Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 25-02-2025
Exécuté par Administrateur (administrateur) sur FURBIFY-M83STIL (Dell Inc. Latitude 7490) (25-02-2025 21:32:09)
Exécuté depuis C:\Users\Administrateur\Downloads\FRST64.exe
Profils chargés: Administrateur
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.5487 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(Canva -> Canva Pty Ltd) C:\Users\Administrateur\AppData\Local\Programs\Canva\Canva.exe <2>
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <46>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.82\identity_helper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Administrateur\AppData\Local\Microsoft\OneDrive\25.015.0126.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2412.6.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102816 2021-01-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618096 2021-01-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1236688 2020-12-04] (Waves Inc -> Waves Audio Ltd.)
HKU\S-1-5-21-4129506294-4085421929-2474275141-500\...\Run: [Spotify] => C:\Users\Administrateur\AppData\Roaming\Spotify\Spotify.exe [36101960 2025-01-05] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-4129506294-4085421929-2474275141-500\...\Run: [CanvaAutoLaunchAvailabilityCheckAgent] => C:\Users\Administrateur\AppData\Local\Programs\Canva\Canva.exe [186741968 2025-01-20] (Canva -> Canva Pty Ltd)
HKU\S-1-5-21-4129506294-4085421929-2474275141-500\...\Run: [MicrosoftEdgeAutoLaunch_9987CEAFA1939BF8A5BD47FB8E54B0C5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4088384 2025-02-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4129506294-4085421929-2474275141-500\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45452080 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
HKLM\...\Windows x64\Print Processors\Canon MG6800 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCR.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG6800 series: C:\windows\system32\CNMLMCR.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {786CCB2C-9BB1-4709-ABC7-702610D45ED5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {5F5FD0C4-295B-4B40-93E1-D4AC824E363C} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6139696 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "d96dd657-2eb5-4ef1-8d9a-75433f238f61" --version "6.33.0.11465" --silent
Task: {E7D48E26-8622-43F3-B1A3-C16D7D6D06AB} - System32\Tasks\CCleanerSkipUAC - Administrateur => C:\Program Files\CCleaner\CCleaner.exe [39224624 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {0292F8D8-31ED-4B1A-983D-84944584C47B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8C551614-A58F-4015-9FAC-C6D023EDBCA7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7DA564D8-2F42-457D-AAA9-E7B8E9F4DB9A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A01568D1-677A-40FA-A141-868A8FD89032} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{11460e64-2522-4530-8e89-c265061aa12b}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{11460e64-2522-4530-8e89-c265061aa12b}\6427565626F687D2636333644463: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{24b0c4a9-c3ae-4aaf-b1ef-3ed8924d4e05}: [DhcpNameServer] 1.1.1.3 1.0.0.3 8.8.8.8 1.1.1.1 172.16.70.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Administrateur\AppData\Local\Microsoft\Edge\User Data\Default [2025-02-25]
Edge Notifications: Default -> hxxps://2ntrfi.sucemailagly.co.in; hxxps://ehbvqzxh.aharapsionsess.co.in; hxxps://rokinat.co.in; hxxps://sucemailagly.co.in
Edge Extension: (Google Docs hors connexion) - C:\Users\Administrateur\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-24]
Edge Extension: (Edge relevant text changes) - C:\Users\Administrateur\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-08-11]
Edge Profile: C:\Users\Administrateur\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2024-08-11]
Edge Extension: (Google Docs hors connexion) - C:\Users\Administrateur\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-08-11]
Edge Extension: (Edge relevant text changes) - C:\Users\Administrateur\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-08-11]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 ApHidMonitorService; C:\windows\system32\DellTPad\HidMonitorSvc.exe [894880 2021-05-24] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1088816 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
S2 ETActiveSteeringHelper; C:\windows\Ethertronics\ETservice.exe [407376 2019-02-12] (Ethertronics, Inc -> Ethertronics, Inc.)
S2 hostcontrolsvc; C:\windows\System32\HostControlService.exe [815616 2022-06-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
S2 hoststoragesvc; C:\windows\System32\HostStorageService.exe [161280 2022-06-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-11-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ushupgradesvc; C:\windows\System32\UshUpgradeService.exe [265728 2022-06-07] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 ApHidfiltrService; C:\windows\System32\drivers\ApHidfiltrSW.sys [362512 2021-05-24] (WDKTestCert CHT1HTSH3180,132475688214743128 -> ALPSALPINE Co., Ltd.)
R3 bcmnfcusb; C:\windows\System32\drivers\bcmnfcusb.sys [50016 2022-06-07] (Broadcom Corporation -> Broadcom Corporation.)
