Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-03-2025
Exécuté par lstco (administrateur) sur LSTCOSERGIO (Gigabyte Technology Co., Ltd. B560M DS3H) (11-03-2025 21:22:24)
Exécuté depuis C:\Users\lstco\Desktop\FRST64.exe
Profils chargés: lstco
Plate-forme: Microsoft Windows 11 Famille Version 24H2 26100.3323 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe ->) (QFX Software Corporation -> QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(C:\Program Files\RogueKiller\RogueKillerSvc.exe ->) (ADLICE -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atieclxx.exe
(explorer.exe ->) (Marti Climent Lopez -> ) C:\Program Files\UniGetUI\UniGetUI.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <16>
(QFX Software Corporation -> QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
(services.exe ->) (ADLICE -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (CYBELSOFT -> ) C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloudAgent.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\GameInputSvc.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bc81681eb27bc1ae\RtkAudUService64.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.25.340.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.235.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.1301.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Pegasun LLC -> Pegasun) C:\Program Files (x86)\Pegasun\SystemUtilities\SystemUtilities.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bc81681eb27bc1ae\RtkAudUService64.exe [1231864 2021-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [455976 2025-03-04] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [206240 2010-08-23] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [512536 2023-01-07] (QFX Software Corporation -> QFX Software Corporation)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\...\Run: [MicrosoftEdgeAutoLaunch_42DF5A43A4390047F10FA270BD5D1218] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4291112 2025-03-05] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\...\Run: [Nextcloud] => C:\Program Files\Nextcloud\nextcloud.exe [5861624 2025-01-07] (Nextcloud GmbH -> Nextcloud GmbH)
HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [484408 2024-09-15] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [4412512 2024-12-02] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123172920 2025-02-24] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\...\Run: [WingetUI] => C:\Program Files\UniGetUI\UniGetUI.exe [726672 2025-02-28] (Marti Climent Lopez -> )
HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Windows x64\Print Processors\Canon MP560 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA0.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP560 series: C:\WINDOWS\system32\CNMLMA0.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [Fichier non signé]
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {2F8373AD-2C7A-4B9E-AC59-B84B9138B5F0} - System32\Tasks\Avast Software\Avast Antivirus Patcher => C:\Program Files\Common Files\Avast Software\Icarus\avast-av\icarus.exe [8543016 2025-02-26] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {E36C95C6-D2C4-4E9B-8768-F10394AB8490} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5286696 2025-03-04] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {193F7326-516E-4FF9-A5A8-62E960F3A244} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2564904 2024-11-19] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {4DBD421C-0D17-437C-A977-8ACD36BF3D79} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [2774080 2025-03-05] (Microsoft Windows -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (Pas de fichier)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Pas de fichier)
Task: {4CB23E09-3AAD-48AE-9634-7548A1A4C4D1} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (Pas de fichier)
Task: {021420A0-D1A3-478C-8A65-545DE3B66E3E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (Pas de fichier)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier)
Task: {790BC3FB-861E-423C-BEB0-144EC5384A69} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [682560 2025-02-27] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {90754FA6-0317-4708-B0CB-F02F58B89808} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2715982157-3697937772-1319394629-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [682560 2025-02-27] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {E7E0026C-9033-4B70-AA9C-524E41F65690} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-02-27] (Mozilla Corporation -> Mozilla Foundation)
Task: {E99A31A4-7373-4795-8320-698268BE634B} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2715982157-3697937772-1319394629-1003 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Pas de fichier)
Task: {7AF7C837-0117-416B-8B11-4BC2B45FCC27} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2715982157-3697937772-1319394629-1003 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier)
Task: {30339EDF-75C9-4D5A-99F7-8ADC689B7B14} - System32\Tasks\PegasunStart => C:\Program Files (x86)\Pegasun\SystemUtilities\SystemUtilities.exe [995976 2024-04-22] (Pegasun LLC -> Pegasun)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{13f932f7-a1ef-4d44-b502-cd1b9977cddc}: [DhcpNameServer] 192.168.209.130
Tcpip\..\Interfaces\{e54637d8-62eb-427f-9333-762f78ed16e9}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{f3604b28-e65c-4b7b-8fb2-f2164497ef06}: [DhcpNameServer] 192.168.0.254
FireFox:
========
FF DefaultProfile: 7y0lwzph.default
FF ProfilePath: C:\Users\lstco\AppData\Roaming\Mozilla\Firefox\Profiles\7y0lwzph.default [2023-02-01]
FF ProfilePath: C:\Users\lstco\AppData\Roaming\Mozilla\Firefox\Profiles\yqesmil5.default-release [2025-03-11]
FF Homepage: Mozilla\Firefox\Profiles\yqesmil5.default-release -> www.google.fr
FF Extension: (Disconnect) - C:\Users\lstco\AppData\Roaming\Mozilla\Firefox\Profiles\yqesmil5.default-release\Extensions\2.0@disconnect.me.xpi [2024-02-29]
FF Extension: (Ghostery Bloqueur de Traqueurs et de Publicités - confidentialité) - C:\Users\lstco\AppData\Roaming\Mozilla\Firefox\Profiles\yqesmil5.default-release\Extensions\firefox@ghostery.com.xpi [2025-03-11]
FF Extension: (Decentraleyes) - C:\Users\lstco\AppData\Roaming\Mozilla\Firefox\Profiles\yqesmil5.default-release\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2024-12-05]
FF Extension: (Privacy Badger) - C:\Users\lstco\AppData\Roaming\Mozilla\Firefox\Profiles\yqesmil5.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2025-01-31]
