Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 01-09-2021
Exécuté par youss (administrateur) sur LAPTOP-2AVRFM4M (LENOVO 81LK) (05-09-2021 12:57:32)
Exécuté depuis D:\application\frst
Profils chargés: youss
Platform: Windows 10 Home Version 21H1 19043.1165 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Discord Inc. -> Discord Inc.) C:\Users\youss\AppData\Local\Discord\app-1.0.9002\Discord.exe <6>
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Greatis Software LLC -> Greatis Software, LLC) C:\Windows\U666MYX\SU10Guard.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_f222132bfa8270de\RstMwService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.8.23.0\Lenovo.Vantage.AddinHost.Amd64.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.8.23.0\Lenovo.Vantage.AddinHost.exe <3>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.8.23.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <27>
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20206.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20206.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_0864489309f69794\Display.NvContainer\NVDisplay.Container.exe <2>
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [1076728 2020-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-197461977-1359920147-718343051-1001\...\Run: [Discord] => C:\Users\youss\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-197461977-1359920147-718343051-1001\...\Run: [EpicGamesLauncher] => D:\application\epic games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33310688 2021-09-04] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-197461977-1359920147-718343051-1001\...\Run: [GameCenter] => C:\Users\youss\AppData\Local\GameCenter\GameCenter.exe [11135800 2021-08-29] (LLC Mail.Ru -> )
HKU\S-1-5-21-197461977-1359920147-718343051-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [136443296 2021-07-31] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-197461977-1359920147-718343051-1001\...\Run: [com.blitz.app] => C:\Users\youss\AppData\Local\Programs\Blitz\Blitz.exe [122577672 2021-08-04] (Swift Media Entertainment, Inc. -> Blitz, Inc.)
HKU\S-1-5-21-197461977-1359920147-718343051-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1079184 2021-08-16] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-197461977-1359920147-718343051-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3145920 2021-08-19] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-197461977-1359920147-718343051-1001\...\Run: [electron.app.Untapped.gg Companion] => C:\Users\youss\AppData\Local\Programs\untapped-companion\Untapped.gg Companion.exe [110792464 2021-09-04] (HearthSim, LLC -> HearthSim, LLC)
HKU\S-1-5-21-197461977-1359920147-718343051-1001\...\Run: [Steam] => D:\application\steam\steam2\steam.exe [4110568 2021-07-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-197461977-1359920147-718343051-1001\...\Run: [MicrosoftEdgeAutoLaunch_AC4FEFDBA80C9F1F7D96A2737486F40E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-197461977-1359920147-718343051-1001\...\Policies\Explorer: [NoSecurityTab] 1
IFEO\EOSNOTIFY.EXE: [Debugger] *
IFEO\InstallAgent.exe: [Debugger] *
IFEO\MusNotification.exe: [Debugger] *
IFEO\MUSNOTIFICATIONUX.EXE: [Debugger] *
IFEO\remsh.exe: [Debugger] *
IFEO\SIHClient.exe: [Debugger] *
IFEO\UpdateAssistant.exe: [Debugger] *
IFEO\UPFC.EXE: [Debugger] *
IFEO\UsoClient.exe: [Debugger] *
IFEO\WaaSMedic.exe: [Debugger] *
IFEO\WaasMedicAgent.exe: [Debugger] *
IFEO\Windows10Upgrade.exe: [Debugger] *
IFEO\WINDOWS10UPGRADERAPP.EXE: [Debugger] *
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WSAndroidAppHelper.lnk [2021-08-27]
ShortcutTarget: WSAndroidAppHelper.lnk -> C:\Program Files (x86)\Wondershare\drfone\Addins\SocialApps\WSAndroidAppHelper.exe (Pas de fichier)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WSAppHelper.lnk [2021-08-27]
ShortcutTarget: WSAppHelper.lnk -> C:\Program Files (x86)\Wondershare\drfone\Addins\SocialApps\WSAppHelper.exe (Pas de fichier)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {06FEF118-1E47-4CD0-8CA1-3F23A5249FEF} - \OneDrive Standalone Update Task-S-1-5-21-3361115751-27757304-2163315715-500 -> Pas de fichier <==== ATTENTION
Task: {105D676A-D551-4274-81E7-97AC52E4FD87} - \Microsoft\Windows\Speech\HeadsetButtonPress -> Pas de fichier <==== ATTENTION
Task: {1949073A-8FDA-4EA4-8E59-407CDB02440F} - \Microsoft\Windows\WindowsUpdate\sihpostreboot -> Pas de fichier <==== ATTENTION
