Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 23-10-2019
Exécuté par gherzi (administrateur) sur I20180111 (HP HP ProBook 450 G5) (24-10-2019 11:39:03)
Exécuté depuis C:\Users\gherzi\Desktop\nettoyage
Profils chargés: gherzi (Profils disponibles: gherzi & Administrateur)
Platform: Windows 10 Pro Version 1803 17134.950 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
(ATLOG) [Fichier non signé] C:\Atlog\Atlog_Commun\Gescle\AtlBack3.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\UIUSrv.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_8598cf7f18c538c5\HotKeyServiceUWP.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_8598cf7f18c538c5\HPHotkeyNotification.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_8598cf7f18c538c5\LanWlanWwanSwitchingServiceUWP.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130871.inf_amd64_382f7c369d4bf777\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130871.inf_amd64_382f7c369d4bf777\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130871.inf_amd64_382f7c369d4bf777\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130871.inf_amd64_382f7c369d4bf777\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Macrovision Europe Ltd.) [Fichier non signé] C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Pulse Secure, LLC -> ) C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\Pulse.exe
(Pulse Secure, LLC -> Pulse Secure, LLC) C:\Program Files (x86)\Common Files\Pulse Secure\JUNS\PulseSecureService.exe
(Pulse Secure, LLC -> Pulse Secure, LLC) C:\Program Files (x86)\Common Files\Pulse Secure\JUNS\PulseSecureService.exe
(SafeNet, Inc. -> SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet, Inc. -> SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc. -> SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.85.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.85.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Sophos Ltd -> The OpenVPN Project) C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\TmCCSF.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\NTRTScan.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\PccNTMon.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmListen.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmSSClient.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [OfficeScanNT Monitor] => C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe [3405848 2017-11-13] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [openvpn-gui] => C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe [492600 2017-06-23] (Sophos Ltd -> )
HKLM-x32\...\Run: [PulseSecure] => C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\Pulse.exe [3237840 2019-04-12] (Pulse Secure, LLC -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1277980355-1940151367-618671499-78644 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKU\S-1-5-21-1277980355-1940151367-618671499-78644 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1277980355-1940151367-618671499-78644\...\MountPoints2: {0b8e672e-f0b1-11e9-9c28-f85971eae3a9} - "D:\WD Drive Unlock.exe" autoplay=true
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.120\Installer\chrmstp.exe [2019-10-11] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{4B9CAC01-6732-40d0-8B8F-B5B340F9D44F}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2019-04-12] (Pulse Secure, LLC -> )
HKLM\Software\...\Authentication\Credential Providers: [{4EFD0F35-BFBA-44eb-8F25-2B3530203C1D}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2019-04-12] (Pulse Secure, LLC -> )
HKLM\Software\...\Authentication\Credential Providers: [{C1258FBC-F04F-4862-B78A-DDAAEF4A9707}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2019-04-12] (Pulse Secure, LLC -> )
HKLM\Software\...\Authentication\Credential Providers: [{EAB1A79F-DFAA-4faf-A7B9-A6652E97EE16}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2019-04-12] (Pulse Secure, LLC -> )
HKLM\Software\...\Authentication\Credential Provider Filters: [{3884BCAA-C611-4e2d-9105-E11B1203294E}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2019-04-12] (Pulse Secure, LLC -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk [2018-06-04]
ShortcutTarget: Adobe Reader Synchronizer.lnk -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe (Adobe Systems, Incorporated -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Atlback3.lnk [2019-03-27]
ShortcutTarget: Atlback3.lnk -> C:\Atlog\Atlog_Commun\Gescle\AtlBack3.exe (ATLOG) [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bginfo.lnk [2016-03-15]
ShortcutTarget: Bginfo.lnk -> C:\Bginfo\Bginfo.exe (Microsoft Corporation -> Sysinternals)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide d'Adobe Acrobat.lnk [2018-06-04]
ShortcutTarget: Lancement rapide d'Adobe Acrobat.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe () [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LNK.lnk [2016-06-08]
ShortcutTarget: LNK.lnk -> C:\LNK\Raccourcis.bat () [Fichier non signé]
Startup: C:\Users\gherzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2019-10-23]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {3706BD3A-F3B0-4BE6-8409-39665798CDFC} - System32\Tasks\Skype => C:\Users\gherzi\AppData\Local\Temp\Suivi_colis_relay.vbs <==== ATTENTION
Task: {6A637B17-8F10-406A-83DB-60EAF668CD2E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-31] (Google Inc -> Google Inc.)
Task: {79072BE2-C7BA-482D-BD46-1982F217D258} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_pepper.exe [1453112 2019-10-10] (Adobe Inc. -> Adobe)
Task: {8D8A121B-1F34-413D-B283-95F54CC11514} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\WINDOWS\system32\gpupdate.exe [29184 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
Task: {8D983A73-E4F5-4551-9DDF-5434A3E07A8A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {973E4ECF-D0ED-4950-8779-65E3377355DE} - System32\Tasks\MailInventory => C:\Program Files (x86)\CLARILOG - AVS Mail Inventory\Clarilog.Mail.Inventory.exe [968704 2016-02-17] (Clarilog) [Fichier non signé]
Task: {D3997490-B166-4FFC-A20E-899DCE3BCA80} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-31] (Google Inc -> Google Inc.)
Task: {E2B7C5FD-28A2-4F43-BFE9-0DD3969367BC} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe
Task: {E3A3F1F8-6082-4B3A-94E4-DA2FA7E2C6D1} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\WINDOWS\system32\gpupdate.exe [29184 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
Task: {E5263535-B29E-4D6F-BB1D-7E669E5A5D94} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {F6BBAC61-9086-4B77-8D83-2CADF6DABFAB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {FBB765A4-BA58-4DBF-AE21-3C49B560B9F4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {FEAB79DB-ABCC-4393-8F30-A8E50B6D4661} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-10] (Adobe Inc. -> Adobe)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{3a309332-952f-4364-991d-4fe58689fac7}: [DhcpNameServer] 10.0.0.201 10.0.0.202
Tcpip\..\Interfaces\{4b90a0ae-ef7e-4024-adcc-bb3ead17bf05}: [DhcpNameServer] 10.0.26.201 10.0.0.201
Tcpip\..\Interfaces\{a49fe483-0dfc-409d-9a05-ccc262c13ec0}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1277980355-1940151367-618671499-78644\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr
HKU\S-1-5-21-1277980355-1940151367-618671499-78644\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.fr
SearchScopes: HKU\S-1-5-21-1277980355-1940151367-618671499-78644 -> DefaultScope {E788F693-5338-4C9B-8DD8-CACBAE9972C5} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-1277980355-1940151367-618671499-78644 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1277980355-1940151367-618671499-78644 -> {E788F693-5338-4C9B-8DD8-CACBAE9972C5} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Trend Micro Osprey Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg.dll [2017-09-05] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO: Pas de nom -> {9E232D27-EFAB-48A2-A1B7-9FEC4BA897EF}' -> Pas de fichier
BHO: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\module\BES\TmBpIe64.dll [2017-09-06] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Aide pour le lien d'Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-07-31] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Trend Micro Osprey Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg32.dll [2017-09-05] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\module\BES\IE32\TmBpIe32.dll [2017-09-06] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-31] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
DPF: HKLM {583C990C-2D38-410c-9A4A-0932D66A754F} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient64.cab
DPF: HKLM-x32 {8E375A63-C616-46F1-AC77-59DF78F3A826} hxxps://metagate.site2.orange.com/dana-cached/sc/PulseSetupClient.cab
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\module\BES\TmBpIe64.dll [2017-09-06] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\module\BES\IE32\TmBpIe32.dll [2017-09-06] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg.dll [2017-09-05] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg32.dll [2017-09-05] (Trend Micro, Inc. -> Trend Micro Inc.)
