Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 04-08-2022
Exécuté par julie (administrateur) sur METALCHRIST (05-08-2022 17:54:03)
Exécuté depuis C:\Users\julie\Downloads
Profils chargés: julie
Plate-forme: Microsoft Windows 11 Professionnel Version 21H2 22000.795 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(C:\Program Files (x86)\FormatFactory\net_updater64.exe ->) (Bright Data Ltd -> Bright Data Ltd.) C:\Program Files (x86)\FormatFactory\luminati\brightdata.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\CyberGhost 8\Dashboard.exe ->) (The CefSharp Authors) [Fichier non signé] C:\Program Files\CyberGhost 8\Data\Cef\x64\CefSharp.BrowserSubprocess.exe <2>
(C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_22183.300.1431.9295_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.77\msedgewebview2.exe <7>
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Inc.) [Fichier non signé] C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe
(explorer.exe ->) (Christofer Persson) [Fichier non signé] C:\Program Files (x86)\Kantaris\Kantaris.exe
(explorer.exe ->) (CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(hvsimgr.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\hvsirdpclient.exe
(hvsimgr.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\hvsirpcd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe <3>
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero Apps\Transfer\Transfer.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Bright Data Ltd -> Bright Data Ltd.) C:\Program Files (x86)\FormatFactory\net_updater64.exe
(services.exe ->) (CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.Service.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero 2021\Nero BackItUp\NBService.exe
(services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaki.inf_amd64_4d3344665c03b4db\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\22.141.0703.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\hvsimgr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\spaceman.exe
(vmcompute.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\vmwp.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [PowerDVD19Agent] => C:\Program Files\CyberLink\PowerDVD19\PowerDVD19Agent.exe [534712 2019-05-24] (CyberLink Corp. -> CyberLink Corp.)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe [6607584 2022-03-07] (Adobe Inc. -> Adobe Systems Inc.) [Fichier non signé]
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdobeGCInvoker-1.0] => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe" (Pas de fichier)
HKLM-x32\...\Run: [PowerDVD19Agent] => C:\Program Files\CyberLink\PowerDVD19\PowerDVD19Agent.exe [534712 2019-05-24] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [Nero BackItUp] => C:\Program Files (x86)\Nero\Nero 2021\Nero BackItUp\BackItUp.exe [1178904 2021-09-13] (Nero AG -> Nero AG)
HKLM-x32\...\Run: [DriveSpan] => C:\Program Files (x86)\Nero\Nero Apps\Transfer\Transfer.exe [138520 2021-09-13] (Nero AG -> Nero AG)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\julie\AppData\Local\Microsoft\Teams\Update.exe [2459280 2021-11-25] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (Pas de fichier)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2640272 2022-07-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2640272 2022-07-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2552682841-2245565162-3764678535-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2640272 2022-07-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2552682841-2245565162-3764678535-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 8\Dashboard.exe [1354480 2022-03-16] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
HKU\S-1-5-21-2552682841-2245565162-3764678535-1001\...\Run: [uTorrent] => C:\Users\julie\AppData\Roaming\uTorrent\uTorrent.exe [2004128 2022-08-01] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-2552682841-2245565162-3764678535-1001\...\Run: [MailStylerWarmup] => C:\Program Files (x86)\Delivery Tech Corp\MailStyler 2\MailStyler.exe [7369384 2019-12-03] (DELIVERY TECH CORP -> Delivery Tech Corp.) [Fichier non signé]
HKU\S-1-5-21-2552682841-2245565162-3764678535-1001\...\MountPoints2: {f737b4a6-b002-11ec-bc48-a8a1592d00fb} - "G:\OInstall.exe"
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2022-03-02] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\103.0.5060.134\Installer\chrmstp.exe [2022-07-21] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\stream.x64.x-all.dat.lnk [2022-07-27]
ShortcutAndArgument: stream.x64.x-all.dat.lnk -> C:\WINDOWS\system32\wscript.exe => /E:vbscript "C:\Users\julie\AppData\Roaming\stream.x64.x-all.dat.vbs"