Task: {25734E9E-26D9-4A70-8237-9686954DF070} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {26531502-193B-4AAA-BDB6-B5CE3BDECD17} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0499d265-12cd-4b6e-8290-e320b630d641 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {3A096FDC-12C3-4031-A4F9-28FF41DD1962} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {45948FD1-5F79-46E0-BE93-1830AC25891D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7735da61-916e-4ff4-bb89-e81d1dcf6195 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {46B7CA86-57FF-498D-9580-57B354543BC6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {495FF134-B9FC-4ACE-83AA-28BB9C02097D} - System32\Tasks\AviraSystemSpeedupRemoval => %comspec% [Argument = /C rmdir "C:\Program Files (x86)\Avira\System Speedup" /S /Q & schtasks /Delete /F /TN AviraSystemSpeedupRemoval]
Task: {4DB72A4D-5219-4B06-8193-848427287E85} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4E66159F-7B7E-479F-BA59-C2B940FF13D5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5ABA65E6-EBA0-449C-B983-58144EE46C96} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5B5DFC2E-1B2D-403E-BD11-9EFB772AE0B1} - \LenovoUtility Startup -> Pas de fichier <==== ATTENTION
Task: {6143F94F-B33A-4352-B417-944DDD5F4CFF} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
"C:\Windows\System32\Tasks\Microsoft\Windows\Google" n'a pas pu être déverrouillé. <==== ATTENTION
"C:\Windows\System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineTN" a été déverrouillé. <==== ATTENTION
Task: {64478F23-4265-4719-A005-D93D4A11672E} - System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineTN => C:\Windows\SysWOW64\IME\shared\Y-1-37-54\BI_1.4.49.93.exe (Accès refusé) <==== ATTENTION
Task: {7564403E-AB7A-4D8C-950A-C32505612530} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4a5028ae-44ec-48a1-a6ca-5709d37058e8 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {75827A58-37A2-4FED-A722-1D2AFCCCCAB2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7EEB00E2-E6FA-4400-AD59-00E48F8B2375} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {8535BB6B-1912-4433-A1E6-B3F5519574D0} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {856CD1BB-9DB4-4A20-B5B0-D402FCEB4669} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\Windows\system32\ImController.InfInstaller.exe [62440 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {9219C992-9D6B-4442-BE4A-D132E6ED3934} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {991CAD24-83FF-4F3B-BF65-514EF74A0878} - System32\Tasks\Opera scheduled Autoupdate 1619690354 => C:\Users\youss\AppData\Local\Programs\Opera\launcher.exe
Task: {A15F447E-E649-4B7B-AE5C-229536565188} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A21BAC49-01DA-42A8-810A-833ED1370D08} - System32\Tasks\Opera scheduled assistant Autoupdate 1619690366 => C:\Users\youss\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\youss\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {BE6275D8-3EE6-4DE7-89CD-7733CA698768} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C6FE0AFF-41D2-4726-8BFA-2A6103EEDF78} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CA4C12B0-0A3F-436B-913C-8AA7A57B5D9D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
Task: {CBFB6BE6-9828-4121-A91C-8ADE8B6B1C36} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> Pas de fichier <==== ATTENTION
Task: {E9E9CE97-E54F-4DA8-B38F-49BF6B24F271} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\27c4a22b-cc2b-4779-845e-29f1247396d2 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {ED4739B1-8797-4D15-A588-7CF608240E77} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144456 2021-07-15] (Lenovo -> Lenovo Group Ltd.)
Task: {EF0FD99F-BA6A-45EA-9A8E-A71918A96EC9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F4C59D95-E6C3-4346-9A21-689E28CCD97A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a09f4b47-9d2a-4f15-bd29-625563f3703d => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {F8BA9E18-B71B-4212-BF04-752F999B1995} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FCEC1B8D-5352-4A5E-B70B-F8CAE4B59C69} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FF134F33-9AB8-4E03-8B7D-6C02BE2021B5} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.8.23.0\ScheduleEventAction.exe [26664 2021-07-21] (Lenovo -> Lenovo Group Ltd.)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{096e3e17-8d86-4b23-9f31-e2be2990b580}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{14f822ae-c6ad-4907-903a-4bff112951f8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{429a611a-de49-4d48-860c-d8616493760e}: [DhcpNameServer] 192.168.109.236