FireFox:
========
FF DefaultProfile: ir3qieof.default
FF ProfilePath: C:\Users\gherzi\AppData\Roaming\Mozilla\Firefox\Profiles\ir3qieof.default [2019-07-02]
FF ProfilePath: C:\Users\gherzi\AppData\Roaming\Mozilla\Firefox\Profiles\t8zxfuf4.default-release [2019-10-24]
FF HKLM\...\Firefox\Extensions: [com.trendmicro.tmopfirefox.ext@trendop] - C:\Program Files (x86)\Trend Micro\OfficeScan Client\FirefoxExtensionOsprey\com.trendmicro.tmopfirefox.ext@trendop.xpi
FF Extension: (Trend Micro Osprey Firefox Extension) - C:\Program Files (x86)\Trend Micro\OfficeScan Client\FirefoxExtensionOsprey\com.trendmicro.tmopfirefox.ext@trendop.xpi [2017-09-05]
FF HKLM-x32\...\Firefox\Extensions: [com.trendmicro.tmopfirefox.ext@trendop] - C:\Program Files (x86)\Trend Micro\OfficeScan Client\FirefoxExtensionOsprey\com.trendmicro.tmopfirefox.ext@trendop.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-16] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\gherzi\AppData\Local\Google\Chrome\User Data\Default [2019-10-24]
CHR Extension: (Docs) - C:\Users\gherzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-01]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\gherzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-23]
CHR Extension: (Google Mail Checker) - C:\Users\gherzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2018-06-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\gherzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-15]
CHR Extension: (Gmail) - C:\Users\gherzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-16]
CHR Extension: (Chrome Media Router) - C:\Users\gherzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-01]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1705592 2017-11-28] (Intel Corporation -> Intel Corporation)
R3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2018-06-04] (Macrovision Europe Ltd.) [Fichier non signé]
R2 fpCsEvtSvc; C:\WINDOWS\System32\fpCSEvtSvc.exe [23912 2018-07-25] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_8598cf7f18c538c5\HotKeyServiceUWP.exe [819856 2019-05-14] (HP Inc. -> HP Inc.)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [529912 2018-12-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S2 IntelAudioService; C:\WINDOWS\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [214040 2017-12-28] (Intel(R) Smart Sound Technology -> Intel)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_8598cf7f18c538c5\LanWlanWwanSwitchingServiceUWP.exe [731072 2019-05-14] (HP Inc. -> HP Inc.)
S3 MMCUpdate; C:\Program Files (x86)\Orange\eData\MMC\Launcher\6.3.0.0\MMCUpdate.exe [2066832 2019-01-17] (Orange -> Orange Business Services)
R2 ntrtscan; C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe [7657576 2017-11-13] (Trend Micro, Inc. -> Trend Micro Inc.)
S3 OpenVPNService; C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [96104 2017-06-23] (Sophos Ltd -> The OpenVPN Project)
R2 OpenVPNServiceInteractive; C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [96104 2017-06-23] (Sophos Ltd -> The OpenVPN Project)
R2 PulseSecureService; C:\Program Files (x86)\Common Files\Pulse Secure\JUNS\PulseSecureService.exe [182224 2019-04-12] (Pulse Secure, LLC -> Pulse Secure, LLC)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074128 2019-08-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [374048 2010-10-20] (SafeNet, Inc. -> SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1250592 2010-10-20] (SafeNet, Inc. -> SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [292128 2010-10-20] (SafeNet, Inc. -> SafeNet, Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [280192 2018-11-05] (Synaptics Incorporated -> Synaptics Incorporated)
R3 TMBMServer; C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe [484800 2017-10-25] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 tmccsf; C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\tmccsf.exe [1503424 2017-11-13] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmlisten; C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe [5659176 2017-11-13] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 TmPfw; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe [616352 2017-08-01] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 UIUService; C:\WINDOWS\SysWOW64\UIUSrv.exe [116344 2019-04-19] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
R2 valWBFPolicyService; C:\WINDOWS\System32\valWBFPolicyService.exe [92520 2018-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP Inc. -> HP)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 cbfs6; C:\WINDOWS\system32\drivers\cbfs6.sys [460992 2016-09-09] (EldoS Corporation -> /n software, Inc.)
R1 cbfsconnect2017; C:\WINDOWS\system32\drivers\cbfsconnect2017.sys [476904 2019-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
R3 CnxtHdAudService; C:\WINDOWS\system32\drivers\CHDRT64ISST.sys [2075600 2018-01-03] (Conexant Systems LLC -> Conexant Systems Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [74696 2017-11-28] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [70088 2017-11-28] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [383432 2017-11-28] (Intel Corporation -> Intel Corporation)
S3 fl2000; C:\WINDOWS\System32\drivers\fl2000.sys [205944 2017-11-23] (Fresco Logic Inc -> Fresco Logic)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP Inc. -> HP)
R3 HpqKbFiltr; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [50752 2019-05-14] (HP Inc. -> HP Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [199192 2018-05-11] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R1 jnprns; C:\WINDOWS\system32\DRIVERS\jnprns.sys [507192 2019-04-12] (Juniper Networks, Inc. -> Juniper Networks)
R1 jnprTdi_824_597; C:\WINDOWS\system32\Drivers\jnprTdi_824_597.sys [106176 2016-06-01] (Pulse Secure, LLC -> Pulse Secure, LLC)
R3 JnprVaMgr; C:\WINDOWS\System32\drivers\jnprvamgr.sys [45352 2019-04-12] (Juniper Networks, Inc. -> Juniper Networks, Inc.)
R3 Netwtw06; C:\WINDOWS\system32\DRIVERS\Netwtw06.sys [8831152 2018-10-12] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvbl.inf_amd64_ef940603bc23eed3\nvlddmkm.sys [17036552 2018-02-09] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
R3 RTSPER; C:\WINDOWS\System32\drivers\RtsPer.sys [873408 2018-01-23] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [67208 2018-11-05] (Synaptics Incorporated -> Synaptics Incorporated)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [34152 2016-01-18] (Sophos -> The OpenVPN Project)
R2 tmactmon; C:\WINDOWS\system32\DRIVERS\tmactmon.sys [133232 2017-10-30] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 tmcomm; C:\WINDOWS\system32\DRIVERS\tmcomm.sys [437400 2017-10-15] (Trend Micro, Inc. -> Trend Micro Inc.)
R0 TMEBC; C:\WINDOWS\System32\DRIVERS\TMEBC64.sys [72504 2016-04-21] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 tmeevw; C:\WINDOWS\system32\DRIVERS\tmeevw.sys [143064 2017-04-25] (Trend Micro, Inc. -> Trend Micro Inc.)
S0 tmel; C:\WINDOWS\System32\DRIVERS\tmel.sys [39056 2015-06-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Trend Micro Inc.)
R2 tmevtmgr; C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys [94808 2017-10-30] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 TmFilter; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmXPFlt.sys [407240 2018-09-11] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 TmLwf; C:\WINDOWS\system32\DRIVERS\tmlwf.sys [168448 2017-08-01] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 tmnciesc; C:\WINDOWS\system32\DRIVERS\tmnciesc.sys [560856 2017-05-05] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 TmPreFilter; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPreFlt.sys [70344 2018-09-11] (Trend Micro, Inc. -> Trend Micro Inc.)
S1 tmumh; C:\WINDOWS\system32\DRIVERS\TMUMH.sys [115864 2017-10-04] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 tmusa; C:\WINDOWS\system32\DRIVERS\tmusa.sys [131792 2016-11-25] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmWfp; C:\WINDOWS\system32\DRIVERS\tmwfp.sys [304568 2017-08-01] (Trend Micro, Inc. -> Trend Micro Inc.)
