Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2020
Exécuté par Dan Gégé (administrateur) sur DANGÉGÉ (ASUSTeK COMPUTER INC. G551JM) (18-09-2020 15:32:38)
Exécuté depuis C:\Users\Dan Gégé\Desktop
Profils chargés: Dan Gégé
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(ASUS Cloud Corporation -> ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.4.537\AsusWSPanel.exe
(ASUS Cloud Corporation) [Fichier non signé] C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Atheros) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(CONDUSIV TECHNOLOGIES -> Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <73>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [Fichier non signé] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Nicolas Coolman -> Nicolas Coolman) [Fichier non signé] C:\Users\Dan Gégé\Desktop\ZHPSuite.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\71.0.3770.148\opera.exe <47>
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\71.0.3770.148\opera_crashreporter.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> ) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIIUE.EXE
(Sony Mobile Communications AB -> ) [Fichier non signé] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Sony Mobile Communications AB -> Sony) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(TomTom International B.V. -> TomTom) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
(TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1570672 2015-05-08] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Fichier non signé]
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942232 2016-10-14] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [185648 2020-08-29] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [331064 2020-07-24] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-05-15] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Fichier non signé]
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.4.537\ASUSWSLoader.exe [63272 2015-10-12] (ASUS Cloud Corporation -> )
HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [463872 2013-05-15] () [Fichier non signé]
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1426609002\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc. -> AOL Inc.)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [650784 2015-06-01] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863776 2015-06-01] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [3084824 2020-09-15] (Opera Software AS -> Opera Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé]
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony Mobile Communications AB -> Sony) [Fichier non signé] [Fichier en cours d'utilisation]
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [2162648 2020-06-29] (TomTom International B.V. -> TomTom)
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-07-24] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-07-13] (TomTom International BV -> TomTom)
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\Run: [Yahoo Messenger Updater] => C:\Users\Dan Gégé\AppData\Roaming\Yahoo Messenger\YMUpdater\YMUpdater.exe [115656 2017-02-02] (Yahoo! Inc. -> Yahoo!, Inc.)
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIUE.EXE [283232 2012-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\Run: [EPSDNMON] => C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE [346712 2020-07-27] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {0069b9e2-1450-11e7-834d-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {0069b9e7-1450-11e7-834d-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {006cb4c1-9fc2-11e4-8262-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {0e0216c4-4d9b-11e5-82a8-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {16992652-33f2-11e6-8306-7824afc8ddb2} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {2874a5a0-4974-11e5-829d-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {38526a21-dfb5-11e4-827d-40e23077b576} - "F:\Startme.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {4f70af33-b7a6-11e9-8427-7824afc8ddb2} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {4f70af3b-b7a6-11e9-8427-7824afc8ddb2} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {57553bcd-35bd-11e5-8295-7824afc8ddb2} - "F:\Startme.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {6fbd82c1-a5c4-11e7-8377-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {6fbd831b-a5c4-11e7-8377-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {6fbd83bb-a5c4-11e7-8377-40e23077b576} - "H:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {6fbd83bf-a5c4-11e7-8377-40e23077b576} - "G:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {85fac613-032d-11e7-8348-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {974ee8d4-eb9b-11e6-8344-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {ab036cac-9aef-11e4-8262-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {af5371d9-4c96-11e5-82a5-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {af5371e5-4c96-11e5-82a5-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {b5b7a023-5c61-11e5-82bd-020406080a0c} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {cc4732bb-06a4-11e5-8289-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {cc4732c0-06a4-11e5-8289-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {eadf2446-9c1a-11e6-832d-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {f03bb073-5868-11e5-82ba-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {fdb2f142-53bd-11e5-82b7-40e23077b576} - "F:\AutoRun.exe"
HKLM\...\Print\Monitors\EPSON WF-2540 Series 64MonitorBE: C:\Windows\system32\E_YLMIUE.DLL [120320 2011-04-19] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.102\Installer\chrmstp.exe [2020-09-09] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé]
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0DC279CE-AA78-4292-BF11-86707322E857} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {0DC279CE-AA78-4292-BF11-86707322E857} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {0DC279CE-AA78-4292-BF11-86707322E857} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-02]] (Microsoft Windows -> Microsoft Corporation)
Task: {0EB97718-B414-42C0-AADD-9F60821ACDED} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [17920 2016-08-01] () [Fichier non signé]
Task: {109A410F-B3FC-4C8C-A0D4-6A1E272BDFC9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1336400 2020-07-08] (Adobe Inc. -> Adobe Inc.)
