02-27 20:26 - 000003130 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3680377613-2017001569-3873097527-1001
2024-05-07 20:36 - 2023-02-27 20:26 - 000002776 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-05-07 20:36 - 2020-01-07 19:26 - 000000000 ____D C:\Users\marin\AppData\Local\Steam
2024-05-07 20:35 - 2022-11-08 21:48 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-05-07 15:38 - 2022-09-05 20:38 - 000002250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-05-07 15:37 - 2020-02-12 23:46 - 000000000 ____D C:\Users\marin\AppData\Local\CrashDumps
2024-05-06 21:28 - 2024-04-06 20:13 - 000003330 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2024-05-06 20:50 - 2024-04-06 20:13 - 000002331 _____ C:\Users\marin\OneDrive\Bureau\Thunderstore Mod Manager.lnk
2024-05-06 20:50 - 2024-04-06 20:13 - 000002331 _____ C:\Users\marin\OneDrive\Bureau\Baldurs Map.lnk
2024-05-06 20:50 - 2024-04-06 20:12 - 000000000 ____D C:\Users\marin\AppData\Local\Overwolf
2024-05-02 15:02 - 2023-02-27 20:18 - 000444200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-05-02 15:02 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-05-02 15:02 - 2019-11-14 07:45 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2024-05-02 15:01 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Portable Devices
2024-05-02 15:01 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2024-05-02 15:01 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2024-05-02 15:01 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-05-02 15:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-05-02 15:01 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2024-05-02 14:40 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-05-02 14:34 - 2023-02-27 20:19 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-04-28 19:19 - 2023-03-24 16:04 - 003676720 _____ (miHoYo) C:\WINDOWS\system32\HoYoKProtect.sys
2024-04-28 19:10 - 2020-01-07 20:21 - 000000000 ____D C:\Users\marin\AppData\Local\ElevatedDiagnostics
2024-04-28 19:01 - 2020-05-11 19:01 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-04-28 19:00 - 2023-02-27 20:12 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-04-28 19:00 - 2020-09-19 19:46 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-04-28 18:59 - 2020-02-11 21:57 - 000000000 ____D C:\Program Files (x86)\Google
2024-04-28 18:52 - 2023-02-27 20:26 - 000004362 _____ C:\WINDOWS\system32\Tasks\Software Update Application
2024-04-28 18:51 - 2022-10-02 19:17 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-04-28 18:49 - 2024-04-06 20:13 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-04-28 18:49 - 2020-02-11 21:58 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-04-28 18:48 - 2020-11-16 21:30 - 000000000 ____D C:\Users\marin\AppData\Roaming\Zoom
2024-04-22 14:06 - 2019-11-14 07:45 - 000000000 ____D C:\ProgramData\Package Cache
2024-04-22 14:05 - 2019-11-14 07:34 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-04-22 14:04 - 2020-04-28 17:04 - 000000000 ____D C:\ProgramData\Origin
2024-04-22 14:02 - 2023-02-27 20:26 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-04-22 14:02 - 2023-02-27 20:26 - 000003382 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-04-22 13:59 - 2023-10-25 20:07 - 000000000 ____D C:\WINDOWS\Minidump
2024-04-16 22:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2024-04-14 00:08 - 2024-02-18 00:45 - 000263784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll.0
==================== Fichiers à la racine de certains dossiers ========
2020-11-14 21:31 - 2021-01-08 17:59 - 000000016 _____ () C:\Users\marin\AppData\Roaming\obs-virtualcam.txt
2024-05-03 20:34 - 2024-05-13 22:31 - 000012756 _____ () C:\Users\marin\AppData\Local\apps.crx
2020-06-06 21:34 - 2020-06-06 21:34 - 000000000 _____ () C:\Users\marin\AppData\Local\BIT3CC2.tmp
2020-08-18 21:48 - 2020-08-18 21:48 - 000000000 _____ () C:\Users\marin\AppData\Local\BIT44EE.tmp
2020-09-01 20:29 - 2020-09-01 20:29 - 000000000 _____ () C:\Users\marin\AppData\Local\BIT6459.tmp
2020-09-01 20:29 - 2020-09-01 20:29 - 000000000 _____ () C:\Users\marin\AppData\Local\BIT6489.tmp
2020-08-11 13:24 - 2020-08-11 13:24 - 000000000 _____ () C:\Users\marin\AppData\Local\BIT6B6E.tmp
2020-08-08 00:46 - 2020-08-08 00:46 - 000000000 _____ () C:\Users\marin\AppData\Local\BIT7066.tmp
2020-06-09 21:09 - 2020-06-09 21:09 - 000000000 _____ () C:\Users\marin\AppData\Local\BIT7E1A.tmp
2020-07-21 23:44 - 2020-07-21 23:44 - 000000000 _____ () C:\Users\marin\AppData\Local\BIT9559.tmp
2020-09-19 18:40 - 2020-09-19 18:40 - 000000000 _____ () C:\Users\marin\AppData\Local\BITC43.tmp
2020-09-19 18:40 - 2020-09-19 18:40 - 000000000 _____ () C:\Users\marin\AppData\Local\BITC63.tmp
2020-06-19 21:47 - 2020-06-19 21:47 - 000000000 _____ () C:\Users\marin\AppData\Local\BITE531.tmp
2021-04-12 16:00 - 2021-04-12 16:00 - 000001003 _____ () C:\Users\marin\AppData\Local\recently-used.xbel
2020-04-09 20:33 - 2020-04-09 20:40 - 000000069 _____ () C:\Users\marin\AppData\Local\update_progress.txt
2020-06-17 11:59 - 2020-06-17 11:59 - 000000000 _____ () C:\Users\marin\AppData\Local\{3B348185-4497-4F59-8053-E3FEA928F53D}
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================