Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 21-01-2025
Exécuté par Admin (administrateur) sur DANIEL (LENOVO 20EN0013CA) (25-01-2025 08:18:03)
Exécuté depuis C:\Users\Admin\Desktop\FRST64.exe
Profils chargés: Admin
Plate-forme: Microsoft Windows 11 Professionnel Version 22H2 22621.4317 (X64) Langue: Français (Canada)
Navigateur par défaut: "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" -noautoupdate -- "%1"
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(cmd.exe ->) (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\Admin\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FNCC3C~1.INF\driver\shtctky.exe
(DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FNCC3C~1.INF\driver\tposd.exe
(explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.ScreenSketch_11.2409.25.0_x64__8wekyb3d8bbwe\SnippingTool\SnippingTool.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office16\ONENOTEM.EXE
(explorer.exe ->) (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\igfxEM.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Dism\DismHost.exe <5>
(Opera Norway AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_d4f47df9c2216d4d\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\EasyResume.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(services.exe ->) (Microsoft Corporation -> MSPCManagerService) C:\Program Files\WindowsApps\Microsoft.MicrosoftPCManager_3.15.5.0_x64__8wekyb3d8bbwe\PCManager\MSPCManagerService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_b72b32629cc698ac\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_b72b32629cc698ac\NVWMI\nvWmi64.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24112.22.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftTeams_24348.802.3311.5092_x64__8wekyb3d8bbwe\msteamsupdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.127\Installer\setup.exe [6905896 2025-01-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3187660612-677162194-1757115519-1001\...\Run: [Opera Stable] => C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe [1622424 2025-01-23] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-3187660612-677162194-1757115519-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45381424 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\132.0.6834.110\Installer\chrmstp.exe [2025-01-23] (Google LLC -> Google LLC)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2025-01-13]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {CA972CAB-1F36-478E-9E62-0078142408D6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {39678489-3393-460D-8EB9-40B0341CA200} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-12-04] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {E78359EE-79BE-4F1F-AA78-4F474F97133E} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-12-04] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "9499b11f-c041-437a-8725-5cf09398b67e" --version "6.31.11415" --silent
Task: {231FA8DD-1DE5-4692-90B5-0082BCB0B957} - System32\Tasks\CCleanerSkipUAC - Admin => C:\Program Files\CCleaner\CCleaner.exe [39151920 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {4AE7E874-20E2-49E0-80E4-4B37E7366A27} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Admin\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15204208 2024-12-21] (ESET, spol. s r.o. -> ESET)
Task: {293012F3-7C0C-4EBF-BB73-D31194F471D5} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Admin\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15204208 2024-12-21] (ESET, spol. s r.o. -> ESET)
Task: {E5326137-B782-4FFC-A16A-3D8D194B97D2} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{382DD3B9-4E08-4BCD-AEF5-D98D38BF264B} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {E126FE1E-D0FB-4028-B015-8DBFDD1EB6AE} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3187660612-677162194-1757115519-1001 => C:\Users\Admin\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88584 2024-05-17] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {63BB2159-B2E7-4D5C-9A0D-61EA22C97766} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [129368 2024-06-27] (Lenovo -> Lenovo)
Task: {7BFB9A3D-6A6C-4E4E-8973-D1ACA474799D} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\PowerMgrInst.exe [65016 2022-12-05] (Lenovo -> )
Task: {4183B3C7-00F4-4144-9B97-75E2C67FB75F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Pas de fichier)