Edge:
=======
DownloadDir: C:\Users\youss\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\youss\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-05]
Edge DownloadDir: Default -> D:\
Edge Notifications: Default -> hxxps://bomero.net; hxxps://www.instagram.com; hxxps://www.youtube.com
Edge Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\youss\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2021-08-17]
Edge Extension: (Curseur personnalisé - Changeur de curseur) - C:\Users\youss\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ogdlpmhglpejoiomcodnpjnfgcpmgale [2021-08-17]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]

FireFox:
========
FF DefaultProfile: hijoa7dx.default
FF ProfilePath: C:\Users\youss\AppData\Roaming\Mozilla\Firefox\Profiles\hijoa7dx.default [2021-05-27]
FF ProfilePath: C:\Users\youss\AppData\Roaming\Mozilla\Firefox\Profiles\2kswdxqx.default-release [2021-05-27]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8912272 2021-06-25] (BattlEye Innovations e.K. -> )
R2 DolbyDAXAPI; C:\Windows\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-01] (Dolby Laboratories, Inc. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2021-06-01] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 FMAPOService; C:\Windows\System32\FMService64.exe [359808 2019-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.8.23.0\LenovoVantageService.exe [31248 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10787232 2021-07-31] (Logitech Inc -> Logitech, Inc.)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [22174424 2021-09-04] (LLC Mail.Ru -> LLC Mail.Ru)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2557144 2021-08-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3475680 2021-08-19] (Electronic Arts, Inc. -> Electronic Arts)
S3 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [183816 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 SU10Guard; C:\Windows\U666MYX\SU10Guard.exe [72776 2020-05-31] (Greatis Software LLC -> Greatis Software, LLC)
S3 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [317144 2021-09-03] (Twitch Interactive, Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [262880 2021-07-20] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 DFWSIDService; C:\Program Files (x86)\Wondershare\drfone\WsidService.exe [X]
S2 ElevationService; C:\Program Files (x86)\Wondershare\drfone\Addins\Backup\ElevationService.exe [X]
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_0864489309f69794\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_0864489309f69794\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Pilotes (Avec liste blanche) ===================