FF Extension: (uBlock Origin) - C:\Users\lstco\AppData\Roaming\Mozilla\Firefox\Profiles\yqesmil5.default-release\Extensions\uBlock0@raymondhill.net.xpi [2025-01-22]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\lstco\AppData\Roaming\Mozilla\Firefox\Profiles\yqesmil5.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2024-06-20]
FF Extension: (Éditeur de PDF en ligne (pdf2go.com)) - C:\Users\lstco\AppData\Roaming\Mozilla\Firefox\Profiles\yqesmil5.default-release\Extensions\{5fe0e3b1-ef04-41af-aae8-4653d2dbd0eb}.xpi [2025-01-07]
FF Extension: (ClearURLs) - C:\Users\lstco\AppData\Roaming\Mozilla\Firefox\Profiles\yqesmil5.default-release\Extensions\{74145f27-f039-47ce-a470-a662b129930a}.xpi [2025-02-15]
FF Extension: (WOT pour la sécurité des sites Web et une navigation sûre) - C:\Users\lstco\AppData\Roaming\Mozilla\Firefox\Profiles\yqesmil5.default-release\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2023-06-20]
FF Extension: (Video DownloadHelper) - C:\Users\lstco\AppData\Roaming\Mozilla\Firefox\Profiles\yqesmil5.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2025-01-31]
FF Plugin: @videolan.org/vlc,version=3.0.18 -> D:\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> D:\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> D:\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.21 -> D:\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7492904 2025-03-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [806696 2025-03-04] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2436904 2025-03-04] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [858920 2025-03-04] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2023-01-31] (Avast Software s.r.o. -> AVAST Software)
S3 Denuvo Anti-Cheat Update Service; C:\Program Files\Denuvo Anti-Cheat\denuvo-anti-cheat-update-service.exe [993880 2024-12-01] (DENUVO GmbH -> Denuvo GmbH)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4939320 2024-09-15] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
R2 DriversCloudAgent; C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloudAgent.exe [1802264 2024-10-19] (CYBELSOFT -> )
S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123304 2025-02-24] (The Document Foundation -> The Document Foundation)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9484384 2025-03-11] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2024-12-18] (Malwarebytes Inc. -> Malwarebytes)
S2 pr2akt6c; C:\WINDOWS\system32\pr2akt6c.exe [777608 2008-02-08] (Protection Technology, Ltd. -> Cyanide)
S3 QFXUpdateService; C:\Program Files (x86)\KeyScrambler\x64\QFXUpdateService.exe [780312 2023-08-14] (QFX Software Corporation -> )
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [15935032 2025-03-06] (ADLICE -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3174840 2024-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [133592 2024-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\amdkmdag.sys [80540576 2022-01-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [20568 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [246880 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [384096 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [296032 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84576 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [28280 2024-11-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [37984 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [278616 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [553568 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [98912 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69728 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [959064 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [1427552 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [207456 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [389720 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [569344 2024-11-22] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [200704 2024-11-22] (Microsoft Corporation) [Fichier non signé]
S3 Denuvo Anti-Cheat; C:\Program Files\Denuvo Anti-Cheat\denuvo-anti-cheat.sys [2287792 2024-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Denuvo GmbH)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 DriversCloud_amd64; C:\Program Files\Cybelsoft\DriversCloud.com\Drivers\DriversCloud_amd64.sys [24768 2024-02-09] (Cybelsoft -> CybelSoft)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2023-02-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2023-02-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_cb8dd04b85ac9a58\iaLPSS2_GPIO2_TGL.sys [128680 2020-12-23] (Intel Corporation -> Intel Corporation)
R3 KeyScrambler; C:\WINDOWS\System32\drivers\keyscrambler.sys [243800 2018-09-08] (QFX Software Corporation -> QFX Software Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [232024 2025-01-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-02-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 pe3akt6c; C:\WINDOWS\System32\drivers\pe3akt6c.sys [72328 2008-02-08] (Protection Technology, Ltd. -> Cyanide)
R0 pf2akt6c; C:\WINDOWS\System32\drivers\pf2akt6c.sys [107656 2008-02-08] (Protection Technology, Ltd. -> Cyanide)
R0 ps7akt6c; C:\WINDOWS\System32\drivers\ps7akt6c.sys [103568 2008-02-08] (Protection Technology, Ltd. -> Cyanide)
S3 RevoProcessDetector; C:\WINDOWS\System32\DRIVERS\RevoProcessDetector.sys [19504 2024-03-28] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_af6aa5163f8d80cc\rt68cx21x64.sys [887768 2024-12-18] (Realtek Semiconductor Corp. -> Realtek)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [278208 2023-02-21] (Valve Corp. -> Valve Corporation)
R3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [55856 2024-04-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [594304 2024-04-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [105856 2024-04-01] (Microsoft Windows -> Microsoft Corporation)
U3 aswBcc; pas de ImagePath
U3 Avast Business Console Client Antivirus Service; pas de ImagePath
S3 HWiNFO_204; \??\C:\Users\lstco\AppData\Local\Temp\HWiNFO_x64_204.sys [X] <==== ATTENTION
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-03-11 21:22 - 2025-03-11 21:22 - 000024507 _____ C:\Users\lstco\Desktop\FRST.txt
2025-03-11 21:20 - 2025-03-11 21:22 - 000000000 ____D C:\FRST
2025-03-11 21:19 - 2025-03-11 21:19 - 002404352 _____ (Farbar) C:\Users\lstco\Desktop\FRST64.exe
2025-03-11 20:10 - 2025-03-11 20:10 - 000183283 _____ C:\Users\lstco\Desktop\ZHPDiag.txt