Task: {5A2A9260-8B6B-4CF3-81CA-C548150D187C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {75CA1E19-CDD3-49D7-AA8F-0C3E23BEC320} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier)
Task: {669ED19B-FC77-41B8-AFF5-41FC224D5975} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {30B42BA4-E223-4DA6-9B69-831CB8291A61} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {38A4588F-0431-4A1C-96BB-E44143D90F13} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DF588EF7-04B9-46E8-8FDA-CD9F68CDBAC5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E526DBCC-FEF7-4342-BB76-4B39AAD572EF} - System32\Tasks\Opera scheduled Autoupdate 1698617315 => C:\Users\Admin\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5656472 2025-01-21] (Opera Norway AS -> Opera Software)
Task: {FFFC40D7-E7C3-4047-9A2E-2CE9AA60F806} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618088 2020-07-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E7278A27-9E50-424D-B19C-E150A35B0C53} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618088 2020-07-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {62DF8173-42A0-4BAD-B232-459BCCFEFFD9} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904536 2024-07-15] (Lenovo -> )
Task: {7C83D10F-E1F7-46A2-8ED0-CE27EF4100B6} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904536 2024-07-15] (Lenovo -> )
Task: {0B692027-3414-493D-ADC9-EBF63314FEAF} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-3187660612-677162194-1757115519-1001 => C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe [435000 2025-01-19] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}\2454C4C4231373: [DhcpNameServer] 192.168.2.1 207.164.234.129
Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}\2454C4C4231373: [DhcpDomain] home
Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}\348616C65647: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}\34E40294E66796479E37: [DhcpNameServer] 192.168.1.8
Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}\34E40294E66796479E37: [DhcpDomain] home
Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}\355727563547169705C6573725F616E6F6B656251607964637: [DhcpNameServer] 1.1.1.1 1.0.0.1
Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}\D4162736D214E6462756: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}\D4162736D214E6462756: [DhcpDomain] hsd1.fl.comcast.net
Edge:
=======
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-20]
Edge Extension: (Google Documents hors connexion) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-27]
Edge Extension: (Edge relevant text changes) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-25]
Edge Extension: (Gestionnaire de mots de passe RoboForm) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ljfpcifpgbbchoddpjefaipoiigpdmag [2024-12-27]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-12-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2025-01-20]
CHR StartupUrls: Default -> "hxxps://www.google.ca/"
CHR DefaultSearchURL: Default -> hxxps://ca.search.yahoo.com/search?fr=mcafee&type=E210CA91166G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://ca.search.yahoo.com/sugg/gossip/gossip-ca-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-12-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-20]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-14]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-3187660612-677162194-1757115519-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.)
R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 Lenovo Instant On; C:\Windows\SysWOW64\EasyResume.exe [2352344 2022-12-05] (Lenovo -> Lenovo Group Limited)
S2 LPlatSvc; C:\Windows\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9441760 2024-12-18] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-01-13] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_b72b32629cc698ac\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVWMI; C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_b72b32629cc698ac\NVWMI\nvWmi64.exe [4513312 2024-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PCManager Service Store; C:\Program Files\WindowsApps\Microsoft.MicrosoftPCManager_3.15.5.0_x64__8wekyb3d8bbwe\PCManager\MSPCManagerService.exe [83504 2025-01-22] (Microsoft Corporation -> MSPCManagerService)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [530448 2024-09-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 SynaHlp; C:\Windows\System32\SynaHelperService.exe [254920 2022-01-18] (Synaptics Incorporated -> Synaptics Incorporated.)