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {020F0990-AA87-4371-AAE8-EA8F82A1A3B6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {055B63CD-41D0-475E-B8B1-579E5E7F42FF} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [7018264 2018-07-18] (Nero AG -> Nero AG)
Task: {05F7709D-D3EF-4A5E-B54C-A2A6DE1F5319} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {086F4598-2F16-49E5-9C95-AE42595D31DF} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {0C560F94-D0D3-430B-991B-3BBA6236B190} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145312 2022-07-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A4A1DCD-2D36-4731-8460-7A98E4266D93} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145312 2022-07-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {1AAF24B0-F25A-47D6-9FFB-AB05DED60C58} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-07-27] (HP Inc. -> HP Inc.)
Task: {1DF5DCD7-1BE3-4E46-9573-2397D9A5DAA7} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214168 2022-07-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {263F9963-60C9-4616-AE9D-F50C9EBD1C87} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2703F47E-12A2-4C56-A42A-9311926D8622} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {270C9B0E-A291-4D99-8909-F8AAD2319445} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {334F1312-FBF6-4768-9498-6AF3230273C6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23378864 2022-07-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {3404BB8D-9187-4317-A727-92359B474B7D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-08-23] (Google LLC -> Google LLC)
Task: {34B6CAC8-D9D9-4709-A483-863021049AEA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8414664 2022-07-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {4924BE10-31FA-48C2-BFB5-2DBFBE5205BB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4BCFE641-AA77-4ADC-BC44-CD1E216687F4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [221328 2022-07-27] (HP Inc. -> )
Task: {4E9D6F51-9E65-4EA4-B813-1EBDCF7C870B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-08-23] (Google LLC -> Google LLC)
Task: {54425B7D-82E4-4869-A713-382FB6C71030} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [64416 2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {5AFB3C44-687F-4586-B7CC-3EEC2714D4ED} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2552682841-2245565162-3764678535-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214168 2022-07-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {6715F8AE-56BF-48DC-B74D-6A77C886E341} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7B853B21-C716-4F9F-9957-E314D65AE812} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149512 2022-07-27] (HP Inc. -> HP Inc.)
Task: {80E4EF02-1387-4F14-A652-73CF137DD38E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {870372D2-EEF7-4D34-92CD-3B9B68EE6FEE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {946E2CF1-B8F4-445B-8968-43DA15675373} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8414664 2022-07-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B6CD43D-0A7E-4F23-8B1B-90C05181E8DA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9EC975C7-C927-4788-BD4E-417BAF7F0C9B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B47B11A2-EF8F-476B-9582-69561C8357B2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23378864 2022-07-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {CAB2B88A-34CC-4C36-88AE-27CCD53D8348} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Pas de fichier)
Task: {E65B0048-8706-4C28-8A55-BAAF2C9652F6} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F8E20EB2-5869-4714-A937-917A3F3BDBC2} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{20738aed-d72d-47c4-b9f8-a932ba79c3f8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a7bbc331-6133-4eac-a3f8-2717a72b1da1}: [NameServer] 10.0.0.243
Tcpip\..\Interfaces\{a7bbc331-6133-4eac-a3f8-2717a72b1da1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d67680c8-f736-4834-8847-539d7da2f991}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Profile: C:\Users\julie\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-05]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\julie\AppData\Local\Google\Chrome\User Data\Default [2022-08-05]
CHR Notifications: Default -> hxxps://www28.nathanaeldan.pro; hxxps://www49.orvilleandrea.pro
CHR HomePage: Default -> hxxps://www.google.com/
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-07-05]
CHR Extension: (Google Docs hors connexion) - C:\Users\julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-27]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-23]