S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [235832 2019-01-28] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174008 2019-01-28] (Oracle Corporation -> Oracle Corporation)
R3 vpnpbus; C:\WINDOWS\System32\drivers\vpnpbus.sys [20704 2019-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
R2 VSApiNt; C:\Program Files (x86)\Trend Micro\OfficeScan Client\VSApiNt.sys [2906848 2018-09-11] (Trend Micro, Inc. -> Trend Micro Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-08-06] (HP Inc. -> HP)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-10-24 11:30 - 2019-10-24 11:39 - 000000000 ____D C:\FRST
2019-10-24 10:23 - 2019-10-24 10:24 - 000000000 ____D C:\Users\gherzi\Desktop\PA-06088-002Q
2019-10-24 09:54 - 2019-10-24 09:54 - 000343664 _____ C:\Users\gherzi\Desktop\ZHPDiag.txt
2019-10-24 09:38 - 2019-10-24 09:38 - 000022158 _____ C:\Users\gherzi\Desktop\ZHPFix.txt
2019-10-24 09:21 - 2019-10-24 09:37 - 000000906 _____ C:\Users\gherzi\Desktop\ZHPFix2.lnk
2019-10-24 09:19 - 2019-10-24 09:19 - 001707904 _____ (Nicolas Coolman) C:\Users\gherzi\Downloads\ZHPFix2.exe
2019-10-23 17:20 - 2019-10-23 17:20 - 000030879 _____ C:\Users\gherzi\Downloads\NuitDHorreur.zip
2019-10-23 16:21 - 2019-10-23 16:21 - 066947216 _____ (Malwarebytes ) C:\Users\gherzi\Downloads\mb3-setup-consumer-3.8.3.2965-1.0.629-1.0.13007.exe
2019-10-23 16:15 - 2019-10-24 09:48 - 000000913 _____ C:\Users\gherzi\Desktop\ZHPDiag.lnk
2019-10-23 16:14 - 2019-10-23 16:14 - 003262336 _____ (Nicolas Coolman) C:\Users\gherzi\Downloads\ZHPDiag3.exe
2019-10-23 16:11 - 2015-10-16 16:00 - 000001814 _____ C:\Users\Public\Desktop\TeamViewer 9 CIRCET.lnk
2019-10-23 16:11 - 2015-06-04 13:07 - 000001568 _____ C:\Users\Public\Desktop\Documentation.lnk
2019-10-23 16:07 - 2019-10-23 16:07 - 000000020 ___SH C:\Users\gherzi\ntuser.ini
2019-10-22 16:22 - 2019-10-22 16:22 - 000044596 _____ C:\Users\gherzi\Downloads\facture_9067913608_2019-09-10 (1).pdf
2019-10-22 16:21 - 2019-10-22 16:21 - 000045429 _____ C:\Users\gherzi\Downloads\facture_9067913608_2019-10-10 (1).pdf
2019-10-22 16:20 - 2019-10-22 16:20 - 000045429 _____ C:\Users\gherzi\Downloads\facture_9067913608_2019-10-10.pdf
2019-10-22 16:15 - 2019-10-22 16:15 - 000075190 _____ C:\Users\gherzi\Downloads\facture_freemobile_20191005.pdf
2019-10-22 16:13 - 2019-10-22 16:13 - 000104158 _____ C:\Users\gherzi\Downloads\facture_freemobile_20190830.pdf
2019-10-22 14:49 - 2019-10-22 14:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Circet
2019-10-22 14:44 - 2019-10-24 11:27 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-17 11:56 - 2019-10-17 11:56 - 000000000 ____D C:\AdwCleaner
2019-10-17 11:55 - 2019-10-17 11:55 - 000000000 ____D C:\Users\gherzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CleanUp!
2019-10-17 11:55 - 2019-10-17 11:55 - 000000000 ____D C:\Program Files (x86)\CleanUp!
2019-10-17 11:25 - 2019-10-17 11:25 - 001103600 _____ C:\Users\gherzi\AppData\Local\census.cache
2019-10-17 11:24 - 2019-10-17 11:24 - 000403262 _____ C:\Users\gherzi\AppData\Local\ars.cache
2019-10-17 11:10 - 2019-10-17 11:10 - 000002571 _____ C:\ProgramData\regid.2018-09.fr.circet,SBO_5EE5CE5D-B08E-48D6-82AE-9F6F0DEE1F3B.swidtag
2019-10-17 10:56 - 2019-10-17 10:57 - 000000000 ____D C:\ProgramData\RogueKiller
2019-10-17 10:52 - 2019-10-17 11:45 - 000000036 _____ C:\Users\gherzi\AppData\Local\housecall.guid.cache
2019-10-17 10:52 - 2019-10-17 10:52 - 002527376 _____ (Trend Micro Inc.) C:\Users\gherzi\Downloads\HousecallLauncher64.exe
2019-10-17 10:38 - 2019-10-24 09:54 - 000000000 ____D C:\Users\gherzi\AppData\Roaming\ZHP
2019-10-17 10:38 - 2019-10-24 09:49 - 000000000 ____D C:\Users\gherzi\AppData\Local\ZHP
2019-10-17 10:35 - 2019-10-24 11:37 - 000000000 ____D C:\Users\gherzi\Desktop\nettoyage
2019-10-17 10:20 - 2019-10-17 10:20 - 000000000 ____D C:\ProgramData\Western Digital
2019-10-16 15:01 - 2019-10-16 15:01 - 000000000 ____D C:\ProgramData\Fresco Logic
2019-10-16 14:52 - 2019-10-16 14:52 - 000000000 ____D C:\Program Files\DIFX
2019-10-15 15:33 - 2019-10-15 15:33 - 000000041 _____ C:\Users\gherzi\Downloads\NOTE.txt
2019-10-15 09:05 - 2019-03-01 13:34 - 000269064 _____ (Callback Technologies, Inc.) C:\WINDOWS\system32\cbfsconnectNetRdr2017.dll
2019-10-15 09:05 - 2019-03-01 13:34 - 000233224 _____ (Callback Technologies, Inc.) C:\WINDOWS\SysWOW64\cbfsconnectNetRdr2017.dll
2019-10-15 09:05 - 2019-03-01 13:34 - 000189192 _____ (Callback Technologies, Inc.) C:\WINDOWS\system32\cbfsconnectMntNtf2017.dll
2019-10-15 09:05 - 2019-03-01 13:34 - 000010504 _____ (Callback Technologies, Inc.) C:\WINDOWS\system32\cbfsconnectevtmsg.dll
2019-10-15 09:05 - 2019-03-01 13:33 - 000162056 _____ (Callback Technologies, Inc.) C:\WINDOWS\SysWOW64\cbfsconnectMntNtf2017.dll
2019-10-15 09:05 - 2019-03-01 10:18 - 000476904 _____ (Callback Technologies, Inc.) C:\WINDOWS\system32\Drivers\cbfsconnect2017.sys
2019-10-14 16:00 - 2019-10-14 16:00 - 000198954 _____ C:\Users\gherzi\Downloads\adhesion_prelech_THCAP_20191014_160001.pdf
2019-10-14 15:30 - 2019-10-14 15:30 - 000003538 _____ C:\WINDOWS\system32\Tasks\Skype
2019-10-12 18:06 - 2019-10-12 19:17 - 000012259 _____ C:\Users\gherzi\Downloads\Registre du personnel Antibes VM - Ametra (2).xlsx
2019-10-09 09:12 - 2019-10-23 11:50 - 000000000 ____D C:\Users\gherzi\Desktop\0-EN COURS
2019-10-04 18:53 - 2019-10-04 18:53 - 000012409 _____ C:\Users\gherzi\Downloads\Registre du personnel Antibes VM - Ametra (1).xlsx
2019-10-04 17:56 - 2019-10-04 18:12 - 000042496 _____ C:\Users\gherzi\Downloads\SUIVI SCOOTERS ANTIBES.xls
2019-10-02 08:51 - 2019-10-02 08:51 - 041220010 _____ C:\Users\gherzi\Downloads\wetransfer-bcea58.zip
2019-09-30 09:28 - 2019-09-30 09:28 - 000804301 _____ C:\Users\gherzi\Downloads\Guide santé - Voyager en Afrique.pdf
2019-09-26 16:51 - 2019-09-26 16:51 - 000304810 _____ C:\Users\gherzi\Downloads\FicheAppui_97558.xlsx
2019-09-25 16:43 - 2019-09-25 16:44 - 000436380 _____ C:\Users\gherzi\Downloads\NICE FI-06088-19J PMR 10779.xlsx
2019-09-25 10:29 - 2019-09-25 10:29 - 000148421 _____ C:\Users\gherzi\Downloads\TemplateGrilleControle 062285.xlsx
2019-09-24 14:52 - 2019-09-24 14:52 - 000000000 ____D C:\Users\gherzi\AppData\Roaming\Daum
2019-09-24 14:51 - 2019-10-17 10:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2019-09-24 14:51 - 2019-10-17 10:41 - 000000000 ____D C:\Program Files (x86)\DAUM
2019-09-24 14:35 - 2019-10-09 11:07 - 000000000 ____D C:\Users\gherzi\AppData\Roaming\vlc
2019-09-24 14:33 - 2019-10-17 10:46 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2019-09-24 11:58 - 2019-09-24 11:58 - 000000029 _____ C:\Users\gherzi\Downloads\anadol.txt
==================== Un mois (modifiés) ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-10-24 11:30 - 2019-07-02 15:00 - 000000000 ____D C:\Users\gherzi\AppData\LocalLow\Mozilla
2019-10-24 11:30 - 2018-10-12 09:37 - 000000000 ____D C:\Users\gherzi\Documents\Fichiers Outlook
2019-10-24 11:26 - 2019-07-02 15:00 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-24 11:26 - 2019-07-02 15:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-24 11:18 - 2018-07-18 09:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-24 11:03 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-24 10:19 - 2018-05-31 11:05 - 000000000 ____D C:\Users\gherzi\AppData\Local\Packages