R3 e1dexpress; C:\windows\System32\DriverStore\FileRepository\e1d.inf_amd64_a9790eceb25abaff\e1d.sys [622160 2024-05-22] (Intel Corporation -> Intel Corporation)
S3 ETActiveSteering; C:\windows\System32\drivers\ETActiveSteering.sys [53584 2019-02-12] (Ethertronics, Inc -> Ethertronics I2C driver for ASA)
S3 mosuport; C:\windows\System32\drivers\mosuport.sys [262144 2022-04-07] (Microsoft Windows Hardware Compatibility Publisher -> ASIX Electronics Corporation)
R3 MpKsl37a10e58; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{14C5A2EE-2A5F-4BE2-8534-47E60A7BF9B4}\MpKslDrv.sys [278944 2025-02-25] (Microsoft Windows -> Microsoft Corporation)
S3 swmbbser05; C:\windows\System32\drivers\swmbbser05.sys [288112 2022-06-07] (Sierra Wireless, Inc -> Sierra Wireless Incorporated)
R3 wbfcvusbdrv; C:\windows\System32\Drivers\wbfcvusbdrv.sys [20320 2022-06-07] (Broadcom Corporation -> Broadcom Corporation)
S0 WdBoot; C:\windows\System32\drivers\wd\WdBoot.sys [22104 2024-11-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\wd\WdFilter.sys [606624 2024-11-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-11-02] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-02-25 21:32 - 2025-02-25 21:34 - 000014930 _____ C:\Users\Administrateur\Downloads\FRST.txt
2025-02-25 21:31 - 2025-02-25 21:33 - 000000000 ____D C:\FRST
2025-02-25 21:30 - 2025-02-25 21:31 - 002403840 _____ (Farbar) C:\Users\Administrateur\Downloads\FRST64.exe
2025-02-25 21:21 - 2025-02-25 21:21 - 000120676 _____ C:\Users\Administrateur\Desktop\ZHPDiag.txt
2025-02-25 21:13 - 2025-02-25 21:21 - 000000000 ____D C:\Users\Administrateur\AppData\Roaming\ZHP
2025-02-25 21:13 - 2025-02-25 21:13 - 000000930 _____ C:\Users\Administrateur\Desktop\ZHPSuite.lnk
2025-02-25 21:13 - 2025-02-25 21:13 - 000000000 ____D C:\Users\Administrateur\AppData\Local\ZHP
2025-02-25 21:11 - 2025-02-25 21:12 - 003540680 _____ (Nicolas Coolman) C:\Users\Administrateur\Downloads\ZHPSuite (2).exe
2025-02-25 21:10 - 2025-02-25 21:10 - 003540680 _____ (Nicolas Coolman) C:\Users\Administrateur\Downloads\Non confirmé 24522.crdownload
2025-02-25 21:09 - 2025-02-25 21:09 - 002361856 _____ C:\Users\Administrateur\Downloads\PDFSmartKit.msi
2025-02-25 21:08 - 2025-02-25 21:08 - 003540680 _____ (Nicolas Coolman) C:\Users\Administrateur\Downloads\Non confirmé 58801.crdownload
2025-02-23 19:25 - 2025-02-23 19:25 - 000000000 ____D C:\ProgramData\Piriform
2025-02-23 19:22 - 2025-02-25 21:05 - 000003326 _____ C:\windows\system32\Tasks\CCleanerCrashReporting
2025-02-23 19:22 - 2025-02-25 21:05 - 000000670 _____ C:\windows\Tasks\CCleanerCrashReporting.job
2025-02-23 19:22 - 2025-02-25 21:03 - 000000000 ____D C:\Program Files\CCleaner
2025-02-23 19:22 - 2025-02-23 19:22 - 000003936 _____ C:\windows\system32\Tasks\CCleaner Update
2025-02-23 19:22 - 2025-02-23 19:22 - 000002940 _____ C:\windows\system32\Tasks\CCleanerSkipUAC - Administrateur
2025-02-23 19:22 - 2025-02-23 19:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2025-02-23 19:21 - 2025-02-23 19:22 - 087434488 _____ (Gen Digital Inc.) C:\Users\Administrateur\Downloads\ccsetup633.exe
2025-02-23 19:19 - 2025-02-23 19:19 - 008790880 _____ (Malwarebytes) C:\Users\Administrateur\Downloads\adwcleaner (1).exe
2025-02-23 19:18 - 2025-02-23 19:18 - 008790880 _____ (Malwarebytes) C:\Users\Administrateur\Downloads\adwcleaner.exe
2025-02-23 19:11 - 2025-02-23 19:12 - 000000000 ____D C:\AdwCleaner
2025-02-23 19:10 - 2025-02-23 19:11 - 008790880 _____ (Malwarebytes) C:\Users\Administrateur\Downloads\adwcleaner_8.4.2.exe
2025-02-23 14:36 - 2025-02-23 14:36 - 000000000 ____D C:\Users\Administrateur\AppData\Roaming\Microsoft\MMC
2025-02-19 15:42 - 2025-02-19 15:43 - 002018148 _____ C:\windows\Minidump\021925-14078-01.dmp
2025-02-18 21:17 - 2025-02-18 21:17 - 000000000 ___HD C:\$WinREAgent
2025-01-24 20:05 - 2025-01-24 20:05 - 000000000 ___HD C:\ProgramData\CanonBJ
2025-01-12 14:15 - 2025-01-12 14:15 - 002571844 _____ C:\windows\Minidump\011225-14656-01.dmp
