Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19.06.2024
Exécuté par COC-NitroBook (administrateur) sur COC-NITROBOOK (Acer Nitro AN515-55) (20-06-2024 21:23:39)
Exécuté depuis C:\Users\simec\Desktop\FRST64.exe
Profils chargés: COC-NitroBook
Plate-forme: Microsoft Windows 11 Famille Version 23H2 22631.3737 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSAgent.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(C:\Program Files\Acer\NitroSense Service\PSAgent.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(C:\Program Files\Acer\NitroSense Service\PSSvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSAdminAgent.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_24124.2402.2858.5617_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.61\msedgewebview2.exe <7>
(C:\Users\simec\AppData\Local\WebEx\WebexHost.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\simec\AppData\Local\WebEx\WebEx64\Meetings_slow\atmgr.exe
(C:\Users\simec\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\simec\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe
(drivers\RivetNetworks\Killer\KAPSService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPS.exe
(drivers\RivetNetworks\Killer\xTendUtilityService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_f9f92cc42e038a12\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f9f92cc42e038a12\igfxEM.exe
(explorer.exe ->) () [Fichier non signé] C:\Program Files\VanceAI PC\liveUpdate.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Inc.) [Fichier non signé] C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe
(explorer.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\simec\AppData\Local\WebEx\WebexHost.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <31>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Tonec Inc.) [Fichier non signé] C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\ENS\ensserver.exe
(services.exe ->) (Code Sector -> ) C:\Program Files\TeraCopy\TeraCopyService.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f9f92cc42e038a12\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_553b9a82ff9cf770\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_2b7bcff446ea567f\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_2b7bcff446ea567f\IntelCpHeciSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.24.3.2\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.24.3.2\nsWscSvc.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_2ba22b3456e19b2f\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9971779a1c712866\RtkAudUService64.exe <2>
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\simec\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2424.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe
(svchost.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f9f92cc42e038a12\igfxext.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.20.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9971779a1c712866\RtkAudUService64.exe [1201968 2020-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe [6609176 2023-11-02] (Adobe Inc. -> Adobe Systems Inc.) [Fichier non signé]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [95510296 2023-07-14] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2023-11-16] (Adobe Inc. -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\MRT: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe [61245728 2024-06-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4899856 2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe [61245728 2024-06-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4899856 2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4899856 2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe [61245728 2024-06-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\Run: [bbd83440e0c75ee4effdbab29c29df16] => C:\Program Files\VanceAI PC\liveUpdate.exe [3469312 2023-06-02] () [Fichier non signé]
HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\Run: [MicrosoftEdgeAutoLaunch_7E2BF839E2BA7183F3C20FDD77FFB84B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3883456 2024-06-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\Run: [CiscoMeetingDaemon] => C:\Users\simec\AppData\Local\WebEx\WebexHost.exe [7272032 2024-02-28] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [6010880 2024-01-16] (Tonec Inc.) [Fichier non signé]
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe [61245728 2024-06-18] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2022-04-07] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\126.0.6478.63\Installer\chrmstp.exe [2024-06-19] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {94AEA632-70DE-4882-81E2-0D4C809BC8B2} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2971808 2021-12-30] (Acer Incorporated -> ) -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {51405CD2-91E7-4D98-87B9-2DD2A3E5D8F8} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41632 2021-12-30] (Acer Incorporated -> )
Task: {B4A0FA69-8A60-4D29-BA37-CF85BB4B6D18} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4836512 2021-12-30] (Acer Incorporated -> )
Task: {7E679064-76ED-4AA0-AD69-04DFA44787A3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {5C167A66-B261-49BB-AE50-87CA32D02C58} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {0F0C1B18-B445-43C6-AF10-8E7E433D91B1} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4434400 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {BEB9CB78-3AF8-4B5F-AFBC-CE2EC9518F1B} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5472312 2024-06-12] (Microsoft Windows -> Microsoft Corporation)
Task: {5AF0A73E-D337-4D71-BE63-5DDA3F4EC235} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{3063BB0C-81F2-4E8F-B5FD-76E7AEFDD9F3} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6537.0\updater.exe [4623976 2024-06-13] (Google LLC -> Google LLC)
Task: {F0D21572-11CC-464D-83DA-134687C9B907} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [5745672 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {A02699EB-EF57-4700-B706-46CCB0B11BBD} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {A058BDA2-C5F4-4AB1-9409-149FBF583949} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2CDA407C-52F2-4401-8380-0C018CAA3C9D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {4FBFC145-77A7-473A-99CC-0FA4CEB9F393} - System32\Tasks\Microsoft\Windows\Application Experience\PcaWallpaperAppDetect => C:\Windows\system32\rundll32.exe [73728 2024-05-21] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaWallpaperAppDetect
Task: {FC9480C9-FD4D-4C34-826C-B1DD159CB22F} - System32\Tasks\Microsoft\Windows\ApplicationData\CNNune_IBV32 => C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [58856 2022-05-07] (Microsoft Corporation -> Microsoft Corporation) -> C:\Program Files (x86)\Common Files\SwitchSecurity\FirstTgmes\/U "C:\Program Files (x86)\Common Files\SwitchSecurity\FirstTgmes\wlbsiutTBvltn.dll"
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier)
Task: {1A08533E-F818-401F-8C23-0009520594AF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B08FBCB3-C451-4A51-99CB-21BE9131C33A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F735FD33-EA75-4A2B-AF8A-8EEADD756B07} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FFAE8FF8-95EF-49E7-BB99-E22ECB59F363} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F1C60F84-44E0-4E0D-9951-50E1D69CCFA4} - System32\Tasks\NitroSense => C:\Program Files\Acer\NitroSense Service\PSLauncher.exe [609512 2021-08-09] (Acer Incorporated -> Acer Incorporated)
Task: {354EB9C7-77F1-4FE6-8E66-EB543BBDC79F} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.24.3.2\symerr.exe [379024 2024-04-05] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {64C62D34-551F-4719-AE56-FA64BD85A388} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.24.3.2\symerr.exe [379024 2024-04-05] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {6FDC6C3D-A0CC-4B4C-A9E8-7850E8CBC2EB} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.24.3.2\symerr.exe [379024 2024-04-05] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {53D74F62-C7AA-4FAD-BFB5-9556AA4E3F30} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.24.3.2\WSCStub.exe [646520 2024-04-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {D7436A6F-681D-4259-A871-7E1F13BC6FB8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {6163C4D2-CD72-40FA-BB5B-4A4FA2154AB5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {792E37EA-A6E9-4286-AE5C-085D403033BE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {46FD7F59-AA1F-402F-A4AD-2044055073AE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {486A1754-E100-4D65-8B61-AC41B9E57123} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B7EBE9C3-52F6-4F30-8BFB-133696AAE4DB} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D891F835-013D-40C9-AC47-84F7C5AE9366} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A667874C-234C-44A3-957D-5B55902AC9CD} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {03E70AE5-ACFA-4204-A720-CFDBBFCB43ED} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {957CD20E-295A-4D23-8ECC-3B669642CAE8} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {B4216622-EE47-47C2-87ED-B8B81C5291CC} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1283810175-761726887-3710497458-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {88CF6961-FA90-4B30-A6C1-4DB80A363CFE} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1283810175-761726887-3710497458-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Pas de fichier)
Task: {D14BAB62-31E4-4500-B682-9E6ABCD5F37F} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2771616 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {FAF45B0E-13EC-4EEF-BDEB-ACBFDC8B54C8} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [446624 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {F15A97A3-9943-4D68-BEE3-C5D554DD1B44} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2353000 2024-04-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {E22DD8DB-C2F2-4FEB-8B9D-561A230A8E10} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{14a7f9bc-8482-43f1-947e-94eac6fe7b2e}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{14a7f9bc-8482-43f1-947e-94eac6fe7b2e}\34F434F535F4C4554594F4E435D25374: [DhcpNameServer] 41.86.224.81 102.38.129.139
Tcpip\..\Interfaces\{14a7f9bc-8482-43f1-947e-94eac6fe7b2e}\55355425F5032454631314D25374: [DhcpNameServer] 41.86.224.81 102.38.128.139
Tcpip\..\Interfaces\{15734811-4786-4071-80ec-e9f26d93b474}: [DhcpDomain] local
Tcpip\..\Interfaces\{3df7b0ed-677c-4e77-901c-c734c9707dda}: [DhcpNameServer] 192.168.88.1 41.86.224.81 102.38.128.139
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\simec\AppData\Local\Microsoft\Edge\User Data\Default [2024-06-20]
Edge Extension: (Google Docs hors connexion) - C:\Users\simec\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-20]
Edge Extension: (Edge relevant text changes) - C:\Users\simec\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (IDM Integration Module) - C:\Users\simec\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2024-06-20]
Edge HKU\S-1-5-21-1283810175-761726887-3710497458-1002\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2024-01-16]
FireFox:
========
FF DefaultProfile: erqcml9a.default
FF ProfilePath: C:\Users\simec\AppData\Roaming\Mozilla\Firefox\Profiles\erqcml9a.default [2024-06-20]
FF ProfilePath: C:\Users\simec\AppData\Roaming\Mozilla\Firefox\Profiles\0bml8kbl.default-release [2024-06-20]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\simec\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\simec\AppData\Roaming\IDM\idmmzcc5 [2024-05-06] [] [non signé]
FF HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-19] []
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-01-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\simec\AppData\Local\Google\Chrome\User Data\Default [2024-06-20]
CHR DownloadDir: D:\01 DOWNLOADS\Pictures 2
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\simec\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-06-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\simec\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-06-11]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\simec\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-11-03]
CHR Extension: (IDM Integration Module) - C:\Users\simec\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2024-06-20]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\simec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-03]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2024-01-16]
CHR HKU\S-1-5-21-1283810175-761726887-3710497458-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-1283810175-761726887-3710497458-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2024-01-16]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2024-01-16]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [259232 2021-12-30] (Acer Incorporated -> Acer Incorporated)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [4555744 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [243432 2022-07-08] (DTS, Inc. -> DTS Inc.)
