Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-11-2021 Exécuté par papyo (administrateur) sur DESKTOP-7M14SH3 (ASUSTeK COMPUTER INC. G20AJ) (23-11-2021 22:21:59) Exécuté depuis C:\Users\papyo\OneDrive\Bureau Profils chargés: papyo Plate-forme: Microsoft Windows 11 Famille Version 21H2 22000.348 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.29\msedgewebview2.exe <6> (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\UtcDecoderHost.exe <2> (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Incorporation) C:\Windows\Philips\SPC220NC\Monitor.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Scans\MsMpEngCP.exe (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20045.455.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe (NortonLifeLock Inc. -> Broadcom) C:\Program Files\Norton Security\Engine\22.21.10.40\NortonSecurity.exe <2> (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.21.10.40\nsWscSvc.exe (NortonLifeLock Inc. -> Symantec Corporation) C:\Program Files\Norton Utilities Premium\x64\LBGovernor.exe (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\Display.NvContainer\NVDisplay.Container.exe <2> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9274304 2018-06-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2018-06-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Monitor] => C:\WINDOWS\Philips\SPC220NC\Monitor.exe [323584 2018-06-21] (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Incorporation) HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288184 2021-11-10] (Intel Corporation -> Intel) HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.29\Installer\setup.exe [2873736 2021-11-21] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2371481684-2106917738-1379841812-1004\...\Run: [MicrosoftEdgeAutoLaunch_761F2A401BEE3BAF14EE01F2896BDBB4] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Mozilla Firefox\firefox.exe -os-restarted -url hxxps://adlice.com/download/roguekiller/?utm_campaign=roguekiller&utm_source=soft&utm_medium=btn HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {1F1C2E25-4C14-466C-83FA-5C730C055F1C} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2352488 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.) Task: {225C0DEF-CC7D-4388-BE15-A93FF5C8AE47} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.21.10.40\SymErr.exe [108752 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc) Task: {2EE612E9-6592-4CA5-B22D-FED22AEE0EC9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-10-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {31D19CFF-B0C9-4E55-8332-7AED29E7C223} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2020-02-29] (Google Inc -> Google LLC) Task: {45AEB930-8F72-49C6-81BF-7BE68F481407} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform) Task: {6BA886AB-D796-40D1-8A26-023970AEC888} - System32\Tasks\Norton Utility\Live Boost Process Governor => C:\Program Files\Norton Utilities Premium\x64\LBGovernor.exe [1050096 2021-11-11] (NortonLifeLock Inc. -> Symantec Corporation) Task: {6D9C3254-A037-473D-BB3F-08D3ED8C0A18} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Pas de fichier) Task: {7720C78A-2303-46B3-AEA3-4DA4830C5556} - System32\Tasks\Norton Utility\AutomaticCare => C:\Program Files\Norton Utilities Premium\NUP.exe [3632624 2021-11-11] (NortonLifeLock Inc. -> NortonLifeLock Inc) Task: {7DEEEA77-1424-4CDA-81E4-0C56F4638CFC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-10-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {844775D2-10DA-437F-A753-3879ED8653BF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2020-02-29] (Google Inc -> Google LLC) Task: {84F9EA30-0CCB-4DE3-A450-B02385209D62} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-10-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8B3AAB18-FA36-4DE7-BD7A-F95CE68F29A1} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {9550AE29-8A55-4EFA-A20C-4EEF452BEB94} - System32\Tasks\CCleanerSkipUAC - papyo => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd) Task: {9C92DBB1-3E57-47FE-BDDC-348FB3A13BA5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-23] (Mozilla Corporation -> Mozilla Foundation) Task: {A65579B0-9861-4283-85B3-7E63CF8731A9} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.21.10.40\WSCStub.exe [646520 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.) Task: {AFDF2510-D70B-45DD-B04F-09048C5AD716} - System32\Tasks\TUDsDownloader => C:\Program Files\Norton Utilities Premium\activesync.exe -appexecutable nup.exe -tuds (Pas de fichier) Task: {AFF0E32C-08F2-44D4-A96E-58B23485A2A6} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation) Task: {BD637E81-D32C-4719-AA27-E5C817975CD4} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.21.10.40\SymErr.exe [108752 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc) Task: {C11B94C2-7C73-4116-859F-63A940221F71} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation) Task: {E4CC8D3B-695F-49DE-BF39-B8D9792D7C57} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-10-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F64A1DE8-279A-431F-B3C6-9FD268D61FE5} - System32\Tasks\Norton Utility\ActiveSync-NortonUtility => C:\Program Files\Norton Utilities Premium\ActiveBridge.exe -appexecutable NUP.exe -ammode (Pas de fichier) Task: {FFD3CB11-34AE-4075-B267-C0E90518CD0D} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.21.10.40\SymErr.exe [108752 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{3bf850d0-cc18-44d0-8307-8726b596e6a2}: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{ff58028e-4060-4d32-8418-087c2d671f6e}: [DhcpNameServer] 192.168.0.254 Edge: ======= DownloadDir: D:\ Edge HomeButtonPage: HKU\S-1-5-21-2371481684-2106917738-1379841812-1001 -> hxxp://bing.fr/ Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\papyo\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-23] Edge HomePage: Default -> hxxps://www.bing.com/search?q=bing&FORM=&refig=43d5c0dea10f4390e0edf0db0826260e Edge StartupUrls: Default -> "hxxp://bing.fr/","hxxps://www.lefigaro.fr/" Edge Extension: (Norton Safe Web) - C:\Users\papyo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bdaafgjhhjkdplpffldcncdignokfkbo [2021-11-22] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: wh87mah6.default FF ProfilePath: C:\Users\papyo\AppData\Roaming\Mozilla\Firefox\Profiles\wh87mah6.default [2019-12-13] FF ProfilePath: C:\Users\papyo\AppData\Roaming\Mozilla\Firefox\Profiles\yhmqlnnc.default-release-1607678590077 [2021-11-23] FF DownloadDir: C:\Users\papyo\OneDrive\Bureau FF Extension: (Norton Safe Web) - C:\Users\papyo\AppData\Roaming\Mozilla\Firefox\Profiles\yhmqlnnc.default-release-1607678590077\Extensions\nortonsafeweb@symantec.com.xpi [2021-08-28] Chrome: ======= CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.21.10.40\Exts\Chrome.crx CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.21.10.40\Exts\Chrome.crx CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [39352 2021-11-10] (Intel Corporation -> Intel) R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [177592 2021-11-10] (Intel Corporation -> Intel) S4 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-11-01] (HP Inc. -> HP Inc.) R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.21.10.40\NortonSecurity.exe [343336 2021-10-29] (NortonLifeLock Inc. -> Broadcom) R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.21.10.40\nsWscSvc.exe [1059176 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-10-29] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-10-29] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.16.2.22\Definitions\BASHDefs\20211117.011\BHDrvx64.sys [2018784 2021-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [180224 2021-06-05] (Microsoft