CHR Extension: (CyberGhost Cookie Cleaner) - C:\Users\julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbkgifljdgkhlmlmgbalmcknbhbggmei [2022-01-20]
CHR Profile: C:\Users\julie\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-08-05]
CHR Profile: C:\Users\julie\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-08-05]
CHR Extension: (Google Docs hors connexion) - C:\Users\julie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-20]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\julie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-23]
CHR Profile: C:\Users\julie\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-08-05]
CHR DefaultSearchURL: Profile 2 -> hxxps://www.bing.com/search?q={searchTerms}&pc=U316&form=CHROMN
CHR DefaultSearchKeyword: Profile 2 -> bing search
CHR DefaultNewTabURL: Profile 2 -> hxxps://www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Profile 2 -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (Slides) - C:\Users\julie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-08-23]
CHR Extension: (Docs) - C:\Users\julie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2021-08-23]
CHR Extension: (Google Drive) - C:\Users\julie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-23]
CHR Extension: (YouTube) - C:\Users\julie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-23]
CHR Extension: (Sheets) - C:\Users\julie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-08-23]
CHR Extension: (Google Docs hors connexion) - C:\Users\julie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-08-23]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\julie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-23]
CHR Extension: (Gmail) - C:\Users\julie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-23]
CHR Profile: C:\Users\julie\AppData\Local\Google\Chrome\User Data\Profile 3 [2022-08-05]
CHR Extension: (Slides) - C:\Users\julie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-02-27]
CHR Extension: (Docs) - C:\Users\julie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2022-02-27]
CHR Extension: (Google Drive) - C:\Users\julie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-02-27]
CHR Extension: (YouTube) - C:\Users\julie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-02-27]
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\julie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-02-27]
CHR Extension: (Sheets) - C:\Users\julie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-02-27]
CHR Extension: (Google Docs hors connexion) - C:\Users\julie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-27]
CHR Extension: (Web Safety) - C:\Users\julie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mfhcmdonhekjhfbjmeacdjbhlfgpjabp [2022-02-27]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\julie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-27]
CHR Extension: (Gmail) - C:\Users\julie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-02-27]
CHR Profile: C:\Users\julie\AppData\Local\Google\Chrome\User Data\System Profile [2022-08-05]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2021-02-01] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12111288 2022-07-21] (Microsoft Corporation -> Microsoft Corporation)
R2 CyberGhost8Service; C:\Program Files\CyberGhost 8\Dashboard.Service.exe [67824 2022-03-16] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.141.0703.0002\FileSyncHelper.exe [3387808 2022-07-27] (Microsoft Corporation -> Microsoft Corporation)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [770600 2022-07-27] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [769040 2022-07-27] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [762408 2022-07-27] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [225368 2022-07-21] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [769064 2022-07-27] (HP Inc. -> HP Inc.)
R2 luminati_net_updater_win_formatfactory_pcfreetime_com; C:\Program Files (x86)\FormatFactory\net_updater64.exe [9716896 2022-07-30] (Bright Data Ltd -> Bright Data Ltd.)
