Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2019
Exécuté par gossl (administrateur) sur LAPTOP-BKLQFG6J (Acer Aspire ES1-732) (21-12-2019 14:13:35)
Exécuté depuis C:\Users\gossl\Downloads
Profils chargés: gossl (Profils disponibles: gossl)
Platform: Windows 10 Home Version 1809 17763.914 (X64) Langue: Français (France)
Navigateur par défaut: IE
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acer Incorporated) C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3013.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Canon Inc. -> CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\gossl\Downloads\adwcleaner_8.0.1.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\gossl\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11912.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391088 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-1841215373-598962335-3707056146-1001\...\Run: [MyDriveConnect.exe] => C:\Users\gossl\Pictures\MyDrive Connect\TomTom MyDrive Connect.exe -startwithoutDA
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-18] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {02CD1871-A31D-40C7-AF84-BA24F5D1BBED} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_Plugin.exe [1457720 2019-12-14] (Adobe Inc. -> Adobe)
Task: {2AB8A34F-F538-40CC-A103-12E39CD6137C} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe
Task: {4C54510D-28C5-446F-8A85-21DFE25B683E} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe
Task: {5A8075BE-66AB-438A-BC82-D199EB193398} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2018-06-13] (Acer Incorporated -> Acer Incorporated)
Task: {6EE16111-0D4E-45A9-923D-279C85758793} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {9025EE4F-D4DF-4D40-A21F-F951FE061A7B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {936E5F65-4528-4DDF-8B19-EB782C7BDCEA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-14] (Adobe Inc. -> Adobe)
Task: {93C2DD24-A9B7-40F9-9DE9-6E60EDA4D0BC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {C2C48034-2F19-4929-B169-6FF51A9DE54B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-21] (Google Inc -> Google Inc.)
Task: {C306F07C-FFCB-4194-A063-1D9124D04A0C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D49022E1-130E-4A8F-ABC2-9DA7DCC9BAF0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EC17CCAF-9234-48A5-BF1B-4D17876B5B01} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-21] (Google Inc -> Google Inc.)
Task: {F27E87BD-E093-4F04-A6D6-932B5CC691FC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{36c3705b-c9cf-4168-a96f-9f29b3faafff}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a3c43857-0be3-4758-beaa-09aa27e945cf}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1841215373-598962335-3707056146-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-1841215373-598962335-3707056146-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-1841215373-598962335-3707056146-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=U453&ocid=U453DHP&osmkt=fr-fr
SearchScopes: HKU\S-1-5-21-1841215373-598962335-3707056146-1001 -> DefaultScope {6AE2F9D2-BA11-491A-BDA1-96E298118C19} URL =
SearchScopes: HKU\S-1-5-21-1841215373-598962335-3707056146-1001 -> {6AE2F9D2-BA11-491A-BDA1-96E298118C19} URL =
Edge:
======
DownloadDir: C:\Users\gossl\Downloads
FireFox:
========
FF DefaultProfile: hptjxqa0.default-1576788255610
FF ProfilePath: C:\Users\gossl\AppData\Roaming\Mozilla\Firefox\Profiles\pg21ekf9.default-release [2019-12-20]
FF ProfilePath: C:\Users\gossl\AppData\Roaming\Mozilla\Firefox\Profiles\hptjxqa0.default-1576788255610 [2019-12-21]
FF NetworkProxy: Mozilla\Firefox\Profiles\hptjxqa0.default-1576788255610 -> backup.ftp", "hxxps://www.google.fr/"
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_303.dll [2019-12-14] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_303.dll [2019-12-14] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-15] (CANON INC.) [Fichier non signé]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.dregol.com/?f=1&a=drg_mlvi_15_21&cd=2XzuyEtN2Y1L1Qzu0A0E0ByDyB0D0D0C0EyEzyyDyEzzyEtAtN0D0Tzu0StCtBtAzztN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDtC0B0FtAtDyD0BtG0FzytD0DtG0DtB0A0EtGtAzy0B0FtGyDyEyDzytCtA0BtDyB0A0EtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0EzzyB0ByE0F0FtGzztAyByDtGyEyD0F0AtGzztB0E0FtG0CtB0AtD0D0E0AtBtCzz0Bzy2QtN0A0LzuyE&cr=1323479875&ir=
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/?trackid=sp-006","hxxps://www.google.fr/","hxxps://www.google.com/"
CHR Notifications: Default -> hxxps://www.tomtom.com; hxxps://www.voisinssolitaires.com