Corporation) [Fichier non signé] R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\ccSetx64.sys [192256 2021-10-29] (Symantec Corporation -> Symantec Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [509904 2021-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145376 2021-11-14] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2021-11-23] (Microsoft Windows -> Microsoft Corporation) R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.16.2.22\Definitions\IPSDefs\20211122.061\IDSvia64.sys [1480144 2021-10-14] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R3 IntelReadyModeDriver; C:\WINDOWS\System32\drivers\IntelReadyModeDriver.sys [33504 2015-10-21] (Intel CASE -> Intel Corporation) S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\nsvst.sys [56080 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.) S3 RtkA2dp; C:\WINDOWS\system32\drivers\RtkA2dp.sys [193280 2018-06-21] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) S3 RtkAvrcp; C:\WINDOWS\System32\drivers\RtkAvrcp.sys [73712 2018-06-21] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) S3 RtkAvrcpCtrlr; C:\WINDOWS\System32\drivers\RtkAvrcpCtrlr.sys [78720 2018-06-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation) S3 RtkHandsfree; C:\WINDOWS\System32\drivers\RtkHandsfree.sys [38112 2018-06-21] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) S3 SPC220NC; C:\WINDOWS\system32\DRIVERS\SPC220NC.SYS [572928 2018-06-21] (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Inc.) R1 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\SRTSP64.SYS [892600 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\SRTSPX64.SYS [48824 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\SYMEFASI64.SYS [2030792 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\SymELAM.sys [31984 2021-10-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation) R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [93152 2021-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.16.2.22\SymPlatform\SymEvnt.sys [712432 2021-07-13] (Symantec Corporation -> Symantec Corporation) R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\Ironx64.SYS [319152 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\symnets.sys [575344 2021-10-29] (Symantec Corporation -> Symantec Corporation) R3 SymTAP; C:\WINDOWS\System32\drivers\SymTAP.sys [52104 2018-10-16] (Symantec Corporation -> The OpenVPN Project) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-10-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-10-29] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-10-29] (Microsoft Windows -> Microsoft Corporation) R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\wpCtrlDrv.sys [1015760 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-11-23 22:21 - 2021-11-23 22:22 - 000000000 ____D C:\FRST 2021-11-23 17:38 - 2021-11-23 17:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-11-23 17:12 - 2021-11-23 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo 2021-11-23 17:12 - 2021-11-23 17:12 - 000000000 ____D C:\Program Files\CrystalDiskInfo 2021-11-23 16:57 - 2021-11-23 16:57 - 000002904 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - papyo 2021-11-23 16:22 - 2021-11-23 16:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation 2021-11-23 08:37 - 2021-11-23 08:37 - 000015040 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-11-23 08:37 - 2021-11-23 08:37 - 000013824 _____ C:\WINDOWS\SysWOW64\prxyqry.dll 2021-11-23 08:36 - 2021-11-23 08:36 - 000040960 _____ C:\WINDOWS\system32\prxyqry.dll 2021-11-23 08:35 - 2021-11-23 08:35 - 000215552 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll 2021-11-23 08:23 - 2021-11-23 08:23 - 000000000 ___HD C:\$WinREAgent 2021-11-19 08:10 - 2021-11-19 08:10 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-11-17 21:24 - 2021-11-17 21:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2021-11-17 