2025-01-06 22:49 - 2025-01-06 22:49 - 000000000 ____D C:\Users\Administrateur\AppData\Local\Bytedance
2025-01-06 22:45 - 2025-01-06 22:45 - 000000000 ____D C:\Users\Administrateur\AppData\Roaming\mssdk
2025-01-06 22:45 - 2025-01-06 22:45 - 000000000 ____D C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CapCut
2025-01-06 22:45 - 2025-01-06 22:45 - 000000000 ____D C:\Users\Administrateur\AppData\Local\VEDetector
2025-01-06 22:43 - 2025-01-06 22:45 - 000001373 _____ C:\Users\Administrateur\Desktop\CapCut.lnk
2025-01-06 22:43 - 2025-01-06 22:43 - 002313024 _____ C:\Users\Administrateur\Downloads\CapCut_7418993466610597943_installer.exe
2025-01-06 22:42 - 2025-01-06 22:44 - 000000000 ____D C:\Users\Administrateur\AppData\Local\CapCut
2025-01-06 22:38 - 2025-02-25 21:03 - 000000000 ____D C:\Users\Administrateur\AppData\Roaming\Canva
2025-01-06 18:11 - 2025-01-24 16:06 - 000000000 ____D C:\Users\Administrateur\AppData\Local\canva-updater
2025-01-06 18:11 - 2025-01-06 18:11 - 000002265 _____ C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Canva.lnk
2025-01-06 18:11 - 2025-01-06 18:11 - 000002257 _____ C:\Users\Administrateur\Desktop\Canva.lnk
2025-01-04 15:00 - 2025-01-04 15:00 - 000862444 _____ C:\Users\Administrateur\Downloads\backgrounds.html
2025-01-04 15:00 - 2025-01-04 15:00 - 000000000 ____D C:\Users\Administrateur\Downloads\backgrounds_files
2024-12-16 20:32 - 2024-12-16 20:32 - 000022205 _____ C:\windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-12-16 20:31 - 2024-12-16 20:31 - 000022205 _____ C:\windows\system32\IntegratedServicesRegionPolicySet.json
2024-12-01 16:25 - 2025-01-04 20:24 - 000000000 ____D C:\Users\Administrateur\Desktop\M&M'S
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-02-25 21:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-02-25 21:08 - 2019-12-07 10:14 - 000000000 ____D C:\windows\AppReadiness
2025-02-25 21:05 - 2024-07-15 10:22 - 000000000 ___RD C:\Users\Administrateur\OneDrive
2025-02-25 21:04 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-02-25 21:03 - 2024-08-19 21:15 - 000000000 ___RD C:\Users\Administrateur\iCloudDrive
2025-02-23 19:24 - 2019-12-07 10:13 - 000000000 ____D C:\windows\INF
2025-02-23 19:05 - 2024-07-15 10:20 - 000000000 __SHD C:\Users\Administrateur\IntelGraphicsProfiles
2025-02-23 16:12 - 2024-07-15 08:16 - 000000000 ____D C:\windows\system32\SleepStudy
2025-02-23 14:32 - 2019-12-07 10:14 - 000000000 ____D C:\windows\LiveKernelReports
2025-02-23 14:28 - 2024-07-15 08:17 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-02-20 21:26 - 2024-07-15 10:20 - 000002451 _____ C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-02-19 16:25 - 2024-07-15 10:20 - 000000000 ____D C:\Users\Administrateur
2025-02-19 15:56 - 2024-09-29 18:39 - 000000000 ____D C:\Users\Administrateur\Desktop\devoirs
2025-02-19 15:47 - 2024-07-15 10:23 - 001681374 _____ C:\windows\system32\PerfStringBackup.INI
2025-02-19 15:47 - 2019-12-07 15:50 - 000758068 _____ C:\windows\system32\perfh00C.dat
2025-02-19 15:47 - 2019-12-07 15:50 - 000142822 _____ C:\windows\system32\perfc00C.dat
2025-02-19 15:43 - 2024-11-13 16:29 - 000000000 ____D C:\windows\Minidump
2025-02-19 15:43 - 2024-07-15 08:17 - 000045819 _____ C:\windows\system32\CVFirmwareUpgradeLog.txt
2025-02-19 15:42 - 2024-11-13 16:29 - 1409531456 _____ C:\windows\MEMORY.DMP
2025-02-19 15:42 - 2024-07-15 18:16 - 000000000 ____D C:\Intel
2025-02-19 15:42 - 2024-07-15 08:17 - 000000006 ____H C:\windows\Tasks\SA.DAT
2025-02-19 15:42 - 2024-07-15 08:16 - 000008192 ___SH C:\DumpStack.log.tmp
2025-02-19 15:42 - 2019-12-07 10:14 - 000000000 ____D C:\windows\ServiceState
2025-02-19 15:15 - 2024-07-15 10:20 - 000000000 ____D C:\Users\Administrateur\AppData\Local\D3DSCache
2025-02-18 21:47 - 2019-12-07 10:03 - 000786432 _____ C:\windows\system32\config\BBI
2025-02-18 21:46 - 2024-07-15 08:16 - 000268240 _____ C:\windows\system32\FNTCACHE.DAT
2025-02-18 21:45 - 2024-08-19 17:36 - 000000000 ____D C:\windows\system32\compatrel
2025-02-18 21:45 - 2024-07-15 08:16 - 000001591 _____ C:\windows\system32\config\VSMIDK