2025-03-11 20:06 - 2025-03-11 20:06 - 000000865 _____ C:\Users\lstco\Desktop\ZHPSuite.lnk
2025-03-11 20:05 - 2025-03-11 20:05 - 003540680 _____ (Nicolas Coolman) C:\Users\lstco\Desktop\ZHPSuite.exe
2025-03-11 18:36 - 2025-03-11 18:36 - 000004974 _____ C:\Users\lstco\Desktop\Rapport Roguekiller1.txt
2025-03-09 12:10 - 2025-03-09 12:10 - 000790768 _____ C:\WINDOWS\system32\perfh00C.dat
2025-03-09 12:10 - 2025-03-09 12:10 - 000158516 _____ C:\WINDOWS\system32\perfc00C.dat
2025-03-06 09:16 - 2025-03-06 09:16 - 000000000 ____D C:\Users\lstco\AppData\Local\FreemakeAudioConverter
2025-03-05 11:09 - 2025-03-05 11:09 - 000000000 ____D C:\WINDOWS\Windows.SystemToast.PresenceSensing.OnlookerDetection
2025-03-05 11:01 - 2025-03-11 11:33 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-03-05 10:59 - 2025-03-05 10:59 - 000001213 _____ C:\Users\Public\Desktop\LibreOffice 25.2.lnk
2025-03-05 10:59 - 2025-03-05 10:59 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice
2025-03-05 10:58 - 2025-03-05 10:58 - 000070484 _____ C:\WINDOWS\SysWOW64\ctac.json
2025-03-05 10:58 - 2025-03-05 10:58 - 000070484 _____ C:\WINDOWS\system32\ctac.json
2025-03-04 10:11 - 2025-03-04 10:10 - 000316200 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
2025-03-03 12:54 - 2025-03-03 12:54 - 000000000 ____D C:\Users\lstco\AppData\LocalLow\AMD
2025-02-18 18:22 - 2025-03-06 09:09 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-02-15 11:29 - 2025-02-15 11:29 - 000001233 _____ C:\Users\lstco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adlice Protect.lnk
2025-01-30 10:21 - 2025-01-30 10:21 - 000000000 ____D C:\Users\lstco\Tracing
2025-01-30 10:02 - 2025-01-30 10:02 - 000027617 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-01-30 10:02 - 2025-01-30 10:02 - 000027617 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-01-25 13:40 - 2025-01-25 13:40 - 000000000 ____D C:\WINDOWS\Panther
2025-01-24 17:43 - 2025-01-24 17:43 - 000000000 ____D C:\Program Files (x86)\Realtek
2025-01-24 17:26 - 2025-02-10 20:26 - 000000000 ____D C:\ProgramData\driverscloud.com
2025-01-24 17:26 - 2025-01-24 17:26 - 000000000 ____D C:\Users\lstco\AppData\Local\driverscloud
2025-01-24 17:26 - 2025-01-24 17:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com
2025-01-24 17:26 - 2025-01-24 17:26 - 000000000 ____D C:\Program Files\Cybelsoft
2025-01-24 14:33 - 2025-01-24 14:33 - 000000000 ____D C:\Users\lstco\Documents\Double Driver Backup
2025-01-23 18:50 - 2025-01-23 18:50 - 000000818 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenShot Video Editor.lnk
2025-01-23 18:47 - 2025-01-23 18:47 - 000000734 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z.lnk
2025-01-23 18:24 - 2025-01-23 18:24 - 000000016 _____ C:\ProgramData\mntemp
2025-01-23 18:23 - 2025-01-24 17:09 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2025-01-23 18:20 - 2025-03-07 10:55 - 000000000 ____D C:\Users\lstco\AppData\Local\UniGetUI
2025-01-23 18:20 - 2025-03-07 10:55 - 000000000 ____D C:\Program Files\UniGetUI
2025-01-23 18:20 - 2025-01-23 18:20 - 000000000 ____D C:\Users\lstco\AppData\Local\PackageManagement
2025-01-23 12:13 - 2025-03-10 10:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2025-01-23 12:13 - 2025-03-10 10:38 - 000000000 ____D C:\Program Files\RogueKiller
2025-01-23 12:13 - 2025-01-23 12:18 - 000000000 ____D C:\ProgramData\RogueKiller
2025-01-18 12:04 - 2025-01-18 12:04 - 000000000 ____D C:\Users\lstco\AppData\Local\DBG
2025-01-18 12:04 - 2025-01-18 12:04 - 000000000 ____D C:\ProgramData\dbg
2025-01-10 12:47 - 2025-01-10 12:47 - 003365064 _____ (Nicolas Coolman) C:\Users\lstco\ZHPCleaner.exe
2025-01-10 12:04 - 2025-01-10 12:04 - 000001924 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nextcloud.lnk
2024-12-23 16:15 - 2024-12-23 16:15 - 000002084 ____R C:\Users\lstco\Downloads\78420241223161531342581-recap.pdf
2024-12-22 13:52 - 2024-12-22 13:54 - 000001908 _____ C:\WINDOWS\diagwrn.xml
2024-12-22 13:52 - 2024-12-22 13:54 - 000001908 _____ C:\WINDOWS\diagerr.xml
2024-12-22 13:52 - 2024-12-22 13:52 - 000000000 ____D C:\WINDOWS\Minidump
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-03-11 21:10 - 2024-11-22 14:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-03-11 21:03 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-03-11 21:03 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-03-11 21:03 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-03-11 20:10 - 2023-02-01 18:41 - 000000000 ____D C:\Users\lstco\AppData\Roaming\ZHP
2025-03-11 20:06 - 2023-02-01 18:41 - 000000000 ____D C:\Users\lstco\AppData\Local\ZHP
2025-03-11 20:03 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-03-11 19:36 - 2023-01-31 19:14 - 000000000 ____D C:\Users\lstco\AppData\Roaming\vlc
2025-03-11 19:35 - 2023-02-12 13:30 - 000000000 ____D C:\Users\lstco\dwhelper
2025-03-11 19:30 - 2023-04-20 18:57 - 000000000 ____D C:\Users\lstco\AppData\Local\Malwarebytes
2025-03-11 19:15 - 2023-01-31 18:57 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-03-11 18:35 - 2023-01-31 18:52 - 000000000 ____D C:\Users\lstco\AppData\Local\D3DSCache
2025-03-11 18:26 - 2023-03-06 18:46 - 000000000 ___RD C:\Users\lstco\Desktop\Logiciel utiles
2025-03-10 17:30 - 2024-11-22 15:05 - 000003694 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{4B6886D9-62BE-45C4-9D8F-3CD3B9C27954}
2025-03-10 17:30 - 2024-11-22 15:05 - 000003470 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{CD7F57C3-4717-42B1-9F2F-E36ACDC214E1}
2025-03-10 17:30 - 2024-11-22 15:05 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2715982157-3697937772-1319394629-1003
2025-03-10 17:30 - 2024-11-22 15:05 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2715982157-3697937772-1319394629-1003
2025-03-10 17:30 - 2024-11-22 15:05 - 000002766 _____ C:\WINDOWS\system32\Tasks\PegasunStart
2025-03-10 17:30 - 2024-11-22 15:05 - 000002590 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2025-03-10 17:30 - 2024-11-22 15:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2025-03-10 11:36 - 2024-04-28 11:57 - 000000000 ____D C:\Users\lstco\Desktop\ZoukCompas 2023-2024
2025-03-09 18:00 - 2023-01-31 19:06 - 000000000 ____D C:\Users\lstco\AppData\Local\Avast Software
2025-03-09 12:10 - 2024-11-22 15:09 - 001774664 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-03-09 12:10 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2025-03-09 12:04 - 2024-11-22 15:03 - 000003942 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-03-09 12:03 - 2024-11-22 15:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-03-09 12:03 - 2023-01-31 18:44 - 000012288 ___SH C:\DumpStack.log.tmp