R2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [32448 2023-08-22] (CHENGDU YIWO Tech Development Co., Ltd. -> )
S3 EPMVssEaseusProvider; C:\WINDOWS\system32\dllhost.exe /Processid:{BACC7F68-6461-4861-839F-B46406967631} [46416 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileSyncHelper.exe [3514384 2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Fichier non signé]
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [1748992 2020-01-10] (Rivet Networks LLC -> Rivet Networks)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2651640 2020-01-10] (Rivet Networks LLC -> Rivet Networks)
R3 Killer Wifi Optimization Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [73704 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [73712 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe [1505416 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NativePushService; C:\Users\simec\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [595352 2023-08-22] (Wondershare Technology Group Co.,Ltd -> Wondershare)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.24.3.2\NortonSecurity.exe [344888 2024-04-05] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.24.3.2\nsWscSvc.exe [1059176 2024-04-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_2ba22b3456e19b2f\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.108.0528.0005\OneDriveUpdaterService.exe [3853744 2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
R3 PSSvc; C:\Program Files\Acer\NitroSense Service\PSSvc.exe [840424 2021-08-09] (Acer Incorporated -> Acer Incorporated)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [466080 2022-01-03] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [504480 2022-01-03] (Acer Incorporated -> Acer Incorporated)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2022-10-04] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2022-10-04] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [112184 2021-02-01] (Code Sector -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 xTendSoftAPService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [73720 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 xTendUtilityService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [73720 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [36784 2022-06-08] (Acer Incorporated -> Acer Incorporated)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.23.10.10\Definitions\BASHDefs\20240618.001\BHDrvx64.sys [1706496 2024-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\ccSetx64.sys [198288 2024-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ebrntdrv; C:\WINDOWS\system32\ebrntdrv.sys [27728 2023-06-19] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527832 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 epmdkdrv; C:\WINDOWS\system32\epmdkdrv.sys [27728 2022-12-29] (Microsoft Windows Hardware Compatibility Publisher -> )
R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2022-12-29] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2023-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 EUDCPEPM; C:\WINDOWS\System32\drivers\EUDCPEPM.sys [76344 2022-12-29] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUEDKEPM; C:\WINDOWS\system32\drivers\EUEDKEPM.sys [24656 2022-12-29] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R2 IDMWFP; C:\WINDOWS\System32\drivers\idmwfp.sys [173736 2023-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Tonec Inc.)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.23.10.10\Definitions\IPSDefs\20240619.064\IDSvia64.sys [1554432 2024-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [177272 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [72224 2020-05-19] (SZ DJI Technology Co., Ltd. -> hxxp://libusb-win32.sourceforge.net)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\nsvst.sys [57120 2024-04-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-12-06] (Nvidia Corporation -> NVIDIA Corporation)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\SRTSP64.SYS [960640 2024-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\SRTSPX64.SYS [52864 2024-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\SYMEFASI64.SYS [2180248 2024-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\SymELAM.sys [36016 2024-04-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100344 2023-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.23.10.10\SymPlatform\SymEvnt.sys [934912 2024-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\Ironx64.SYS [306872 2024-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\symnets.sys [492720 2024-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-06-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602520 2024-06-20] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-06-20] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\wpCtrlDrv.sys [1016792 2024-04-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-06-20 21:23 - 2024-06-20 21:24 - 000041259 _____ C:\Users\simec\Desktop\FRST.txt
2024-06-20 20:58 - 2024-06-20 20:58 - 000810954 _____ C:\WINDOWS\system32\perfh00C.dat
2024-06-20 20:58 - 2024-06-20 20:58 - 000157390 _____ C:\WINDOWS\system32\perfc00C.dat
2024-06-20 20:22 - 2024-06-20 21:23 - 000000000 ____D C:\FRST
2024-06-20 20:21 - 2024-06-20 20:21 - 002395648 _____ (Farbar) C:\Users\simec\Desktop\FRST64.exe
2024-06-20 20:16 - 2024-06-20 20:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2024-06-18 15:56 - 2024-06-18 15:56 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\HTML Help
2024-06-13 10:26 - 2024-06-13 10:26 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\Bibliography
2024-06-12 16:34 - 2024-06-12 16:34 - 000024821 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-06-12 16:34 - 2024-06-12 16:34 - 000024821 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-06-11 17:06 - 2024-06-11 17:06 - 000000000 ____D C:\Users\simec\Documents\Modèles Office personnalisés
2024-06-11 16:26 - 2024-06-11 16:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-06-11 16:21 - 2024-06-11 16:21 - 000002729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2024-06-11 16:21 - 2024-06-11 16:21 - 000002662 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive Entreprise.lnk
2024-06-11 16:21 - 2024-06-11 16:21 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2024-06-11 16:21 - 2024-06-11 16:21 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Entreprise 2016.lnk
2024-06-11 16:21 - 2024-06-11 16:21 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2024-06-11 16:21 - 2024-06-11 16:21 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2024-06-11 16:21 - 2024-06-11 16:21 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2024-06-11 16:21 - 2024-06-11 16:21 - 000002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2024-06-11 16:21 - 2024-06-11 16:21 - 000002628 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2024-06-11 16:21 - 2024-06-11 16:21 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2016
2024-06-11 16:21 - 2024-06-11 16:21 - 000000000 ____D C:\WINDOWS\PCHEALTH
2024-06-11 16:21 - 2024-06-11 16:21 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2024-06-11 16:21 - 2024-06-11 16:21 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-06-11 16:21 - 2024-06-11 16:21 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2024-06-11 16:20 - 2024-06-11 16:21 - 000000000 ____D C:\WINDOWS\SHELLNEW
2024-06-11 16:20 - 2024-06-11 16:21 - 000000000 ____D C:\Program Files\Microsoft Office
2024-06-11 16:20 - 2024-06-11 16:20 - 000000000 __RHD C:\MSOCache
2024-06-11 16:20 - 2024-06-11 16:20 - 000000000 ____D C:\Users\simec\AppData\Local\Microsoft Help
2024-06-11 16:20 - 2024-06-11 16:20 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2024-06-11 16:20 - 2024-06-11 16:20 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2024-06-11 16:20 - 2024-06-11 16:20 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2024-06-11 15:18 - 2024-06-11 15:19 - 000000106 _____ C:\Users\simec\Desktop\Download Latest Office 2016 Permanent Activator Ultimate.url
2024-06-11 15:18 - 2024-06-11 15:18 - 000000000 ____D C:\Users\simec\AppData\Local\Office2016
2024-06-10 18:43 - 2024-06-10 18:43 - 000000000 ____D C:\ProgramData\KMSAuto
2024-06-10 18:38 - 2024-06-10 18:46 - 000000000 ____D C:\Users\simec\AppData\Local\MSfree Inc
2024-06-10 18:38 - 2024-06-10 18:38 - 000000000 ____D C:\Users\simec\AppData\Local\Zofolazo
2024-06-10 18:22 - 2024-06-10 19:44 - 000000000 _____ C:\WINDOWS\SECOH-QAD.exe
2024-06-10 18:21 - 2024-06-10 18:26 - 000000000 ____D C:\Program Files\KMSpico
2024-06-10 18:21 - 2024-06-10 18:21 - 000000000 ____D C:\Program Files (x86)\data_test
2024-06-06 14:46 - 2024-06-06 14:46 - 000000000 ____D C:\WINDOWS\system32\%userprofile%
2024-06-05 16:10 - 2024-06-05 16:10 - 000000790 _____ C:\Users\simec\AppData\Local\recently-used.xbel
2024-06-05 14:48 - 2024-06-05 16:10 - 000000000 ____D C:\Users\simec\AppData\Roaming\inkscape
2024-06-05 14:48 - 2024-06-05 14:48 - 000000000 ____D C:\Users\simec\AppData\Local\fontconfig
2024-06-05 14:48 - 2024-06-05 14:48 - 000000000 ____D C:\Users\simec\.dbus-keyrings
2024-06-05 14:47 - 2024-06-05 14:47 - 000000939 _____ C:\Users\Public\Desktop\Inkscape.lnk
2024-06-05 14:47 - 2024-06-05 14:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape
2024-06-05 14:47 - 2024-06-05 14:47 - 000000000 ____D C:\Program Files\Inkscape