2019-10-24 09:41 - 2018-05-31 11:05 - 000000000 __SHD C:\Users\gherzi\IntelGraphicsProfiles
2019-10-24 09:39 - 2018-07-18 10:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-24 09:39 - 2018-05-31 10:48 - 000000000 ____D C:\ProgramData\NVIDIA
2019-10-24 09:39 - 2018-05-31 10:45 - 000000000 ____D C:\ProgramData\Synaptics
2019-10-24 09:39 - 2018-04-11 23:04 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2019-10-24 09:38 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-10-24 08:40 - 2018-05-31 11:21 - 000000256 _____ C:\WINDOWS\system32\config\netlogon.ftl
2019-10-23 16:26 - 2018-11-08 10:25 - 000000000 ____D C:\Users\gherzi\AppData\Local\MicrosoftEdge
2019-10-23 16:11 - 2018-08-17 15:09 - 000000000 ____D C:\Users\gherzi\AppData\Roaming\Slack
2019-10-23 16:08 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-23 16:07 - 2018-07-18 09:52 - 000000000 ____D C:\Users\gherzi
2019-10-23 15:08 - 2018-12-31 09:53 - 000460800 _____ (Trend Micro Inc.) C:\WINDOWS\RegBootClean64.exe
2019-10-23 14:24 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-23 09:36 - 2018-08-17 15:10 - 000000000 ____D C:\Users\gherzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies
2019-10-23 09:36 - 2018-08-17 15:09 - 000000000 ____D C:\Users\gherzi\AppData\Local\slack
2019-10-23 09:35 - 2018-08-17 15:09 - 000000000 ____D C:\Users\gherzi\AppData\Local\SquirrelTemp
2019-10-22 14:47 - 2019-07-22 10:10 - 071640037 _____ C:\Users\gherzi\Downloads\Sépale Back Office.exe
2019-10-22 14:46 - 2019-07-17 10:01 - 000000000 ____D C:\Users\gherzi\Documents\0.SBO
2019-10-22 09:11 - 2019-07-04 14:43 - 000000000 ____D C:\Users\gherzi\Documents\0-CACHET-TAMPON-SIGNATURES
2019-10-21 14:39 - 2018-07-18 12:19 - 000000000 ____D C:\Users\gherzi\AppData\Local\PlaceholderTileLogoFolder
2019-10-21 14:33 - 2019-07-16 11:33 - 000000000 ____D C:\Users\gherzi\AppData\Local\CrashDumps
2019-10-21 11:51 - 2019-06-14 15:00 - 000000000 ____D C:\Users\gherzi\AppData\Local\Deployment
2019-10-21 11:51 - 2018-07-11 12:33 - 000000000 ____D C:\Program Files\rempl
2019-10-21 11:50 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-10-21 11:29 - 2018-06-01 16:16 - 000000000 ____D C:\Users\gherzi\AppData\Local\ElevatedDiagnostics
2019-10-21 11:29 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-10-21 11:28 - 2018-06-04 14:50 - 000000000 ____D C:\Users\gherzi\AppData\Local\Adobe
2019-10-21 11:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-10-21 10:01 - 2018-06-04 14:21 - 000000000 ____D C:\Users\gherzi\.matplotlib
2019-10-21 10:00 - 2018-06-04 14:21 - 000000000 ____D C:\Users\gherzi\.qgis2
2019-10-18 16:04 - 2018-07-18 10:10 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2019-10-18 16:03 - 2018-05-31 10:56 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-10-17 10:45 - 2018-05-31 10:24 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2019-10-17 10:44 - 2018-09-21 11:11 - 000000000 ____D C:\Users\gherzi\AppData\Roaming\inkscape
2019-10-17 10:42 - 2019-05-21 16:31 - 000000000 ____D C:\Users\gherzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mioplanet
2019-10-17 10:42 - 2019-05-21 16:31 - 000000000 ____D C:\Program Files (x86)\Mioplanet
2019-10-17 10:42 - 2018-05-31 10:25 - 000000000 ____D C:\ProgramData\Package Cache
2019-10-17 09:48 - 2019-09-02 15:15 - 000000000 ____D C:\Users\gherzi\AppData\Local\pCloud
2019-10-15 12:10 - 2018-10-10 08:55 - 000000000 ____D C:\WINDOWS\Minidump
2019-10-14 17:52 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-10-14 10:20 - 2018-09-25 11:51 - 000000000 ____D C:\Program Files (x86)\CAP FT
2019-10-11 09:03 - 2018-05-31 10:55 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-10 14:05 - 2018-07-18 10:10 - 000003356 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1277980355-1940151367-618671499-78644
2019-10-10 14:05 - 2018-07-18 09:52 - 000002455 _____ C:\Users\gherzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-10 14:05 - 2018-05-31 11:08 - 000000000 ___RD C:\Users\gherzi\OneDrive
2019-10-10 09:51 - 2018-07-18 10:10 - 000004748 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-10-10 09:51 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-10-08 08:50 - 2018-07-18 10:10 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-08 08:50 - 2018-07-18 10:10 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-08 08:50 - 2018-05-31 10:54 - 000000000 ____D C:\Program Files (x86)\Google
2019-09-26 08:59 - 2018-12-03 09:50 - 000000000 ____D C:\Users\gherzi\AppData\Roaming\hpqLog
==================== Fichiers à la racine de certains dossiers ================
2018-06-05 11:34 - 2018-06-05 14:21 - 000000192 _____ () C:\Program Files (x86)\Comac.ldb
2018-06-05 11:31 - 2016-09-01 11:14 - 001216512 _____ () C:\Program Files (x86)\Comac.mdb
2018-06-05 11:31 - 2015-05-22 12:29 - 000036352 _____ () C:\Program Files (x86)\Sx32w.dll
2018-06-05 11:31 - 2016-01-26 19:01 - 001582080 _____ (ATLOG) C:\Program Files (x86)\XMLPPK.dll
2019-10-17 11:24 - 2019-10-17 11:24 - 000403262 _____ () C:\Users\gherzi\AppData\Local\ars.cache
2019-10-17 11:25 - 2019-10-17 11:25 - 001103600 _____ () C:\Users\gherzi\AppData\Local\census.cache
2019-10-17 10:52 - 2019-10-17 11:45 - 000000036 _____ () C:\Users\gherzi\AppData\Local\housecall.guid.cache
2019-09-02 10:00 - 2019-09-02 10:00 - 000000722 _____ () C:\Users\gherzi\AppData\Local\recently-used.xbel
==================== SigCheck ===============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ============================
Exécuté par gherzi (administrateur) sur I20180111 (HP HP ProBook 450 G5) (24-10-2019 11:39:03)
Exécuté depuis C:\Users\gherzi\Desktop\nettoyage
Profils chargés: gherzi (Profils disponibles: gherzi & Administrateur)
Platform: Windows 10 Pro Version 1803 17134.950 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
(ATLOG) [Fichier non signé] C:\Atlog\Atlog_Commun\Gescle\AtlBack3.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\UIUSrv.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_8598cf7f18c538c5\HotKeyServiceUWP.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_8598cf7f18c538c5\HPHotkeyNotification.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_8598cf7f18c538c5\LanWlanWwanSwitchingServiceUWP.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130871.inf_amd64_382f7c369d4bf777\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130871.inf_amd64_382f7c369d4bf777\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130871.inf_amd64_382f7c369d4bf777\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130871.inf_amd64_382f7c369d4bf777\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Macrovision Europe Ltd.) [Fichier non signé] C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Pulse Secure, LLC -> ) C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\Pulse.exe
(Pulse Secure, LLC -> Pulse Secure, LLC) C:\Program Files (x86)\Common Files\Pulse Secure\JUNS\PulseSecureService.exe
(Pulse Secure, LLC -> Pulse Secure, LLC) C:\Program Files (x86)\Common Files\Pulse Secure\JUNS\PulseSecureService.exe