2025-03-08 10:20 - 2023-04-10 10:13 - 000000000 ____D C:\Program Files (x86)\Freemake
2025-03-08 10:02 - 2023-02-04 09:14 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-03-08 09:25 - 2023-01-31 18:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-03-06 19:25 - 2024-11-12 15:48 - 000000000 ____D C:\Users\lstco\AppData\Roaming\Microsoft\Skype for Desktop
2025-03-06 09:16 - 2023-04-10 10:13 - 000000000 ____D C:\Users\lstco\Documents\Freemake
2025-03-06 09:09 - 2024-11-22 15:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-03-06 09:09 - 2023-01-31 18:57 - 000001075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-03-06 09:09 - 2023-01-31 18:57 - 000001063 _____ C:\Users\Public\Desktop\Firefox.lnk
2025-03-06 09:08 - 2024-09-15 08:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2025-03-06 09:06 - 2024-11-19 12:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO® 64
2025-03-06 09:06 - 2024-11-19 12:14 - 000000000 ____D C:\Program Files\HWiNFO64
2025-03-05 11:27 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-03-05 11:11 - 2024-11-22 14:59 - 000469640 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-03-05 11:11 - 2023-01-31 19:02 - 000000000 ____D C:\ProgramData\Avast Software
2025-03-05 11:10 - 2024-11-22 11:07 - 000000000 ____D C:\Users\Malou
2025-03-05 11:10 - 2024-04-01 08:21 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2025-03-05 11:10 - 2023-01-31 18:52 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2025-03-05 11:09 - 2024-11-22 11:04 - 000000000 ____D C:\WINDOWS\InboxApps
2025-03-05 11:09 - 2024-04-01 17:37 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files\Windows Defender
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-03-05 11:09 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing
2025-03-05 10:59 - 2024-03-17 10:50 - 000000000 ____D C:\Program Files\LibreOffice
2025-03-05 10:58 - 2024-11-22 15:04 - 003346432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-03-04 10:12 - 2024-04-01 08:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-03-03 16:20 - 2023-03-06 18:44 - 000000000 ___RD C:\Users\lstco\Desktop\Jeux de Sergio
2025-03-01 13:01 - 2023-01-31 18:51 - 000000000 ____D C:\Users\lstco\AppData\Local\Packages
2025-03-01 13:01 - 2023-01-31 18:51 - 000000000 ____D C:\ProgramData\Packages
2025-03-01 12:59 - 2024-11-22 11:07 - 000000000 ____D C:\Users\lstco
2025-03-01 10:42 - 2023-02-02 19:04 - 000000000 ____D C:\Users\lstco\AppData\Roaming\Pro Cycling Manager 2007
2025-02-22 11:16 - 2023-03-19 18:23 - 002897472 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2025-02-22 11:16 - 2023-03-19 18:23 - 000267840 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2025-02-22 11:16 - 2023-03-19 18:23 - 000243264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2025-02-22 11:16 - 2023-03-19 18:23 - 000153128 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2025-02-22 11:16 - 2023-03-19 18:23 - 000124480 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2025-02-22 11:16 - 2023-03-19 18:23 - 000075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2025-02-19 19:37 - 2024-10-24 09:05 - 002404061 _____ C:\Users\lstco\Desktop\Partie_001.cdb
2025-02-19 19:37 - 2024-10-24 09:05 - 000001809 _____ C:\Users\lstco\Desktop\Partie_001.cdi
2025-02-19 19:36 - 2024-10-24 09:05 - 002404066 _____ C:\Users\lstco\Desktop\Partie_001.cdb~
2025-02-15 20:18 - 2023-02-02 14:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UCheck
2025-02-15 20:18 - 2023-02-02 14:05 - 000000000 ____D C:\Program Files\UCheck
2025-02-13 18:05 - 2024-10-21 14:05 - 000055064 _____ (Gen Digital Inc.) C:\WINDOWS\system32\icarus_rvrt.exe
2025-02-13 11:53 - 2023-02-02 13:58 - 000000000 ____D C:\ProgramData\Package Cache
2025-02-12 17:07 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-02-12 12:33 - 2023-01-31 19:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-02-12 12:32 - 2023-01-31 19:16 - 209365816 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Fichiers à la racine de certains dossiers ========
2025-01-10 12:47 - 2025-01-10 12:47 - 003365064 _____ (Nicolas Coolman) C:\Users\lstco\ZHPCleaner.exe
2023-04-08 07:59 - 2023-04-08 07:59 - 000003816 _____ () C:\Users\lstco\AppData\Local\recently-used.xbel
==================== SigCheckExt =========================
2023-02-18 16:57 - 2012-06-14 17:18 - 000359936 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6PPM.DLL
2023-02-18 16:57 - 2012-06-14 17:18 - 000039424 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6UI.DLL
2023-02-05 12:14 - 1998-10-29 16:45 - 000306688 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe
2023-02-18 16:57 - 2012-06-14 17:18 - 000366592 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNMNPPM.DLL
2020-02-23 14:02 - 2020-02-23 14:02 - 000144896 _____ (Elaborate Bytes AG) C:\WINDOWS\SysWOW64\ElbyVCD.dll
2025-01-10 12:47 - 2025-01-10 12:47 - 003365064 _____ (Nicolas Coolman) C:\Users\lstco\ZHPCleaner.exe
2025-03-11 21:19 - 2025-03-11 21:19 - 002404352 _____ (Farbar) C:\Users\lstco\Desktop\FRST64.exe
2025-03-11 20:05 - 2025-03-11 20:05 - 003540680 _____ (Nicolas Coolman) C:\Users\lstco\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
timeout 1
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {69bc194e-5ae5-11ef-b3ee-b443a57e5884}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 11
locale fr-FR
inherit {bootloadersettings}
recoverysequence {69bc1951-5ae5-11ef-b3ee-b443a57e5884}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {69bc194e-5ae5-11ef-b3ee-b443a57e5884}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {69bc1951-5ae5-11ef-b3ee-b443a57e5884}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{69bc1952-5ae5-11ef-b3ee-b443a57e5884}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{69bc1952-5ae5-11ef-b3ee-b443a57e5884}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {8c71a14b-a18e-11ed-8143-b52ad51ec2ab}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{8c71a14c-a18e-11ed-8143-b52ad51ec2ab}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-fr
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{8c71a14c-a18e-11ed-8143-b52ad51ec2ab}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {69bc194e-5ae5-11ef-b3ee-b443a57e5884}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {69bc1951-5ae5-11ef-b3ee-b443a57e5884}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
custom:21000026 partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {69bc1952-5ae5-11ef-b3ee-b443a57e5884}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par lstco (administrateur) sur LSTCOSERGIO (Gigabyte Technology Co., Ltd. B560M DS3H) (11-03-2025 21:22:24)