21:20 - 2021-11-11 03:36 - 001874664 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2021-11-17 21:20 - 2021-11-11 03:36 - 001874664 _____ C:\WINDOWS\system32\vulkaninfo.exe 2021-11-17 21:20 - 2021-11-11 03:36 - 001464960 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2021-11-17 21:20 - 2021-11-11 03:36 - 001450216 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2021-11-17 21:20 - 2021-11-11 03:36 - 001450216 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2021-11-17 21:20 - 2021-11-11 03:36 - 001208248 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2021-11-17 21:20 - 2021-11-11 03:36 - 001111272 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2021-11-17 21:20 - 2021-11-11 03:36 - 001111272 _____ C:\WINDOWS\system32\vulkan-1.dll 2021-11-17 21:20 - 2021-11-11 03:36 - 000965352 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2021-11-17 21:20 - 2021-11-11 03:36 - 000965352 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2021-11-17 21:20 - 2021-11-11 03:33 - 002116536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2021-11-17 21:20 - 2021-11-11 03:33 - 001597568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2021-11-17 21:20 - 2021-11-11 03:33 - 001523328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2021-11-17 21:20 - 2021-11-11 03:33 - 001174456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2021-11-17 21:20 - 2021-11-11 03:33 - 000802232 _____ C:\WINDOWS\system32\nvofapi64.dll 2021-11-17 21:20 - 2021-11-11 03:33 - 000709560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2021-11-17 21:20 - 2021-11-11 03:33 - 000678328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2021-11-17 21:20 - 2021-11-11 03:33 - 000656512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2021-11-17 21:20 - 2021-11-11 03:33 - 000635008 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2021-11-17 21:20 - 2021-11-11 03:33 - 000564352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2021-11-17 21:20 - 2021-11-11 03:32 - 008725944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2021-11-17 21:20 - 2021-11-11 03:32 - 007845816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2021-11-17 21:20 - 2021-11-11 03:32 - 005730224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2021-11-17 21:20 - 2021-11-11 03:32 - 004940728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2021-11-17 21:20 - 2021-11-11 03:32 - 002850432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2021-11-17 21:20 - 2021-11-11 03:32 - 000981120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2021-11-17 21:20 - 2021-11-11 03:32 - 000792192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2021-11-17 21:20 - 2021-11-11 03:32 - 000452224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2021-11-17 21:20 - 2021-11-11 03:31 - 000850872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2021-11-17 21:20 - 2021-11-11 03:30 - 007582144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2021-11-17 21:20 - 2021-11-11 03:30 - 006432960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2021-11-17 21:20 - 2021-11-09 23:27 - 000085718 _____ C:\WINDOWS\system32\nvinfo.pb 2021-11-16 10:27 - 2021-11-16 10:27 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000000-000000.txt 2021-11-14 15:45 - 2021-11-14 15:45 - 000003834 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2021-11-14 15:15 - 2021-11-14 15:15 - 000003762 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 2021-11-14 15:15 - 2021-11-14 15:15 - 000003670 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK 2021-11-14 15:15 - 2021-11-14 15:15 - 000003528 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon 2021-11-14 15:15 - 2021-11-14 15:15 - 000001517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk 2021-11-14 15:15 - 2021-11-14 15:15 - 000000000 ____D C:\Users\papyo\AppData\Local\Intel 2021-11-14 