R2 TPHKLOAD; C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\TPHKLOAD.exe [473760 2021-10-22] (Lenovo -> Lenovo Group Limited)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [188416 2023-11-17] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-11-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2024-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKslb402295a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{576180D1-D18C-4CAF-A23F-FA705ED2E0E7}\MpKslDrv.sys [267552 2025-01-25] (Microsoft Windows -> Microsoft Corporation)
R0 PMDRVS; C:\Windows\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22104 2024-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [606624 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-01-25 08:18 - 2025-01-25 08:19 - 000023323 _____ C:\Users\Admin\Desktop\FRST.txt
2025-01-25 08:17 - 2025-01-25 08:18 - 000000000 ____D C:\FRST
2025-01-25 08:16 - 2025-01-25 08:16 - 002403328 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2025-01-25 08:16 - 2025-01-25 08:16 - 000000000 ____D C:\Users\Admin\Desktop\Désinfection jan2024
2025-01-19 07:29 - 2025-01-19 07:29 - 000000000 ____D C:\Users\Admin\AppData\Local\Windows Master Store
2025-01-19 06:45 - 2025-01-19 06:45 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2025-01-09 10:41 - 2025-01-09 10:43 - 000000000 ____D C:\Users\Admin\Desktop\Test GPS USA
2025-01-04 17:40 - 2025-01-04 17:49 - 2436600032 ____R C:\Users\Admin\Desktop\[ Torrent911.eu ] Harold.And.The.Purple.Crayon.2024.French.Vfq.720P.WEBRIP.mkv
2024-12-31 14:32 - 2024-12-31 14:32 - 000000000 ____D C:\Users\Admin\Desktop\KIA GPS
2024-12-31 14:31 - 2025-01-19 06:51 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Navigation Updater
2024-12-31 14:31 - 2024-12-31 14:32 - 000000000 ____D C:\Program Files (x86)\Navigation Updater
2024-12-31 14:31 - 2024-12-31 14:31 - 000001322 _____ C:\Users\Admin\Desktop\Navigation Updater.lnk
2024-12-31 14:31 - 2024-12-31 14:31 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigation Updater
2024-12-31 14:30 - 2024-12-31 14:31 - 000000000 ____D C:\Users\Admin\AppData\Local\Temp.p19052
2024-12-31 14:20 - 2024-12-31 14:29 - 000000000 ____D C:\Users\Admin\Desktop\GPS et Radio Sorento
2024-12-31 09:26 - 2024-12-31 14:12 - 000000000 ____D C:\Users\Admin\Desktop\Sonic
2024-12-30 20:10 - 2024-12-30 20:10 - 000000000 ____D C:\Users\Admin\AppData\Roaming\NVIDIA
2024-12-30 20:10 - 2024-12-30 20:10 - 000000000 ____D C:\Users\Admin\AppData\Local\Avatarify
2024-12-30 19:56 - 2024-12-30 20:23 - 000000000 ____D C:\Users\Admin\.avatarify
2024-12-30 19:49 - 2024-12-30 19:49 - 103980269 _____ C:\Users\Admin\Downloads\Avatarify_Desktop_v0.10.exe.opdownload
2024-12-30 18:23 - 2024-12-30 19:35 - 000000000 ____D C:\Users\Admin\Desktop\Photo Famille Kelly
2024-12-29 09:59 - 2024-12-29 10:00 - 000000000 ____D C:\Users\Admin\Desktop\Karaoké
2024-12-29 09:53 - 2024-12-31 07:40 - 000000000 ____D C:\Users\Admin\Desktop\Innondation Chalet
2024-12-29 09:45 - 2024-12-29 09:45 - 001385379 _____ C:\Users\Admin\Desktop\Vérification Avant Départ 0808353.pdf
2024-12-28 10:21 - 2024-12-28 10:21 - 000769638 _____ C:\Windows\system32\perfh00C.dat
2024-12-28 10:21 - 2024-12-28 10:21 - 000146638 _____ C:\Windows\system32\perfc00C.dat
2024-12-28 10:10 - 2024-12-28 10:10 - 000022552 _____ C:\Users\Admin\Downloads\Long&McQuade.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-01-25 08:11 - 2022-05-07 00:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-25 07:58 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SystemTemp
2025-01-25 07:31 - 2022-05-07 00:24 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-25 07:31 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\AppReadiness
2025-01-25 07:30 - 2023-10-14 15:44 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-01-23 09:21 - 2023-10-29 17:08 - 000004238 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1698617315
2025-01-23 09:21 - 2023-10-29 17:08 - 000001386 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2025-01-23 09:20 - 2023-10-14 18:10 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-01-22 08:06 - 2023-10-29 17:50 - 000000000 ____D C:\Users\Admin\Desktop\Raccourcis du Bureau