Task: {110B17F0-A85E-44D5-9F29-1EAB183C3A8C} - System32\Tasks\RogueKiller Anti-Malware => C:\Program Files\RogueKiller\RogueKiller64.exe [35096632 2019-11-07] (Adlice -> )
Task: {152685CC-0EF6-4558-B658-21D895F24466} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-16] (Google Inc -> Google LLC)
Task: {1B0C4315-D635-4FD5-93BF-0D244467B421} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [1140616 2020-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F7A25BE-ADF6-417B-9C48-A416171F5AB8} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18232 2014-07-29] (ASUSTeK Computer Inc. -> AsusTek)
Task: {28CEA271-2FE1-4777-8D63-58C9E115D36D} - System32\Tasks\Opera scheduled Autoupdate 1422391044 => C:\Program Files (x86)\Opera\launcher.exe [1517592 2020-09-15] (Opera Software AS -> Opera Software)
Task: {2C78A0A6-3C8F-4DB5-A691-D22D13C93552} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [109880 2014-01-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {3EE26EB2-EF0C-43C6-9A5B-67C8AB18BBB5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-16] (Google Inc -> Google LLC)
Task: {4228725C-CDC8-4DF1-AEB6-170F9C1546E1} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {4697451F-2287-42EB-94E2-165213A8DC4D} - System32\Tasks\Opera scheduled assistant Autoupdate 1583784480 => C:\Program Files (x86)\Opera\launcher.exe [1517592 2020-09-15] (Opera Software AS -> Opera Software)
Task: {61EEDBBB-5CE3-45B5-B697-5BDC238D4675} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe [1497656 2020-09-17] (Adobe Inc. -> Adobe)
Task: {699E6733-07B5-4DEF-96B3-1DCBC9E6DD1F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {699E6733-07B5-4DEF-96B3-1DCBC9E6DD1F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-02]] (Microsoft Windows -> Microsoft Corporation)
Task: {72497058-4BAE-4515-AC77-ED3094768D71} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [17920 2016-08-01] () [Fichier non signé]
Task: {72DDB6D8-4339-4B4B-8BBE-8FD87836293F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [5496600 2015-01-20] (Piriform Ltd -> Piriform Ltd)
Task: {7B551E42-382B-4C95-81F4-23703046A7B6} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [58440 2014-06-03] (ASUSTeK Computer Inc. -> ASUS)
Task: {7E6A53AC-9CA7-460B-A29B-554FB8A60010} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19723888 2014-03-27] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {809C8B5B-5CAC-492E-8B8A-18FEFE5F7158} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-17] (Adobe Inc. -> Adobe)
Task: {AE2C1B42-66B1-418A-8FC9-C34CF33AD71E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {B0C866EB-F129-4719-8F73-6D6336CF327D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-09-09] (Adobe Inc. -> Adobe)
Task: {BC26CC6C-1F5A-420E-BB01-4F5FE5A28EF4} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [17920 2016-08-01] () [Fichier non signé]
Task: {E660F8D2-71A9-41F5-9E8D-E0201B5355DC} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E945A1AE-259B-412C-BA87-A695E9AE9B71} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9217024 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {F0B51ADD-6C91-45B6-B0F1-8736A155F7CD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4F1690C-2BC3-4B00-8FC4-2527AFEB9776} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {F4F1690C-2BC3-4B00-8FC4-2527AFEB9776} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-02]] (Microsoft Windows -> Microsoft Corporation)
Task: {F991ACA3-BC54-40FC-B441-FA2C0FC86C97} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{4B298E5B-74BE-4C9C-8CBE-120E4386A4BF}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{E662FD56-41F8-48A6-A739-47339176622B}: [DhcpNameServer] 192.168.0.254
FireFox:
========
FF DefaultProfile: 8x9p96u3.default
FF ProfilePath: C:\Users\Dan Gégé\AppData\Roaming\TomTom\HOME\Profiles\4gjhvxn9.default [2016-05-12]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2016-05-12] [] [non signé]
FF ProfilePath: C:\Users\Dan Gégé\AppData\Roaming\Mozilla\Firefox\Profiles\8x9p96u3.default [2020-09-18]
FF DownloadDir: C:\Users\Dan Gégé\Desktop
FF Session Restore: Mozilla\Firefox\Profiles\8x9p96u3.default -> est activé.