2024-05-21 17:18 - 2024-05-21 17:18 - 000000000 ____D C:\Users\simec\AppData\Local\DJI Assistant 2
2024-05-21 17:12 - 2024-05-21 20:24 - 000000000 ____D C:\Users\simec\AppData\Roaming\DJIAssistant2
2024-05-21 17:12 - 2024-05-21 17:12 - 000000000 ____D C:\Users\simec\AppData\Roaming\Electron
2024-05-21 17:12 - 2024-05-21 17:12 - 000000000 ____D C:\Users\simec\AppData\Roaming\DJI Assistant 2
2024-05-06 14:56 - 2024-06-20 19:51 - 000000000 ____D C:\Users\simec\AppData\Roaming\DMCache
2024-05-06 14:56 - 2024-06-20 17:18 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2024-05-06 14:56 - 2024-05-06 19:14 - 000000000 ____D C:\Users\simec\AppData\Roaming\IDM
2024-05-06 14:56 - 2024-05-06 14:56 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2024-05-06 14:56 - 2024-05-06 14:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2024-05-06 14:56 - 2024-05-06 14:56 - 000000000 ____D C:\ProgramData\IDM
2024-05-02 13:45 - 2024-05-02 13:45 - 000002143 _____ C:\Users\Public\Desktop\RODE Central.lnk
2024-05-02 13:45 - 2024-05-02 13:45 - 000001215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RODE Central.lnk
2024-05-02 13:45 - 2024-05-02 13:45 - 000000000 ____D C:\Users\simec\AppData\Roaming\RØDE
2024-05-02 13:45 - 2024-05-02 13:45 - 000000000 ____D C:\Program Files\RØDE Microphones
2024-05-01 11:33 - 2024-05-01 11:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-04-29 19:38 - 2024-04-29 19:38 - 000000000 ____D C:\Users\simec\AppData\Roaming\Maxon
2024-04-26 19:14 - 2024-06-20 20:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2024-04-26 19:09 - 2024-04-26 19:48 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2024-04-26 19:09 - 2024-04-26 19:09 - 000003374 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration
2024-04-12 11:32 - 2024-04-12 11:32 - 000000000 ____D C:\Users\simec\AppData\Roaming\webex
2024-04-12 11:31 - 2024-04-12 11:50 - 000000000 ____D C:\Users\simec\AppData\LocalLow\WebEx
2024-04-12 11:22 - 2024-06-20 12:55 - 000000000 ____D C:\Users\simec\AppData\Local\WebEx
2024-04-12 11:22 - 2024-04-13 20:09 - 000000000 ____D C:\Users\simec\AppData\Local\CiscoSpark
2024-04-12 11:22 - 2024-04-12 11:23 - 000000000 ____D C:\Users\simec\AppData\Local\CiscoSparkLauncher
2024-04-12 11:22 - 2024-04-12 11:22 - 000001454 _____ C:\Users\simec\Desktop\Webex.lnk
2024-04-12 11:22 - 2024-04-12 11:22 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webex
2024-04-11 11:53 - 2024-04-11 11:53 - 000000000 ____D C:\WINDOWS\SysWOW64\DDFs
2024-04-03 18:06 - 2024-04-03 18:07 - 000000000 ____D C:\Users\simec\AppData\Local\iZotope
2024-04-03 11:55 - 2024-04-03 11:55 - 000001256 _____ C:\Users\simec\Desktop\iZotope RX 10 Audio Editor.lnk
2024-04-03 11:55 - 2024-04-03 11:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iZotope
2024-04-03 11:55 - 2024-04-03 11:55 - 000000000 ____D C:\Program Files (x86)\iZotope
2024-04-03 11:54 - 2024-04-03 11:55 - 000000000 ____D C:\Program Files\iZotope
2024-04-03 11:54 - 2024-04-03 11:54 - 000000000 ____D C:\Program Files\Common Files\VST3
2024-04-03 11:54 - 2024-04-03 11:54 - 000000000 ____D C:\Program Files\Common Files\Avid
2024-03-29 20:14 - 2024-04-03 18:07 - 000000000 ____D C:\Users\simec\AppData\Roaming\iZotope
2024-03-28 10:50 - 2024-06-19 11:30 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\Excel
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-06-20 21:22 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-06-20 21:21 - 2023-11-15 19:42 - 000000000 ____D C:\Users\simec\AppData\Local\Norton
2024-06-20 21:02 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-06-20 21:01 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-06-20 20:58 - 2023-11-03 21:36 - 001803986 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-06-20 20:58 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-06-20 20:56 - 2023-11-06 18:45 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\Word
2024-06-20 20:52 - 2023-11-03 00:09 - 000000000 ____D C:\Users\simec\Documents\VanceAI
2024-06-20 20:51 - 2023-11-03 21:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-06-20 20:51 - 2023-11-03 21:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-06-20 20:51 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-06-20 20:51 - 2022-03-17 15:32 - 000000000 ____D C:\Intel
2024-06-20 20:51 - 2022-03-17 15:30 - 000000000 ____D C:\ProgramData\NVIDIA
2024-06-20 20:51 - 2022-03-17 15:23 - 000012288 ___SH C:\DumpStack.log.tmp
2024-06-20 20:50 - 2022-05-07 06:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-06-20 20:46 - 2023-11-02 23:49 - 000000000 ____D C:\Users\simec\AppData\Roaming\TeraCopy
2024-06-20 20:41 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-06-20 20:08 - 2022-03-25 18:39 - 000000000 ____D C:\Users\simec\AppData\Local\Packages
2024-06-20 19:52 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-06-20 19:51 - 2023-11-07 16:29 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2024-06-20 19:51 - 2023-11-03 12:35 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-06-20 19:50 - 2022-03-25 18:47 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\MMC
2024-06-20 19:18 - 2022-03-17 15:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-06-20 17:32 - 2023-11-03 19:02 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\Windows
2024-06-20 17:00 - 2022-03-17 15:42 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-06-20 15:55 - 2023-11-03 00:05 - 000000000 ____D C:\Users\simec\AppData\Roaming\discord
2024-06-20 15:54 - 2023-11-11 20:54 - 000000000 ____D C:\Users\simec\AppData\Roaming\HandBrake
2024-06-20 15:54 - 2023-11-03 00:05 - 000002243 _____ C:\Users\simec\Desktop\Discord.lnk
2024-06-20 15:54 - 2023-11-03 00:05 - 000000000 ____D C:\Users\simec\AppData\Local\Discord
2024-06-20 15:01 - 2023-11-02 23:57 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2024-06-20 14:40 - 2023-11-11 20:41 - 000000000 ____D C:\Users\simec\AppData\Roaming\vlc
2024-06-20 14:11 - 2022-03-25 18:39 - 000000000 ____D C:\Users\simec\AppData\Local\D3DSCache
2024-06-20 11:56 - 2023-11-03 13:55 - 000001456 _____ C:\Users\simec\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2024-06-19 20:43 - 2023-11-06 18:45 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\Office
2024-06-19 20:17 - 2022-03-17 15:23 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-06-19 16:45 - 2022-03-25 18:41 - 000000000 ___RD C:\Users\simec\OneDrive
2024-06-19 10:25 - 2023-11-17 19:21 - 000000000 ____D C:\Users\simec\AppData\LocalLow\Norton
2024-06-19 09:27 - 2023-11-03 00:10 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-06-19 09:27 - 2023-11-03 00:10 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-06-18 09:16 - 2023-11-03 00:06 - 000002166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-06-18 09:16 - 2023-11-03 00:06 - 000002080 _____ C:\Users\simec\Desktop\Google Slides.lnk
2024-06-18 09:16 - 2023-11-03 00:06 - 000002080 _____ C:\Users\simec\Desktop\Google Sheets.lnk
2024-06-18 09:16 - 2023-11-03 00:06 - 000002068 _____ C:\Users\simec\Desktop\Google Docs.lnk
2024-06-18 09:16 - 2023-11-03 00:06 - 000002044 _____ C:\Users\simec\Desktop\Google Drive.lnk
2024-06-17 17:03 - 2023-11-03 21:37 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1283810175-761726887-3710497458-1002
2024-06-17 17:03 - 2023-11-03 21:37 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-06-17 17:03 - 2023-11-03 00:52 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-06-16 17:26 - 2023-11-02 23:51 - 000000000 ____D C:\Users\simec\Downloads\Video
2024-06-16 14:32 - 2023-11-17 16:17 - 000000000 ____D C:\Users\simec\Downloads\Telegram Desktop
2024-06-15 09:25 - 2023-11-03 01:00 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-06-13 13:54 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-06-13 13:39 - 2022-03-17 15:25 - 000000000 ____D C:\ProgramData\Packages
2024-06-13 13:38 - 2023-11-03 21:34 - 000868280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-06-13 13:37 - 2023-12-26 21:19 - 000000000 ____D C:\WINDOWS\InboxApps
2024-06-13 13:37 - 2023-11-03 19:00 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-06-13 13:37 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\servicing
2024-06-12 19:15 - 2023-08-24 15:31 - 000000000 ____D C:\Users\simec\AppData\Local\CrashDumps
2024-06-12 16:37 - 2022-05-07 11:31 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-06-12 16:37 - 2022-05-07 11:31 - 000024383 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2024-06-12 16:37 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-06-12 16:34 - 2023-11-03 21:36 - 003216384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-06-11 23:07 - 2023-11-03 00:12 - 000000000 ____D C:\Users\simec\AppData\Roaming\utorrent
2024-06-11 16:30 - 2021-06-05 13:08 - 000000167 _____ C:\WINDOWS\win.ini
2024-06-11 16:29 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-06-11 16:20 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\System
2024-06-06 14:46 - 2023-11-03 00:52 - 000000000 ___RD C:\Users\Default\OneDrive
2024-06-06 11:11 - 2023-11-03 21:37 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-06-06 11:11 - 2023-11-03 21:37 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-06-05 14:48 - 2023-11-03 19:02 - 000000000 ____D C:\Users\simec
2024-06-03 22:30 - 2023-11-02 23:56 - 000000000 ____D C:\Users\simec\AppData\Local\Adobe