Exécuté depuis C:\Users\lstco\Desktop\FRST64.exe
Profils chargés: lstco
Plate-forme: Microsoft Windows 11 Famille Version 24H2 26100.3323 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe ->) (QFX Software Corporation -> QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(C:\Program Files\RogueKiller\RogueKillerSvc.exe ->) (ADLICE -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atieclxx.exe
(explorer.exe ->) (Marti Climent Lopez -> ) C:\Program Files\UniGetUI\UniGetUI.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <16>
(QFX Software Corporation -> QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
(services.exe ->) (ADLICE -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (CYBELSOFT -> ) C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloudAgent.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\GameInputSvc.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bc81681eb27bc1ae\RtkAudUService64.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.25.340.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.235.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.1301.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Pegasun LLC -> Pegasun) C:\Program Files (x86)\Pegasun\SystemUtilities\SystemUtilities.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bc81681eb27bc1ae\RtkAudUService64.exe [1231864 2021-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [455976 2025-03-04] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [206240 2010-08-23] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [512536 2023-01-07] (QFX Software Corporation -> QFX Software Corporation)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\...\Run: [MicrosoftEdgeAutoLaunch_42DF5A43A4390047F10FA270BD5D1218] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4291112 2025-03-05] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\...\Run: [Nextcloud] => C:\Program Files\Nextcloud\nextcloud.exe [5861624 2025-01-07] (Nextcloud GmbH -> Nextcloud GmbH)
HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [484408 2024-09-15] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [4412512 2024-12-02] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123172920 2025-02-24] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\...\Run: [WingetUI] => C:\Program Files\UniGetUI\UniGetUI.exe [726672 2025-02-28] (Marti Climent Lopez -> )
HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Windows x64\Print Processors\Canon MP560 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA0.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP560 series: C:\WINDOWS\system32\CNMLMA0.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [Fichier non signé]
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {2F8373AD-2C7A-4B9E-AC59-B84B9138B5F0} - System32\Tasks\Avast Software\Avast Antivirus Patcher => C:\Program Files\Common Files\Avast Software\Icarus\avast-av\icarus.exe [8543016 2025-02-26] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {E36C95C6-D2C4-4E9B-8768-F10394AB8490} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5286696 2025-03-04] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {193F7326-516E-4FF9-A5A8-62E960F3A244} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2564904 2024-11-19] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {4DBD421C-0D17-437C-A977-8ACD36BF3D79} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [2774080 2025-03-05] (Microsoft Windows -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (Pas de fichier)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Pas de fichier)
Task: {4CB23E09-3AAD-48AE-9634-7548A1A4C4D1} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (Pas de fichier)
Task: {021420A0-D1A3-478C-8A65-545DE3B66E3E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (Pas de fichier)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier)
Task: {790BC3FB-861E-423C-BEB0-144EC5384A69} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [682560 2025-02-27] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {90754FA6-0317-4708-B0CB-F02F58B89808} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2715982157-3697937772-1319394629-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [682560 2025-02-27] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {E7E0026C-9033-4B70-AA9C-524E41F65690} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-02-27] (Mozilla Corporation -> Mozilla Foundation)
Task: {E99A31A4-7373-4795-8320-698268BE634B} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2715982157-3697937772-1319394629-1003 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Pas de fichier)
Task: {7AF7C837-0117-416B-8B11-4BC2B45FCC27} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2715982157-3697937772-1319394629-1003 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier)
Task: {30339EDF-75C9-4D5A-99F7-8ADC689B7B14} - System32\Tasks\PegasunStart => C:\Program Files (x86)\Pegasun\SystemUtilities\SystemUtilities.exe [995976 2024-04-22] (Pegasun LLC -> Pegasun)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{13f932f7-a1ef-4d44-b502-cd1b9977cddc}: [DhcpNameServer] 192.168.209.130
Tcpip\..\Interfaces\{e54637d8-62eb-427f-9333-762f78ed16e9}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{f3604b28-e65c-4b7b-8fb2-f2164497ef06}: [DhcpNameServer] 192.168.0.254
FireFox:
========
FF DefaultProfile: 7y0lwzph.default
FF ProfilePath: C:\Users\lstco\AppData\Roaming\Mozilla\Firefox\Profiles\7y0lwzph.default [2023-02-01]
FF ProfilePath: C:\Users\lstco\AppData\Roaming\Mozilla\Firefox\Profiles\yqesmil5.default-release [2025-03-11]
FF Homepage: Mozilla\Firefox\Profiles\yqesmil5.default-release -> www.google.fr
FF Extension: (Disconnect) - C:\Users\lstco\AppData\Roaming\Mozilla\Firefox\Profiles\yqesmil5.default-release\Extensions\2.0@disconnect.me.xpi [2024-02-29]
FF Extension: (Ghostery Bloqueur de Traqueurs et de Publicités - confidentialité) - C:\Users\lstco\AppData\Roaming\Mozilla\Firefox\Profiles\yqesmil5.default-release\Extensions\firefox@ghostery.com.xpi [2025-03-11]
FF Extension: (Decentraleyes) - C:\Users\lstco\AppData\Roaming\Mozilla\Firefox\Profiles\yqesmil5.default-release\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2024-12-05]
FF Extension: (Privacy Badger) - C:\Users\lstco\AppData\Roaming\Mozilla\Firefox\Profiles\yqesmil5.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2025-01-31]