CHR Profile: C:\Users\gossl\AppData\Local\Google\Chrome\User Data\Default [2019-12-21]
CHR Extension: (Google Drive) - C:\Users\gossl\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-21]
CHR Extension: (YouTube) - C:\Users\gossl\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-21]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\gossl\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-23]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\gossl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\gossl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\gossl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [799928 2018-10-18] (ICEpower a/s -> ICEpower)
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
S4 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [213648 2017-10-01] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-12-21] (Malwarebytes Inc -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 ACCSvc; "C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe" [X]
S4 QALSvc; "C:\Program Files\Acer\Quick Access Service\QALSvc.exe" [X]
S4 QASvc; "C:\Program Files\Acer\Quick Access Service\QASvc.exe" [X]
S4 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe" [X]
S4 WildTangentHelper; "C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [29912 2019-05-17] (Acer Incorporated -> Acer Incorporated)
R3 ibtusb; C:\WINDOWS\System32\drivers\ibtusb.sys [198168 2018-04-19] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216544 2019-12-21] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-12-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2019-12-21] (Malwarebytes Inc -> Malwarebytes)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8614464 2018-05-02] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-10-19] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-08-04] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [66144 2016-09-06] (Synaptics Incorporated -> Synaptics Incorporated)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) ===================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-12-21 14:13 - 2019-12-21 14:15 - 000018156 _____ C:\Users\gossl\Downloads\FRST.txt
2019-12-21 14:11 - 2019-12-21 14:14 - 000000000 ____D C:\FRST
2019-12-21 14:10 - 2019-12-21 14:10 - 002264064 _____ (Farbar) C:\Users\gossl\Downloads\FRST64.exe
2019-12-21 14:00 - 2019-12-21 14:00 - 000216544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-12-21 13:59 - 2019-12-21 13:59 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-12-21 13:51 - 2019-12-21 13:51 - 008237744 _____ (Malwarebytes) C:\Users\gossl\Downloads\adwcleaner_8.0.1.exe
2019-12-21 13:50 - 2019-12-21 13:50 - 008218800 _____ (Malwarebytes) C:\Users\gossl\Downloads\adwcleaner_8.0.0.exe
2019-12-21 13:39 - 2019-12-21 13:39 - 000000000 ___HD C:\OneDriveTemp
2019-12-21 13:27 - 2019-12-21 13:27 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-12-21 13:27 - 2019-12-21 13:27 - 000000000 ____D C:\Users\gossl\AppData\Local\cache
2019-12-21 13:27 - 2019-12-21 13:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-12-21 13:27 - 2019-12-21 13:26 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-12-21 13:26 - 2019-12-21 13:26 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-12-21 13:26 - 2019-12-21 13:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-12-21 13:26 - 2019-12-21 13:26 - 000000000 ____D C:\Program Files\Malwarebytes
2019-12-21 13:24 - 2019-12-21 13:24 - 001883976 _____ (Malwarebytes) C:\Users\gossl\Downloads\MBSetup.exe
2019-12-20 22:29 - 2019-12-20 22:29 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-12-20 22:29 - 2019-12-20 22:29 - 000001220 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-12-20 22:29 - 2019-12-20 22:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-12-20 22:29 - 2019-12-20 22:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-12-20 15:29 - 2019-12-21 13:57 - 000000000 ____D C:\AdwCleaner
2019-12-20 15:02 - 2019-12-20 15:02 - 050467624 _____ (Mozilla) C:\Users\gossl\Downloads\zz Firefox Setup 71.0.exe
2019-12-19 21:44 - 2019-12-19 21:44 - 000000000 ____D C:\Users\gossl\Desktop\Anciennes données de Firefox