2024-05-21 11:47 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-05-21 11:47 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-05-21 11:47 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-05-21 11:46 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-05-21 11:46 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-05-21 11:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemApps
2024-05-21 11:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-05-21 11:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-05-21 11:44 - 2022-03-17 15:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-05-21 11:43 - 2022-03-17 15:41 - 196465576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-05-21 11:20 - 2023-11-03 00:05 - 000000000 ____D C:\Program Files (x86)\Google
==================== Fichiers à la racine de certains dossiers ========
2023-11-11 17:16 - 2023-11-11 17:16 - 000000039 _____ () C:\Users\simec\AppData\Roaming\epm_user.ini
2024-06-18 14:44 - 2024-06-18 14:44 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA0.jpg
2024-06-11 20:00 - 2024-06-11 20:00 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA0.png
2024-06-11 20:14 - 2024-06-11 20:14 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA2.png
2024-06-11 20:11 - 2024-06-11 20:11 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA3.png
2024-06-18 14:03 - 2024-06-18 14:03 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA4.png
2024-06-18 14:02 - 2024-06-18 14:02 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA5.png
2024-06-18 14:37 - 2024-06-18 14:37 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA6.png
2024-06-18 14:20 - 2024-06-18 14:20 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA7.png
2024-06-18 15:31 - 2024-06-18 15:31 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA8.png
2024-06-18 15:30 - 2024-06-18 15:30 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA9.png
2024-06-18 16:16 - 2024-06-18 16:16 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEAA.png
2024-06-18 16:01 - 2024-06-18 16:01 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEAB.png
2024-06-18 18:18 - 2024-06-18 18:18 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEAC.png
2024-06-18 17:52 - 2024-06-18 17:52 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEAD.png
2023-11-03 13:55 - 2024-06-20 11:56 - 000001456 _____ () C:\Users\simec\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2023-11-02 23:57 - 2023-11-16 14:56 - 000001640 _____ () C:\Users\simec\AppData\Local\oobelibMkey.log
2024-06-05 16:10 - 2024-06-05 16:10 - 000000790 _____ () C:\Users\simec\AppData\Local\recently-used.xbel
2023-05-21 10:29 - 2023-05-21 10:29 - 000000017 _____ () C:\Users\simec\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2023-11-11 17:09 - 2023-06-19 13:06 - 000163328 _____ C:\WINDOWS\system32\setupdrvx64.exe
2023-11-11 17:08 - 2022-12-29 13:34 - 000174216 _____ C:\WINDOWS\system32\setupepmdrvx64.exe
2024-06-10 18:22 - 2024-06-10 19:44 - 000000000 _____ C:\WINDOWS\SECOH-QAD.exe
2003-04-18 16:46 - 2003-04-18 16:46 - 001233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4.dll
2003-04-18 16:29 - 2003-04-18 16:29 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4r.dll
2024-06-20 20:21 - 2024-06-20 20:21 - 002395648 _____ (Farbar) C:\Users\simec\Desktop\FRST64.exe
==================== FCheck ================================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
FCheck: C:\WINDOWS\SECOH-QAD.exe [2024-06-10] <==== ATTENTION (zéro octet Fichier/Dossier)
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{3aab778e-a5fd-11ec-b37d-9c49f6a9dc01}
{3aab778f-a5fd-11ec-b37d-9c49f6a9dc01}
{3aab7790-a5fd-11ec-b37d-9c49f6a9dc01}
timeout 0
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {3aab7796-a5fd-11ec-b37d-9c49f6a9dc01}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {3aab778e-a5fd-11ec-b37d-9c49f6a9dc01}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {3aab778f-a5fd-11ec-b37d-9c49f6a9dc01}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {3aab7790-a5fd-11ec-b37d-9c49f6a9dc01}
description EFI Network
Chargeur de démarrage Windows
-----------------------------
identificateur {3aab7794-a5fd-11ec-b37d-9c49f6a9dc01}
device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{3aab7795-a5fd-11ec-b37d-9c49f6a9dc01}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-fr
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{3aab7795-a5fd-11ec-b37d-9c49f6a9dc01}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 11
locale fr-FR
inherit {bootloadersettings}
recoverysequence {3aab7799-a5fd-11ec-b37d-9c49f6a9dc01}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {3aab7796-a5fd-11ec-b37d-9c49f6a9dc01}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {3aab7799-a5fd-11ec-b37d-9c49f6a9dc01}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{3aab779a-a5fd-11ec-b37d-9c49f6a9dc01}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{3aab779a-a5fd-11ec-b37d-9c49f6a9dc01}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {3aab7796-a5fd-11ec-b37d-9c49f6a9dc01}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {3aab7799-a5fd-11ec-b37d-9c49f6a9dc01}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
custom:21000026 partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {3aab7795-a5fd-11ec-b37d-9c49f6a9dc01}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume5
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options de périphérique
-----------------------
identificateur {3aab779a-a5fd-11ec-b37d-9c49f6a9dc01}
description Windows Recovery
ramdisksdidevice unknown
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par COC-NitroBook (administrateur) sur COC-NITROBOOK (Acer Nitro AN515-55) (20-06-2024 21:23:39)
Exécuté depuis C:\Users\simec\Desktop\FRST64.exe
Profils chargés: COC-NitroBook
Plate-forme: Microsoft Windows 11 Famille Version 23H2 22631.3737 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSAgent.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(C:\Program Files\Acer\NitroSense Service\PSAgent.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(C:\Program Files\Acer\NitroSense Service\PSSvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSAdminAgent.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_24124.2402.2858.5617_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.61\msedgewebview2.exe <7>
(C:\Users\simec\AppData\Local\WebEx\WebexHost.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\simec\AppData\Local\WebEx\WebEx64\Meetings_slow\atmgr.exe
(C:\Users\simec\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\simec\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe
(drivers\RivetNetworks\Killer\KAPSService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPS.exe
(drivers\RivetNetworks\Killer\xTendUtilityService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_f9f92cc42e038a12\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f9f92cc42e038a12\igfxEM.exe
(explorer.exe ->) () [Fichier non signé] C:\Program Files\VanceAI PC\liveUpdate.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Inc.) [Fichier non signé] C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe
(explorer.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\simec\AppData\Local\WebEx\WebexHost.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <31>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Tonec Inc.) [Fichier non signé] C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\ENS\ensserver.exe
(services.exe ->) (Code Sector -> ) C:\Program Files\TeraCopy\TeraCopyService.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f9f92cc42e038a12\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_553b9a82ff9cf770\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_2b7bcff446ea567f\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_2b7bcff446ea567f\IntelCpHeciSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.24.3.2\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.24.3.2\nsWscSvc.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_2ba22b3456e19b2f\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9971779a1c712866\RtkAudUService64.exe <2>
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\simec\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2424.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe
(svchost.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f9f92cc42e038a12\igfxext.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.20.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9971779a1c712866\RtkAudUService64.exe [1201968 2020-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe [6609176 2023-11-02] (Adobe Inc. -> Adobe Systems Inc.) [Fichier non signé]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [95510296 2023-07-14] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2023-11-16] (Adobe Inc. -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\MRT: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe [61245728 2024-06-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4899856 2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe [61245728 2024-06-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4899856 2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4899856 2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe [61245728 2024-06-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\Run: [bbd83440e0c75ee4effdbab29c29df16] => C:\Program Files\VanceAI PC\liveUpdate.exe [3469312 2023-06-02] () [Fichier non signé]
HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\Run: [MicrosoftEdgeAutoLaunch_7E2BF839E2BA7183F3C20FDD77FFB84B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3883456 2024-06-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\Run: [CiscoMeetingDaemon] => C:\Users\simec\AppData\Local\WebEx\WebexHost.exe [7272032 2024-02-28] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [6010880 2024-01-16] (Tonec Inc.) [Fichier non signé]
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe [61245728 2024-06-18] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2022-04-07] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\126.0.6478.63\Installer\chrmstp.exe [2024-06-19] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {94AEA632-70DE-4882-81E2-0D4C809BC8B2} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2971808 2021-12-30] (Acer Incorporated -> ) -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {51405CD2-91E7-4D98-87B9-2DD2A3E5D8F8} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41632 2021-12-30] (Acer Incorporated -> )
Task: {B4A0FA69-8A60-4D29-BA37-CF85BB4B6D18} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4836512 2021-12-30] (Acer Incorporated -> )
Task: {7E679064-76ED-4AA0-AD69-04DFA44787A3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {5C167A66-B261-49BB-AE50-87CA32D02C58} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {0F0C1B18-B445-43C6-AF10-8E7E433D91B1} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4434400 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {BEB9CB78-3AF8-4B5F-AFBC-CE2EC9518F1B} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5472312 2024-06-12] (Microsoft Windows -> Microsoft Corporation)
Task: {5AF0A73E-D337-4D71-BE63-5DDA3F4EC235} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{3063BB0C-81F2-4E8F-B5FD-76E7AEFDD9F3} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6537.0\updater.exe [4623976 2024-06-13] (Google LLC -> Google LLC)
Task: {F0D21572-11CC-464D-83DA-134687C9B907} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [5745672 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {A02699EB-EF57-4700-B706-46CCB0B11BBD} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {A058BDA2-C5F4-4AB1-9409-149FBF583949} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2CDA407C-52F2-4401-8380-0C018CAA3C9D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {4FBFC145-77A7-473A-99CC-0FA4CEB9F393} - System32\Tasks\Microsoft\Windows\Application Experience\PcaWallpaperAppDetect => C:\Windows\system32\rundll32.exe [73728 2024-05-21] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaWallpaperAppDetect
Task: {FC9480C9-FD4D-4C34-826C-B1DD159CB22F} - System32\Tasks\Microsoft\Windows\ApplicationData\CNNune_IBV32 => C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [58856 2022-05-07] (Microsoft Corporation -> Microsoft Corporation) -> C:\Program Files (x86)\Common Files\SwitchSecurity\FirstTgmes\/U "C:\Program Files (x86)\Common Files\SwitchSecurity\FirstTgmes\wlbsiutTBvltn.dll"
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier)
Task: {1A08533E-F818-401F-8C23-0009520594AF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B08FBCB3-C451-4A51-99CB-21BE9131C33A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F735FD33-EA75-4A2B-AF8A-8EEADD756B07} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FFAE8FF8-95EF-49E7-BB99-E22ECB59F363} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F1C60F84-44E0-4E0D-9951-50E1D69CCFA4} - System32\Tasks\NitroSense => C:\Program Files\Acer\NitroSense Service\PSLauncher.exe [609512 2021-08-09] (Acer Incorporated -> Acer Incorporated)
Task: {354EB9C7-77F1-4FE6-8E66-EB543BBDC79F} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.24.3.2\symerr.exe [379024 2024-04-05] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {64C62D34-551F-4719-AE56-FA64BD85A388} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.24.3.2\symerr.exe [379024 2024-04-05] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {6FDC6C3D-A0CC-4B4C-A9E8-7850E8CBC2EB} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.24.3.2\symerr.exe [379024 2024-04-05] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {53D74F62-C7AA-4FAD-BFB5-9556AA4E3F30} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.24.3.2\WSCStub.exe [646520 2024-04-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {D7436A6F-681D-4259-A871-7E1F13BC6FB8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {6163C4D2-CD72-40FA-BB5B-4A4FA2154AB5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {792E37EA-A6E9-4286-AE5C-085D403033BE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {46FD7F59-AA1F-402F-A4AD-2044055073AE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {486A1754-E100-4D65-8B61-AC41B9E57123} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B7EBE9C3-52F6-4F30-8BFB-133696AAE4DB} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D891F835-013D-40C9-AC47-84F7C5AE9366} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A667874C-234C-44A3-957D-5B55902AC9CD} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {03E70AE5-ACFA-4204-A720-CFDBBFCB43ED} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {957CD20E-295A-4D23-8ECC-3B669642CAE8} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {B4216622-EE47-47C2-87ED-B8B81C5291CC} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1283810175-761726887-3710497458-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {88CF6961-FA90-4B30-A6C1-4DB80A363CFE} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1283810175-761726887-3710497458-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Pas de fichier)
Task: {D14BAB62-31E4-4500-B682-9E6ABCD5F37F} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2771616 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {FAF45B0E-13EC-4EEF-BDEB-ACBFDC8B54C8} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [446624 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {F15A97A3-9943-4D68-BEE3-C5D554DD1B44} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2353000 2024-04-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {E22DD8DB-C2F2-4FEB-8B9D-561A230A8E10} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{14a7f9bc-8482-43f1-947e-94eac6fe7b2e}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{14a7f9bc-8482-43f1-947e-94eac6fe7b2e}\34F434F535F4C4554594F4E435D25374: [DhcpNameServer] 41.86.224.81 102.38.129.139
Tcpip\..\Interfaces\{14a7f9bc-8482-43f1-947e-94eac6fe7b2e}\55355425F5032454631314D25374: [DhcpNameServer] 41.86.224.81 102.38.128.139
Tcpip\..\Interfaces\{15734811-4786-4071-80ec-e9f26d93b474}: [DhcpDomain] local
Tcpip\..\Interfaces\{3df7b0ed-677c-4e77-901c-c734c9707dda}: [DhcpNameServer] 192.168.88.1 41.86.224.81 102.38.128.139
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\simec\AppData\Local\Microsoft\Edge\User Data\Default [2024-06-20]
Edge Extension: (Google Docs hors connexion) - C:\Users\simec\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-20]
Edge Extension: (Edge relevant text changes) - C:\Users\simec\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (IDM Integration Module) - C:\Users\simec\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2024-06-20]
Edge HKU\S-1-5-21-1283810175-761726887-3710497458-1002\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2024-01-16]
FireFox:
========
FF DefaultProfile: erqcml9a.default
FF ProfilePath: C:\Users\simec\AppData\Roaming\Mozilla\Firefox\Profiles\erqcml9a.default [2024-06-20]
FF ProfilePath: C:\Users\simec\AppData\Roaming\Mozilla\Firefox\Profiles\0bml8kbl.default-release [2024-06-20]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\simec\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\simec\AppData\Roaming\IDM\idmmzcc5 [2024-05-06] [] [non signé]
FF HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-19] []
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-01-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\simec\AppData\Local\Google\Chrome\User Data\Default [2024-06-20]
CHR DownloadDir: D:\01 DOWNLOADS\Pictures 2
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\simec\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-06-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\simec\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-06-11]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\simec\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-11-03]
CHR Extension: (IDM Integration Module) - C:\Users\simec\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2024-06-20]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\simec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-03]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2024-01-16]
CHR HKU\S-1-5-21-1283810175-761726887-3710497458-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-1283810175-761726887-3710497458-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2024-01-16]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2024-01-16]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [259232 2021-12-30] (Acer Incorporated -> Acer Incorporated)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [4555744 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [243432 2022-07-08] (DTS, Inc. -> DTS Inc.)