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Trois mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-09-05 12:56 - 2021-09-05 12:57 - 000000000 ____D C:\FRST
2021-09-05 12:02 - 2021-09-05 12:02 - 000003454 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupRemoval
2021-09-05 12:02 - 2021-09-05 12:02 - 000000000 ____D C:\Windows\system32\Tasks\Avira
2021-09-05 12:01 - 2021-09-05 12:01 - 000000000 ____H C:\ProgramData\rebootpending.txt
2021-09-05 11:56 - 2021-09-05 11:56 - 000000000 ____D C:\Users\Public\Security Sessions
2021-09-05 11:54 - 2021-09-05 11:54 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2021-09-05 11:54 - 2019-03-20 19:50 - 000046704 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2021-09-05 11:54 - 2019-03-20 19:50 - 000045472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2021-09-05 11:52 - 2021-09-05 12:03 - 000000000 ____D C:\ProgramData\Avira
2021-09-05 11:52 - 2021-09-05 12:03 - 000000000 ____D C:\Program Files (x86)\Avira
2021-09-05 11:52 - 2021-09-05 11:56 - 000000000 ____D C:\Users\youss\AppData\Local\Avira
2021-09-04 23:29 - 2021-09-04 23:29 - 081002496 _____ C:\Windows\system32\config\SOFTWARE
2021-09-04 23:27 - 2021-09-04 23:29 - 000000000 ____D C:\Windows\Microsoft Antimalware
2021-09-04 21:03 - 2021-09-04 21:03 - 022174424 _____ (LLC Mail.Ru) C:\Windows\system32\mracsvc.exe
2021-09-04 21:03 - 2021-09-04 21:03 - 021413808 _____ (LLC Mail.Ru) C:\Windows\system32\Drivers\mracdrv1.sys
2021-09-03 18:37 - 2021-09-03 18:37 - 000007603 _____ C:\Users\youss\AppData\Local\Resmon.ResmonCfg
2021-09-02 11:20 - 2021-09-02 11:20 - 000000000 ____D C:\Users\youss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-09-02 11:12 - 2021-09-02 11:12 - 000000000 ____D C:\Users\youss\AppData\Local\Steam
2021-09-02 11:11 - 2021-09-02 11:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-09-01 20:30 - 2021-08-28 14:25 - 001858664 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2021-09-01 20:30 - 2021-08-28 14:25 - 001858664 _____ C:\Windows\system32\vulkaninfo.exe
2021-09-01 20:30 - 2021-08-28 14:25 - 001474704 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2021-09-01 20:30 - 2021-08-28 14:25 - 001438848 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-09-01 20:30 - 2021-08-28 14:25 - 001438848 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2021-09-01 20:30 - 2021-08-28 14:25 - 001212536 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2021-09-01 20:30 - 2021-08-28 14:25 - 001097856 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2021-09-01 20:30 - 2021-08-28 14:25 - 001097856 _____ C:\Windows\system32\vulkan-1.dll
2021-09-01 20:30 - 2021-08-28 14:25 - 000951936 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2021-09-01 20:30 - 2021-08-28 14:25 - 000951936 _____ C:\Windows\SysWOW64\vulkan-1.dll
2021-09-01 20:30 - 2021-08-28 14:22 - 001520760 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2021-09-01 20:30 - 2021-08-28 14:22 - 001171064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2021-09-01 20:30 - 2021-08-28 14:22 - 000716920 _____ C:\Windows\system32\nvofapi64.dll
2021-09-01 20:30 - 2021-08-28 14:22 - 000676480 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2021-09-01 20:30 - 2021-08-28 14:22 - 000645240 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2021-09-01 20:30 - 2021-08-28 14:22 - 000577168 _____ C:\Windows\SysWOW64\nvofapi.dll
2021-09-01 20:30 - 2021-08-28 14:22 - 000564344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2021-09-01 20:30 - 2021-08-28 14:21 - 002112128 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2021-09-01 20:30 - 2021-08-28 14:21 - 001595536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2021-09-01 20:30 - 2021-08-28 14:21 - 000919184 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2021-09-01 20:30 - 2021-08-28 14:21 - 000706192 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2021-09-01 20:30 - 2021-08-28 14:20 - 008854144 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2021-09-01 20:30 - 2021-08-28 14:20 - 007920760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2021-09-01 20:30 - 2021-08-28 14:20 - 005681280 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2021-09-01 20:30 - 2021-08-28 14:20 - 004987512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2021-09-01 20:30 - 2021-08-28 14:20 - 002925688 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2021-09-01 20:30 - 2021-08-28 14:20 - 000447104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2021-09-01 20:30 - 2021-08-28 14:19 - 000849016 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2021-09-01 20:30 - 2021-08-28 14:18 - 006216336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2021-09-01 20:30 - 2021-08-27 18:54 - 000083133 _____ C:\Windows\system32\nvinfo.pb