(SafeNet, Inc. -> SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet, Inc. -> SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc. -> SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.85.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.85.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Sophos Ltd -> The OpenVPN Project) C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\TmCCSF.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\NTRTScan.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\PccNTMon.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmListen.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmSSClient.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [OfficeScanNT Monitor] => C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe [3405848 2017-11-13] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [openvpn-gui] => C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe [492600 2017-06-23] (Sophos Ltd -> )
HKLM-x32\...\Run: [PulseSecure] => C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\Pulse.exe [3237840 2019-04-12] (Pulse Secure, LLC -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1277980355-1940151367-618671499-78644 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKU\S-1-5-21-1277980355-1940151367-618671499-78644 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1277980355-1940151367-618671499-78644\...\MountPoints2: {0b8e672e-f0b1-11e9-9c28-f85971eae3a9} - "D:\WD Drive Unlock.exe" autoplay=true
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.120\Installer\chrmstp.exe [2019-10-11] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{4B9CAC01-6732-40d0-8B8F-B5B340F9D44F}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2019-04-12] (Pulse Secure, LLC -> )
HKLM\Software\...\Authentication\Credential Providers: [{4EFD0F35-BFBA-44eb-8F25-2B3530203C1D}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2019-04-12] (Pulse Secure, LLC -> )
HKLM\Software\...\Authentication\Credential Providers: [{C1258FBC-F04F-4862-B78A-DDAAEF4A9707}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2019-04-12] (Pulse Secure, LLC -> )
HKLM\Software\...\Authentication\Credential Providers: [{EAB1A79F-DFAA-4faf-A7B9-A6652E97EE16}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2019-04-12] (Pulse Secure, LLC -> )
HKLM\Software\...\Authentication\Credential Provider Filters: [{3884BCAA-C611-4e2d-9105-E11B1203294E}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2019-04-12] (Pulse Secure, LLC -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk [2018-06-04]
ShortcutTarget: Adobe Reader Synchronizer.lnk -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe (Adobe Systems, Incorporated -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Atlback3.lnk [2019-03-27]
ShortcutTarget: Atlback3.lnk -> C:\Atlog\Atlog_Commun\Gescle\AtlBack3.exe (ATLOG) [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bginfo.lnk [2016-03-15]
ShortcutTarget: Bginfo.lnk -> C:\Bginfo\Bginfo.exe (Microsoft Corporation -> Sysinternals)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide d'Adobe Acrobat.lnk [2018-06-04]
ShortcutTarget: Lancement rapide d'Adobe Acrobat.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe () [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LNK.lnk [2016-06-08]
ShortcutTarget: LNK.lnk -> C:\LNK\Raccourcis.bat () [Fichier non signé]
Startup: C:\Users\gherzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2019-10-23]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {3706BD3A-F3B0-4BE6-8409-39665798CDFC} - System32\Tasks\Skype => C:\Users\gherzi\AppData\Local\Temp\Suivi_colis_relay.vbs <==== ATTENTION
Task: {6A637B17-8F10-406A-83DB-60EAF668CD2E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-31] (Google Inc -> Google Inc.)
Task: {79072BE2-C7BA-482D-BD46-1982F217D258} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_pepper.exe [1453112 2019-10-10] (Adobe Inc. -> Adobe)
Task: {8D8A121B-1F34-413D-B283-95F54CC11514} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\WINDOWS\system32\gpupdate.exe [29184 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
Task: {8D983A73-E4F5-4551-9DDF-5434A3E07A8A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {973E4ECF-D0ED-4950-8779-65E3377355DE} - System32\Tasks\MailInventory => C:\Program Files (x86)\CLARILOG - AVS Mail Inventory\Clarilog.Mail.Inventory.exe [968704 2016-02-17] (Clarilog) [Fichier non signé]
Task: {D3997490-B166-4FFC-A20E-899DCE3BCA80} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-31] (Google Inc -> Google Inc.)
Task: {E2B7C5FD-28A2-4F43-BFE9-0DD3969367BC} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe
Task: {E3A3F1F8-6082-4B3A-94E4-DA2FA7E2C6D1} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\WINDOWS\system32\gpupdate.exe [29184 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
Task: {E5263535-B29E-4D6F-BB1D-7E669E5A5D94} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {F6BBAC61-9086-4B77-8D83-2CADF6DABFAB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {FBB765A4-BA58-4DBF-AE21-3C49B560B9F4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {FEAB79DB-ABCC-4393-8F30-A8E50B6D4661} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-10] (Adobe Inc. -> Adobe)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{3a309332-952f-4364-991d-4fe58689fac7}: [DhcpNameServer] 10.0.0.201 10.0.0.202
Tcpip\..\Interfaces\{4b90a0ae-ef7e-4024-adcc-bb3ead17bf05}: [DhcpNameServer] 10.0.26.201 10.0.0.201
Tcpip\..\Interfaces\{a49fe483-0dfc-409d-9a05-ccc262c13ec0}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1277980355-1940151367-618671499-78644\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr
HKU\S-1-5-21-1277980355-1940151367-618671499-78644\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.fr
SearchScopes: HKU\S-1-5-21-1277980355-1940151367-618671499-78644 -> DefaultScope {E788F693-5338-4C9B-8DD8-CACBAE9972C5} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-1277980355-1940151367-618671499-78644 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1277980355-1940151367-618671499-78644 -> {E788F693-5338-4C9B-8DD8-CACBAE9972C5} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Trend Micro Osprey Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg.dll [2017-09-05] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO: Pas de nom -> {9E232D27-EFAB-48A2-A1B7-9FEC4BA897EF}' -> Pas de fichier
BHO: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\module\BES\TmBpIe64.dll [2017-09-06] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Aide pour le lien d'Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-07-31] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Trend Micro Osprey Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg32.dll [2017-09-05] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\module\BES\IE32\TmBpIe32.dll [2017-09-06] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-31] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
DPF: HKLM {583C990C-2D38-410c-9A4A-0932D66A754F} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient64.cab
DPF: HKLM-x32 {8E375A63-C616-46F1-AC77-59DF78F3A826} hxxps://metagate.site2.orange.com/dana-cached/sc/PulseSetupClient.cab
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\module\BES\TmBpIe64.dll [2017-09-06] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\module\BES\IE32\TmBpIe32.dll [2017-09-06] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg.dll [2017-09-05] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg32.dll [2017-09-05] (Trend Micro, Inc. -> Trend Micro Inc.)