15:15 - 2021-11-14 15:15 - 000000000 ____D C:\ProgramData\Intel 2021-11-14 15:15 - 2021-11-14 15:15 - 000000000 ____D C:\Program Files\Intel 2021-11-14 15:15 - 2021-11-14 15:15 - 000000000 ____D C:\Program Files (x86)\Intel 2021-11-14 15:15 - 2021-07-23 11:36 - 000041816 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys 2021-11-14 08:39 - 2021-11-23 16:57 - 000000000 ____D C:\Program Files\CCleaner 2021-11-14 08:39 - 2021-11-17 15:18 - 000003048 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-11-13 18:07 - 2021-11-13 18:07 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net 2021-11-13 17:44 - 2021-11-13 17:44 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Local\ElevatedDiagnostics 2021-11-13 16:07 - 2021-11-15 08:12 - 000000000 ____D C:\Program Files (x86)\jv16 PowerTools 2021-11-12 21:40 - 2021-11-12 21:40 - 000002474 _____ C:\Users\papyo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-11-12 10:40 - 2021-11-12 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wargaming.net 2021-11-12 10:38 - 2021-11-12 10:38 - 000000000 ____D C:\ProgramData\Wargaming.net 2021-11-11 23:05 - 2021-11-11 23:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 2021-11-11 23:05 - 2021-11-11 23:05 - 000000000 ____D C:\Program Files\Norton Utilities Premium 2021-11-11 16:22 - 2021-11-11 16:22 - 000000000 ____D C:\WINDOWS\Philips 2021-11-10 15:10 - 2021-11-10 15:10 - 000000000 ____D C:\Users\papyo\AppData\Roaming\OpenOffice 2021-11-09 22:37 - 2021-11-09 22:37 - 000286720 _____ C:\WINDOWS\system32\AggregatorHost.exe 2021-11-09 22:37 - 2021-11-09 22:37 - 000077824 _____ C:\WINDOWS\system32\runexehelper.exe 2021-11-09 17:40 - 2021-11-09 17:40 - 003290776 _____ (Nicolas Coolman) C:\Users\papyo\ZHPCleaner.exe 2021-11-07 20:21 - 2021-11-07 20:21 - 000000000 ____D C:\Users\papyo\AppData\Local\mbam 2021-11-07 11:00 - 2021-11-07 11:00 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.11 2021-11-07 10:59 - 2021-11-07 11:00 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4 2021-11-07 10:58 - 2021-11-07 10:58 - 000000000 ____D C:\Users\papyo\redist 2021-11-07 10:58 - 2021-11-07 10:58 - 000000000 ____D C:\Users\papyo\readmes 2021-11-02 21:37 - 2021-11-02 21:37 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Local\ZHP 2021-11-02 08:30 - 2021-11-23 08:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360 2021-11-02 08:30 - 2021-11-02 22:01 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security 2021-11-02 08:30 - 2021-11-02 08:30 - 000003378 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration 2021-10-31 20:50 - 2021-10-31 20:51 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Local\Steam 2021-10-26 21:38 - 2021-10-26 21:38 - 000000000 ____D C:\Users\papyo\AppData\LocalLow\Statespace 2021-10-21 20:29 - 2021-10-21 20:29 - 000121344 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-10-21 20:29 - 2021-10-21 20:29 - 000024576 _____ C:\WINDOWS\system32\nrtapi.dll 2021-10-21 20:29 - 2021-10-21 20:29 - 000006656 _____ C:\WINDOWS\SysWOW64\nrtapi.dll 2021-10-21 20:28 - 2021-10-21 20:28 - 000258048 _____ C:\WINDOWS\system32\CoreMas.dll 2021-10-21 20:28 - 2021-10-21 20:28 - 000208896 _____ C:\WINDOWS\system32\IHDS.dll 2021-10-21 20:28 - 2021-10-21 20:28 - 000167936 _____ C:\WINDOWS\system32\TpmTool.exe 2021-10-21 19:55 - 2021-10-21 19:55 - 000000000 ____D C:\Users\papyo\AppData\Local\DBG 2021-10-20 20:41 - 2021-10-27 07:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2021-10-20 20:41 - 2021-10-20 20:41 - 000000000 ____D C:\Program Files\VS Revo Group 2021-10-19 05:44 - 2021-11-12 10:43 - 000000000 ____D C:\Users\papyo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net 2021-10-19 05:44 - 2021-11-12 10:41 - 000000000 ____D C:\Users\papyo\AppData\Roaming\Wargaming.net 2021-10-19 05:44 - 2021-11-12 10:40 - 000000000 ____D C:\Program Files (x86)\Wargaming.net 2021-10-13 08:19 - 