2021-08-30 22:22 - 2021-08-30 22:22 - 000000000 ____D C:\Users\youss\OneDrive\Documents\Enregistrements audio
2021-08-27 18:09 - 2021-08-27 18:09 - 000000000 ____D C:\ProgramData\WsAppHelper
2021-08-27 18:04 - 2021-08-27 18:04 - 000000000 ____D C:\ProgramData\Apple Computer
2021-08-27 17:58 - 2021-08-27 17:58 - 000110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2021-08-27 17:38 - 2021-09-05 09:02 - 000000000 ____D C:\Windows\U666MYX
2021-08-27 17:29 - 2021-08-27 17:31 - 000000000 ____D C:\Users\youss\AppData\Local\Wide Angle Software
2021-08-27 17:29 - 2021-08-27 17:29 - 000000000 ____D C:\Users\youss\AppData\Local\Wide_Angle_Software_Ltd
2021-08-27 17:28 - 2021-08-27 17:28 - 000000000 ____D C:\Users\youss\AppData\Roaming\Wide Angle Software
2021-08-27 17:18 - 2021-08-27 18:16 - 000000000 ____D C:\Users\youss\.android
2021-08-27 17:17 - 2021-08-28 22:32 - 000000000 ____D C:\ProgramData\Wondershare
2021-08-27 17:17 - 2021-08-28 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2021-08-27 17:17 - 2021-08-28 22:32 - 000000000 ____D C:\Program Files (x86)\Wondershare
2021-08-27 17:17 - 2021-08-27 18:15 - 000000000 ____D C:\Users\youss\AppData\Roaming\MobileBackupForeverIni
2021-08-27 17:17 - 2021-08-27 18:11 - 000000000 ____D C:\Users\youss\AppData\Local\Wondershare
2021-08-27 17:17 - 2021-08-27 17:17 - 000000016 _____ C:\ProgramData\mntemp
2021-08-27 17:17 - 2021-08-27 17:17 - 000000000 ____D C:\ProgramData\Apple
2021-08-27 17:16 - 2021-08-27 18:15 - 000000000 ____D C:\Users\youss\AppData\Roaming\Wondershare
2021-08-27 16:29 - 2021-08-27 16:29 - 000000000 ____D C:\Users\youss\OneDrive\Documents\Mono
2021-08-27 16:28 - 2021-08-27 17:22 - 000000000 ____D C:\Users\youss\OneDrive\Documents\Mobo
2021-08-27 16:28 - 2021-08-27 17:22 - 000000000 ____D C:\Program Files (x86)\Mobo
2021-08-27 16:28 - 2021-08-27 16:28 - 000000000 ____D C:\Users\youss\OneDrive\Documents\.android
2021-08-27 16:28 - 2021-08-27 16:28 - 000000000 ____D C:\Program Files (x86)\Mono
2021-08-27 15:37 - 2021-09-01 20:34 - 000000000 ____D C:\Windows\LastGood
2021-08-21 16:55 - 2021-09-04 20:20 - 000000000 ____D C:\Users\youss\AppData\Roaming\untapped-companion
2021-08-21 16:55 - 2021-08-26 09:51 - 000000000 ____D C:\Users\youss\AppData\Local\untapped-companion-updater
2021-08-21 16:55 - 2021-08-21 16:55 - 000002525 _____ C:\Users\youss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Untapped.gg Companion.lnk
2021-08-21 15:27 - 2021-09-05 12:05 - 000000000 ____D C:\Users\youss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim
2021-08-21 15:27 - 2021-09-05 12:05 - 000000000 ____D C:\Users\youss\AppData\Local\HearthstoneDeckTracker
2021-08-21 15:27 - 2021-09-02 16:57 - 000000000 ____D C:\Users\youss\AppData\Roaming\HearthstoneDeckTracker
2021-08-19 23:05 - 2021-08-19 23:05 - 000000000 ____D C:\Windows\LastGood.Tmp
2021-08-19 23:02 - 2021-08-28 14:21 - 000750224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2021-08-17 23:32 - 2021-08-17 23:32 - 000000000 ___HD C:\$WinREAgent
2021-08-17 23:03 - 2021-08-17 23:03 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2021-08-17 23:03 - 2021-08-17 23:03 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2021-08-17 23:03 - 2021-08-17 23:03 - 001823280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-08-17 23:03 - 2021-08-17 23:03 - 001393480 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-08-17 23:03 - 2021-08-17 23:03 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-08-17 23:03 - 2021-08-17 23:03 - 000011347 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-08-17 23:02 - 2021-08-17 23:02 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2021-08-17 12:26 - 2021-08-17 12:26 - 000000000 ____D C:\Users\youss\AppData\LocalLow\Blizzard Entertainment
2021-08-17 12:26 - 2021-08-17 12:26 - 000000000 ____D C:\Users\youss\AppData\Local\Blizzard
2021-08-17 12:22 - 2021-08-17 12:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2021-08-07 12:47 - 2021-09-05 11:35 - 000000000 ____D C:\Users\youss\AppData\Local\GameCenter
2021-08-03 20:50 - 2021-06-29 05:43 - 000159864 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus2.sys
2021-08-02 20:04 - 2021-08-02 20:04 - 002371072 _____ C:\Windows\system32\rdpnano.dll