FF Notifications: Mozilla\Firefox\Profiles\8x9p96u3.default -> hxxps://www.mailorama.fr; hxxps://www.tomtom.com
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2015-06-19] [] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-09-09] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-09] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc. -> Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [Pas de fichier]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-09-18]
Chrome:
=======
CHR Profile: C:\Users\Dan Gégé\AppData\Local\Google\Chrome\User Data\Default [2020-09-18]
CHR DownloadDir: C:\Users\Dan Gégé\Desktop
CHR Session Restore: Default -> est activé.
CHR Extension: (Slides) - C:\Users\Dan Gégé\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-09-09]
CHR Extension: (Docs) - C:\Users\Dan Gégé\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-09-09]
CHR Extension: (Google Drive) - C:\Users\Dan Gégé\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-09-09]
CHR Extension: (YouTube) - C:\Users\Dan Gégé\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-09-09]
CHR Extension: (Sheets) - C:\Users\Dan Gégé\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-09-09]
CHR Extension: (Google Docs hors connexion) - C:\Users\Dan Gégé\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-09]
CHR Extension: (Skype) - C:\Users\Dan Gégé\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2020-09-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Dan Gégé\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-09-09]
CHR Extension: (Gmail) - C:\Users\Dan Gégé\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-09-09]
CHR Extension: (Chrome Media Router) - C:\Users\Dan Gégé\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-09]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-07-08] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-17] (Adobe Inc. -> Adobe)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-05-20] (Apple Inc. -> Apple Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [Fichier non signé]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052944 2020-07-14] (Microsoft Corporation -> Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2371760 2020-08-29] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2371760 2020-08-29] (ESET, spol. s r.o. -> ESET)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [828656 2013-11-18] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7185288 2020-09-17] (Malwarebytes Inc -> Malwarebytes)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Sony Mobile Communications AB -> Avanquest Software) [Fichier non signé]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation -> Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [Fichier non signé]
S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2014-07-29] (ASUSTeK Computer Inc. -> ASUS Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [158512 2020-08-29] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [106640 2020-08-29] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15288 2020-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [195976 2020-08-29] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [53064 2020-08-29] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [79552 2020-08-29] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [116488 2020-08-29] (ESET, spol. s r.o. -> ESET)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [25840 2013-11-18] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [117488 2013-11-18] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> )
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [217592 2020-09-17] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-09-17] (Malwarebytes Inc -> Malwarebytes)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2020-08-06] (Adlice -> )
S3 WacomPen; C:\Windows\System32\drivers\wacompen.sys [26752 2013-08-22] (Microsoft Windows -> Microsoft Corporation)
R3 wanatw; C:\Windows\system32\DRIVERS\wanatw64.sys [24064 2006-11-30] (Microsoft Windows Hardware Compatibility Publisher -> America Online, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Windows -> Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) ===================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-09-18 15:32 - 2020-09-18 15:33 - 000034125 _____ C:\Users\Dan Gégé\Desktop\FRST.txt
2020-09-18 15:31 - 2020-09-18 15:32 - 000000000 ____D C:\FRST
2020-09-18 12:30 - 2020-09-18 12:30 - 000939105 _____ C:\Users\Dan Gégé\Desktop\Tribunal correctionnel.pdf