2025-01-21 11:36 - 2023-10-14 16:56 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2025-01-20 07:42 - 2023-11-19 15:37 - 000000000 ____D C:\Users\Admin\AppData\Local\Malwarebytes
2025-01-20 07:34 - 2023-11-30 08:02 - 000000000 ____D C:\Program Files\CCleaner
2025-01-20 07:33 - 2023-11-21 16:21 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2025-01-20 07:33 - 2023-10-30 07:05 - 000000000 ____D C:\Users\Admin\AppData\Roaming\utorrent
2025-01-19 16:38 - 2024-11-14 12:10 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Zoom
2025-01-19 11:19 - 2022-05-07 00:22 - 000000000 ____D C:\Windows\INF
2025-01-19 11:12 - 2024-12-21 12:30 - 000003840 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2025-01-19 11:12 - 2024-12-21 12:30 - 000003398 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2025-01-19 11:12 - 2024-12-21 09:00 - 000001378 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2025-01-19 11:10 - 2024-12-21 09:00 - 000001272 _____ C:\Users\Admin\Desktop\ESET Online Scanner.lnk
2025-01-19 07:25 - 2023-10-14 15:45 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-01-19 07:24 - 2024-11-11 10:01 - 000000000 ____D C:\ProgramData\Windows Master Store
2025-01-19 06:45 - 2024-11-14 12:11 - 000004250 _____ C:\Windows\system32\Tasks\ZoomUpdateTaskUser-S-1-5-21-3187660612-677162194-1757115519-1001
2025-01-16 06:38 - 2023-10-14 16:59 - 000000000 ____D C:\Windows\system32\MRT
2025-01-16 06:18 - 2023-10-14 16:59 - 206927936 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2025-01-13 12:06 - 2024-05-27 06:49 - 000000000 ____D C:\Users\Admin\Desktop\A vendre
2025-01-11 09:38 - 2023-10-14 15:47 - 000000000 ____D C:\ProgramData\Packages
2025-01-09 07:41 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\SecurityHealth
2025-01-04 21:04 - 2023-11-21 09:14 - 000000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2025-01-04 17:38 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\LiveKernelReports
2025-01-01 12:21 - 2023-10-30 07:06 - 000000000 ____D C:\Users\Admin\AppData\Local\BitTorrentHelper
2025-01-01 06:39 - 2023-10-14 16:56 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2024-12-31 07:40 - 2023-10-14 16:54 - 000000000 ____D C:\Users\Admin
2024-12-30 20:10 - 2024-01-08 15:45 - 000000000 ____D C:\Users\Admin\AppData\Local\cache
2024-12-29 09:49 - 2024-02-23 07:04 - 000000000 ____D C:\Users\Admin\Desktop\IPTV
2024-12-29 09:46 - 2023-10-31 07:07 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Word
2024-12-29 09:45 - 2023-12-04 06:44 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Excel
2024-12-28 10:21 - 2023-10-14 15:54 - 001710106 _____ C:\Windows\system32\PerfStringBackup.INI
2024-12-28 10:14 - 2023-10-14 17:03 - 000000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2024-12-28 10:14 - 2023-10-14 15:55 - 000000000 ____D C:\ProgramData\NVIDIA
2024-12-28 10:14 - 2023-10-14 15:44 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-12-28 10:14 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\ServiceState
2024-12-28 10:13 - 2023-10-14 15:44 - 000012288 ___SH C:\DumpStack.log.tmp
2024-12-28 10:13 - 2022-05-07 00:17 - 000786432 _____ C:\Windows\system32\config\BBI
2024-12-27 16:59 - 2024-02-29 21:34 - 000013774 _____ C:\Users\Admin\Documents\settings.dat
2024-12-27 16:59 - 2024-02-29 21:34 - 000001064 _____ C:\Users\Admin\Documents\Playlist.spl
2024-12-27 16:59 - 2024-02-29 21:34 - 000000060 _____ C:\Users\Admin\Documents\SingerPlaylist.spl
2024-12-27 16:55 - 2024-02-29 21:33 - 000000808 _____ C:\Users\Admin\Documents\updates.dat
==================== Fichiers à la racine de certains dossiers ========
2024-04-13 18:29 - 2024-04-13 18:29 - 000001926 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Admin (administrateur) sur DANIEL (LENOVO 20EN0013CA) (25-01-2025 08:18:03)
Exécuté depuis C:\Users\Admin\Desktop\FRST64.exe
Profils chargés: Admin
Plate-forme: Microsoft Windows 11 Professionnel Version 22H2 22621.4317 (X64) Langue: Français (Canada)
Navigateur par défaut: "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" -noautoupdate -- "%1"
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(cmd.exe ->) (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\Admin\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FNCC3C~1.INF\driver\shtctky.exe
(DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FNCC3C~1.INF\driver\tposd.exe
(explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.ScreenSketch_11.2409.25.0_x64__8wekyb3d8bbwe\SnippingTool\SnippingTool.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office16\ONENOTEM.EXE
(explorer.exe ->) (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\igfxEM.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Dism\DismHost.exe <5>
(Opera Norway AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_d4f47df9c2216d4d\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\EasyResume.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(services.exe ->) (Microsoft Corporation -> MSPCManagerService) C:\Program Files\WindowsApps\Microsoft.MicrosoftPCManager_3.15.5.0_x64__8wekyb3d8bbwe\PCManager\MSPCManagerService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_b72b32629cc698ac\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_b72b32629cc698ac\NVWMI\nvWmi64.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24112.22.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftTeams_24348.802.3311.5092_x64__8wekyb3d8bbwe\msteamsupdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.127\Installer\setup.exe [6905896 2025-01-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3187660612-677162194-1757115519-1001\...\Run: [Opera Stable] => C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe [1622424 2025-01-23] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-3187660612-677162194-1757115519-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45381424 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\132.0.6834.110\Installer\chrmstp.exe [2025-01-23] (Google LLC -> Google LLC)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2025-01-13]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {CA972CAB-1F36-478E-9E62-0078142408D6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {39678489-3393-460D-8EB9-40B0341CA200} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-12-04] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {E78359EE-79BE-4F1F-AA78-4F474F97133E} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-12-04] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "9499b11f-c041-437a-8725-5cf09398b67e" --version "6.31.11415" --silent
Task: {231FA8DD-1DE5-4692-90B5-0082BCB0B957} - System32\Tasks\CCleanerSkipUAC - Admin => C:\Program Files\CCleaner\CCleaner.exe [39151920 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {4AE7E874-20E2-49E0-80E4-4B37E7366A27} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Admin\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15204208 2024-12-21] (ESET, spol. s r.o. -> ESET)
Task: {293012F3-7C0C-4EBF-BB73-D31194F471D5} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Admin\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15204208 2024-12-21] (ESET, spol. s r.o. -> ESET)
Task: {E5326137-B782-4FFC-A16A-3D8D194B97D2} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{382DD3B9-4E08-4BCD-AEF5-D98D38BF264B} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {E126FE1E-D0FB-4028-B015-8DBFDD1EB6AE} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3187660612-677162194-1757115519-1001 => C:\Users\Admin\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88584 2024-05-17] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {63BB2159-B2E7-4D5C-9A0D-61EA22C97766} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [129368 2024-06-27] (Lenovo -> Lenovo)
Task: {7BFB9A3D-6A6C-4E4E-8973-D1ACA474799D} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\PowerMgrInst.exe [65016 2022-12-05] (Lenovo -> )
Task: {4183B3C7-00F4-4144-9B97-75E2C67FB75F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Pas de fichier)
Task: {5A2A9260-8B6B-4CF3-81CA-C548150D187C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {75CA1E19-CDD3-49D7-AA8F-0C3E23BEC320} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier)