2021-08-02 20:04 - 2021-08-02 20:04 - 001314128 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-08-02 20:04 - 2021-08-02 20:04 - 000570880 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-08-02 20:04 - 2021-08-02 20:04 - 000452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-08-02 20:04 - 2021-08-02 20:04 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2021-08-02 20:04 - 2021-08-02 20:04 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2021-08-02 20:04 - 2021-08-02 20:04 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2021-08-02 20:04 - 2021-08-02 20:04 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb
2021-08-02 20:04 - 2021-08-02 20:04 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
2021-08-02 20:04 - 2021-08-02 20:04 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rendezvousSession.tlb
2021-08-02 20:04 - 2021-08-02 20:04 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\rendezvousSession.tlb
2021-08-02 20:03 - 2021-08-02 20:03 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-08-02 20:03 - 2021-08-02 20:03 - 000097792 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-08-02 14:44 - 2021-08-02 14:44 - 000000000 ____D C:\Users\youss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-07-31 21:34 - 2021-07-31 21:34 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2021-07-31 21:34 - 2021-07-31 21:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apex Legends
2021-07-31 21:08 - 2021-07-31 21:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2021-07-31 20:43 - 2021-07-31 20:44 - 000000000 ____D C:\Program Files (x86)\Origin Games
2021-07-31 20:39 - 2021-08-25 22:59 - 000000000 ____D C:\Program Files (x86)\Origin
2021-07-31 20:39 - 2021-07-31 21:50 - 000000000 ____D C:\ProgramData\Electronic Arts
2021-07-31 20:39 - 2021-07-31 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2021-07-31 20:37 - 2021-09-04 20:12 - 000000000 ____D C:\Users\youss\AppData\Roaming\Origin
2021-07-31 20:37 - 2021-09-04 20:12 - 000000000 ____D C:\ProgramData\Origin
2021-07-31 20:37 - 2021-09-04 20:11 - 000000000 ____D C:\Users\youss\AppData\Local\Origin
2021-07-31 20:37 - 2021-07-31 20:37 - 000000000 ____D C:\Users\youss\.QtWebEngineProcess
2021-07-31 20:37 - 2021-07-31 20:37 - 000000000 ____D C:\Users\youss\.Origin
2021-07-31 20:33 - 2021-07-31 20:33 - 002040296 _____ (Logitech) C:\Windows\system32\logi_audio_hx2e_render_apo.dll
2021-07-31 20:33 - 2021-07-31 20:33 - 000412312 _____ (Logitech) C:\Windows\system32\logi_audio_dts_studio_capture_apo.dll
2021-07-31 20:33 - 2021-07-31 20:33 - 000044496 _____ (Logitech) C:\Windows\system32\Drivers\logi_audio_surround.sys
2021-06-26 09:10 - 2021-08-27 18:04 - 000000000 ____D C:\Users\youss\AppData\Local\Apple Computer
2021-06-26 09:10 - 2021-06-26 09:10 - 000000000 ____D C:\Users\youss\OneDrive\Documents\Call of Duty Modern Warfare
2021-06-25 20:41 - 2021-06-25 20:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Modern Warfare
2021-06-25 18:32 - 2021-09-04 20:20 - 000000000 ____D C:\Users\youss\AppData\Local\Battle.net
2021-06-25 18:32 - 2021-08-17 12:26 - 000000000 ____D C:\Users\youss\AppData\Roaming\Battle.net
2021-06-25 18:32 - 2021-06-25 18:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2021-06-25 18:32 - 2021-06-25 18:32 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2021-06-25 18:31 - 2021-08-17 12:05 - 000000000 ____D C:\Program Files (x86)\Battle.net
2021-06-25 18:31 - 2021-06-25 18:31 - 000000000 ____D C:\Users\youss\AppData\Local\Blizzard Entertainment
2021-06-25 18:30 - 2021-06-25 18:30 - 000000000 ____D C:\ProgramData\Battle.net
2021-06-11 17:29 - 2021-06-09 05:58 - 000037664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2021-06-11 16:55 - 2021-06-11 16:55 - 001864192 _____ (The ICU Project) C:\Windows\SysWOW64\icu.dll
2021-06-11 16:55 - 2021-06-11 16:55 - 000468440 _____ C:\Windows\SysWOW64\WindowManagementAPI.dll
2021-06-11 16:55 - 2021-06-11 16:55 - 000423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-06-11 16:55 - 2021-06-11 16:55 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-06-11 16:54 - 2021-06-11 16:54 - 002260480 _____ (The ICU Project) C:\Windows\system32\icu.dll
2021-06-11 16:54 - 2021-06-11 16:54 - 000657464 _____ C:\Windows\system32\WindowManagementAPI.dll
2021-06-11 16:54 - 2021-06-11 16:54 - 000563712 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-06-11 16:54 - 2021-06-11 16:54 - 000287232 _____ C:\Windows\system32\CoreMas.dll
2021-06-11 16:54 - 2021-06-11 16:54 - 000272384 _____ C:\Windows\system32\TpmTool.exe