2021-10-13 08:19 - 000617648 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-10-13 08:17 - 2021-10-13 08:17 - 000727576 _____ C:\WINDOWS\system32\TextShaping.dll 2021-09-25 09:39 - 2021-09-25 09:39 - 000000000 ____D C:\WINDOWS\Panther 2021-09-22 17:18 - 2021-09-22 17:18 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bing Wallpaper 2021-09-22 17:14 - 2021-09-22 17:14 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Local\Norton 2021-09-22 17:11 - 2021-09-22 17:11 - 000004062 _____ C:\WINDOWS\system32\Tasks\TUDsDownloader 2021-09-21 19:14 - 2021-09-21 19:14 - 123595735 _____ C:\Users\papyo\openoffice1.cab 2021-09-21 19:11 - 2021-09-21 19:11 - 002469888 _____ C:\Users\papyo\openoffice4111.msi 2021-09-21 19:11 - 2021-09-21 19:11 - 000479232 _____ C:\Users\papyo\setup.exe 2021-09-21 19:11 - 2021-09-21 19:11 - 000000282 _____ C:\Users\papyo\setup.ini 2021-09-18 07:32 - 2021-09-18 07:32 - 000024251 _____ C:\Users\papyo\OneDrive\Documents\facture-HH01009009-2021-08-2874763Vinci2.pdf 2021-09-15 17:05 - 2021-09-15 17:05 - 000024251 _____ C:\Users\papyo\OneDrive\Documents\facture-HH01009009-2021-08-2874763Vinci.pdf 2021-09-13 07:46 - 2021-11-01 22:55 - 000007597 _____ C:\Users\papyo\AppData\Local\resmon.resmoncfg 2021-09-09 06:11 - 2021-11-23 22:13 - 000000000 ____D C:\Users\papyo\AppData\Roaming\ZHP 2021-09-09 06:11 - 2021-11-22 09:25 - 000000000 ____D C:\Users\papyo\AppData\Local\ZHP 2021-09-01 21:02 - 2021-09-01 21:02 - 000000000 ____D C:\Program Files\Norton Utilities ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-11-23 22:09 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-11-23 21:28 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemTemp 2021-11-23 21:28 - 2020-04-29 21:56 - 000000000 ____D C:\ProgramData\NVIDIA 2021-11-23 21:25 - 2021-01-06 21:26 - 000000000 ____D C:\Users\papyo\AppData\Local\CrashDumps 2021-11-23 21:03 - 2019-12-07 20:59 - 000000000 ____D C:\Users\papyo\AppData\Local\D3DSCache 2021-11-23 17:40 - 2017-05-17 20:34 - 000000000 ____D C:\Users\papyo\AppData\LocalLow\Mozilla 2021-11-23 17:38 - 2021-05-08 14:02 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-11-23 17:38 - 2019-12-08 19:29 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-11-23 17:38 - 2019-12-08 19:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-11-23 09:04 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-11-23 08:59 - 2021-06-29 11:14 - 001800264 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-11-23 08:59 - 2021-06-05 19:14 - 000806506 _____ C:\WINDOWS\system32\perfh00C.dat 2021-11-23 08:59 - 2021-06-05 19:14 - 000156164 _____ C:\WINDOWS\system32\perfc00C.dat 2021-11-23 08:59 - 2021-06-05 13:09 - 000000000 ____D C:\WINDOWS\INF 2021-11-23 08:54 - 2021-06-29 11:04 - 000329016 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-11-23 08:54 - 2021-06-05 13:01 - 000016384 _____ C:\WINDOWS\system32\config\ELAM 2021-11-23 08:53 - 2021-06-29 11:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-11-23 08:52 - 2019-09-16 17:58 - 000012288 ___SH C:\DumpStack.log.tmp 2021-11-23 08:51 - 2021-06-05 13:01 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemResources 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\vi-VN 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\id-ID 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\gl-ES 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\eu-ES 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\ca-ES 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\appraiser 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-11-23 08:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-11-23 08:49 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\servicing 2021-11-23 08:45 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-11-23 08:35 - 2021-06-29 11:12 - 003086336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2021-11-22 