FireFox:
========
FF DefaultProfile: ir3qieof.default
FF ProfilePath: C:\Users\gherzi\AppData\Roaming\Mozilla\Firefox\Profiles\ir3qieof.default [2019-07-02]
FF ProfilePath: C:\Users\gherzi\AppData\Roaming\Mozilla\Firefox\Profiles\t8zxfuf4.default-release [2019-10-24]
FF HKLM\...\Firefox\Extensions: [com.trendmicro.tmopfirefox.ext@trendop] - C:\Program Files (x86)\Trend Micro\OfficeScan Client\FirefoxExtensionOsprey\com.trendmicro.tmopfirefox.ext@trendop.xpi
FF Extension: (Trend Micro Osprey Firefox Extension) - C:\Program Files (x86)\Trend Micro\OfficeScan Client\FirefoxExtensionOsprey\com.trendmicro.tmopfirefox.ext@trendop.xpi [2017-09-05]
FF HKLM-x32\...\Firefox\Extensions: [com.trendmicro.tmopfirefox.ext@trendop] - C:\Program Files (x86)\Trend Micro\OfficeScan Client\FirefoxExtensionOsprey\com.trendmicro.tmopfirefox.ext@trendop.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-16] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\gherzi\AppData\Local\Google\Chrome\User Data\Default [2019-10-24]
CHR Extension: (Docs) - C:\Users\gherzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-01]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\gherzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-23]
CHR Extension: (Google Mail Checker) - C:\Users\gherzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2018-06-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\gherzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-15]
CHR Extension: (Gmail) - C:\Users\gherzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-16]
CHR Extension: (Chrome Media Router) - C:\Users\gherzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-01]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1705592 2017-11-28] (Intel Corporation -> Intel Corporation)
R3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2018-06-04] (Macrovision Europe Ltd.) [Fichier non signé]
R2 fpCsEvtSvc; C:\WINDOWS\System32\fpCSEvtSvc.exe [23912 2018-07-25] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_8598cf7f18c538c5\HotKeyServiceUWP.exe [819856 2019-05-14] (HP Inc. -> HP Inc.)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [529912 2018-12-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S2 IntelAudioService; C:\WINDOWS\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [214040 2017-12-28] (Intel(R) Smart Sound Technology -> Intel)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_8598cf7f18c538c5\LanWlanWwanSwitchingServiceUWP.exe [731072 2019-05-14] (HP Inc. -> HP Inc.)
S3 MMCUpdate; C:\Program Files (x86)\Orange\eData\MMC\Launcher\6.3.0.0\MMCUpdate.exe [2066832 2019-01-17] (Orange -> Orange Business Services)
R2 ntrtscan; C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe [7657576 2017-11-13] (Trend Micro, Inc. -> Trend Micro Inc.)
S3 OpenVPNService; C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [96104 2017-06-23] (Sophos Ltd -> The OpenVPN Project)
R2 OpenVPNServiceInteractive; C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [96104 2017-06-23] (Sophos Ltd -> The OpenVPN Project)
R2 PulseSecureService; C:\Program Files (x86)\Common Files\Pulse Secure\JUNS\PulseSecureService.exe [182224 2019-04-12] (Pulse Secure, LLC -> Pulse Secure, LLC)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074128 2019-08-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [374048 2010-10-20] (SafeNet, Inc. -> SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1250592 2010-10-20] (SafeNet, Inc. -> SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [292128 2010-10-20] (SafeNet, Inc. -> SafeNet, Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [280192 2018-11-05] (Synaptics Incorporated -> Synaptics Incorporated)
R3 TMBMServer; C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe [484800 2017-10-25] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 tmccsf; C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\tmccsf.exe [1503424 2017-11-13] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmlisten; C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe [5659176 2017-11-13] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 TmPfw; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe [616352 2017-08-01] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 UIUService; C:\WINDOWS\SysWOW64\UIUSrv.exe [116344 2019-04-19] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
R2 valWBFPolicyService; C:\WINDOWS\System32\valWBFPolicyService.exe [92520 2018-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP Inc. -> HP)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 cbfs6; C:\WINDOWS\system32\drivers\cbfs6.sys [460992 2016-09-09] (EldoS Corporation -> /n software, Inc.)
R1 cbfsconnect2017; C:\WINDOWS\system32\drivers\cbfsconnect2017.sys [476904 2019-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
R3 CnxtHdAudService; C:\WINDOWS\system32\drivers\CHDRT64ISST.sys [2075600 2018-01-03] (Conexant Systems LLC -> Conexant Systems Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [74696 2017-11-28] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [70088 2017-11-28] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [383432 2017-11-28] (Intel Corporation -> Intel Corporation)
S3 fl2000; C:\WINDOWS\System32\drivers\fl2000.sys [205944 2017-11-23] (Fresco Logic Inc -> Fresco Logic)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP Inc. -> HP)
R3 HpqKbFiltr; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [50752 2019-05-14] (HP Inc. -> HP Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [199192 2018-05-11] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R1 jnprns; C:\WINDOWS\system32\DRIVERS\jnprns.sys [507192 2019-04-12] (Juniper Networks, Inc. -> Juniper Networks)
R1 jnprTdi_824_597; C:\WINDOWS\system32\Drivers\jnprTdi_824_597.sys [106176 2016-06-01] (Pulse Secure, LLC -> Pulse Secure, LLC)
R3 JnprVaMgr; C:\WINDOWS\System32\drivers\jnprvamgr.sys [45352 2019-04-12] (Juniper Networks, Inc. -> Juniper Networks, Inc.)
R3 Netwtw06; C:\WINDOWS\system32\DRIVERS\Netwtw06.sys [8831152 2018-10-12] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvbl.inf_amd64_ef940603bc23eed3\nvlddmkm.sys [17036552 2018-02-09] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
R3 RTSPER; C:\WINDOWS\System32\drivers\RtsPer.sys [873408 2018-01-23] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [67208 2018-11-05] (Synaptics Incorporated -> Synaptics Incorporated)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [34152 2016-01-18] (Sophos -> The OpenVPN Project)
R2 tmactmon; C:\WINDOWS\system32\DRIVERS\tmactmon.sys [133232 2017-10-30] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 tmcomm; C:\WINDOWS\system32\DRIVERS\tmcomm.sys [437400 2017-10-15] (Trend Micro, Inc. -> Trend Micro Inc.)
R0 TMEBC; C:\WINDOWS\System32\DRIVERS\TMEBC64.sys [72504 2016-04-21] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 tmeevw; C:\WINDOWS\system32\DRIVERS\tmeevw.sys [143064 2017-04-25] (Trend Micro, Inc. -> Trend Micro Inc.)
S0 tmel; C:\WINDOWS\System32\DRIVERS\tmel.sys [39056 2015-06-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Trend Micro Inc.)
R2 tmevtmgr; C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys [94808 2017-10-30] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 TmFilter; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmXPFlt.sys [407240 2018-09-11] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 TmLwf; C:\WINDOWS\system32\DRIVERS\tmlwf.sys [168448 2017-08-01] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 tmnciesc; C:\WINDOWS\system32\DRIVERS\tmnciesc.sys [560856 2017-05-05] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 TmPreFilter; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPreFlt.sys [70344 2018-09-11] (Trend Micro, Inc. -> Trend Micro Inc.)
S1 tmumh; C:\WINDOWS\system32\DRIVERS\TMUMH.sys [115864 2017-10-04] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 tmusa; C:\WINDOWS\system32\DRIVERS\tmusa.sys [131792 2016-11-25] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmWfp; C:\WINDOWS\system32\DRIVERS\tmwfp.sys [304568 2017-08-01] (Trend Micro, Inc. -> Trend Micro Inc.)