2020-09-18 11:54 - 2020-09-18 11:54 - 000347542 _____ C:\Users\Dan Gégé\Desktop\ZHPDiag.txt
2020-09-18 10:49 - 2020-09-18 10:49 - 002298368 _____ (Farbar) C:\Users\Dan Gégé\Desktop\FRST64.exe
2020-09-18 10:46 - 2020-09-18 10:46 - 000000833 _____ C:\Users\Dan Gégé\Desktop\ZHPSuite.lnk
2020-09-18 10:45 - 2020-09-18 10:45 - 003461504 _____ (Nicolas Coolman) C:\Users\Dan Gégé\Desktop\ZHPSuite.exe
2020-09-17 22:27 - 2020-09-17 22:27 - 000000000 ___SH C:\DkHyperbootSync
2020-09-17 22:03 - 2020-09-17 22:03 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-09-17 22:03 - 2020-09-17 22:03 - 000217592 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-09-17 21:19 - 2020-09-17 21:19 - 009605161 _____ C:\Users\Dan Gégé\Desktop\Zize Dupanier1.mp4
2020-09-17 19:35 - 2020-09-17 19:36 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Mme Delevaux
2020-09-16 19:28 - 2020-09-16 19:28 - 000414340 _____ C:\Users\Dan Gégé\Desktop\Sept_Dec_2020.pdf
2020-09-12 12:34 - 2020-09-12 12:34 - 006646559 _____ C:\Users\Dan Gégé\Desktop\Juge.pdf
2020-09-11 13:59 - 2020-09-14 12:53 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Décès
2020-09-11 13:26 - 2020-09-11 13:26 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Déclaration machine
2020-09-10 19:31 - 2020-09-10 19:32 - 023087183 _____ C:\Users\Dan Gégé\Downloads\542110_Leuloup.ppsx
2020-09-10 13:28 - 2020-09-10 13:28 - 001089228 _____ C:\Users\Dan Gégé\Desktop\Tour de France.pdf
2020-09-04 18:32 - 2020-09-04 18:32 - 001208758 _____ C:\Users\Dan Gégé\Desktop\CR Dr Lazar 4 5 2020.pdf
2020-09-01 19:48 - 2020-09-01 19:48 - 009737067 _____ C:\Users\Dan Gégé\Desktop\memo.pdf
2020-08-31 11:25 - 2020-08-31 11:25 - 000168697 _____ C:\Users\Dan Gégé\Desktop\Echéancier EDF aout 2020.pdf
2020-08-28 18:17 - 2020-08-28 18:17 - 000000000 ____D C:\Users\Dan Gégé\Desktop\EDF bizarre
2020-08-25 15:17 - 2020-09-11 16:47 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Gilbert
2020-08-14 17:57 - 2020-08-14 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2020-08-11 13:52 - 2020-08-17 11:40 - 000000000 ____D C:\Users\Dan Gégé\Desktop\RR
2020-08-07 21:39 - 2020-08-07 21:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2020-08-07 21:39 - 2020-08-07 21:39 - 000000000 ____D C:\Program Files\iTunes
2020-08-07 21:39 - 2020-08-07 21:39 - 000000000 ____D C:\Program Files\iPod
2020-08-07 18:48 - 2020-09-11 14:21 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Gendarmerie pour 58
2020-08-05 22:58 - 2020-08-05 22:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2020-08-05 22:58 - 2020-08-05 22:58 - 000000000 ____D C:\ProgramData\ESET
2020-08-05 22:58 - 2020-08-05 22:58 - 000000000 ____D C:\Program Files\ESET
2020-07-30 12:01 - 2020-09-18 12:00 - 000003480 _____ C:\Windows\system32\Tasks\ASUS Live Update1
2020-07-27 21:06 - 2020-07-27 21:06 - 000912440 _____ C:\Users\Dan Gégé\Desktop\Bail.pdf
2020-07-27 20:08 - 2020-07-27 20:08 - 000080177 _____ C:\Users\Dan Gégé\Desktop\CAF 27 7 2020.pdf
2020-07-23 12:24 - 2020-08-29 16:14 - 000079552 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2020-07-23 12:24 - 2020-08-29 16:14 - 000053064 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2020-07-22 00:33 - 2020-07-22 00:33 - 000000000 ____D C:\Users\Dan Gégé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
2020-07-14 10:02 - 2020-09-09 21:27 - 000000674 _____ C:\Users\Dan Gégé\Desktop\ZHPCleaner.lnk
2020-07-10 12:28 - 2020-08-04 11:10 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Cité réservation
2020-07-02 11:44 - 2020-07-02 11:44 - 000072448 _____ C:\Users\Dan Gégé\Desktop\Dr Lebbe 6 4 2018.pdf
2020-07-01 21:27 - 2020-09-17 22:03 - 000001978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-06-25 11:32 - 2020-06-25 11:33 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Assurance Asus 24 6 2020
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-09-18 12:00 - 2015-05-13 13:40 - 000003470 _____ C:\Windows\system32\Tasks\ASUS Live Update2
2020-09-18 11:54 - 2019-03-28 09:44 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Astro
2020-09-18 11:54 - 2018-01-13 16:22 - 000000135 _____ C:\Users\Dan
2020-09-18 11:54 - 2015-03-15 23:50 - 000000000 ____D C:\Users\Dan Gégé\AppData\Roaming\ZHP
2020-09-18 11:53 - 2015-01-10 20:42 - 000000000 ____D C:\Users\Dan Gégé\AppData\Local\Packages
2020-09-18 10:46 - 2017-08-10 09:19 - 000000000 ____D C:\Users\Dan Gégé\AppData\Local\ZHP
2020-09-18 09:56 - 2015-01-10 20:42 - 000000093 _____ C:\Users\Dan Gégé\AppData\Roaming\sp_data.sys