==================== Trois mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-09-05 12:57 - 2021-03-31 13:34 - 000000000 ____D C:\Users\youss\AppData\Roaming\discord
2021-09-05 12:56 - 2021-03-31 13:24 - 001770910 _____ C:\Windows\system32\PerfStringBackup.INI
2021-09-05 12:56 - 2019-12-07 16:49 - 000794488 _____ C:\Windows\system32\perfh00C.dat
2021-09-05 12:56 - 2019-12-07 16:49 - 000150602 _____ C:\Windows\system32\perfc00C.dat
2021-09-05 12:56 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-09-05 12:52 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2021-09-05 12:39 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-05 12:31 - 2021-03-31 13:34 - 000000000 ____D C:\Users\youss\AppData\Local\Discord
2021-09-05 12:25 - 2020-03-18 22:44 - 000000000 ____D C:\ProgramData\NVIDIA
2021-09-05 12:11 - 2021-05-29 13:29 - 000000000 ____D C:\ProgramData\Riot Games
2021-09-05 12:06 - 2021-05-29 13:29 - 000000000 ____D C:\Riot Games
2021-09-05 12:06 - 2021-05-29 13:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2021-09-05 12:01 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-09-05 11:55 - 2021-03-31 11:20 - 000000000 ____D C:\Windows\Panther
2021-09-05 09:31 - 2021-03-31 13:12 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-09-05 09:02 - 2021-03-31 13:13 - 000000134 _____ C:\Windows\system32\regtest.txt
2021-09-05 09:02 - 2021-03-31 13:13 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-09-05 09:01 - 2021-03-31 13:12 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-04 23:58 - 2021-03-31 13:24 - 000000000 ____D C:\Users\youss
2021-09-04 23:46 - 2021-03-31 19:18 - 000000000 ____D C:\Users\youss\AppData\Local\ElevatedDiagnostics
2021-09-04 23:33 - 2021-04-02 18:36 - 000000000 ____D C:\ProgramData\VEGAS
2021-09-04 23:10 - 2021-03-31 18:19 - 000000000 ____D C:\Users\youss\AppData\Roaming\LGHUB
2021-09-04 23:10 - 2021-03-31 18:19 - 000000000 ____D C:\Users\youss\AppData\Local\LGHUB
2021-09-04 22:26 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2021-09-04 21:41 - 2021-03-31 13:13 - 000000000 ____D C:\ProgramData\Lenovo
2021-09-04 21:30 - 2021-03-31 13:29 - 000000000 ____D C:\Users\youss\AppData\Local\PlaceholderTileLogoFolder
2021-09-04 20:16 - 2021-04-21 22:57 - 000000000 ____D C:\Users\youss\AppData\Local\Ubisoft Game Launcher
2021-09-04 09:34 - 2021-03-31 13:37 - 000000000 ____D C:\Users\youss\AppData\Local\D3DSCache
2021-09-04 09:32 - 2021-03-31 13:32 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-04 09:32 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-04 09:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-09-03 18:43 - 2021-04-03 11:02 - 000000000 ____D C:\Users\youss\AppData\Roaming\Twitch Studio
2021-09-03 17:01 - 2021-04-03 11:02 - 000000000 ____D C:\Program Files\Common Files\Twitch
2021-09-02 20:40 - 2021-04-11 20:08 - 000000000 ____D C:\Users\youss\AppData\Roaming\Samsung
2021-09-02 20:40 - 2020-03-18 22:39 - 000000000 ____D C:\ProgramData\Package Cache
2021-09-01 20:34 - 2021-04-03 18:49 - 000000000 ____D C:\Users\youss\AppData\Local\CrashDumps
2021-09-01 20:34 - 2021-04-02 19:22 - 000000000 ____D C:\Users\youss\AppData\Local\NVIDIA
2021-09-01 08:01 - 2021-03-31 13:34 - 000000000 ____D C:\Users\youss\AppData\Local\SquirrelTemp
2021-08-31 20:49 - 2021-03-31 13:27 - 000000000 ____D C:\Users\youss\AppData\Local\Packages
2021-08-30 21:18 - 2021-03-31 13:12 - 000629352 _____ C:\Windows\system32\FNTCACHE.DAT
2021-08-28 14:18 - 2021-03-20 10:50 - 007280848 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2021-08-27 16:41 - 2021-03-31 13:28 - 000000000 ____D C:\Users\youss\AppData\Local\Publishers
2021-08-27 16:41 - 2021-03-31 13:27 - 000000000 ____D C:\ProgramData\Packages
2021-08-26 14:39 - 2021-03-31 14:20 - 000004336 _____ C:\Windows\system32\InstallUtil.InstallLog
2021-08-22 19:01 - 2021-03-31 13:37 - 000000000 ____D C:\Users\youss\AppData\Local\NVIDIA Corporation
2021-08-17 23:34 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-08-17 23:29 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP
2021-08-17 23:29 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-08-17 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-08-17 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-08-17 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-08-17 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2021-08-17 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2021-08-17 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-08-17 23:29 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2021-08-17 22:55 - 2021-04-01 19:55 - 000000000 ____D C:\Windows\system32\MRT
2021-08-17 22:55 - 2021-04-01 19:14 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-17 22:47 - 2021-04-01 19:55 - 133215968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-08-15 22:38 - 2021-03-31 13:32 - 000003634 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-15 22:38 - 2021-03-31 13:32 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-12 10:55 - 2021-03-03 18:13 - 000429944 _____ (Lenovo Group Limited) C:\Windows\system32\iMDriverHelper.dll
2021-08-12 10:55 - 2021-03-03 18:13 - 000108008 _____ (Lenovo Group Ltd.) C:\Windows\system32\WudfUpdate_02000.dll
2021-08-12 10:55 - 2021-03-03 18:13 - 000062440 _____ (Lenovo Group Ltd.) C:\Windows\system32\ImController.InfInstaller.exe
2021-08-12 10:55 - 2020-03-18 22:31 - 000108008 _____ (Lenovo Group Ltd.) C:\Windows\system32\ImController.CoInstaller.dll
2021-08-08 18:49 - 2021-05-12 22:14 - 000000000 ____D C:\Users\youss\AppData\Roaming\DS4Windows
2021-08-07 17:48 - 2021-03-31 13:41 - 000000000 ____D C:\Users\youss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games