FF Extension: (uBlock Origin) - C:\Users\lstco\AppData\Roaming\Mozilla\Firefox\Profiles\yqesmil5.default-release\Extensions\uBlock0@raymondhill.net.xpi [2025-01-22]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\lstco\AppData\Roaming\Mozilla\Firefox\Profiles\yqesmil5.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2024-06-20]
FF Extension: (Éditeur de PDF en ligne (pdf2go.com)) - C:\Users\lstco\AppData\Roaming\Mozilla\Firefox\Profiles\yqesmil5.default-release\Extensions\{5fe0e3b1-ef04-41af-aae8-4653d2dbd0eb}.xpi [2025-01-07]
FF Extension: (ClearURLs) - C:\Users\lstco\AppData\Roaming\Mozilla\Firefox\Profiles\yqesmil5.default-release\Extensions\{74145f27-f039-47ce-a470-a662b129930a}.xpi [2025-02-15]
FF Extension: (WOT pour la sécurité des sites Web et une navigation sûre) - C:\Users\lstco\AppData\Roaming\Mozilla\Firefox\Profiles\yqesmil5.default-release\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2023-06-20]
FF Extension: (Video DownloadHelper) - C:\Users\lstco\AppData\Roaming\Mozilla\Firefox\Profiles\yqesmil5.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2025-01-31]
FF Plugin: @videolan.org/vlc,version=3.0.18 -> D:\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> D:\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> D:\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.21 -> D:\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7492904 2025-03-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [806696 2025-03-04] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2436904 2025-03-04] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [858920 2025-03-04] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2023-01-31] (Avast Software s.r.o. -> AVAST Software)
S3 Denuvo Anti-Cheat Update Service; C:\Program Files\Denuvo Anti-Cheat\denuvo-anti-cheat-update-service.exe [993880 2024-12-01] (DENUVO GmbH -> Denuvo GmbH)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4939320 2024-09-15] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
R2 DriversCloudAgent; C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloudAgent.exe [1802264 2024-10-19] (CYBELSOFT -> )
S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123304 2025-02-24] (The Document Foundation -> The Document Foundation)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9484384 2025-03-11] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2024-12-18] (Malwarebytes Inc. -> Malwarebytes)
S2 pr2akt6c; C:\WINDOWS\system32\pr2akt6c.exe [777608 2008-02-08] (Protection Technology, Ltd. -> Cyanide)
S3 QFXUpdateService; C:\Program Files (x86)\KeyScrambler\x64\QFXUpdateService.exe [780312 2023-08-14] (QFX Software Corporation -> )
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [15935032 2025-03-06] (ADLICE -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3174840 2024-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [133592 2024-04-01] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\amdkmdag.sys [80540576 2022-01-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [20568 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [246880 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [384096 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [296032 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84576 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [28280 2024-11-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [37984 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [278616 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [553568 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [98912 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69728 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [959064 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [1427552 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [207456 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [389720 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [569344 2024-11-22] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [200704 2024-11-22] (Microsoft Corporation) [Fichier non signé]
S3 Denuvo Anti-Cheat; C:\Program Files\Denuvo Anti-Cheat\denuvo-anti-cheat.sys [2287792 2024-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Denuvo GmbH)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 DriversCloud_amd64; C:\Program Files\Cybelsoft\DriversCloud.com\Drivers\DriversCloud_amd64.sys [24768 2024-02-09] (Cybelsoft -> CybelSoft)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2023-02-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2023-02-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_cb8dd04b85ac9a58\iaLPSS2_GPIO2_TGL.sys [128680 2020-12-23] (Intel Corporation -> Intel Corporation)
R3 KeyScrambler; C:\WINDOWS\System32\drivers\keyscrambler.sys [243800 2018-09-08] (QFX Software Corporation -> QFX Software Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [232024 2025-01-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-02-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 pe3akt6c; C:\WINDOWS\System32\drivers\pe3akt6c.sys [72328 2008-02-08] (Protection Technology, Ltd. -> Cyanide)
R0 pf2akt6c; C:\WINDOWS\System32\drivers\pf2akt6c.sys [107656 2008-02-08] (Protection Technology, Ltd. -> Cyanide)
R0 ps7akt6c; C:\WINDOWS\System32\drivers\ps7akt6c.sys [103568 2008-02-08] (Protection Technology, Ltd. -> Cyanide)
S3 RevoProcessDetector; C:\WINDOWS\System32\DRIVERS\RevoProcessDetector.sys [19504 2024-03-28] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_af6aa5163f8d80cc\rt68cx21x64.sys [887768 2024-12-18] (Realtek Semiconductor Corp. -> Realtek)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [278208 2023-02-21] (Valve Corp. -> Valve Corporation)
R3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [55856 2024-04-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [594304 2024-04-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [105856 2024-04-01] (Microsoft Windows -> Microsoft Corporation)
U3 aswBcc; pas de ImagePath
U3 Avast Business Console Client Antivirus Service; pas de ImagePath
S3 HWiNFO_204; \??\C:\Users\lstco\AppData\Local\Temp\HWiNFO_x64_204.sys [X] <==== ATTENTION
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-03-11 21:22 - 2025-03-11 21:22 - 000024507 _____ C:\Users\lstco\Desktop\FRST.txt
2025-03-11 21:20 - 2025-03-11 21:22 - 000000000 ____D C:\FRST
2025-03-11 21:19 - 2025-03-11 21:19 - 002404352 _____ (Farbar) C:\Users\lstco\Desktop\FRST64.exe
2025-03-11 20:10 - 2025-03-11 20:10 - 000183283 _____ C:\Users\lstco\Desktop\ZHPDiag.txt
2025-03-11 20:06 - 2025-03-11 20:06 - 000000865 _____ C:\Users\lstco\Desktop\ZHPSuite.lnk