2025-02-18 21:45 - 2023-12-04 03:53 - 000000000 ____D C:\windows\SystemTemp
2025-02-18 21:45 - 2023-12-04 03:53 - 000000000 ____D C:\windows\InboxApps
2025-02-18 21:45 - 2019-12-07 10:14 - 000000000 ___RD C:\windows\ImmersiveControlPanel
2025-02-18 21:45 - 2019-12-07 10:14 - 000000000 ____D C:\windows\SysWOW64\setup
2025-02-18 21:45 - 2019-12-07 10:14 - 000000000 ____D C:\windows\SystemResources
2025-02-18 21:45 - 2019-12-07 10:14 - 000000000 ____D C:\windows\system32\setup
2025-02-18 21:45 - 2019-12-07 10:14 - 000000000 ____D C:\windows\system32\oobe
2025-02-18 21:45 - 2019-12-07 10:14 - 000000000 ____D C:\windows\ShellExperiences
2025-02-18 21:45 - 2019-12-07 10:14 - 000000000 ____D C:\windows\bcastdvr
2025-02-18 21:45 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2025-02-18 21:45 - 2019-12-07 10:03 - 000000000 ____D C:\windows\servicing
2025-02-18 21:24 - 2019-12-07 10:03 - 000000000 ____D C:\windows\CbsTemp
2025-02-18 21:22 - 2024-07-15 10:19 - 003016192 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
2025-02-18 21:17 - 2024-08-19 15:36 - 000000000 ____D C:\windows\system32\MRT
2025-02-18 21:17 - 2024-07-15 08:17 - 000000000 ____D C:\windows\SysWOW64\sda
2025-02-18 21:15 - 2024-08-19 15:36 - 209365816 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
==================== SigCheckExt =========================
2025-02-25 21:30 - 2025-02-25 21:31 - 002403840 _____ (Farbar) C:\Users\Administrateur\Downloads\FRST64.exe
2025-02-25 21:11 - 2025-02-25 21:12 - 003540680 _____ (Nicolas Coolman) C:\Users\Administrateur\Downloads\ZHPSuite (2).exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{b6b5b8f2-42cd-11ef-b37f-c8f7502bdf67}
{b6b5b8f3-42cd-11ef-b37f-c8f7502bdf67}
timeout 2
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {b6b5b8f4-42cd-11ef-b37f-c8f7502bdf67}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {b6b5b8f2-42cd-11ef-b37f-c8f7502bdf67}
description Onboard NIC(IPV4)
Application logicielle (101fffff)
--------------------------------
identificateur {b6b5b8f3-42cd-11ef-b37f-c8f7502bdf67}
description Onboard NIC(IPV6)
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \windows\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {b6b5b8f6-42cd-11ef-b37f-c8f7502bdf67}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \windows
resumeobject {b6b5b8f4-42cd-11ef-b37f-c8f7502bdf67}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {b6b5b8f6-42cd-11ef-b37f-c8f7502bdf67}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{b6b5b8f7-42cd-11ef-b37f-c8f7502bdf67}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-fr
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{b6b5b8f7-42cd-11ef-b37f-c8f7502bdf67}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {b6b5b8f4-42cd-11ef-b37f-c8f7502bdf67}
device partition=C:
path \windows\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {b6b5b8f6-42cd-11ef-b37f-c8f7502bdf67}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {b6b5b8f7-42cd-11ef-b37f-c8f7502bdf67}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par Administrateur (administrateur) sur FURBIFY-M83STIL (Dell Inc. Latitude 7490) (25-02-2025 21:32:09)
Exécuté depuis C:\Users\Administrateur\Downloads\FRST64.exe
Profils chargés: Administrateur
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.5487 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(Canva -> Canva Pty Ltd) C:\Users\Administrateur\AppData\Local\Programs\Canva\Canva.exe <2>
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <46>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.82\identity_helper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Administrateur\AppData\Local\Microsoft\OneDrive\25.015.0126.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2412.6.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102816 2021-01-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618096 2021-01-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1236688 2020-12-04] (Waves Inc -> Waves Audio Ltd.)