R2 NeroBackItUpBackgroundService2022; C:\Program Files (x86)\Nero\Nero 2021\Nero BackItUp\NBService.exe [287000 2021-09-13] (Nero AG -> Nero AG)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.141.0703.0002\OneDriveUpdaterService.exe [3827616 2022-07-27] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6207688 2022-07-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2021-11-25] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2021-11-25] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14673704 2021-05-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaki.inf_amd64_4d3344665c03b4db\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvaki.inf_amd64_4d3344665c03b4db\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 AmdSMBusSdk; C:\WINDOWS\System32\drivers\amdembsmbus.sys [46720 2021-12-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdWDT; C:\WINDOWS\System32\drivers\amdwdt.sys [42624 2021-12-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 ASUSSC40; C:\WINDOWS\system32\DRIVERS\ASUSSC40.sys [3840000 2016-11-09] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTeK)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [507904 2022-02-27] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [180224 2022-02-27] (Microsoft Corporation) [Fichier non signé]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [98304 2021-06-05] (Microsoft Corporation) [Fichier non signé]
R2 CLFCL5.19; C:\WINDOWS\system32\DRIVERS\CLFCL5.19\000.fcl [46824 2019-05-24] (CyberLink Corp. -> CyberLink Corp.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-11-25] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-11-25] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [90112 2021-06-05] (Microsoft Windows -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-23] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-23] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2022-05-23] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Trois mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2022-08-05 17:54 - 2022-08-05 17:54 - 000030700 _____ C:\Users\julie\Downloads\FRST.txt
2022-08-05 17:46 - 2022-08-05 17:46 - 002370048 _____ (Farbar) C:\Users\julie\Downloads\FRST64.exe
2022-08-05 17:39 - 2022-08-05 17:54 - 000000000 ____D C:\FRST
2022-08-01 11:32 - 2022-08-01 11:32 - 008754550 _____ C:\ProgramData\F-[j0006]-[p01].bmp
2022-08-01 11:32 - 2022-08-01 11:32 - 002661174 _____ C:\ProgramData\[j0006]-[p01].bmp
2022-07-21 23:02 - 2022-07-21 23:02 - 000000000 ____D C:\Users\julie\AppData\Local\Elder Scrolls Online
2022-07-21 23:02 - 2022-07-21 23:02 - 000000000 ____D C:\Elder Scrolls Online
2022-07-14 21:08 - 2022-07-14 21:08 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-07-14 21:08 - 2022-07-14 21:08 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-07-14 21:08 - 2022-07-14 21:08 - 000335872 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-07-14 21:08 - 2022-07-14 21:08 - 000015040 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-07-14 21:04 - 2022-07-14 21:04 - 000000000 ___HD C:\$WinREAgent
2022-06-29 18:12 - 2022-06-29 18:12 - 000000000 ____D C:\Users\julie\AppData\LocalLow\uTorrent.WebView2
2022-06-15 13:54 - 2022-06-15 13:54 - 000614400 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-06-15 13:54 - 2022-06-15 13:54 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-06-15 13:54 - 2022-06-15 13:54 - 000524288 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2022-06-15 13:54 - 2022-06-15 13:54 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-06-15 13:54 - 2022-06-15 13:54 - 000299008 _____ C:\WINDOWS\system32\EsclScan.dll
2022-06-15 13:54 - 2022-06-15 13:54 - 000180224 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-06-15 13:54 - 2022-06-15 13:54 - 000167936 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll
2022-06-15 13:54 - 2022-06-15 13:54 - 000057344 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2022-06-14 09:07 - 2022-06-14 09:07 - 000000000 ____D C:\Zoom
2022-06-10 20:08 - 2022-06-10 20:08 - 000000000 ____D C:\Users\julie\AppData\Roaming\Zoom
2022-06-10 20:08 - 2022-06-10 20:08 - 000000000 ____D C:\Users\julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-06-10 20:08 - 2022-06-10 20:08 - 000000000 ____D C:\Users\julie\AppData\Local\Zoom
2022-06-02 13:28 - 2022-06-02 13:28 - 000000000 ____D C:\Users\julie\AppData\Roaming\16127
2022-05-23 18:02 - 2022-05-23 18:02 - 000029680 _____ (WireGuard LLC) C:\WINDOWS\system32\Drivers\wintun.sys
2022-05-19 12:59 - 2022-08-05 17:30 - 107216896 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-05-19 12:56 - 2022-05-19 12:59 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2022-05-11 20:05 - 2022-05-11 20:05 - 000353640 _____ C:\WINDOWS\system32\vp9fs.dll
2022-05-11 20:05 - 2022-05-11 20:05 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2022-05-11 20:05 - 2022-05-11 20:05 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2022-05-11 20:05 - 2022-05-11 20:05 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2022-05-11 20:05 - 2022-05-11 20:05 - 000208896 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\system32\l3codecp.acm