Task: {669ED19B-FC77-41B8-AFF5-41FC224D5975} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {30B42BA4-E223-4DA6-9B69-831CB8291A61} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {38A4588F-0431-4A1C-96BB-E44143D90F13} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DF588EF7-04B9-46E8-8FDA-CD9F68CDBAC5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E526DBCC-FEF7-4342-BB76-4B39AAD572EF} - System32\Tasks\Opera scheduled Autoupdate 1698617315 => C:\Users\Admin\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5656472 2025-01-21] (Opera Norway AS -> Opera Software)
Task: {FFFC40D7-E7C3-4047-9A2E-2CE9AA60F806} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618088 2020-07-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E7278A27-9E50-424D-B19C-E150A35B0C53} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618088 2020-07-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {62DF8173-42A0-4BAD-B232-459BCCFEFFD9} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904536 2024-07-15] (Lenovo -> )
Task: {7C83D10F-E1F7-46A2-8ED0-CE27EF4100B6} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904536 2024-07-15] (Lenovo -> )
Task: {0B692027-3414-493D-ADC9-EBF63314FEAF} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-3187660612-677162194-1757115519-1001 => C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe [435000 2025-01-19] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}\2454C4C4231373: [DhcpNameServer] 192.168.2.1 207.164.234.129
Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}\2454C4C4231373: [DhcpDomain] home
Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}\348616C65647: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}\34E40294E66796479E37: [DhcpNameServer] 192.168.1.8
Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}\34E40294E66796479E37: [DhcpDomain] home
Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}\355727563547169705C6573725F616E6F6B656251607964637: [DhcpNameServer] 1.1.1.1 1.0.0.1
Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}\D4162736D214E6462756: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}\D4162736D214E6462756: [DhcpDomain] hsd1.fl.comcast.net
Edge:
=======
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-20]
Edge Extension: (Google Documents hors connexion) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-27]
Edge Extension: (Edge relevant text changes) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-25]
Edge Extension: (Gestionnaire de mots de passe RoboForm) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ljfpcifpgbbchoddpjefaipoiigpdmag [2024-12-27]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-12-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2025-01-20]
CHR StartupUrls: Default -> "hxxps://www.google.ca/"
CHR DefaultSearchURL: Default -> hxxps://ca.search.yahoo.com/search?fr=mcafee&type=E210CA91166G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://ca.search.yahoo.com/sugg/gossip/gossip-ca-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-12-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-20]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-14]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-3187660612-677162194-1757115519-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.)
R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 Lenovo Instant On; C:\Windows\SysWOW64\EasyResume.exe [2352344 2022-12-05] (Lenovo -> Lenovo Group Limited)
S2 LPlatSvc; C:\Windows\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9441760 2024-12-18] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-01-13] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_b72b32629cc698ac\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVWMI; C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_b72b32629cc698ac\NVWMI\nvWmi64.exe [4513312 2024-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PCManager Service Store; C:\Program Files\WindowsApps\Microsoft.MicrosoftPCManager_3.15.5.0_x64__8wekyb3d8bbwe\PCManager\MSPCManagerService.exe [83504 2025-01-22] (Microsoft Corporation -> MSPCManagerService)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [530448 2024-09-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 SynaHlp; C:\Windows\System32\SynaHelperService.exe [254920 2022-01-18] (Synaptics Incorporated -> Synaptics Incorporated.)