2019-12-11 21:08 - 2019-12-11 21:08 - 026807296 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 009668408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 007886848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 007645384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 006541712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 006444032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 003638272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-11 21:08 - 2019-12-11 21:08 - 003576832 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-11 21:08 - 2019-12-11 21:08 - 002699768 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 002233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 002072384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-11 21:08 - 2019-12-11 21:08 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001677808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001676288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001668960 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001666440 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 001465264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001258296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 001201128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001049400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000793824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000678672 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000603792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000505632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000408736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000203064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-12-21 14:16 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-21 14:05 - 2019-03-04 17:04 - 001771410 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-21 14:05 - 2018-09-15 17:39 - 000793190 _____ C:\WINDOWS\system32\perfh00C.dat
2019-12-21 14:05 - 2018-09-15 17:39 - 000150222 _____ C:\WINDOWS\system32\perfc00C.dat
2019-12-21 14:05 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-12-21 14:04 - 2019-02-21 17:25 - 000000000 ____D C:\Users\gossl\AppData\LocalLow\Mozilla
2019-12-21 14:01 - 2019-02-21 17:35 - 000000000 ___RD C:\Users\gossl\OneDrive
2019-12-21 13:59 - 2019-03-04 17:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-21 13:58 - 2018-11-05 19:00 - 000000000 ____D C:\Program Files\Acer
2019-12-21 13:58 - 2018-11-05 18:41 - 000000000 ____D C:\ProgramData\Acer
2019-12-21 13:58 - 2018-11-05 18:41 - 000000000 ____D C:\Program Files (x86)\Acer
2019-12-21 13:58 - 2018-09-15 07:09 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-12-21 13:57 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-12-21 13:44 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-21 13:44 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-21 13:27 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-12-21 11:51 - 2019-02-21 20:35 - 000000000 ____D C:\ProgramData\CanonIJPLM
2019-12-21 11:41 - 2019-03-04 17:31 - 000004176 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{D72BF193-F2DF-4B5D-AA03-4031A1A98946}
2019-12-20 17:16 - 2019-03-04 16:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-19 17:57 - 2019-06-06 17:14 - 000001823 _____ C:\Users\gossl\Desktop\30 - Le rêve du pêcheur - Laurent Voulzy (Live ) - Raccourci.lnk
2019-12-18 22:25 - 2019-02-21 17:49 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-18 22:25 - 2019-02-21 17:49 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-17 21:37 - 2019-04-05 07:41 - 000002039 _____ C:\Users\gossl\Desktop\02 Isabelle Mayereau - Tu m'écris (Clip officiel) - Raccourci.lnk
2019-12-14 18:53 - 2019-03-04 17:31 - 000004760 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-12-14 18:53 - 2019-02-22 10:44 - 000000000 ____D C:\Users\gossl\AppData\Local\Adobe
2019-12-14 18:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-12-14 18:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-12-14 13:57 - 2019-07-01 19:52 - 000000000 ____D C:\Users\gossl\AppData\Roaming\XnView
2019-12-13 22:20 - 2019-03-04 17:31 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-13 22:20 - 2019-03-04 17:31 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-12 16:01 - 2019-02-22 18:59 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-12 11:53 - 2019-03-04 16:42 - 000438752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-12 11:50 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-12 11:50 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-12 11:49 - 2019-02-23 16:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-12 11:45 - 2019-02-23 16:47 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-12 11:44 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-07 12:52 - 2018-11-05 17:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-11-23 17:34 - 2019-03-04 17:31 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1841215373-598962335-3707056146-1001