2022-05-11 20:05 - 2022-05-11 20:05 - 000196096 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\SysWOW64\l3codecp.acm
2022-05-11 20:05 - 2022-05-11 20:05 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remotesp.tsp
2022-05-11 20:05 - 2022-05-11 20:05 - 000079192 _____ C:\WINDOWS\system32\Drivers\NDKPerf.sys
2022-05-11 20:05 - 2022-05-11 20:05 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\format.com
2022-05-11 20:05 - 2022-05-11 20:05 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hidphone.tsp
2022-05-11 20:05 - 2022-05-11 20:05 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
2022-05-11 20:05 - 2022-05-11 20:05 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\more.com
2022-05-11 20:05 - 2022-05-11 20:05 - 000019456 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
2022-05-11 20:05 - 2022-05-11 20:05 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
2022-05-11 20:04 - 2022-05-11 20:04 - 002125824 _____ C:\WINDOWS\system32\dwmscene.dll
2022-05-11 20:04 - 2022-05-11 20:04 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Bubbles.scr
2022-05-11 20:04 - 2022-05-11 20:04 - 000774144 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-05-11 20:04 - 2022-05-11 20:04 - 000460800 _____ C:\WINDOWS\SysWOW64\SettingSyncDownloadHelper.dll
2022-05-11 20:04 - 2022-05-11 20:04 - 000442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2022-05-11 20:04 - 2022-05-11 20:04 - 000356352 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2022-05-11 20:04 - 2022-05-11 20:04 - 000335872 _____ C:\WINDOWS\system32\Windows.Internal.UI.Dialogs.dll
2022-05-11 20:04 - 2022-05-11 20:04 - 000294912 _____ C:\WINDOWS\system32\pnpdiag.dll
2022-05-11 20:04 - 2022-05-11 20:04 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssText3d.scr
2022-05-11 20:04 - 2022-05-11 20:04 - 000208896 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2022-05-11 20:04 - 2022-05-11 20:04 - 000180224 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll
2022-05-11 20:04 - 2022-05-11 20:04 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Ribbons.scr
2022-05-11 20:04 - 2022-05-11 20:04 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Mystify.scr
2022-05-11 20:04 - 2022-05-11 20:04 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\remotesp.tsp
2022-05-11 20:04 - 2022-05-11 20:04 - 000098304 _____ C:\WINDOWS\system32\sstpcfg.dll
2022-05-11 20:04 - 2022-05-11 20:04 - 000086016 _____ C:\WINDOWS\system32\printticketvalidation.dll
2022-05-11 20:04 - 2022-05-11 20:04 - 000086016 _____ C:\WINDOWS\system32\CredProvCommonCore.dll
2022-05-11 20:04 - 2022-05-11 20:04 - 000077824 _____ C:\WINDOWS\system32\APMonUI.dll
2022-05-11 20:04 - 2022-05-11 20:04 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2022-05-11 20:04 - 2022-05-11 20:04 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\format.com
2022-05-11 20:04 - 2022-05-11 20:04 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidphone.tsp
2022-05-11 20:04 - 2022-05-11 20:04 - 000051712 _____ C:\WINDOWS\SysWOW64\CredProvCommonCore.dll
2022-05-11 20:04 - 2022-05-11 20:04 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\more.com
2022-05-11 20:04 - 2022-05-11 20:04 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
2022-05-11 20:04 - 2022-05-11 20:04 - 000042752 _____ C:\WINDOWS\system32\wow64base.dll
2022-05-11 20:04 - 2022-05-11 20:04 - 000040960 _____ C:\WINDOWS\system32\WsdProviderUtil.dll
2022-05-11 20:04 - 2022-05-11 20:04 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
2022-05-11 20:04 - 2022-05-11 20:04 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2022-05-11 20:04 - 2022-05-11 20:04 - 000038760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msgsm32.acm
2022-05-11 20:04 - 2022-05-11 20:04 - 000034112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imaadp32.acm
2022-05-11 20:04 - 2022-05-11 20:04 - 000033568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msadp32.acm
2022-05-11 20:04 - 2022-05-11 20:04 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrnsave.scr
2022-05-11 20:03 - 2022-05-11 20:03 - 000643072 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll
2022-05-11 20:03 - 2022-05-11 20:03 - 000286720 _____ C:\WINDOWS\system32\Microsoft.Bluetooth.Audio.dll
2022-05-11 20:03 - 2022-05-11 20:03 - 000067528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msgsm32.acm
2022-05-11 20:03 - 2022-05-11 20:03 - 000063392 _____ (Microsoft Corporation) C:\WINDOWS\system32\imaadp32.acm
2022-05-11 20:03 - 2022-05-11 20:03 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrnsave.scr
2022-05-11 20:03 - 2022-05-11 20:03 - 000059264 _____ (Microsoft Corporation) C:\WINDOWS\system32\msadp32.acm