S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [235832 2019-01-28] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174008 2019-01-28] (Oracle Corporation -> Oracle Corporation)
R3 vpnpbus; C:\WINDOWS\System32\drivers\vpnpbus.sys [20704 2019-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
R2 VSApiNt; C:\Program Files (x86)\Trend Micro\OfficeScan Client\VSApiNt.sys [2906848 2018-09-11] (Trend Micro, Inc. -> Trend Micro Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-08-06] (HP Inc. -> HP)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-10-24 11:30 - 2019-10-24 11:39 - 000000000 ____D C:\FRST
2019-10-24 10:23 - 2019-10-24 10:24 - 000000000 ____D C:\Users\gherzi\Desktop\PA-06088-002Q
2019-10-24 09:54 - 2019-10-24 09:54 - 000343664 _____ C:\Users\gherzi\Desktop\ZHPDiag.txt
2019-10-24 09:38 - 2019-10-24 09:38 - 000022158 _____ C:\Users\gherzi\Desktop\ZHPFix.txt
2019-10-24 09:21 - 2019-10-24 09:37 - 000000906 _____ C:\Users\gherzi\Desktop\ZHPFix2.lnk
2019-10-24 09:19 - 2019-10-24 09:19 - 001707904 _____ (Nicolas Coolman) C:\Users\gherzi\Downloads\ZHPFix2.exe
2019-10-23 17:20 - 2019-10-23 17:20 - 000030879 _____ C:\Users\gherzi\Downloads\NuitDHorreur.zip
2019-10-23 16:21 - 2019-10-23 16:21 - 066947216 _____ (Malwarebytes ) C:\Users\gherzi\Downloads\mb3-setup-consumer-3.8.3.2965-1.0.629-1.0.13007.exe
2019-10-23 16:15 - 2019-10-24 09:48 - 000000913 _____ C:\Users\gherzi\Desktop\ZHPDiag.lnk
2019-10-23 16:14 - 2019-10-23 16:14 - 003262336 _____ (Nicolas Coolman) C:\Users\gherzi\Downloads\ZHPDiag3.exe
2019-10-23 16:11 - 2015-10-16 16:00 - 000001814 _____ C:\Users\Public\Desktop\TeamViewer 9 CIRCET.lnk
2019-10-23 16:11 - 2015-06-04 13:07 - 000001568 _____ C:\Users\Public\Desktop\Documentation.lnk
2019-10-23 16:07 - 2019-10-23 16:07 - 000000020 ___SH C:\Users\gherzi\ntuser.ini
2019-10-22 16:22 - 2019-10-22 16:22 - 000044596 _____ C:\Users\gherzi\Downloads\facture_9067913608_2019-09-10 (1).pdf
2019-10-22 16:21 - 2019-10-22 16:21 - 000045429 _____ C:\Users\gherzi\Downloads\facture_9067913608_2019-10-10 (1).pdf
2019-10-22 16:20 - 2019-10-22 16:20 - 000045429 _____ C:\Users\gherzi\Downloads\facture_9067913608_2019-10-10.pdf
2019-10-22 16:15 - 2019-10-22 16:15 - 000075190 _____ C:\Users\gherzi\Downloads\facture_freemobile_20191005.pdf
2019-10-22 16:13 - 2019-10-22 16:13 - 000104158 _____ C:\Users\gherzi\Downloads\facture_freemobile_20190830.pdf
2019-10-22 14:49 - 2019-10-22 14:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Circet
2019-10-22 14:44 - 2019-10-24 11:27 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-17 11:56 - 2019-10-17 11:56 - 000000000 ____D C:\AdwCleaner
2019-10-17 11:55 - 2019-10-17 11:55 - 000000000 ____D C:\Users\gherzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CleanUp!
2019-10-17 11:55 - 2019-10-17 11:55 - 000000000 ____D C:\Program Files (x86)\CleanUp!
2019-10-17 11:25 - 2019-10-17 11:25 - 001103600 _____ C:\Users\gherzi\AppData\Local\census.cache
2019-10-17 11:24 - 2019-10-17 11:24 - 000403262 _____ C:\Users\gherzi\AppData\Local\ars.cache
2019-10-17 11:10 - 2019-10-17 11:10 - 000002571 _____ C:\ProgramData\regid.2018-09.fr.circet,SBO_5EE5CE5D-B08E-48D6-82AE-9F6F0DEE1F3B.swidtag
2019-10-17 10:56 - 2019-10-17 10:57 - 000000000 ____D C:\ProgramData\RogueKiller
2019-10-17 10:52 - 2019-10-17 11:45 - 000000036 _____ C:\Users\gherzi\AppData\Local\housecall.guid.cache
2019-10-17 10:52 - 2019-10-17 10:52 - 002527376 _____ (Trend Micro Inc.) C:\Users\gherzi\Downloads\HousecallLauncher64.exe
2019-10-17 10:38 - 2019-10-24 09:54 - 000000000 ____D C:\Users\gherzi\AppData\Roaming\ZHP
2019-10-17 10:38 - 2019-10-24 09:49 - 000000000 ____D C:\Users\gherzi\AppData\Local\ZHP
2019-10-17 10:35 - 2019-10-24 11:37 - 000000000 ____D C:\Users\gherzi\Desktop\nettoyage
2019-10-17 10:20 - 2019-10-17 10:20 - 000000000 ____D C:\ProgramData\Western Digital
2019-10-16 15:01 - 2019-10-16 15:01 - 000000000 ____D C:\ProgramData\Fresco Logic
2019-10-16 14:52 - 2019-10-16 14:52 - 000000000 ____D C:\Program Files\DIFX
2019-10-15 15:33 - 2019-10-15 15:33 - 000000041 _____ C:\Users\gherzi\Downloads\NOTE.txt
2019-10-15 09:05 - 2019-03-01 13:34 - 000269064 _____ (Callback Technologies, Inc.) C:\WINDOWS\system32\cbfsconnectNetRdr2017.dll
2019-10-15 09:05 - 2019-03-01 13:34 - 000233224 _____ (Callback Technologies, Inc.) C:\WINDOWS\SysWOW64\cbfsconnectNetRdr2017.dll
2019-10-15 09:05 - 2019-03-01 13:34 - 000189192 _____ (Callback Technologies, Inc.) C:\WINDOWS\system32\cbfsconnectMntNtf2017.dll
2019-10-15 09:05 - 2019-03-01 13:34 - 000010504 _____ (Callback Technologies, Inc.) C:\WINDOWS\system32\cbfsconnectevtmsg.dll
2019-10-15 09:05 - 2019-03-01 13:33 - 000162056 _____ (Callback Technologies, Inc.) C:\WINDOWS\SysWOW64\cbfsconnectMntNtf2017.dll
2019-10-15 09:05 - 2019-03-01 10:18 - 000476904 _____ (Callback Technologies, Inc.) C:\WINDOWS\system32\Drivers\cbfsconnect2017.sys
2019-10-14 16:00 - 2019-10-14 16:00 - 000198954 _____ C:\Users\gherzi\Downloads\adhesion_prelech_THCAP_20191014_160001.pdf
2019-10-14 15:30 - 2019-10-14 15:30 - 000003538 _____ C:\WINDOWS\system32\Tasks\Skype
2019-10-12 18:06 - 2019-10-12 19:17 - 000012259 _____ C:\Users\gherzi\Downloads\Registre du personnel Antibes VM - Ametra (2).xlsx
2019-10-09 09:12 - 2019-10-23 11:50 - 000000000 ____D C:\Users\gherzi\Desktop\0-EN COURS
2019-10-04 18:53 - 2019-10-04 18:53 - 000012409 _____ C:\Users\gherzi\Downloads\Registre du personnel Antibes VM - Ametra (1).xlsx
2019-10-04 17:56 - 2019-10-04 18:12 - 000042496 _____ C:\Users\gherzi\Downloads\SUIVI SCOOTERS ANTIBES.xls
2019-10-02 08:51 - 2019-10-02 08:51 - 041220010 _____ C:\Users\gherzi\Downloads\wetransfer-bcea58.zip
2019-09-30 09:28 - 2019-09-30 09:28 - 000804301 _____ C:\Users\gherzi\Downloads\Guide santé - Voyager en Afrique.pdf
2019-09-26 16:51 - 2019-09-26 16:51 - 000304810 _____ C:\Users\gherzi\Downloads\FicheAppui_97558.xlsx
2019-09-25 16:43 - 2019-09-25 16:44 - 000436380 _____ C:\Users\gherzi\Downloads\NICE FI-06088-19J PMR 10779.xlsx
2019-09-25 10:29 - 2019-09-25 10:29 - 000148421 _____ C:\Users\gherzi\Downloads\TemplateGrilleControle 062285.xlsx
2019-09-24 14:52 - 2019-09-24 14:52 - 000000000 ____D C:\Users\gherzi\AppData\Roaming\Daum
2019-09-24 14:51 - 2019-10-17 10:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2019-09-24 14:51 - 2019-10-17 10:41 - 000000000 ____D C:\Program Files (x86)\DAUM