2019-11-23 17:34 - 2019-03-04 16:52 - 000002405 _____ C:\Users\gossl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par gossl (administrateur) sur LAPTOP-BKLQFG6J (Acer Aspire ES1-732) (21-12-2019 14:13:35)
Exécuté depuis C:\Users\gossl\Downloads
Profils chargés: gossl (Profils disponibles: gossl)
Platform: Windows 10 Home Version 1809 17763.914 (X64) Langue: Français (France)
Navigateur par défaut: IE
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acer Incorporated) C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3013.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Canon Inc. -> CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\gossl\Downloads\adwcleaner_8.0.1.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\gossl\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11912.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391088 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-1841215373-598962335-3707056146-1001\...\Run: [MyDriveConnect.exe] => C:\Users\gossl\Pictures\MyDrive Connect\TomTom MyDrive Connect.exe -startwithoutDA
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-18] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {02CD1871-A31D-40C7-AF84-BA24F5D1BBED} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_Plugin.exe [1457720 2019-12-14] (Adobe Inc. -> Adobe)
Task: {2AB8A34F-F538-40CC-A103-12E39CD6137C} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe
Task: {4C54510D-28C5-446F-8A85-21DFE25B683E} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe
Task: {5A8075BE-66AB-438A-BC82-D199EB193398} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2018-06-13] (Acer Incorporated -> Acer Incorporated)
Task: {6EE16111-0D4E-45A9-923D-279C85758793} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {9025EE4F-D4DF-4D40-A21F-F951FE061A7B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {936E5F65-4528-4DDF-8B19-EB782C7BDCEA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-14] (Adobe Inc. -> Adobe)
Task: {93C2DD24-A9B7-40F9-9DE9-6E60EDA4D0BC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {C2C48034-2F19-4929-B169-6FF51A9DE54B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-21] (Google Inc -> Google Inc.)
Task: {C306F07C-FFCB-4194-A063-1D9124D04A0C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D49022E1-130E-4A8F-ABC2-9DA7DCC9BAF0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EC17CCAF-9234-48A5-BF1B-4D17876B5B01} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-21] (Google Inc -> Google Inc.)
Task: {F27E87BD-E093-4F04-A6D6-932B5CC691FC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{36c3705b-c9cf-4168-a96f-9f29b3faafff}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a3c43857-0be3-4758-beaa-09aa27e945cf}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1841215373-598962335-3707056146-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-1841215373-598962335-3707056146-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-1841215373-598962335-3707056146-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=U453&ocid=U453DHP&osmkt=fr-fr
SearchScopes: HKU\S-1-5-21-1841215373-598962335-3707056146-1001 -> DefaultScope {6AE2F9D2-BA11-491A-BDA1-96E298118C19} URL =
SearchScopes: HKU\S-1-5-21-1841215373-598962335-3707056146-1001 -> {6AE2F9D2-BA11-491A-BDA1-96E298118C19} URL =
Edge:
======
DownloadDir: C:\Users\gossl\Downloads
FireFox:
========
FF DefaultProfile: hptjxqa0.default-1576788255610
FF ProfilePath: C:\Users\gossl\AppData\Roaming\Mozilla\Firefox\Profiles\pg21ekf9.default-release [2019-12-20]
FF ProfilePath: C:\Users\gossl\AppData\Roaming\Mozilla\Firefox\Profiles\hptjxqa0.default-1576788255610 [2019-12-21]
FF NetworkProxy: Mozilla\Firefox\Profiles\hptjxqa0.default-1576788255610 -> backup.ftp", "hxxps://www.google.fr/"
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_303.dll [2019-12-14] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_303.dll [2019-12-14] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-15] (CANON INC.) [Fichier non signé]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.dregol.com/?f=1&a=drg_mlvi_15_21&cd=2XzuyEtN2Y1L1Qzu0A0E0ByDyB0D0D0C0EyEzyyDyEzzyEtAtN0D0Tzu0StCtBtAzztN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDtC0B0FtAtDyD0BtG0FzytD0DtG0DtB0A0EtGtAzy0B0FtGyDyEyDzytCtA0BtDyB0A0EtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0EzzyB0ByE0F0FtGzztAyByDtGyEyD0F0AtGzztB0E0FtG0CtB0AtD0D0E0AtBtCzz0Bzy2QtN0A0LzuyE&cr=1323479875&ir=
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/?trackid=sp-006","hxxps://www.google.fr/","hxxps://www.google.com/"
CHR Notifications: Default -> hxxps://www.tomtom.com; hxxps://www.voisinssolitaires.com
CHR Profile: C:\Users\gossl\AppData\Local\Google\Chrome\User Data\Default [2019-12-21]