HKU\S-1-5-21-4129506294-4085421929-2474275141-500\...\Run: [Spotify] => C:\Users\Administrateur\AppData\Roaming\Spotify\Spotify.exe [36101960 2025-01-05] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-4129506294-4085421929-2474275141-500\...\Run: [CanvaAutoLaunchAvailabilityCheckAgent] => C:\Users\Administrateur\AppData\Local\Programs\Canva\Canva.exe [186741968 2025-01-20] (Canva -> Canva Pty Ltd)
HKU\S-1-5-21-4129506294-4085421929-2474275141-500\...\Run: [MicrosoftEdgeAutoLaunch_9987CEAFA1939BF8A5BD47FB8E54B0C5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4088384 2025-02-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4129506294-4085421929-2474275141-500\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45452080 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
HKLM\...\Windows x64\Print Processors\Canon MG6800 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCR.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG6800 series: C:\windows\system32\CNMLMCR.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {786CCB2C-9BB1-4709-ABC7-702610D45ED5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {5F5FD0C4-295B-4B40-93E1-D4AC824E363C} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6139696 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "d96dd657-2eb5-4ef1-8d9a-75433f238f61" --version "6.33.0.11465" --silent
Task: {E7D48E26-8622-43F3-B1A3-C16D7D6D06AB} - System32\Tasks\CCleanerSkipUAC - Administrateur => C:\Program Files\CCleaner\CCleaner.exe [39224624 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {0292F8D8-31ED-4B1A-983D-84944584C47B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8C551614-A58F-4015-9FAC-C6D023EDBCA7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7DA564D8-2F42-457D-AAA9-E7B8E9F4DB9A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A01568D1-677A-40FA-A141-868A8FD89032} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{11460e64-2522-4530-8e89-c265061aa12b}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{11460e64-2522-4530-8e89-c265061aa12b}\6427565626F687D2636333644463: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{24b0c4a9-c3ae-4aaf-b1ef-3ed8924d4e05}: [DhcpNameServer] 1.1.1.3 1.0.0.3 8.8.8.8 1.1.1.1 172.16.70.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Administrateur\AppData\Local\Microsoft\Edge\User Data\Default [2025-02-25]
Edge Notifications: Default -> hxxps://2ntrfi.sucemailagly.co.in; hxxps://ehbvqzxh.aharapsionsess.co.in; hxxps://rokinat.co.in; hxxps://sucemailagly.co.in
Edge Extension: (Google Docs hors connexion) - C:\Users\Administrateur\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-24]
Edge Extension: (Edge relevant text changes) - C:\Users\Administrateur\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-08-11]
Edge Profile: C:\Users\Administrateur\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2024-08-11]
Edge Extension: (Google Docs hors connexion) - C:\Users\Administrateur\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-08-11]
Edge Extension: (Edge relevant text changes) - C:\Users\Administrateur\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-08-11]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 ApHidMonitorService; C:\windows\system32\DellTPad\HidMonitorSvc.exe [894880 2021-05-24] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1088816 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
S2 ETActiveSteeringHelper; C:\windows\Ethertronics\ETservice.exe [407376 2019-02-12] (Ethertronics, Inc -> Ethertronics, Inc.)
S2 hostcontrolsvc; C:\windows\System32\HostControlService.exe [815616 2022-06-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
S2 hoststoragesvc; C:\windows\System32\HostStorageService.exe [161280 2022-06-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-11-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ushupgradesvc; C:\windows\System32\UshUpgradeService.exe [265728 2022-06-07] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 ApHidfiltrService; C:\windows\System32\drivers\ApHidfiltrSW.sys [362512 2021-05-24] (WDKTestCert CHT1HTSH3180,132475688214743128 -> ALPSALPINE Co., Ltd.)
R3 bcmnfcusb; C:\windows\System32\drivers\bcmnfcusb.sys [50016 2022-06-07] (Broadcom Corporation -> Broadcom Corporation.)