R2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [32448 2023-08-22] (CHENGDU YIWO Tech Development Co., Ltd. -> )
S3 EPMVssEaseusProvider; C:\WINDOWS\system32\dllhost.exe /Processid:{BACC7F68-6461-4861-839F-B46406967631} [46416 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileSyncHelper.exe [3514384 2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Fichier non signé]
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [1748992 2020-01-10] (Rivet Networks LLC -> Rivet Networks)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2651640 2020-01-10] (Rivet Networks LLC -> Rivet Networks)
R3 Killer Wifi Optimization Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [73704 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [73712 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe [1505416 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NativePushService; C:\Users\simec\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [595352 2023-08-22] (Wondershare Technology Group Co.,Ltd -> Wondershare)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.24.3.2\NortonSecurity.exe [344888 2024-04-05] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.24.3.2\nsWscSvc.exe [1059176 2024-04-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_2ba22b3456e19b2f\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.108.0528.0005\OneDriveUpdaterService.exe [3853744 2024-06-17] (Microsoft Corporation -> Microsoft Corporation)
R3 PSSvc; C:\Program Files\Acer\NitroSense Service\PSSvc.exe [840424 2021-08-09] (Acer Incorporated -> Acer Incorporated)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [466080 2022-01-03] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [504480 2022-01-03] (Acer Incorporated -> Acer Incorporated)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2022-10-04] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2022-10-04] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [112184 2021-02-01] (Code Sector -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 xTendSoftAPService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [73720 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 xTendUtilityService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [73720 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [36784 2022-06-08] (Acer Incorporated -> Acer Incorporated)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.23.10.10\Definitions\BASHDefs\20240618.001\BHDrvx64.sys [1706496 2024-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\ccSetx64.sys [198288 2024-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ebrntdrv; C:\WINDOWS\system32\ebrntdrv.sys [27728 2023-06-19] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527832 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 epmdkdrv; C:\WINDOWS\system32\epmdkdrv.sys [27728 2022-12-29] (Microsoft Windows Hardware Compatibility Publisher -> )
R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2022-12-29] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2023-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 EUDCPEPM; C:\WINDOWS\System32\drivers\EUDCPEPM.sys [76344 2022-12-29] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUEDKEPM; C:\WINDOWS\system32\drivers\EUEDKEPM.sys [24656 2022-12-29] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R2 IDMWFP; C:\WINDOWS\System32\drivers\idmwfp.sys [173736 2023-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Tonec Inc.)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.23.10.10\Definitions\IPSDefs\20240619.064\IDSvia64.sys [1554432 2024-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [177272 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [72224 2020-05-19] (SZ DJI Technology Co., Ltd. -> hxxp://libusb-win32.sourceforge.net)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\nsvst.sys [57120 2024-04-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-12-06] (Nvidia Corporation -> NVIDIA Corporation)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\SRTSP64.SYS [960640 2024-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\SRTSPX64.SYS [52864 2024-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\SYMEFASI64.SYS [2180248 2024-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\SymELAM.sys [36016 2024-04-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100344 2023-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.23.10.10\SymPlatform\SymEvnt.sys [934912 2024-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\Ironx64.SYS [306872 2024-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\symnets.sys [492720 2024-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-06-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602520 2024-06-20] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-06-20] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\wpCtrlDrv.sys [1016792 2024-04-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-06-20 21:23 - 2024-06-20 21:24 - 000041259 _____ C:\Users\simec\Desktop\FRST.txt
2024-06-20 20:58 - 2024-06-20 20:58 - 000810954 _____ C:\WINDOWS\system32\perfh00C.dat
2024-06-20 20:58 - 2024-06-20 20:58 - 000157390 _____ C:\WINDOWS\system32\perfc00C.dat
2024-06-20 20:22 - 2024-06-20 21:23 - 000000000 ____D C:\FRST
2024-06-20 20:21 - 2024-06-20 20:21 - 002395648 _____ (Farbar) C:\Users\simec\Desktop\FRST64.exe
2024-06-20 20:16 - 2024-06-20 20:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2024-06-18 15:56 - 2024-06-18 15:56 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\HTML Help
2024-06-13 10:26 - 2024-06-13 10:26 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\Bibliography
2024-06-12 16:34 - 2024-06-12 16:34 - 000024821 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-06-12 16:34 - 2024-06-12 16:34 - 000024821 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-06-11 17:06 - 2024-06-11 17:06 - 000000000 ____D C:\Users\simec\Documents\Modèles Office personnalisés
2024-06-11 16:26 - 2024-06-11 16:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-06-11 16:21 - 2024-06-11 16:21 - 000002729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2024-06-11 16:21 - 2024-06-11 16:21 - 000002662 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive Entreprise.lnk
2024-06-11 16:21 - 2024-06-11 16:21 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2024-06-11 16:21 - 2024-06-11 16:21 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Entreprise 2016.lnk
2024-06-11 16:21 - 2024-06-11 16:21 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2024-06-11 16:21 - 2024-06-11 16:21 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2024-06-11 16:21 - 2024-06-11 16:21 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2024-06-11 16:21 - 2024-06-11 16:21 - 000002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2024-06-11 16:21 - 2024-06-11 16:21 - 000002628 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2024-06-11 16:21 - 2024-06-11 16:21 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2016
2024-06-11 16:21 - 2024-06-11 16:21 - 000000000 ____D C:\WINDOWS\PCHEALTH
2024-06-11 16:21 - 2024-06-11 16:21 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2024-06-11 16:21 - 2024-06-11 16:21 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-06-11 16:21 - 2024-06-11 16:21 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2024-06-11 16:20 - 2024-06-11 16:21 - 000000000 ____D C:\WINDOWS\SHELLNEW
2024-06-11 16:20 - 2024-06-11 16:21 - 000000000 ____D C:\Program Files\Microsoft Office
2024-06-11 16:20 - 2024-06-11 16:20 - 000000000 __RHD C:\MSOCache
2024-06-11 16:20 - 2024-06-11 16:20 - 000000000 ____D C:\Users\simec\AppData\Local\Microsoft Help
2024-06-11 16:20 - 2024-06-11 16:20 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2024-06-11 16:20 - 2024-06-11 16:20 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2024-06-11 16:20 - 2024-06-11 16:20 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2024-06-11 15:18 - 2024-06-11 15:19 - 000000106 _____ C:\Users\simec\Desktop\Download Latest Office 2016 Permanent Activator Ultimate.url
2024-06-11 15:18 - 2024-06-11 15:18 - 000000000 ____D C:\Users\simec\AppData\Local\Office2016