2025-03-11 20:05 - 2025-03-11 20:05 - 003540680 _____ (Nicolas Coolman) C:\Users\lstco\Desktop\ZHPSuite.exe
2025-03-11 18:36 - 2025-03-11 18:36 - 000004974 _____ C:\Users\lstco\Desktop\Rapport Roguekiller1.txt
2025-03-09 12:10 - 2025-03-09 12:10 - 000790768 _____ C:\WINDOWS\system32\perfh00C.dat
2025-03-09 12:10 - 2025-03-09 12:10 - 000158516 _____ C:\WINDOWS\system32\perfc00C.dat
2025-03-06 09:16 - 2025-03-06 09:16 - 000000000 ____D C:\Users\lstco\AppData\Local\FreemakeAudioConverter
2025-03-05 11:09 - 2025-03-05 11:09 - 000000000 ____D C:\WINDOWS\Windows.SystemToast.PresenceSensing.OnlookerDetection
2025-03-05 11:01 - 2025-03-11 11:33 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-03-05 10:59 - 2025-03-05 10:59 - 000001213 _____ C:\Users\Public\Desktop\LibreOffice 25.2.lnk
2025-03-05 10:59 - 2025-03-05 10:59 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice
2025-03-05 10:58 - 2025-03-05 10:58 - 000070484 _____ C:\WINDOWS\SysWOW64\ctac.json
2025-03-05 10:58 - 2025-03-05 10:58 - 000070484 _____ C:\WINDOWS\system32\ctac.json
2025-03-04 10:11 - 2025-03-04 10:10 - 000316200 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
2025-03-03 12:54 - 2025-03-03 12:54 - 000000000 ____D C:\Users\lstco\AppData\LocalLow\AMD
2025-02-18 18:22 - 2025-03-06 09:09 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-02-15 11:29 - 2025-02-15 11:29 - 000001233 _____ C:\Users\lstco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adlice Protect.lnk
2025-01-30 10:21 - 2025-01-30 10:21 - 000000000 ____D C:\Users\lstco\Tracing
2025-01-30 10:02 - 2025-01-30 10:02 - 000027617 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-01-30 10:02 - 2025-01-30 10:02 - 000027617 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-01-25 13:40 - 2025-01-25 13:40 - 000000000 ____D C:\WINDOWS\Panther
2025-01-24 17:43 - 2025-01-24 17:43 - 000000000 ____D C:\Program Files (x86)\Realtek
2025-01-24 17:26 - 2025-02-10 20:26 - 000000000 ____D C:\ProgramData\driverscloud.com
2025-01-24 17:26 - 2025-01-24 17:26 - 000000000 ____D C:\Users\lstco\AppData\Local\driverscloud
2025-01-24 17:26 - 2025-01-24 17:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com
2025-01-24 17:26 - 2025-01-24 17:26 - 000000000 ____D C:\Program Files\Cybelsoft
2025-01-24 14:33 - 2025-01-24 14:33 - 000000000 ____D C:\Users\lstco\Documents\Double Driver Backup
2025-01-23 18:50 - 2025-01-23 18:50 - 000000818 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenShot Video Editor.lnk
2025-01-23 18:47 - 2025-01-23 18:47 - 000000734 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z.lnk
2025-01-23 18:24 - 2025-01-23 18:24 - 000000016 _____ C:\ProgramData\mntemp
2025-01-23 18:23 - 2025-01-24 17:09 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2025-01-23 18:20 - 2025-03-07 10:55 - 000000000 ____D C:\Users\lstco\AppData\Local\UniGetUI
2025-01-23 18:20 - 2025-03-07 10:55 - 000000000 ____D C:\Program Files\UniGetUI
2025-01-23 18:20 - 2025-01-23 18:20 - 000000000 ____D C:\Users\lstco\AppData\Local\PackageManagement
2025-01-23 12:13 - 2025-03-10 10:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2025-01-23 12:13 - 2025-03-10 10:38 - 000000000 ____D C:\Program Files\RogueKiller
2025-01-23 12:13 - 2025-01-23 12:18 - 000000000 ____D C:\ProgramData\RogueKiller
2025-01-18 12:04 - 2025-01-18 12:04 - 000000000 ____D C:\Users\lstco\AppData\Local\DBG
2025-01-18 12:04 - 2025-01-18 12:04 - 000000000 ____D C:\ProgramData\dbg
2025-01-10 12:47 - 2025-01-10 12:47 - 003365064 _____ (Nicolas Coolman) C:\Users\lstco\ZHPCleaner.exe
2025-01-10 12:04 - 2025-01-10 12:04 - 000001924 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nextcloud.lnk
2024-12-23 16:15 - 2024-12-23 16:15 - 000002084 ____R C:\Users\lstco\Downloads\78420241223161531342581-recap.pdf
2024-12-22 13:52 - 2024-12-22 13:54 - 000001908 _____ C:\WINDOWS\diagwrn.xml
2024-12-22 13:52 - 2024-12-22 13:54 - 000001908 _____ C:\WINDOWS\diagerr.xml
2024-12-22 13:52 - 2024-12-22 13:52 - 000000000 ____D C:\WINDOWS\Minidump
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-03-11 21:10 - 2024-11-22 14:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-03-11 21:03 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-03-11 21:03 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-03-11 21:03 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-03-11 20:10 - 2023-02-01 18:41 - 000000000 ____D C:\Users\lstco\AppData\Roaming\ZHP
2025-03-11 20:06 - 2023-02-01 18:41 - 000000000 ____D C:\Users\lstco\AppData\Local\ZHP
2025-03-11 20:03 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-03-11 19:36 - 2023-01-31 19:14 - 000000000 ____D C:\Users\lstco\AppData\Roaming\vlc
2025-03-11 19:35 - 2023-02-12 13:30 - 000000000 ____D C:\Users\lstco\dwhelper
2025-03-11 19:30 - 2023-04-20 18:57 - 000000000 ____D C:\Users\lstco\AppData\Local\Malwarebytes
2025-03-11 19:15 - 2023-01-31 18:57 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-03-11 18:35 - 2023-01-31 18:52 - 000000000 ____D C:\Users\lstco\AppData\Local\D3DSCache
2025-03-11 18:26 - 2023-03-06 18:46 - 000000000 ___RD C:\Users\lstco\Desktop\Logiciel utiles
2025-03-10 17:30 - 2024-11-22 15:05 - 000003694 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{4B6886D9-62BE-45C4-9D8F-3CD3B9C27954}
2025-03-10 17:30 - 2024-11-22 15:05 - 000003470 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{CD7F57C3-4717-42B1-9F2F-E36ACDC214E1}
2025-03-10 17:30 - 2024-11-22 15:05 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2715982157-3697937772-1319394629-1003
2025-03-10 17:30 - 2024-11-22 15:05 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2715982157-3697937772-1319394629-1003
2025-03-10 17:30 - 2024-11-22 15:05 - 000002766 _____ C:\WINDOWS\system32\Tasks\PegasunStart
2025-03-10 17:30 - 2024-11-22 15:05 - 000002590 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2025-03-10 17:30 - 2024-11-22 15:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2025-03-10 11:36 - 2024-04-28 11:57 - 000000000 ____D C:\Users\lstco\Desktop\ZoukCompas 2023-2024
2025-03-09 18:00 - 2023-01-31 19:06 - 000000000 ____D C:\Users\lstco\AppData\Local\Avast Software
2025-03-09 12:10 - 2024-11-22 15:09 - 001774664 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-03-09 12:10 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2025-03-09 12:04 - 2024-11-22 15:03 - 000003942 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-03-09 12:03 - 2024-11-22 15:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-03-09 12:03 - 2023-01-31 18:44 - 000012288 ___SH C:\DumpStack.log.tmp