==================== Trois mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2022-08-05 17:53 - 2021-08-23 00:39 - 000000000 ____D C:\Users\julie\AppData\Local\CyberGhost
2022-08-05 17:50 - 2021-08-23 00:23 - 000000000 ____D C:\Users\julie\AppData\Local\D3DSCache
2022-08-05 17:49 - 2021-08-23 00:32 - 000000000 ____D C:\Program Files (x86)\Google
2022-08-05 17:41 - 2021-06-05 14:09 - 000000000 ____D C:\WINDOWS\INF
2022-08-05 17:37 - 2022-02-27 23:00 - 001800200 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-08-05 17:37 - 2021-06-05 20:15 - 000806506 _____ C:\WINDOWS\system32\perfh00C.dat
2022-08-05 17:37 - 2021-06-05 20:15 - 000156164 _____ C:\WINDOWS\system32\perfc00C.dat
2022-08-05 17:35 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-05 17:35 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-08-05 17:33 - 2021-08-23 00:25 - 000000000 ___RD C:\Users\julie\OneDrive
2022-08-05 17:33 - 2021-08-23 00:15 - 000000000 ____D C:\ProgramData\NVIDIA
2022-08-05 17:32 - 2022-02-27 23:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-08-05 17:32 - 2021-08-23 00:54 - 000000000 ____D C:\Program Files\TeamViewer
2022-08-05 17:32 - 2021-08-23 00:15 - 000012288 ___SH C:\DumpStack.log.tmp
2022-08-05 17:32 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-08-05 17:32 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-05 17:30 - 2021-06-05 14:01 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-08-05 14:29 - 2021-08-23 00:48 - 000000000 ____D C:\Users\julie\AppData\Roaming\Free Devis Factures
2022-08-05 13:55 - 2021-08-23 21:04 - 000000000 ____D C:\Users\julie\AppData\Local\ElevatedDiagnostics
2022-08-05 13:51 - 2021-11-24 17:00 - 000000000 ____D C:\Users\julie\AppData\Local\SquirrelTemp
2022-08-05 11:40 - 2022-03-16 20:30 - 000000000 ____D C:\Program Files\HP
2022-08-05 10:45 - 2022-02-27 23:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-08-04 18:54 - 2021-08-23 00:41 - 000000000 ____D C:\Users\julie\AppData\Roaming\uTorrent
2022-08-04 18:51 - 2021-08-23 00:42 - 000000000 ____D C:\Users\julie\AppData\Local\BitTorrentHelper
2022-08-01 11:36 - 2021-08-23 00:23 - 000000000 ____D C:\Users\julie\AppData\Local\Packages
2022-08-01 11:32 - 2022-03-16 20:32 - 000000000 _____ C:\Users\julie\OneDrive\Documents\HPUFD_Fax_Port
2022-08-01 11:30 - 2022-05-03 20:06 - 008754550 _____ C:\ProgramData\F-[j0003]-[p01].bmp
2022-08-01 11:30 - 2022-05-03 20:06 - 002661174 _____ C:\ProgramData\[j0003]-[p01].bmp
2022-07-30 19:08 - 2021-09-08 02:40 - 000000000 ____D C:\Program Files (x86)\FormatFactory
2022-07-30 11:55 - 2021-08-23 00:15 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-29 20:43 - 2021-08-23 00:23 - 000000000 ____D C:\ProgramData\Packages
2022-07-27 17:03 - 2021-08-23 01:21 - 000000181 _____ C:\Users\julie\AppData\Roaming\stream.x64.x-all.dat.vbs
2022-07-27 17:02 - 2021-12-10 21:15 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-07-27 15:09 - 2022-02-27 23:03 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2552682841-2245565162-3764678535-1001
2022-07-27 15:09 - 2022-02-27 23:03 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-07-27 15:09 - 2021-11-24 15:22 - 000002181 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-21 22:54 - 2022-02-27 19:09 - 000000000 ____D C:\Users\julie
2022-07-21 17:10 - 2022-02-27 23:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-07-21 17:10 - 2021-08-23 21:09 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-07-21 16:50 - 2022-02-27 23:03 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-21 16:50 - 2021-08-23 00:33 - 000002256 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-07-21 16:48 - 2022-03-30 10:49 - 000000000 ____D C:\Program Files\Microsoft Office
2022-07-15 06:31 - 2022-03-09 07:18 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2022-07-15 00:34 - 2022-02-27 23:00 - 008188312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-07-15 00:33 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2022-07-15 00:33 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-07-15 00:33 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemResources
2022-07-15 00:33 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\setup
2022-07-15 00:33 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-07-15 00:33 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2022-07-15 00:33 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-07-15 00:33 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-07-15 00:32 - 2021-06-05 20:23 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-07-15 00:32 - 2021-06-05 14:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-07-15 00:32 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-07-15 00:32 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\Provisioning
2022-07-15 00:32 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-07-15 00:32 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-07-14 21:19 - 2021-08-23 08:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-07-14 21:17 - 2021-08-23 08:29 - 146546848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-07-14 21:12 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-07-14 21:08 - 2022-02-27 23:00 - 003101696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