CHR Extension: (Google Drive) - C:\Users\gossl\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-21]
CHR Extension: (YouTube) - C:\Users\gossl\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-21]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\gossl\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-23]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\gossl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\gossl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\gossl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [799928 2018-10-18] (ICEpower a/s -> ICEpower)
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
S4 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [213648 2017-10-01] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-12-21] (Malwarebytes Inc -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 ACCSvc; "C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe" [X]
S4 QALSvc; "C:\Program Files\Acer\Quick Access Service\QALSvc.exe" [X]
S4 QASvc; "C:\Program Files\Acer\Quick Access Service\QASvc.exe" [X]
S4 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe" [X]
S4 WildTangentHelper; "C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [29912 2019-05-17] (Acer Incorporated -> Acer Incorporated)
R3 ibtusb; C:\WINDOWS\System32\drivers\ibtusb.sys [198168 2018-04-19] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216544 2019-12-21] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-12-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2019-12-21] (Malwarebytes Inc -> Malwarebytes)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8614464 2018-05-02] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-10-19] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-08-04] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [66144 2016-09-06] (Synaptics Incorporated -> Synaptics Incorporated)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) ===================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-12-21 14:13 - 2019-12-21 14:15 - 000018156 _____ C:\Users\gossl\Downloads\FRST.txt
2019-12-21 14:11 - 2019-12-21 14:14 - 000000000 ____D C:\FRST
2019-12-21 14:10 - 2019-12-21 14:10 - 002264064 _____ (Farbar) C:\Users\gossl\Downloads\FRST64.exe
2019-12-21 14:00 - 2019-12-21 14:00 - 000216544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-12-21 13:59 - 2019-12-21 13:59 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-12-21 13:51 - 2019-12-21 13:51 - 008237744 _____ (Malwarebytes) C:\Users\gossl\Downloads\adwcleaner_8.0.1.exe
2019-12-21 13:50 - 2019-12-21 13:50 - 008218800 _____ (Malwarebytes) C:\Users\gossl\Downloads\adwcleaner_8.0.0.exe
2019-12-21 13:39 - 2019-12-21 13:39 - 000000000 ___HD C:\OneDriveTemp
2019-12-21 13:27 - 2019-12-21 13:27 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-12-21 13:27 - 2019-12-21 13:27 - 000000000 ____D C:\Users\gossl\AppData\Local\cache
2019-12-21 13:27 - 2019-12-21 13:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-12-21 13:27 - 2019-12-21 13:26 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-12-21 13:26 - 2019-12-21 13:26 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-12-21 13:26 - 2019-12-21 13:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-12-21 13:26 - 2019-12-21 13:26 - 000000000 ____D C:\Program Files\Malwarebytes
2019-12-21 13:24 - 2019-12-21 13:24 - 001883976 _____ (Malwarebytes) C:\Users\gossl\Downloads\MBSetup.exe
2019-12-20 22:29 - 2019-12-20 22:29 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-12-20 22:29 - 2019-12-20 22:29 - 000001220 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-12-20 22:29 - 2019-12-20 22:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-12-20 22:29 - 2019-12-20 22:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-12-20 15:29 - 2019-12-21 13:57 - 000000000 ____D C:\AdwCleaner
2019-12-20 15:02 - 2019-12-20 15:02 - 050467624 _____ (Mozilla) C:\Users\gossl\Downloads\zz Firefox Setup 71.0.exe
2019-12-19 21:44 - 2019-12-19 21:44 - 000000000 ____D C:\Users\gossl\Desktop\Anciennes données de Firefox