R3 e1dexpress; C:\windows\System32\DriverStore\FileRepository\e1d.inf_amd64_a9790eceb25abaff\e1d.sys [622160 2024-05-22] (Intel Corporation -> Intel Corporation)
S3 ETActiveSteering; C:\windows\System32\drivers\ETActiveSteering.sys [53584 2019-02-12] (Ethertronics, Inc -> Ethertronics I2C driver for ASA)
S3 mosuport; C:\windows\System32\drivers\mosuport.sys [262144 2022-04-07] (Microsoft Windows Hardware Compatibility Publisher -> ASIX Electronics Corporation)
R3 MpKsl37a10e58; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{14C5A2EE-2A5F-4BE2-8534-47E60A7BF9B4}\MpKslDrv.sys [278944 2025-02-25] (Microsoft Windows -> Microsoft Corporation)
S3 swmbbser05; C:\windows\System32\drivers\swmbbser05.sys [288112 2022-06-07] (Sierra Wireless, Inc -> Sierra Wireless Incorporated)
R3 wbfcvusbdrv; C:\windows\System32\Drivers\wbfcvusbdrv.sys [20320 2022-06-07] (Broadcom Corporation -> Broadcom Corporation)
S0 WdBoot; C:\windows\System32\drivers\wd\WdBoot.sys [22104 2024-11-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\wd\WdFilter.sys [606624 2024-11-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-11-02] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-02-25 21:32 - 2025-02-25 21:34 - 000014930 _____ C:\Users\Administrateur\Downloads\FRST.txt
2025-02-25 21:31 - 2025-02-25 21:33 - 000000000 ____D C:\FRST
2025-02-25 21:30 - 2025-02-25 21:31 - 002403840 _____ (Farbar) C:\Users\Administrateur\Downloads\FRST64.exe
2025-02-25 21:21 - 2025-02-25 21:21 - 000120676 _____ C:\Users\Administrateur\Desktop\ZHPDiag.txt
2025-02-25 21:13 - 2025-02-25 21:21 - 000000000 ____D C:\Users\Administrateur\AppData\Roaming\ZHP
2025-02-25 21:13 - 2025-02-25 21:13 - 000000930 _____ C:\Users\Administrateur\Desktop\ZHPSuite.lnk
2025-02-25 21:13 - 2025-02-25 21:13 - 000000000 ____D C:\Users\Administrateur\AppData\Local\ZHP
2025-02-25 21:11 - 2025-02-25 21:12 - 003540680 _____ (Nicolas Coolman) C:\Users\Administrateur\Downloads\ZHPSuite (2).exe
2025-02-25 21:10 - 2025-02-25 21:10 - 003540680 _____ (Nicolas Coolman) C:\Users\Administrateur\Downloads\Non confirmé 24522.crdownload
2025-02-25 21:09 - 2025-02-25 21:09 - 002361856 _____ C:\Users\Administrateur\Downloads\PDFSmartKit.msi
2025-02-25 21:08 - 2025-02-25 21:08 - 003540680 _____ (Nicolas Coolman) C:\Users\Administrateur\Downloads\Non confirmé 58801.crdownload
2025-02-23 19:25 - 2025-02-23 19:25 - 000000000 ____D C:\ProgramData\Piriform
2025-02-23 19:22 - 2025-02-25 21:05 - 000003326 _____ C:\windows\system32\Tasks\CCleanerCrashReporting
2025-02-23 19:22 - 2025-02-25 21:05 - 000000670 _____ C:\windows\Tasks\CCleanerCrashReporting.job
2025-02-23 19:22 - 2025-02-25 21:03 - 000000000 ____D C:\Program Files\CCleaner
2025-02-23 19:22 - 2025-02-23 19:22 - 000003936 _____ C:\windows\system32\Tasks\CCleaner Update
2025-02-23 19:22 - 2025-02-23 19:22 - 000002940 _____ C:\windows\system32\Tasks\CCleanerSkipUAC - Administrateur
2025-02-23 19:22 - 2025-02-23 19:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2025-02-23 19:21 - 2025-02-23 19:22 - 087434488 _____ (Gen Digital Inc.) C:\Users\Administrateur\Downloads\ccsetup633.exe
2025-02-23 19:19 - 2025-02-23 19:19 - 008790880 _____ (Malwarebytes) C:\Users\Administrateur\Downloads\adwcleaner (1).exe
2025-02-23 19:18 - 2025-02-23 19:18 - 008790880 _____ (Malwarebytes) C:\Users\Administrateur\Downloads\adwcleaner.exe
2025-02-23 19:11 - 2025-02-23 19:12 - 000000000 ____D C:\AdwCleaner
2025-02-23 19:10 - 2025-02-23 19:11 - 008790880 _____ (Malwarebytes) C:\Users\Administrateur\Downloads\adwcleaner_8.4.2.exe
2025-02-23 14:36 - 2025-02-23 14:36 - 000000000 ____D C:\Users\Administrateur\AppData\Roaming\Microsoft\MMC
2025-02-19 15:42 - 2025-02-19 15:43 - 002018148 _____ C:\windows\Minidump\021925-14078-01.dmp