2025-03-08 10:20 - 2023-04-10 10:13 - 000000000 ____D C:\Program Files (x86)\Freemake
2025-03-08 10:02 - 2023-02-04 09:14 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-03-08 09:25 - 2023-01-31 18:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-03-06 19:25 - 2024-11-12 15:48 - 000000000 ____D C:\Users\lstco\AppData\Roaming\Microsoft\Skype for Desktop
2025-03-06 09:16 - 2023-04-10 10:13 - 000000000 ____D C:\Users\lstco\Documents\Freemake
2025-03-06 09:09 - 2024-11-22 15:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-03-06 09:09 - 2023-01-31 18:57 - 000001075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-03-06 09:09 - 2023-01-31 18:57 - 000001063 _____ C:\Users\Public\Desktop\Firefox.lnk
2025-03-06 09:08 - 2024-09-15 08:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2025-03-06 09:06 - 2024-11-19 12:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO® 64
2025-03-06 09:06 - 2024-11-19 12:14 - 000000000 ____D C:\Program Files\HWiNFO64
2025-03-05 11:27 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-03-05 11:11 - 2024-11-22 14:59 - 000469640 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-03-05 11:11 - 2023-01-31 19:02 - 000000000 ____D C:\ProgramData\Avast Software
2025-03-05 11:10 - 2024-11-22 11:07 - 000000000 ____D C:\Users\Malou
2025-03-05 11:10 - 2024-04-01 08:21 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2025-03-05 11:10 - 2023-01-31 18:52 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2025-03-05 11:09 - 2024-11-22 11:04 - 000000000 ____D C:\WINDOWS\InboxApps
2025-03-05 11:09 - 2024-04-01 17:37 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files\Windows Defender
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-03-05 11:09 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-03-05 11:09 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing
2025-03-05 10:59 - 2024-03-17 10:50 - 000000000 ____D C:\Program Files\LibreOffice
2025-03-05 10:58 - 2024-11-22 15:04 - 003346432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-03-04 10:12 - 2024-04-01 08:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-03-03 16:20 - 2023-03-06 18:44 - 000000000 ___RD C:\Users\lstco\Desktop\Jeux de Sergio
2025-03-01 13:01 - 2023-01-31 18:51 - 000000000 ____D C:\Users\lstco\AppData\Local\Packages
2025-03-01 13:01 - 2023-01-31 18:51 - 000000000 ____D C:\ProgramData\Packages
2025-03-01 12:59 - 2024-11-22 11:07 - 000000000 ____D C:\Users\lstco
2025-03-01 10:42 - 2023-02-02 19:04 - 000000000 ____D C:\Users\lstco\AppData\Roaming\Pro Cycling Manager 2007
2025-02-22 11:16 - 2023-03-19 18:23 - 002897472 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2025-02-22 11:16 - 2023-03-19 18:23 - 000267840 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2025-02-22 11:16 - 2023-03-19 18:23 - 000243264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2025-02-22 11:16 - 2023-03-19 18:23 - 000153128 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2025-02-22 11:16 - 2023-03-19 18:23 - 000124480 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2025-02-22 11:16 - 2023-03-19 18:23 - 000075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2025-02-19 19:37 - 2024-10-24 09:05 - 002404061 _____ C:\Users\lstco\Desktop\Partie_001.cdb
2025-02-19 19:37 - 2024-10-24 09:05 - 000001809 _____ C:\Users\lstco\Desktop\Partie_001.cdi
2025-02-19 19:36 - 2024-10-24 09:05 - 002404066 _____ C:\Users\lstco\Desktop\Partie_001.cdb~
2025-02-15 20:18 - 2023-02-02 14:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UCheck
2025-02-15 20:18 - 2023-02-02 14:05 - 000000000 ____D C:\Program Files\UCheck
2025-02-13 18:05 - 2024-10-21 14:05 - 000055064 _____ (Gen Digital Inc.) C:\WINDOWS\system32\icarus_rvrt.exe
2025-02-13 11:53 - 2023-02-02 13:58 - 000000000 ____D C:\ProgramData\Package Cache
2025-02-12 17:07 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-02-12 12:33 - 2023-01-31 19:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-02-12 12:32 - 2023-01-31 19:16 - 209365816 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Fichiers à la racine de certains dossiers ========
2025-01-10 12:47 - 2025-01-10 12:47 - 003365064 _____ (Nicolas Coolman) C:\Users\lstco\ZHPCleaner.exe
2023-04-08 07:59 - 2023-04-08 07:59 - 000003816 _____ () C:\Users\lstco\AppData\Local\recently-used.xbel
==================== SigCheckExt =========================
2023-02-18 16:57 - 2012-06-14 17:18 - 000359936 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6PPM.DLL
2023-02-18 16:57 - 2012-06-14 17:18 - 000039424 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6UI.DLL
2023-02-05 12:14 - 1998-10-29 16:45 - 000306688 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe
2023-02-18 16:57 - 2012-06-14 17:18 - 000366592 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNMNPPM.DLL
2020-02-23 14:02 - 2020-02-23 14:02 - 000144896 _____ (Elaborate Bytes AG) C:\WINDOWS\SysWOW64\ElbyVCD.dll
2025-01-10 12:47 - 2025-01-10 12:47 - 003365064 _____ (Nicolas Coolman) C:\Users\lstco\ZHPCleaner.exe
2025-03-11 21:19 - 2025-03-11 21:19 - 002404352 _____ (Farbar) C:\Users\lstco\Desktop\FRST64.exe
2025-03-11 20:05 - 2025-03-11 20:05 - 003540680 _____ (Nicolas Coolman) C:\Users\lstco\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
timeout 1
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {69bc194e-5ae5-11ef-b3ee-b443a57e5884}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 11
locale fr-FR
inherit {bootloadersettings}
recoverysequence {69bc1951-5ae5-11ef-b3ee-b443a57e5884}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {69bc194e-5ae5-11ef-b3ee-b443a57e5884}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {69bc1951-5ae5-11ef-b3ee-b443a57e5884}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{69bc1952-5ae5-11ef-b3ee-b443a57e5884}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{69bc1952-5ae5-11ef-b3ee-b443a57e5884}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {8c71a14b-a18e-11ed-8143-b52ad51ec2ab}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{8c71a14c-a18e-11ed-8143-b52ad51ec2ab}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-fr
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{8c71a14c-a18e-11ed-8143-b52ad51ec2ab}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {69bc194e-5ae5-11ef-b3ee-b443a57e5884}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {69bc1951-5ae5-11ef-b3ee-b443a57e5884}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
custom:21000026 partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {69bc1952-5ae5-11ef-b3ee-b443a57e5884}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================