2020-09-18 09:55 - 2019-11-16 13:46 - 000003020 _____ C:\Windows\system32\Tasks\RogueKiller Anti-Malware
2020-09-17 23:07 - 2015-04-10 11:34 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Anti virus nettoyage
2020-09-17 22:47 - 2015-01-10 19:47 - 000003596 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-532971009-118802181-1045223145-1001
2020-09-17 22:02 - 2019-07-06 07:19 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-09-17 21:56 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-09-17 21:20 - 2019-10-31 18:03 - 000000000 ____D C:\Users\Dan Gégé\Desktop\En cours
2020-09-17 19:35 - 2018-11-18 01:20 - 000000000 ____D C:\Users\Dan Gégé\Desktop\PDF Novembre 2018
2020-09-17 19:30 - 2015-01-11 02:03 - 000000000 ____D C:\Users\Dan Gégé\AppData\Local\Adobe
2020-09-17 19:29 - 2016-04-08 17:49 - 000004602 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-09-17 19:29 - 2015-01-11 02:04 - 000004460 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-09-17 19:29 - 2013-08-22 17:38 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-09-17 19:29 - 2013-08-22 17:38 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-17 19:29 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-09-17 19:29 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2020-09-17 15:11 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\FxsTmp
2020-09-17 12:53 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2020-09-16 15:36 - 2018-09-14 15:27 - 000003870 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1422391044
2020-09-16 15:36 - 2018-09-14 15:25 - 000001060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2020-09-16 15:36 - 2015-01-27 22:36 - 000000000 ____D C:\Program Files (x86)\Opera
2020-09-16 12:46 - 2020-03-09 22:08 - 000004048 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1583784480
2020-09-16 09:22 - 2015-01-23 20:53 - 000000000 ____D C:\Users\Dan Gégé\AppData\Local\CrashDumps
2020-09-15 22:12 - 2018-06-21 16:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-09-15 11:19 - 2016-05-12 10:48 - 000015288 _____ (ESET) C:\Windows\system32\Drivers\eelam.sys
2020-09-10 19:50 - 2019-07-02 17:35 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Mairie Boisné la Tude
2020-09-09 21:58 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2020-09-09 21:54 - 2020-01-07 23:21 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Oceane 2020
2020-09-09 21:27 - 2018-04-14 09:45 - 003325312 _____ (Nicolas Coolman) C:\Users\Dan Gégé\ZHPCleaner.exe
2020-09-09 21:27 - 2015-01-10 20:42 - 000000000 ____D C:\Users\Dan Gégé
2020-09-09 15:13 - 2015-01-28 14:17 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Raccourcis logiciels
2020-09-09 15:12 - 2017-04-11 17:00 - 000002041 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-09-09 15:09 - 2015-01-29 10:13 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-09-09 09:40 - 2019-01-23 23:16 - 000000000 ____D C:\Users\Dan Gégé\Desktop\SL
2020-09-09 09:25 - 2018-03-13 13:49 - 000004638 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-09-04 09:58 - 2019-07-11 11:12 - 000000000 ____D C:\Users\Dan Gégé\Desktop\JMB
2020-08-29 16:14 - 2018-01-19 16:32 - 000116488 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2020-08-29 16:14 - 2015-07-14 15:29 - 000195976 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2020-08-29 16:14 - 2015-07-14 15:29 - 000158512 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2020-08-29 16:14 - 2015-07-14 15:29 - 000106640 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2020-08-28 18:31 - 2014-05-16 01:55 - 000812350 _____ C:\Windows\system32\perfh00C.dat
2020-08-28 18:31 - 2014-05-16 01:55 - 000159412 _____ C:\Windows\system32\perfc00C.dat
2020-08-28 18:31 - 2014-03-18 17:26 - 001823836 _____ C:\Windows\system32\PerfStringBackup.INI
2020-08-28 18:22 - 2019-07-19 21:13 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Labo 2019
2020-08-28 18:18 - 2020-03-13 20:30 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Coronavirus
2020-08-25 15:25 - 2015-06-19 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2020-08-25 15:25 - 2015-06-19 13:28 - 000000000 ____D C:\ProgramData\EPSON
2020-08-24 22:54 - 2016-11-16 09:59 - 000000000 ____D C:\Users\Dan Gégé\AppData\LocalLow\Mozilla
2020-08-23 10:11 - 2019-06-11 09:09 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Ordo Phie en cours
2020-08-21 13:08 - 2019-11-19 12:17 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Communauté de communes