2025-02-18 21:17 - 2025-02-18 21:17 - 000000000 ___HD C:\$WinREAgent
2025-01-24 20:05 - 2025-01-24 20:05 - 000000000 ___HD C:\ProgramData\CanonBJ
2025-01-12 14:15 - 2025-01-12 14:15 - 002571844 _____ C:\windows\Minidump\011225-14656-01.dmp
2025-01-06 22:49 - 2025-01-06 22:49 - 000000000 ____D C:\Users\Administrateur\AppData\Local\Bytedance
2025-01-06 22:45 - 2025-01-06 22:45 - 000000000 ____D C:\Users\Administrateur\AppData\Roaming\mssdk
2025-01-06 22:45 - 2025-01-06 22:45 - 000000000 ____D C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CapCut
2025-01-06 22:45 - 2025-01-06 22:45 - 000000000 ____D C:\Users\Administrateur\AppData\Local\VEDetector
2025-01-06 22:43 - 2025-01-06 22:45 - 000001373 _____ C:\Users\Administrateur\Desktop\CapCut.lnk
2025-01-06 22:43 - 2025-01-06 22:43 - 002313024 _____ C:\Users\Administrateur\Downloads\CapCut_7418993466610597943_installer.exe
2025-01-06 22:42 - 2025-01-06 22:44 - 000000000 ____D C:\Users\Administrateur\AppData\Local\CapCut
2025-01-06 22:38 - 2025-02-25 21:03 - 000000000 ____D C:\Users\Administrateur\AppData\Roaming\Canva
2025-01-06 18:11 - 2025-01-24 16:06 - 000000000 ____D C:\Users\Administrateur\AppData\Local\canva-updater
2025-01-06 18:11 - 2025-01-06 18:11 - 000002265 _____ C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Canva.lnk
2025-01-06 18:11 - 2025-01-06 18:11 - 000002257 _____ C:\Users\Administrateur\Desktop\Canva.lnk
2025-01-04 15:00 - 2025-01-04 15:00 - 000862444 _____ C:\Users\Administrateur\Downloads\backgrounds.html
2025-01-04 15:00 - 2025-01-04 15:00 - 000000000 ____D C:\Users\Administrateur\Downloads\backgrounds_files
2024-12-16 20:32 - 2024-12-16 20:32 - 000022205 _____ C:\windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-12-16 20:31 - 2024-12-16 20:31 - 000022205 _____ C:\windows\system32\IntegratedServicesRegionPolicySet.json
2024-12-01 16:25 - 2025-01-04 20:24 - 000000000 ____D C:\Users\Administrateur\Desktop\M&M'S
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-02-25 21:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-02-25 21:08 - 2019-12-07 10:14 - 000000000 ____D C:\windows\AppReadiness
2025-02-25 21:05 - 2024-07-15 10:22 - 000000000 ___RD C:\Users\Administrateur\OneDrive
2025-02-25 21:04 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-02-25 21:03 - 2024-08-19 21:15 - 000000000 ___RD C:\Users\Administrateur\iCloudDrive
2025-02-23 19:24 - 2019-12-07 10:13 - 000000000 ____D C:\windows\INF
2025-02-23 19:05 - 2024-07-15 10:20 - 000000000 __SHD C:\Users\Administrateur\IntelGraphicsProfiles
2025-02-23 16:12 - 2024-07-15 08:16 - 000000000 ____D C:\windows\system32\SleepStudy
2025-02-23 14:32 - 2019-12-07 10:14 - 000000000 ____D C:\windows\LiveKernelReports
2025-02-23 14:28 - 2024-07-15 08:17 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-02-20 21:26 - 2024-07-15 10:20 - 000002451 _____ C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-02-19 16:25 - 2024-07-15 10:20 - 000000000 ____D C:\Users\Administrateur
2025-02-19 15:56 - 2024-09-29 18:39 - 000000000 ____D C:\Users\Administrateur\Desktop\devoirs
2025-02-19 15:47 - 2024-07-15 10:23 - 001681374 _____ C:\windows\system32\PerfStringBackup.INI
2025-02-19 15:47 - 2019-12-07 15:50 - 000758068 _____ C:\windows\system32\perfh00C.dat
2025-02-19 15:47 - 2019-12-07 15:50 - 000142822 _____ C:\windows\system32\perfc00C.dat
2025-02-19 15:43 - 2024-11-13 16:29 - 000000000 ____D C:\windows\Minidump
2025-02-19 15:43 - 2024-07-15 08:17 - 000045819 _____ C:\windows\system32\CVFirmwareUpgradeLog.txt
2025-02-19 15:42 - 2024-11-13 16:29 - 1409531456 _____ C:\windows\MEMORY.DMP
2025-02-19 15:42 - 2024-07-15 18:16 - 000000000 ____D C:\Intel