==================== Fichiers à la racine de certains dossiers ========

2021-05-29 13:41 - 2021-08-05 10:12 - 000000032 _____ () C:\Users\youss\AppData\Roaming\.machineId
2021-09-03 18:37 - 2021-09-03 18:37 - 000007603 _____ () C:\Users\youss\AppData\Local\Resmon.ResmonCfg

==================== SigCheckExt =========================

2007-04-27 10:43 - 2007-04-27 10:43 - 000120200 _____ () C:\Windows\SysWOW64\DLLDEV32i.dll
2017-11-30 23:26 - 2017-11-30 23:26 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2017-11-30 23:26 - 2017-11-30 23:26 - 000344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2017-11-30 23:26 - 2017-11-30 23:26 - 000348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2021-04-29 11:58 - 2021-04-29 11:58 - 048766847 _____ C:\Users\youss\Downloads\zoom-win32.exe

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)


==================== BCD ================================

Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{a57b9bc5-69a1-11ea-85c0-806e6f6e6963}
{a57b9bc0-69a1-11ea-85c0-806e6f6e6963}
{a57b9bc1-69a1-11ea-85c0-806e6f6e6963}
{a57b9bc2-69a1-11ea-85c0-806e6f6e6963}
timeout 0

Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume3
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {37337faa-9202-11eb-bd80-a0f91e0fb70a}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0

Application logicielle (101fffff)
--------------------------------
identificateur {a57b9bc0-69a1-11ea-85c0-806e6f6e6963}
description EFI USB Device

Application logicielle (101fffff)
--------------------------------
identificateur {a57b9bc1-69a1-11ea-85c0-806e6f6e6963}
description EFI DVD/CDROM

Application logicielle (101fffff)
--------------------------------
identificateur {a57b9bc2-69a1-11ea-85c0-806e6f6e6963}
description EFI Network

Application logicielle (101fffff)
--------------------------------
identificateur {a57b9bc3-69a1-11ea-85c0-806e6f6e6963}
description EFI PXE 0 for IPv4 (F8-75-A4-DD-AA-54)

Application logicielle (101fffff)
--------------------------------
identificateur {a57b9bc4-69a1-11ea-85c0-806e6f6e6963}
description EFI PXE 0 for IPv6 (F8-75-A4-DD-AA-54)

Application logicielle (101fffff)
--------------------------------
identificateur {a57b9bc5-69a1-11ea-85c0-806e6f6e6963}
device partition=\Device\HarddiskVolume3
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager

Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {a0f6d76c-b543-11ea-aa82-f875a4ddaa54}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {37337faa-9202-11eb-bd80-a0f91e0fb70a}
nx OptIn
bootmenupolicy Standard

Chargeur de d‚marrage Windows
-----------------------------
identificateur {a0f6d76c-b543-11ea-aa82-f875a4ddaa54}
device ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{a0f6d76d-b543-11ea-aa82-f875a4ddaa54}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{a0f6d76d-b543-11ea-aa82-f875a4ddaa54}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {37337faa-9202-11eb-bd80-a0f91e0fb70a}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {a0f6d76c-b543-11ea-aa82-f875a4ddaa54}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume3
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes

ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No

ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local

Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}

ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}

Options de p‚riph‚rique
-----------------------
identificateur {a0f6d76d-b543-11ea-aa82-f875a4ddaa54}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume6
ramdisksdipath \Recovery\WindowsRE\boot.sdi

==================== Fin de FRST.txt ========================