2019-09-24 14:35 - 2019-10-09 11:07 - 000000000 ____D C:\Users\gherzi\AppData\Roaming\vlc
2019-09-24 14:33 - 2019-10-17 10:46 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2019-09-24 11:58 - 2019-09-24 11:58 - 000000029 _____ C:\Users\gherzi\Downloads\anadol.txt
==================== Un mois (modifiés) ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-10-24 11:30 - 2019-07-02 15:00 - 000000000 ____D C:\Users\gherzi\AppData\LocalLow\Mozilla
2019-10-24 11:30 - 2018-10-12 09:37 - 000000000 ____D C:\Users\gherzi\Documents\Fichiers Outlook
2019-10-24 11:26 - 2019-07-02 15:00 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-24 11:26 - 2019-07-02 15:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-24 11:18 - 2018-07-18 09:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-24 11:03 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-24 10:19 - 2018-05-31 11:05 - 000000000 ____D C:\Users\gherzi\AppData\Local\Packages
2019-10-24 09:41 - 2018-05-31 11:05 - 000000000 __SHD C:\Users\gherzi\IntelGraphicsProfiles
2019-10-24 09:39 - 2018-07-18 10:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-24 09:39 - 2018-05-31 10:48 - 000000000 ____D C:\ProgramData\NVIDIA
2019-10-24 09:39 - 2018-05-31 10:45 - 000000000 ____D C:\ProgramData\Synaptics
2019-10-24 09:39 - 2018-04-11 23:04 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2019-10-24 09:38 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-10-24 08:40 - 2018-05-31 11:21 - 000000256 _____ C:\WINDOWS\system32\config\netlogon.ftl
2019-10-23 16:26 - 2018-11-08 10:25 - 000000000 ____D C:\Users\gherzi\AppData\Local\MicrosoftEdge
2019-10-23 16:11 - 2018-08-17 15:09 - 000000000 ____D C:\Users\gherzi\AppData\Roaming\Slack
2019-10-23 16:08 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-23 16:07 - 2018-07-18 09:52 - 000000000 ____D C:\Users\gherzi
2019-10-23 15:08 - 2018-12-31 09:53 - 000460800 _____ (Trend Micro Inc.) C:\WINDOWS\RegBootClean64.exe
2019-10-23 14:24 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-23 09:36 - 2018-08-17 15:10 - 000000000 ____D C:\Users\gherzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies
2019-10-23 09:36 - 2018-08-17 15:09 - 000000000 ____D C:\Users\gherzi\AppData\Local\slack
2019-10-23 09:35 - 2018-08-17 15:09 - 000000000 ____D C:\Users\gherzi\AppData\Local\SquirrelTemp
2019-10-22 14:47 - 2019-07-22 10:10 - 071640037 _____ C:\Users\gherzi\Downloads\Sépale Back Office.exe
2019-10-22 14:46 - 2019-07-17 10:01 - 000000000 ____D C:\Users\gherzi\Documents\0.SBO
2019-10-22 09:11 - 2019-07-04 14:43 - 000000000 ____D C:\Users\gherzi\Documents\0-CACHET-TAMPON-SIGNATURES
2019-10-21 14:39 - 2018-07-18 12:19 - 000000000 ____D C:\Users\gherzi\AppData\Local\PlaceholderTileLogoFolder
2019-10-21 14:33 - 2019-07-16 11:33 - 000000000 ____D C:\Users\gherzi\AppData\Local\CrashDumps
2019-10-21 11:51 - 2019-06-14 15:00 - 000000000 ____D C:\Users\gherzi\AppData\Local\Deployment
2019-10-21 11:51 - 2018-07-11 12:33 - 000000000 ____D C:\Program Files\rempl
2019-10-21 11:50 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-10-21 11:29 - 2018-06-01 16:16 - 000000000 ____D C:\Users\gherzi\AppData\Local\ElevatedDiagnostics
2019-10-21 11:29 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-10-21 11:28 - 2018-06-04 14:50 - 000000000 ____D C:\Users\gherzi\AppData\Local\Adobe
2019-10-21 11:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-10-21 10:01 - 2018-06-04 14:21 - 000000000 ____D C:\Users\gherzi\.matplotlib
2019-10-21 10:00 - 2018-06-04 14:21 - 000000000 ____D C:\Users\gherzi\.qgis2
2019-10-18 16:04 - 2018-07-18 10:10 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2019-10-18 16:03 - 2018-05-31 10:56 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-10-17 10:45 - 2018-05-31 10:24 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2019-10-17 10:44 - 2018-09-21 11:11 - 000000000 ____D C:\Users\gherzi\AppData\Roaming\inkscape
2019-10-17 10:42 - 2019-05-21 16:31 - 000000000 ____D C:\Users\gherzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mioplanet
2019-10-17 10:42 - 2019-05-21 16:31 - 000000000 ____D C:\Program Files (x86)\Mioplanet
2019-10-17 10:42 - 2018-05-31 10:25 - 000000000 ____D C:\ProgramData\Package Cache
2019-10-17 09:48 - 2019-09-02 15:15 - 000000000 ____D C:\Users\gherzi\AppData\Local\pCloud
2019-10-15 12:10 - 2018-10-10 08:55 - 000000000 ____D C:\WINDOWS\Minidump
2019-10-14 17:52 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-10-14 10:20 - 2018-09-25 11:51 - 000000000 ____D C:\Program Files (x86)\CAP FT
2019-10-11 09:03 - 2018-05-31 10:55 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-10 14:05 - 2018-07-18 10:10 - 000003356 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1277980355-1940151367-618671499-78644
2019-10-10 14:05 - 2018-07-18 09:52 - 000002455 _____ C:\Users\gherzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-10 14:05 - 2018-05-31 11:08 - 000000000 ___RD C:\Users\gherzi\OneDrive
2019-10-10 09:51 - 2018-07-18 10:10 - 000004748 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-10-10 09:51 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-10-08 08:50 - 2018-07-18 10:10 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-08 08:50 - 2018-07-18 10:10 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-08 08:50 - 2018-05-31 10:54 - 000000000 ____D C:\Program Files (x86)\Google
2019-09-26 08:59 - 2018-12-03 09:50 - 000000000 ____D C:\Users\gherzi\AppData\Roaming\hpqLog
==================== Fichiers à la racine de certains dossiers ================
2018-06-05 11:34 - 2018-06-05 14:21 - 000000192 _____ () C:\Program Files (x86)\Comac.ldb
2018-06-05 11:31 - 2016-09-01 11:14 - 001216512 _____ () C:\Program Files (x86)\Comac.mdb
2018-06-05 11:31 - 2015-05-22 12:29 - 000036352 _____ () C:\Program Files (x86)\Sx32w.dll
2018-06-05 11:31 - 2016-01-26 19:01 - 001582080 _____ (ATLOG) C:\Program Files (x86)\XMLPPK.dll
2019-10-17 11:24 - 2019-10-17 11:24 - 000403262 _____ () C:\Users\gherzi\AppData\Local\ars.cache
2019-10-17 11:25 - 2019-10-17 11:25 - 001103600 _____ () C:\Users\gherzi\AppData\Local\census.cache
2019-10-17 10:52 - 2019-10-17 11:45 - 000000036 _____ () C:\Users\gherzi\AppData\Local\housecall.guid.cache
2019-09-02 10:00 - 2019-09-02 10:00 - 000000722 _____ () C:\Users\gherzi\AppData\Local\recently-used.xbel
==================== SigCheck ===============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ============================