==================== Fichiers à la racine de certains dossiers ========

2021-08-23 01:13 - 2021-08-23 01:13 - 000000171 _____ () C:\Users\julie\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2021-08-23 01:21 - 2022-07-27 17:03 - 000000181 _____ () C:\Users\julie\AppData\Roaming\stream.x64.x-all.dat.vbs
2021-09-20 10:41 - 2022-06-14 20:43 - 000001456 _____ () C:\Users\julie\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2021-08-23 00:58 - 2021-08-23 00:58 - 000000410 _____ () C:\Users\julie\AppData\Local\oobelibMkey.log

==================== SigCheckExt =========================

2021-08-23 01:09 - 2021-08-23 01:09 - 000134140 _____ C:\WINDOWS\ColorPic Uninstaller.exe
2015-03-17 06:34 - 2015-03-17 06:34 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
2015-03-17 06:34 - 2015-03-17 06:34 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2015-03-17 06:34 - 2015-03-17 06:34 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHS.DLL
2015-03-17 06:34 - 2015-03-17 06:34 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHT.DLL
2015-03-17 06:34 - 2015-03-17 06:34 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL
2015-03-17 06:34 - 2015-03-17 06:34 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ENU.DLL
2015-03-17 06:34 - 2015-03-17 06:34 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ESP.DLL
2015-03-17 06:34 - 2015-03-17 06:34 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL
2015-03-17 06:34 - 2015-03-17 06:34 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ITA.DLL
2015-03-17 06:34 - 2015-03-17 06:34 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71JPN.DLL
2015-03-17 06:34 - 2015-03-17 06:34 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71KOR.DLL
2015-03-17 06:34 - 2015-03-17 06:34 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71u.dll
2015-03-17 06:34 - 2015-03-17 06:34 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2015-03-17 06:34 - 2015-03-17 06:34 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2022-08-05 17:46 - 2022-08-05 17:46 - 002370048 _____ (Farbar) C:\Users\julie\Downloads\FRST64.exe

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)


==================== BCD ================================

Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{72e677bc-8304-11eb-9d0f-806e6f6e6963}
{72e677bd-8304-11eb-9d0f-806e6f6e6963}
{c5ef93b3-d867-11ec-bc8e-806e6f6e6963}
timeout 1

Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {90cd15db-039e-11ec-b2f4-99d8495015ec}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Application logicielle (101fffff)
--------------------------------
identificateur {72e677bc-8304-11eb-9d0f-806e6f6e6963}
description Hard Drive

Application logicielle (101fffff)
--------------------------------
identificateur {72e677bd-8304-11eb-9d0f-806e6f6e6963}
description CD/DVD Drive

Application logicielle (101fffff)
--------------------------------
identificateur {c5ef93b3-d867-11ec-bc8e-806e6f6e6963}
description USB

Chargeur de d‚marrage Windows
-----------------------------
identificateur {526a0897-5f4e-11eb-82a7-ad61b0cc8849}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{526a0898-5f4e-11eb-82a7-ad61b0cc8849}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-fr
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride PushButtonReset
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{526a0898-5f4e-11eb-82a7-ad61b0cc8849}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 11
locale fr-FR
inherit {bootloadersettings}
recoverysequence {90cd15de-039e-11ec-b2f4-99d8495015ec}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {90cd15db-039e-11ec-b2f4-99d8495015ec}
nx OptIn
bootmenupolicy Standard
hypervisorlaunchtype Auto

Chargeur de d‚marrage Windows
-----------------------------
identificateur {90cd15de-039e-11ec-b2f4-99d8495015ec}
device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{90cd15df-039e-11ec-b2f4-99d8495015ec}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{90cd15df-039e-11ec-b2f4-99d8495015ec}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {90cd15db-039e-11ec-b2f4-99d8495015ec}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {90cd15de-039e-11ec-b2f4-99d8495015ec}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
custom:21000026 partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes

ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No

ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local

Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}

ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}

Options de p‚riph‚rique
-----------------------
identificateur {90cd15df-039e-11ec-b2f4-99d8495015ec}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume5
ramdisksdipath \Recovery\WindowsRE\boot.sdi

==================== Fin de FRST.txt ========================