2024-06-10 18:43 - 2024-06-10 18:43 - 000000000 ____D C:\ProgramData\KMSAuto
2024-06-10 18:38 - 2024-06-10 18:46 - 000000000 ____D C:\Users\simec\AppData\Local\MSfree Inc
2024-06-10 18:38 - 2024-06-10 18:38 - 000000000 ____D C:\Users\simec\AppData\Local\Zofolazo
2024-06-10 18:22 - 2024-06-10 19:44 - 000000000 _____ C:\WINDOWS\SECOH-QAD.exe
2024-06-10 18:21 - 2024-06-10 18:26 - 000000000 ____D C:\Program Files\KMSpico
2024-06-10 18:21 - 2024-06-10 18:21 - 000000000 ____D C:\Program Files (x86)\data_test
2024-06-06 14:46 - 2024-06-06 14:46 - 000000000 ____D C:\WINDOWS\system32\%userprofile%
2024-06-05 16:10 - 2024-06-05 16:10 - 000000790 _____ C:\Users\simec\AppData\Local\recently-used.xbel
2024-06-05 14:48 - 2024-06-05 16:10 - 000000000 ____D C:\Users\simec\AppData\Roaming\inkscape
2024-06-05 14:48 - 2024-06-05 14:48 - 000000000 ____D C:\Users\simec\AppData\Local\fontconfig
2024-06-05 14:48 - 2024-06-05 14:48 - 000000000 ____D C:\Users\simec\.dbus-keyrings
2024-06-05 14:47 - 2024-06-05 14:47 - 000000939 _____ C:\Users\Public\Desktop\Inkscape.lnk
2024-06-05 14:47 - 2024-06-05 14:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape
2024-06-05 14:47 - 2024-06-05 14:47 - 000000000 ____D C:\Program Files\Inkscape
2024-05-21 17:18 - 2024-05-21 17:18 - 000000000 ____D C:\Users\simec\AppData\Local\DJI Assistant 2
2024-05-21 17:12 - 2024-05-21 20:24 - 000000000 ____D C:\Users\simec\AppData\Roaming\DJIAssistant2
2024-05-21 17:12 - 2024-05-21 17:12 - 000000000 ____D C:\Users\simec\AppData\Roaming\Electron
2024-05-21 17:12 - 2024-05-21 17:12 - 000000000 ____D C:\Users\simec\AppData\Roaming\DJI Assistant 2
2024-05-06 14:56 - 2024-06-20 19:51 - 000000000 ____D C:\Users\simec\AppData\Roaming\DMCache
2024-05-06 14:56 - 2024-06-20 17:18 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2024-05-06 14:56 - 2024-05-06 19:14 - 000000000 ____D C:\Users\simec\AppData\Roaming\IDM
2024-05-06 14:56 - 2024-05-06 14:56 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2024-05-06 14:56 - 2024-05-06 14:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2024-05-06 14:56 - 2024-05-06 14:56 - 000000000 ____D C:\ProgramData\IDM
2024-05-02 13:45 - 2024-05-02 13:45 - 000002143 _____ C:\Users\Public\Desktop\RODE Central.lnk
2024-05-02 13:45 - 2024-05-02 13:45 - 000001215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RODE Central.lnk
2024-05-02 13:45 - 2024-05-02 13:45 - 000000000 ____D C:\Users\simec\AppData\Roaming\RØDE
2024-05-02 13:45 - 2024-05-02 13:45 - 000000000 ____D C:\Program Files\RØDE Microphones
2024-05-01 11:33 - 2024-05-01 11:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-04-29 19:38 - 2024-04-29 19:38 - 000000000 ____D C:\Users\simec\AppData\Roaming\Maxon
2024-04-26 19:14 - 2024-06-20 20:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2024-04-26 19:09 - 2024-04-26 19:48 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2024-04-26 19:09 - 2024-04-26 19:09 - 000003374 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration
2024-04-12 11:32 - 2024-04-12 11:32 - 000000000 ____D C:\Users\simec\AppData\Roaming\webex
2024-04-12 11:31 - 2024-04-12 11:50 - 000000000 ____D C:\Users\simec\AppData\LocalLow\WebEx
2024-04-12 11:22 - 2024-06-20 12:55 - 000000000 ____D C:\Users\simec\AppData\Local\WebEx
2024-04-12 11:22 - 2024-04-13 20:09 - 000000000 ____D C:\Users\simec\AppData\Local\CiscoSpark
2024-04-12 11:22 - 2024-04-12 11:23 - 000000000 ____D C:\Users\simec\AppData\Local\CiscoSparkLauncher
2024-04-12 11:22 - 2024-04-12 11:22 - 000001454 _____ C:\Users\simec\Desktop\Webex.lnk
2024-04-12 11:22 - 2024-04-12 11:22 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webex
2024-04-11 11:53 - 2024-04-11 11:53 - 000000000 ____D C:\WINDOWS\SysWOW64\DDFs
2024-04-03 18:06 - 2024-04-03 18:07 - 000000000 ____D C:\Users\simec\AppData\Local\iZotope
2024-04-03 11:55 - 2024-04-03 11:55 - 000001256 _____ C:\Users\simec\Desktop\iZotope RX 10 Audio Editor.lnk
2024-04-03 11:55 - 2024-04-03 11:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iZotope
2024-04-03 11:55 - 2024-04-03 11:55 - 000000000 ____D C:\Program Files (x86)\iZotope
2024-04-03 11:54 - 2024-04-03 11:55 - 000000000 ____D C:\Program Files\iZotope
2024-04-03 11:54 - 2024-04-03 11:54 - 000000000 ____D C:\Program Files\Common Files\VST3
2024-04-03 11:54 - 2024-04-03 11:54 - 000000000 ____D C:\Program Files\Common Files\Avid
2024-03-29 20:14 - 2024-04-03 18:07 - 000000000 ____D C:\Users\simec\AppData\Roaming\iZotope
2024-03-28 10:50 - 2024-06-19 11:30 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\Excel
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-06-20 21:22 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-06-20 21:21 - 2023-11-15 19:42 - 000000000 ____D C:\Users\simec\AppData\Local\Norton
2024-06-20 21:02 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-06-20 21:01 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-06-20 20:58 - 2023-11-03 21:36 - 001803986 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-06-20 20:58 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-06-20 20:56 - 2023-11-06 18:45 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\Word
2024-06-20 20:52 - 2023-11-03 00:09 - 000000000 ____D C:\Users\simec\Documents\VanceAI
2024-06-20 20:51 - 2023-11-03 21:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-06-20 20:51 - 2023-11-03 21:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-06-20 20:51 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-06-20 20:51 - 2022-03-17 15:32 - 000000000 ____D C:\Intel
2024-06-20 20:51 - 2022-03-17 15:30 - 000000000 ____D C:\ProgramData\NVIDIA
2024-06-20 20:51 - 2022-03-17 15:23 - 000012288 ___SH C:\DumpStack.log.tmp
2024-06-20 20:50 - 2022-05-07 06:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-06-20 20:46 - 2023-11-02 23:49 - 000000000 ____D C:\Users\simec\AppData\Roaming\TeraCopy
2024-06-20 20:41 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-06-20 20:08 - 2022-03-25 18:39 - 000000000 ____D C:\Users\simec\AppData\Local\Packages
2024-06-20 19:52 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-06-20 19:51 - 2023-11-07 16:29 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2024-06-20 19:51 - 2023-11-03 12:35 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-06-20 19:50 - 2022-03-25 18:47 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\MMC
2024-06-20 19:18 - 2022-03-17 15:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-06-20 17:32 - 2023-11-03 19:02 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\Windows
2024-06-20 17:00 - 2022-03-17 15:42 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-06-20 15:55 - 2023-11-03 00:05 - 000000000 ____D C:\Users\simec\AppData\Roaming\discord
2024-06-20 15:54 - 2023-11-11 20:54 - 000000000 ____D C:\Users\simec\AppData\Roaming\HandBrake
2024-06-20 15:54 - 2023-11-03 00:05 - 000002243 _____ C:\Users\simec\Desktop\Discord.lnk
2024-06-20 15:54 - 2023-11-03 00:05 - 000000000 ____D C:\Users\simec\AppData\Local\Discord
2024-06-20 15:01 - 2023-11-02 23:57 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2024-06-20 14:40 - 2023-11-11 20:41 - 000000000 ____D C:\Users\simec\AppData\Roaming\vlc
2024-06-20 14:11 - 2022-03-25 18:39 - 000000000 ____D C:\Users\simec\AppData\Local\D3DSCache
2024-06-20 11:56 - 2023-11-03 13:55 - 000001456 _____ C:\Users\simec\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2024-06-19 20:43 - 2023-11-06 18:45 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\Office
2024-06-19 20:17 - 2022-03-17 15:23 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-06-19 16:45 - 2022-03-25 18:41 - 000000000 ___RD C:\Users\simec\OneDrive
2024-06-19 10:25 - 2023-11-17 19:21 - 000000000 ____D C:\Users\simec\AppData\LocalLow\Norton
2024-06-19 09:27 - 2023-11-03 00:10 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-06-19 09:27 - 2023-11-03 00:10 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-06-18 09:16 - 2023-11-03 00:06 - 000002166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-06-18 09:16 - 2023-11-03 00:06 - 000002080 _____ C:\Users\simec\Desktop\Google Slides.lnk