10:29 - 2021-06-29 11:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-11-22 10:27 - 2021-06-29 10:44 - 000000000 ____D C:\Users\papyo 2021-11-22 09:41 - 2021-08-09 19:40 - 000000000 ____D C:\WINDOWS\Minidump 2021-11-22 08:59 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps 2021-11-20 16:27 - 2019-12-07 19:20 - 000000000 ____D C:\Users\papyo\AppData\Local\Packages 2021-11-20 11:54 - 2020-09-05 07:38 - 000000000 ____D C:\Users\papyo\OneDrive\Documents\pdf 2021-11-20 11:22 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-11-20 10:04 - 2021-06-29 10:44 - 000000000 ____D C:\Users\Gorpyloskev 2021-11-20 08:06 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-11-20 07:59 - 2021-06-29 11:11 - 000004180 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{96418FD3-5493-4989-A32B-8AF0801F3937} 2021-11-18 06:21 - 2021-06-29 11:13 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d76ccf33fac5d4 2021-11-18 06:21 - 2021-06-29 11:11 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-11-17 21:33 - 2020-01-09 00:15 - 000000000 ____D C:\Users\papyo\AppData\Local\NVIDIA 2021-11-17 21:25 - 2019-12-07 17:17 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2021-11-15 14:49 - 2021-04-14 07:31 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2021-11-14 15:34 - 2020-01-09 00:14 - 000000000 ____D C:\ProgramData\Package Cache 2021-11-14 09:13 - 2021-06-29 11:11 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2371481684-2106917738-1379841812-1001 2021-11-14 07:21 - 2019-12-07 17:17 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2021-11-13 19:28 - 2021-08-16 05:56 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Local\D3DSCache 2021-11-13 19:27 - 2020-11-20 10:54 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Roaming\ZHP 2021-11-13 18:07 - 2021-01-14 17:32 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Roaming\Wargaming.net 2021-11-13 17:59 - 2020-11-20 10:53 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Local\CrashDumps 2021-11-13 08:15 - 2019-12-11 14:36 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Local\Packages 2021-11-12 10:43 - 2021-01-07 06:39 - 000000000 ____D C:\Games 2021-11-11 16:22 - 2019-12-07 16:49 - 000000135 _____ C:\WINDOWS\win.ini 2021-11-09 22:53 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2021-11-09 22:53 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-11-09 22:51 - 2020-11-11 07:33 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-11-09 22:47 - 2020-11-11 07:32 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-11-09 15:22 - 2021-06-05 13:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-11-06 22:22 - 2021-07-23 06:43 - 000000000 ____D C:\Users\Gorpyloskev\AppData\Local\NVIDIA 2021-11-03 14:41 - 2019-12-16 17:37 - 000000000 ____D C:\Users\papyo\AppData\Local\cache 2021-11-03 07:44 - 2020-01-04 09:45 - 000000000 ____D C:\Users\papyo\AppData\Local\NPE 2021-11-02 09:12 - 2019-12-08 09:13 - 000000000 ____D C:\Program Files\Common Files\AV 2021-11-02 08:30 - 2019-12-08 08:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64 2021-11-01 09:25 - 2021-04-30 15:21 - 000000000 ____D C:\Users\papyo\OneDrive\Documents\Nouveau dossier 2021-10-29 20:24 - 2021-06-05 13:10 - 000000000 ____D C:\Program Files\Windows Defender 2021-10-29 20:24 - 2019-12-07 17:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-10-29 16:16 - 2019-12-07 21:16 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2021-10-28 22:20 - 2019-12-07 19:20 - 000000000 ____D C:\ProgramData\Packages ==================== Fichiers à la racine de certains dossiers ======== 2018-08-06 06:52 - 2018-08-06 06:52 - 000021368 _____ (Schneider Electric) C:\Users\papyo\en_res.dll 2018-08-06 06:52 - 2018-08-06 06:52 - 000021368 _____ (Schneider Electric) C:\Users\papyo\es_res.dll 2018-08-06 06:52 - 2018-08-06 06:52 - 000021880 _____ (Schneider Electric) C:\Users\papyo\fr_res.dll 