2020-08-19 21:50 - 2013-08-22 17:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-08-19 21:49 - 2015-03-19 15:51 - 000000000 ____D C:\Program Files\Microsoft Office 15
==================== Fichiers à la racine de certains dossiers ========
2018-04-14 09:45 - 2020-09-09 21:27 - 003325312 _____ (Nicolas Coolman) C:\Users\Dan Gégé\ZHPCleaner.exe
2015-01-10 20:42 - 2020-09-18 09:56 - 000000093 _____ () C:\Users\Dan Gégé\AppData\Roaming\sp_data.sys
2015-07-17 14:06 - 2015-07-17 14:06 - 000121977 _____ () C:\Users\Dan Gégé\AppData\Local\ars.cache
2015-07-17 14:07 - 2015-07-17 14:07 - 000336958 _____ () C:\Users\Dan Gégé\AppData\Local\census.cache
2015-07-17 13:42 - 2015-07-17 13:42 - 000000036 _____ () C:\Users\Dan Gégé\AppData\Local\housecall.guid.cache
==================== SigCheckExt =========================
2014-02-25 20:54 - 2014-02-25 20:54 - 000088064 _____ (AOL Inc.) C:\Windows\system32\AOLDial.dll
2014-02-26 00:17 - 2014-02-26 00:17 - 000361600 _____ (Qualcomm®Atheros®) C:\Windows\system32\AthCredentialProvider.dll
2014-11-29 00:02 - 2015-05-08 02:34 - 001756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-11-29 00:02 - 2015-05-08 02:34 - 001570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-11-28 23:53 - 2013-08-21 09:16 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
1998-07-13 01:00 - 1998-07-13 01:00 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETFR.DLL
2013-05-11 19:17 - 2013-05-11 19:17 - 000001536 _____ C:\Windows\SysWOW64\IusEventLog.dll
2015-02-12 23:28 - 2015-02-12 23:28 - 000163840 _____ (America Online) C:\Windows\SysWOW64\jgdw400.dll
2015-02-12 23:28 - 2015-02-12 23:28 - 000027648 _____ (Johnson-Grace Company) C:\Windows\SysWOW64\jgpl400.dll
2015-02-12 23:28 - 2015-02-12 23:28 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2015-02-12 23:28 - 2015-02-12 23:28 - 000348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-11-29 00:02 - 2015-05-08 02:35 - 001316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-11-29 00:02 - 2015-05-08 02:35 - 001316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
1998-07-13 01:00 - 1998-07-13 01:00 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RCHTXFR.DLL
1999-03-03 15:50 - 1999-03-03 15:50 - 000119568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6FR.DLL
2018-04-14 09:45 - 2020-09-09 21:27 - 003325312 _____ (Nicolas Coolman) C:\Users\Dan Gégé\ZHPCleaner.exe
2020-09-18 10:49 - 2020-09-18 10:49 - 002298368 _____ (Farbar) C:\Users\Dan Gégé\Desktop\FRST64.exe
2020-09-18 10:45 - 2020-09-18 10:45 - 003461504 _____ (Nicolas Coolman) C:\Users\Dan Gégé\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d�marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{036f0584-98f6-11e4-825e-806e6f6e6963}
{036f0585-98f6-11e4-825e-806e6f6e6963}
{036f0586-98f6-11e4-825e-806e6f6e6963}
timeout 2
Gestionnaire de d�marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
integrityservices Enable
default {current}
resumeobject {f851e63d-98f5-11e4-87c8-c69d26400a86}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {036f0584-98f6-11e4-825e-806e6f6e6963}
description UEFI:CD/DVD Drive
Application logicielle (101fffff)
--------------------------------
identificateur {036f0585-98f6-11e4-825e-806e6f6e6963}
description UEFI:Removable Device
Application logicielle (101fffff)
--------------------------------
identificateur {036f0586-98f6-11e4-825e-806e6f6e6963}
description UEFI:Network Device
Chargeur de d�marrage Windows
-----------------------------
identificateur {3fc7b738-7793-11e4-a82b-9fbc55f47b98}
device ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{3fc7b739-7793-11e4-a82b-9fbc55f47b98}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{3fc7b739-7793-11e4-a82b-9fbc55f47b98}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d�marrage Windows
-----------------------------
identificateur {3fc7b73a-7793-11e4-a82b-9fbc55f47b98}
device ramdisk=[\Device\HarddiskVolume2]\sources\boot.wim,{ramdiskoptions}
path \windows\system32\boot\winload.efi
description WinPE
osdevice ramdisk=[\Device\HarddiskVolume2]\sources\boot.wim,{ramdiskoptions}
systemroot \windows
nx OptIn
detecthal Yes
winpe Yes
Chargeur de d�marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.efi
description Windows 8.1
locale fr-FR
inherit {bootloadersettings}
recoverysequence {3fc7b738-7793-11e4-a82b-9fbc55f47b98}
integrityservices Enable
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {f851e63d-98f5-11e4-87c8-c69d26400a86}
nx OptIn
bootmenupolicy Standard
detecthal Yes
Reprendre � partir de la mise en veille prolong�e