2019-12-11 21:08 - 2019-12-11 21:08 - 026807296 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 009668408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 007886848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 007645384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 006541712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 006444032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 003638272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-11 21:08 - 2019-12-11 21:08 - 003576832 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-11 21:08 - 2019-12-11 21:08 - 002699768 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 002233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 002072384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-11 21:08 - 2019-12-11 21:08 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001677808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001676288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001668960 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001666440 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 001465264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001258296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 001201128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001049400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000793824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000678672 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000603792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000505632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000408736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000203064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-12-21 14:16 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-21 14:05 - 2019-03-04 17:04 - 001771410 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-21 14:05 - 2018-09-15 17:39 - 000793190 _____ C:\WINDOWS\system32\perfh00C.dat
2019-12-21 14:05 - 2018-09-15 17:39 - 000150222 _____ C:\WINDOWS\system32\perfc00C.dat
2019-12-21 14:05 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-12-21 14:04 - 2019-02-21 17:25 - 000000000 ____D C:\Users\gossl\AppData\LocalLow\Mozilla
2019-12-21 14:01 - 2019-02-21 17:35 - 000000000 ___RD C:\Users\gossl\OneDrive
2019-12-21 13:59 - 2019-03-04 17:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-21 13:58 - 2018-11-05 19:00 - 000000000 ____D C:\Program Files\Acer
2019-12-21 13:58 - 2018-11-05 18:41 - 000000000 ____D C:\ProgramData\Acer
2019-12-21 13:58 - 2018-11-05 18:41 - 000000000 ____D C:\Program Files (x86)\Acer
2019-12-21 13:58 - 2018-09-15 07:09 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-12-21 13:57 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-12-21 13:44 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-21 13:44 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-21 13:27 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-12-21 11:51 - 2019-02-21 20:35 - 000000000 ____D C:\ProgramData\CanonIJPLM
2019-12-21 11:41 - 2019-03-04 17:31 - 000004176 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{D72BF193-F2DF-4B5D-AA03-4031A1A98946}
2019-12-20 17:16 - 2019-03-04 16:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-19 17:57 - 2019-06-06 17:14 - 000001823 _____ C:\Users\gossl\Desktop\30 - Le rêve du pêcheur - Laurent Voulzy (Live ) - Raccourci.lnk
2019-12-18 22:25 - 2019-02-21 17:49 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-18 22:25 - 2019-02-21 17:49 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-17 21:37 - 2019-04-05 07:41 - 000002039 _____ C:\Users\gossl\Desktop\02 Isabelle Mayereau - Tu m'écris (Clip officiel) - Raccourci.lnk
2019-12-14 18:53 - 2019-03-04 17:31 - 000004760 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-12-14 18:53 - 2019-02-22 10:44 - 000000000 ____D C:\Users\gossl\AppData\Local\Adobe
2019-12-14 18:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-12-14 18:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-12-14 13:57 - 2019-07-01 19:52 - 000000000 ____D C:\Users\gossl\AppData\Roaming\XnView
2019-12-13 22:20 - 2019-03-04 17:31 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-13 22:20 - 2019-03-04 17:31 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-12 16:01 - 2019-02-22 18:59 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-12 11:53 - 2019-03-04 16:42 - 000438752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-12 11:50 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-12 11:50 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-12 11:49 - 2019-02-23 16:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-12 11:45 - 2019-02-23 16:47 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-12 11:44 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-07 12:52 - 2018-11-05 17:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-11-23 17:34 - 2019-03-04 17:31 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1841215373-598962335-3707056146-1001
2019-11-23 17:34 - 2019-03-04 16:52 - 000002405 _____ C:\Users\gossl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================