2024-06-18 09:16 - 2023-11-03 00:06 - 000002080 _____ C:\Users\simec\Desktop\Google Sheets.lnk
2024-06-18 09:16 - 2023-11-03 00:06 - 000002068 _____ C:\Users\simec\Desktop\Google Docs.lnk
2024-06-18 09:16 - 2023-11-03 00:06 - 000002044 _____ C:\Users\simec\Desktop\Google Drive.lnk
2024-06-17 17:03 - 2023-11-03 21:37 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1283810175-761726887-3710497458-1002
2024-06-17 17:03 - 2023-11-03 21:37 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-06-17 17:03 - 2023-11-03 00:52 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-06-16 17:26 - 2023-11-02 23:51 - 000000000 ____D C:\Users\simec\Downloads\Video
2024-06-16 14:32 - 2023-11-17 16:17 - 000000000 ____D C:\Users\simec\Downloads\Telegram Desktop
2024-06-15 09:25 - 2023-11-03 01:00 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-06-13 13:54 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-06-13 13:39 - 2022-03-17 15:25 - 000000000 ____D C:\ProgramData\Packages
2024-06-13 13:38 - 2023-11-03 21:34 - 000868280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-06-13 13:37 - 2023-12-26 21:19 - 000000000 ____D C:\WINDOWS\InboxApps
2024-06-13 13:37 - 2023-11-03 19:00 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-06-13 13:37 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\servicing
2024-06-12 19:15 - 2023-08-24 15:31 - 000000000 ____D C:\Users\simec\AppData\Local\CrashDumps
2024-06-12 16:37 - 2022-05-07 11:31 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-06-12 16:37 - 2022-05-07 11:31 - 000024383 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2024-06-12 16:37 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-06-12 16:34 - 2023-11-03 21:36 - 003216384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-06-11 23:07 - 2023-11-03 00:12 - 000000000 ____D C:\Users\simec\AppData\Roaming\utorrent
2024-06-11 16:30 - 2021-06-05 13:08 - 000000167 _____ C:\WINDOWS\win.ini
2024-06-11 16:29 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-06-11 16:20 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\System
2024-06-06 14:46 - 2023-11-03 00:52 - 000000000 ___RD C:\Users\Default\OneDrive
2024-06-06 11:11 - 2023-11-03 21:37 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-06-06 11:11 - 2023-11-03 21:37 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-06-05 14:48 - 2023-11-03 19:02 - 000000000 ____D C:\Users\simec
2024-06-03 22:30 - 2023-11-02 23:56 - 000000000 ____D C:\Users\simec\AppData\Local\Adobe
2024-05-21 11:47 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-05-21 11:47 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-05-21 11:47 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-05-21 11:46 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-05-21 11:46 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-05-21 11:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemApps
2024-05-21 11:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-05-21 11:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-05-21 11:44 - 2022-03-17 15:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-05-21 11:43 - 2022-03-17 15:41 - 196465576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-05-21 11:20 - 2023-11-03 00:05 - 000000000 ____D C:\Program Files (x86)\Google
==================== Fichiers à la racine de certains dossiers ========
2023-11-11 17:16 - 2023-11-11 17:16 - 000000039 _____ () C:\Users\simec\AppData\Roaming\epm_user.ini
2024-06-18 14:44 - 2024-06-18 14:44 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA0.jpg
2024-06-11 20:00 - 2024-06-11 20:00 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA0.png
2024-06-11 20:14 - 2024-06-11 20:14 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA2.png
2024-06-11 20:11 - 2024-06-11 20:11 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA3.png
2024-06-18 14:03 - 2024-06-18 14:03 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA4.png
2024-06-18 14:02 - 2024-06-18 14:02 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA5.png
2024-06-18 14:37 - 2024-06-18 14:37 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA6.png
2024-06-18 14:20 - 2024-06-18 14:20 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA7.png
2024-06-18 15:31 - 2024-06-18 15:31 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA8.png
2024-06-18 15:30 - 2024-06-18 15:30 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA9.png
2024-06-18 16:16 - 2024-06-18 16:16 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEAA.png
2024-06-18 16:01 - 2024-06-18 16:01 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEAB.png
2024-06-18 18:18 - 2024-06-18 18:18 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEAC.png
2024-06-18 17:52 - 2024-06-18 17:52 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEAD.png
2023-11-03 13:55 - 2024-06-20 11:56 - 000001456 _____ () C:\Users\simec\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2023-11-02 23:57 - 2023-11-16 14:56 - 000001640 _____ () C:\Users\simec\AppData\Local\oobelibMkey.log
2024-06-05 16:10 - 2024-06-05 16:10 - 000000790 _____ () C:\Users\simec\AppData\Local\recently-used.xbel
2023-05-21 10:29 - 2023-05-21 10:29 - 000000017 _____ () C:\Users\simec\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2023-11-11 17:09 - 2023-06-19 13:06 - 000163328 _____ C:\WINDOWS\system32\setupdrvx64.exe
2023-11-11 17:08 - 2022-12-29 13:34 - 000174216 _____ C:\WINDOWS\system32\setupepmdrvx64.exe
2024-06-10 18:22 - 2024-06-10 19:44 - 000000000 _____ C:\WINDOWS\SECOH-QAD.exe
2003-04-18 16:46 - 2003-04-18 16:46 - 001233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4.dll
2003-04-18 16:29 - 2003-04-18 16:29 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4r.dll
2024-06-20 20:21 - 2024-06-20 20:21 - 002395648 _____ (Farbar) C:\Users\simec\Desktop\FRST64.exe
==================== FCheck ================================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
FCheck: C:\WINDOWS\SECOH-QAD.exe [2024-06-10] <==== ATTENTION (zéro octet Fichier/Dossier)
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{3aab778e-a5fd-11ec-b37d-9c49f6a9dc01}
{3aab778f-a5fd-11ec-b37d-9c49f6a9dc01}
{3aab7790-a5fd-11ec-b37d-9c49f6a9dc01}
timeout 0
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {3aab7796-a5fd-11ec-b37d-9c49f6a9dc01}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {3aab778e-a5fd-11ec-b37d-9c49f6a9dc01}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {3aab778f-a5fd-11ec-b37d-9c49f6a9dc01}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {3aab7790-a5fd-11ec-b37d-9c49f6a9dc01}
description EFI Network
Chargeur de démarrage Windows
-----------------------------
identificateur {3aab7794-a5fd-11ec-b37d-9c49f6a9dc01}
device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{3aab7795-a5fd-11ec-b37d-9c49f6a9dc01}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-fr
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{3aab7795-a5fd-11ec-b37d-9c49f6a9dc01}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 11
locale fr-FR
inherit {bootloadersettings}
recoverysequence {3aab7799-a5fd-11ec-b37d-9c49f6a9dc01}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {3aab7796-a5fd-11ec-b37d-9c49f6a9dc01}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {3aab7799-a5fd-11ec-b37d-9c49f6a9dc01}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{3aab779a-a5fd-11ec-b37d-9c49f6a9dc01}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{3aab779a-a5fd-11ec-b37d-9c49f6a9dc01}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {3aab7796-a5fd-11ec-b37d-9c49f6a9dc01}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {3aab7799-a5fd-11ec-b37d-9c49f6a9dc01}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
custom:21000026 partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {3aab7795-a5fd-11ec-b37d-9c49f6a9dc01}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume5
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options de périphérique
-----------------------
identificateur {3aab779a-a5fd-11ec-b37d-9c49f6a9dc01}
description Windows Recovery
ramdisksdidevice unknown
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================