R2 TPHKLOAD; C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\TPHKLOAD.exe [473760 2021-10-22] (Lenovo -> Lenovo Group Limited)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [188416 2023-11-17] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-11-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2024-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKslb402295a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{576180D1-D18C-4CAF-A23F-FA705ED2E0E7}\MpKslDrv.sys [267552 2025-01-25] (Microsoft Windows -> Microsoft Corporation)
R0 PMDRVS; C:\Windows\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22104 2024-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [606624 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-01-25 08:18 - 2025-01-25 08:19 - 000023323 _____ C:\Users\Admin\Desktop\FRST.txt
2025-01-25 08:17 - 2025-01-25 08:18 - 000000000 ____D C:\FRST
2025-01-25 08:16 - 2025-01-25 08:16 - 002403328 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2025-01-25 08:16 - 2025-01-25 08:16 - 000000000 ____D C:\Users\Admin\Desktop\Désinfection jan2024
2025-01-19 07:29 - 2025-01-19 07:29 - 000000000 ____D C:\Users\Admin\AppData\Local\Windows Master Store
2025-01-19 06:45 - 2025-01-19 06:45 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2025-01-09 10:41 - 2025-01-09 10:43 - 000000000 ____D C:\Users\Admin\Desktop\Test GPS USA
2025-01-04 17:40 - 2025-01-04 17:49 - 2436600032 ____R C:\Users\Admin\Desktop\[ Torrent911.eu ] Harold.And.The.Purple.Crayon.2024.French.Vfq.720P.WEBRIP.mkv
2024-12-31 14:32 - 2024-12-31 14:32 - 000000000 ____D C:\Users\Admin\Desktop\KIA GPS
2024-12-31 14:31 - 2025-01-19 06:51 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Navigation Updater
2024-12-31 14:31 - 2024-12-31 14:32 - 000000000 ____D C:\Program Files (x86)\Navigation Updater
2024-12-31 14:31 - 2024-12-31 14:31 - 000001322 _____ C:\Users\Admin\Desktop\Navigation Updater.lnk
2024-12-31 14:31 - 2024-12-31 14:31 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigation Updater
2024-12-31 14:30 - 2024-12-31 14:31 - 000000000 ____D C:\Users\Admin\AppData\Local\Temp.p19052
2024-12-31 14:20 - 2024-12-31 14:29 - 000000000 ____D C:\Users\Admin\Desktop\GPS et Radio Sorento
2024-12-31 09:26 - 2024-12-31 14:12 - 000000000 ____D C:\Users\Admin\Desktop\Sonic
2024-12-30 20:10 - 2024-12-30 20:10 - 000000000 ____D C:\Users\Admin\AppData\Roaming\NVIDIA
2024-12-30 20:10 - 2024-12-30 20:10 - 000000000 ____D C:\Users\Admin\AppData\Local\Avatarify
2024-12-30 19:56 - 2024-12-30 20:23 - 000000000 ____D C:\Users\Admin\.avatarify
2024-12-30 19:49 - 2024-12-30 19:49 - 103980269 _____ C:\Users\Admin\Downloads\Avatarify_Desktop_v0.10.exe.opdownload
2024-12-30 18:23 - 2024-12-30 19:35 - 000000000 ____D C:\Users\Admin\Desktop\Photo Famille Kelly
2024-12-29 09:59 - 2024-12-29 10:00 - 000000000 ____D C:\Users\Admin\Desktop\Karaoké
2024-12-29 09:53 - 2024-12-31 07:40 - 000000000 ____D C:\Users\Admin\Desktop\Innondation Chalet
2024-12-29 09:45 - 2024-12-29 09:45 - 001385379 _____ C:\Users\Admin\Desktop\Vérification Avant Départ 0808353.pdf
2024-12-28 10:21 - 2024-12-28 10:21 - 000769638 _____ C:\Windows\system32\perfh00C.dat
2024-12-28 10:21 - 2024-12-28 10:21 - 000146638 _____ C:\Windows\system32\perfc00C.dat
2024-12-28 10:10 - 2024-12-28 10:10 - 000022552 _____ C:\Users\Admin\Downloads\Long&McQuade.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-01-25 08:11 - 2022-05-07 00:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-25 07:58 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SystemTemp
2025-01-25 07:31 - 2022-05-07 00:24 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-25 07:31 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\AppReadiness
2025-01-25 07:30 - 2023-10-14 15:44 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-01-23 09:21 - 2023-10-29 17:08 - 000004238 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1698617315