-------------------------------------------------
identificateur {f851e63d-98f5-11e4-87c8-c69d26400a86}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {3fc7b738-7793-11e4-a82b-9fbc55f47b98}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m�moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m�moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Param�tres EMS
--------------
identificateur {emssettings}
bootems No
Param�tres du d�bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m�moire RAM
----------------------
identificateur {badmemory}
Param�tres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Param�tres du chargeur de d�marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Param�tres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Param�tres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p�riph�rique
-----------------------
identificateur {3fc7b739-7793-11e4-a82b-9fbc55f47b98}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume2
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options Ramdisk du programme d'installation
-------------------------------------------
identificateur {ramdiskoptions}
description Ramdisk options
ramdisksdidevice partition=\Device\HarddiskVolume2
ramdisksdipath \boot\boot.sdi
LastRegBack: 2020-09-10 09:25
==================== Fin de FRST.txt ========================
Exécuté par Dan Gégé (administrateur) sur DANGÉGÉ (ASUSTeK COMPUTER INC. G551JM) (18-09-2020 15:32:38)
Exécuté depuis C:\Users\Dan Gégé\Desktop
Profils chargés: Dan Gégé
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(ASUS Cloud Corporation -> ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.4.537\AsusWSPanel.exe
(ASUS Cloud Corporation) [Fichier non signé] C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Atheros) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(CONDUSIV TECHNOLOGIES -> Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <73>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [Fichier non signé] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Nicolas Coolman -> Nicolas Coolman) [Fichier non signé] C:\Users\Dan Gégé\Desktop\ZHPSuite.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\71.0.3770.148\opera.exe <47>
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\71.0.3770.148\opera_crashreporter.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> ) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIIUE.EXE
(Sony Mobile Communications AB -> ) [Fichier non signé] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Sony Mobile Communications AB -> Sony) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(TomTom International B.V. -> TomTom) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
(TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1570672 2015-05-08] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Fichier non signé]
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942232 2016-10-14] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [185648 2020-08-29] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [331064 2020-07-24] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-05-15] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Fichier non signé]
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.4.537\ASUSWSLoader.exe [63272 2015-10-12] (ASUS Cloud Corporation -> )
HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [463872 2013-05-15] () [Fichier non signé]
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1426609002\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc. -> AOL Inc.)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [650784 2015-06-01] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863776 2015-06-01] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [3084824 2020-09-15] (Opera Software AS -> Opera Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé]
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony Mobile Communications AB -> Sony) [Fichier non signé] [Fichier en cours d'utilisation]
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [2162648 2020-06-29] (TomTom International B.V. -> TomTom)
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-07-24] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-07-13] (TomTom International BV -> TomTom)
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\Run: [Yahoo Messenger Updater] => C:\Users\Dan Gégé\AppData\Roaming\Yahoo Messenger\YMUpdater\YMUpdater.exe [115656 2017-02-02] (Yahoo! Inc. -> Yahoo!, Inc.)