2025-02-19 15:42 - 2024-07-15 08:17 - 000000006 ____H C:\windows\Tasks\SA.DAT
2025-02-19 15:42 - 2024-07-15 08:16 - 000008192 ___SH C:\DumpStack.log.tmp
2025-02-19 15:42 - 2019-12-07 10:14 - 000000000 ____D C:\windows\ServiceState
2025-02-19 15:15 - 2024-07-15 10:20 - 000000000 ____D C:\Users\Administrateur\AppData\Local\D3DSCache
2025-02-18 21:47 - 2019-12-07 10:03 - 000786432 _____ C:\windows\system32\config\BBI
2025-02-18 21:46 - 2024-07-15 08:16 - 000268240 _____ C:\windows\system32\FNTCACHE.DAT
2025-02-18 21:45 - 2024-08-19 17:36 - 000000000 ____D C:\windows\system32\compatrel
2025-02-18 21:45 - 2024-07-15 08:16 - 000001591 _____ C:\windows\system32\config\VSMIDK
2025-02-18 21:45 - 2023-12-04 03:53 - 000000000 ____D C:\windows\SystemTemp
2025-02-18 21:45 - 2023-12-04 03:53 - 000000000 ____D C:\windows\InboxApps
2025-02-18 21:45 - 2019-12-07 10:14 - 000000000 ___RD C:\windows\ImmersiveControlPanel
2025-02-18 21:45 - 2019-12-07 10:14 - 000000000 ____D C:\windows\SysWOW64\setup
2025-02-18 21:45 - 2019-12-07 10:14 - 000000000 ____D C:\windows\SystemResources
2025-02-18 21:45 - 2019-12-07 10:14 - 000000000 ____D C:\windows\system32\setup
2025-02-18 21:45 - 2019-12-07 10:14 - 000000000 ____D C:\windows\system32\oobe
2025-02-18 21:45 - 2019-12-07 10:14 - 000000000 ____D C:\windows\ShellExperiences
2025-02-18 21:45 - 2019-12-07 10:14 - 000000000 ____D C:\windows\bcastdvr
2025-02-18 21:45 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2025-02-18 21:45 - 2019-12-07 10:03 - 000000000 ____D C:\windows\servicing
2025-02-18 21:24 - 2019-12-07 10:03 - 000000000 ____D C:\windows\CbsTemp
2025-02-18 21:22 - 2024-07-15 10:19 - 003016192 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
2025-02-18 21:17 - 2024-08-19 15:36 - 000000000 ____D C:\windows\system32\MRT
2025-02-18 21:17 - 2024-07-15 08:17 - 000000000 ____D C:\windows\SysWOW64\sda
2025-02-18 21:15 - 2024-08-19 15:36 - 209365816 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
==================== SigCheckExt =========================
2025-02-25 21:30 - 2025-02-25 21:31 - 002403840 _____ (Farbar) C:\Users\Administrateur\Downloads\FRST64.exe
2025-02-25 21:11 - 2025-02-25 21:12 - 003540680 _____ (Nicolas Coolman) C:\Users\Administrateur\Downloads\ZHPSuite (2).exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{b6b5b8f2-42cd-11ef-b37f-c8f7502bdf67}
{b6b5b8f3-42cd-11ef-b37f-c8f7502bdf67}
timeout 2
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {b6b5b8f4-42cd-11ef-b37f-c8f7502bdf67}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {b6b5b8f2-42cd-11ef-b37f-c8f7502bdf67}
description Onboard NIC(IPV4)
Application logicielle (101fffff)
--------------------------------
identificateur {b6b5b8f3-42cd-11ef-b37f-c8f7502bdf67}
description Onboard NIC(IPV6)
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \windows\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {b6b5b8f6-42cd-11ef-b37f-c8f7502bdf67}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \windows
resumeobject {b6b5b8f4-42cd-11ef-b37f-c8f7502bdf67}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {b6b5b8f6-42cd-11ef-b37f-c8f7502bdf67}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{b6b5b8f7-42cd-11ef-b37f-c8f7502bdf67}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-fr
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{b6b5b8f7-42cd-11ef-b37f-c8f7502bdf67}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {b6b5b8f4-42cd-11ef-b37f-c8f7502bdf67}
device partition=C:
path \windows\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {b6b5b8f6-42cd-11ef-b37f-c8f7502bdf67}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {b6b5b8f7-42cd-11ef-b37f-c8f7502bdf67}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================