2018-08-06 06:52 - 2018-08-06 06:52 - 000021880 _____ (Schneider Electric) C:\Users\papyo\grm_res.dll 2018-08-06 06:52 - 2018-08-06 06:52 - 000021368 _____ (Schneider Electric) C:\Users\papyo\it_res.dll 2018-08-06 06:52 - 2018-08-06 06:52 - 000020344 _____ (Schneider Electric) C:\Users\papyo\jp_res.dll 2018-08-06 06:52 - 2018-08-06 06:52 - 001079808 _____ (Microsoft Corporation) C:\Users\papyo\mfc80u.dll 2018-08-06 06:52 - 2018-08-06 06:52 - 000626688 _____ (Microsoft Corporation) C:\Users\papyo\msvcr80.dll 2018-08-06 06:52 - 2018-08-06 06:52 - 000021368 _____ (Schneider Electric) C:\Users\papyo\pt_res.dll 2018-08-06 06:52 - 2018-08-06 06:52 - 000018808 _____ () C:\Users\papyo\ResourceReader.dll 2018-08-06 06:52 - 2018-08-06 06:52 - 000020856 _____ (Schneider Electric) C:\Users\papyo\ru_res.dll 2021-09-21 19:11 - 2021-09-21 19:11 - 000479232 _____ () C:\Users\papyo\setup.exe 2021-11-09 17:40 - 2021-11-09 17:40 - 003290776 _____ (Nicolas Coolman) C:\Users\papyo\ZHPCleaner.exe 2018-08-06 06:52 - 2018-08-06 06:52 - 000019832 _____ (Schneider Electric) C:\Users\papyo\zh_res.dll 2021-09-13 07:46 - 2021-11-01 22:55 - 000007597 _____ () C:\Users\papyo\AppData\Local\resmon.resmoncfg ==================== SigCheckExt ========================= 2018-08-06 06:52 - 2018-08-06 06:52 - 001079808 _____ (Microsoft Corporation) C:\Users\papyo\mfc80u.dll 2018-08-06 06:52 - 2018-08-06 06:52 - 000626688 _____ (Microsoft Corporation) C:\Users\papyo\msvcr80.dll 2021-09-21 19:11 - 2021-09-21 19:11 - 000479232 _____ C:\Users\papyo\setup.exe 2021-11-09 17:40 - 2021-11-09 17:40 - 003290776 _____ (Nicolas Coolman) C:\Users\papyo\ZHPCleaner.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {ccea8f3d-9f98-11e4-95ec-939cabdeb8ad} {e65f7f07-38ef-11ec-8e77-806e6f6e6963} {e65f7f08-38ef-11ec-8e77-806e6f6e6963} timeout 1 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {871c5f38-9df7-11eb-8dae-f07959391953} displayorder {current} toolsdisplayorder {memdiag} timeout 0 Application logicielle (101fffff) -------------------------------- identificateur {ccea8f3d-9f98-11e4-95ec-939cabdeb8ad} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager badmemoryaccess Yes Application logicielle (101fffff) -------------------------------- identificateur {e65f7f07-38ef-11ec-8e77-806e6f6e6963} description UEFI: IPV4 Intel(R) Ethernet Connection (2) I218-V Application logicielle (101fffff) -------------------------------- identificateur {e65f7f08-38ef-11ec-8e77-806e6f6e6963} description UEFI: IPV6 Intel(R) Ethernet Connection (2) I218-V Chargeur de d‚marrage Windows ----------------------------- identificateur {5b0adfb8-feae-11ea-95e2-ce06c8fa01e4} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{5b0adfb9-feae-11ea-95e2-ce06c8fa01e4} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{5b0adfb9-feae-11ea-95e2-ce06c8fa01e4} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {871c5f3b-9df7-11eb-8dae-f07959391953} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {871c5f38-9df7-11eb-8dae-f07959391953} nx OptIn bootmenupolicy Standard usefirmwarepcisettings No bootlog No Chargeur de d‚marrage Windows ----------------------------- identificateur {871c5f3b-9df7-11eb-8dae-f07959391953} device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{871c5f3c-9df7-11eb-8dae-f07959391953} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{871c5f3c-9df7-11eb-8dae-f07959391953} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {871c5f38-9df7-11eb-8dae-f07959391953} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {871c5f3b-9df7-11eb-8dae-f07959391953} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: custom:21000026 partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {871c5f3c-9df7-11eb-8dae-f07959391953} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume5 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================