2025-01-23 09:21 - 2023-10-29 17:08 - 000001386 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2025-01-23 09:20 - 2023-10-14 18:10 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-01-22 08:06 - 2023-10-29 17:50 - 000000000 ____D C:\Users\Admin\Desktop\Raccourcis du Bureau
2025-01-21 11:36 - 2023-10-14 16:56 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2025-01-20 07:42 - 2023-11-19 15:37 - 000000000 ____D C:\Users\Admin\AppData\Local\Malwarebytes
2025-01-20 07:34 - 2023-11-30 08:02 - 000000000 ____D C:\Program Files\CCleaner
2025-01-20 07:33 - 2023-11-21 16:21 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2025-01-20 07:33 - 2023-10-30 07:05 - 000000000 ____D C:\Users\Admin\AppData\Roaming\utorrent
2025-01-19 16:38 - 2024-11-14 12:10 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Zoom
2025-01-19 11:19 - 2022-05-07 00:22 - 000000000 ____D C:\Windows\INF
2025-01-19 11:12 - 2024-12-21 12:30 - 000003840 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2025-01-19 11:12 - 2024-12-21 12:30 - 000003398 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2025-01-19 11:12 - 2024-12-21 09:00 - 000001378 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2025-01-19 11:10 - 2024-12-21 09:00 - 000001272 _____ C:\Users\Admin\Desktop\ESET Online Scanner.lnk
2025-01-19 07:25 - 2023-10-14 15:45 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-01-19 07:24 - 2024-11-11 10:01 - 000000000 ____D C:\ProgramData\Windows Master Store
2025-01-19 06:45 - 2024-11-14 12:11 - 000004250 _____ C:\Windows\system32\Tasks\ZoomUpdateTaskUser-S-1-5-21-3187660612-677162194-1757115519-1001
2025-01-16 06:38 - 2023-10-14 16:59 - 000000000 ____D C:\Windows\system32\MRT
2025-01-16 06:18 - 2023-10-14 16:59 - 206927936 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2025-01-13 12:06 - 2024-05-27 06:49 - 000000000 ____D C:\Users\Admin\Desktop\A vendre
2025-01-11 09:38 - 2023-10-14 15:47 - 000000000 ____D C:\ProgramData\Packages
2025-01-09 07:41 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\SecurityHealth
2025-01-04 21:04 - 2023-11-21 09:14 - 000000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2025-01-04 17:38 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\LiveKernelReports
2025-01-01 12:21 - 2023-10-30 07:06 - 000000000 ____D C:\Users\Admin\AppData\Local\BitTorrentHelper
2025-01-01 06:39 - 2023-10-14 16:56 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2024-12-31 07:40 - 2023-10-14 16:54 - 000000000 ____D C:\Users\Admin
2024-12-30 20:10 - 2024-01-08 15:45 - 000000000 ____D C:\Users\Admin\AppData\Local\cache
2024-12-29 09:49 - 2024-02-23 07:04 - 000000000 ____D C:\Users\Admin\Desktop\IPTV
2024-12-29 09:46 - 2023-10-31 07:07 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Word
2024-12-29 09:45 - 2023-12-04 06:44 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Excel
2024-12-28 10:21 - 2023-10-14 15:54 - 001710106 _____ C:\Windows\system32\PerfStringBackup.INI
2024-12-28 10:14 - 2023-10-14 17:03 - 000000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2024-12-28 10:14 - 2023-10-14 15:55 - 000000000 ____D C:\ProgramData\NVIDIA
2024-12-28 10:14 - 2023-10-14 15:44 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-12-28 10:14 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\ServiceState
2024-12-28 10:13 - 2023-10-14 15:44 - 000012288 ___SH C:\DumpStack.log.tmp
2024-12-28 10:13 - 2022-05-07 00:17 - 000786432 _____ C:\Windows\system32\config\BBI
2024-12-27 16:59 - 2024-02-29 21:34 - 000013774 _____ C:\Users\Admin\Documents\settings.dat
2024-12-27 16:59 - 2024-02-29 21:34 - 000001064 _____ C:\Users\Admin\Documents\Playlist.spl
2024-12-27 16:59 - 2024-02-29 21:34 - 000000060 _____ C:\Users\Admin\Documents\SingerPlaylist.spl
2024-12-27 16:55 - 2024-02-29 21:33 - 000000808 _____ C:\Users\Admin\Documents\updates.dat
==================== Fichiers à la racine de certains dossiers ========
2024-04-13 18:29 - 2024-04-13 18:29 - 000001926 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================