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIUE.EXE [283232 2012-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\Run: [EPSDNMON] => C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE [346712 2020-07-27] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {0069b9e2-1450-11e7-834d-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {0069b9e7-1450-11e7-834d-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {006cb4c1-9fc2-11e4-8262-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {0e0216c4-4d9b-11e5-82a8-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {16992652-33f2-11e6-8306-7824afc8ddb2} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {2874a5a0-4974-11e5-829d-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {38526a21-dfb5-11e4-827d-40e23077b576} - "F:\Startme.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {4f70af33-b7a6-11e9-8427-7824afc8ddb2} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {4f70af3b-b7a6-11e9-8427-7824afc8ddb2} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {57553bcd-35bd-11e5-8295-7824afc8ddb2} - "F:\Startme.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {6fbd82c1-a5c4-11e7-8377-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {6fbd831b-a5c4-11e7-8377-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {6fbd83bb-a5c4-11e7-8377-40e23077b576} - "H:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {6fbd83bf-a5c4-11e7-8377-40e23077b576} - "G:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {85fac613-032d-11e7-8348-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {974ee8d4-eb9b-11e6-8344-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {ab036cac-9aef-11e4-8262-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {af5371d9-4c96-11e5-82a5-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {af5371e5-4c96-11e5-82a5-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {b5b7a023-5c61-11e5-82bd-020406080a0c} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {cc4732bb-06a4-11e5-8289-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {cc4732c0-06a4-11e5-8289-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {eadf2446-9c1a-11e6-832d-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {f03bb073-5868-11e5-82ba-40e23077b576} - "F:\AutoRun.exe"
HKU\S-1-5-21-532971009-118802181-1045223145-1001\...\MountPoints2: {fdb2f142-53bd-11e5-82b7-40e23077b576} - "F:\AutoRun.exe"
HKLM\...\Print\Monitors\EPSON WF-2540 Series 64MonitorBE: C:\Windows\system32\E_YLMIUE.DLL [120320 2011-04-19] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.102\Installer\chrmstp.exe [2020-09-09] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé]
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0DC279CE-AA78-4292-BF11-86707322E857} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {0DC279CE-AA78-4292-BF11-86707322E857} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {0DC279CE-AA78-4292-BF11-86707322E857} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-02]] (Microsoft Windows -> Microsoft Corporation)
Task: {0EB97718-B414-42C0-AADD-9F60821ACDED} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [17920 2016-08-01] () [Fichier non signé]
Task: {109A410F-B3FC-4C8C-A0D4-6A1E272BDFC9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1336400 2020-07-08] (Adobe Inc. -> Adobe Inc.)
Task: {110B17F0-A85E-44D5-9F29-1EAB183C3A8C} - System32\Tasks\RogueKiller Anti-Malware => C:\Program Files\RogueKiller\RogueKiller64.exe [35096632 2019-11-07] (Adlice -> )
Task: {152685CC-0EF6-4558-B658-21D895F24466} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-16] (Google Inc -> Google LLC)
Task: {1B0C4315-D635-4FD5-93BF-0D244467B421} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [1140616 2020-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F7A25BE-ADF6-417B-9C48-A416171F5AB8} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18232 2014-07-29] (ASUSTeK Computer Inc. -> AsusTek)
Task: {28CEA271-2FE1-4777-8D63-58C9E115D36D} - System32\Tasks\Opera scheduled Autoupdate 1422391044 => C:\Program Files (x86)\Opera\launcher.exe [1517592 2020-09-15] (Opera Software AS -> Opera Software)
Task: {2C78A0A6-3C8F-4DB5-A691-D22D13C93552} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [109880 2014-01-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {3EE26EB2-EF0C-43C6-9A5B-67C8AB18BBB5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-16] (Google Inc -> Google LLC)
Task: {4228725C-CDC8-4DF1-AEB6-170F9C1546E1} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {4697451F-2287-42EB-94E2-165213A8DC4D} - System32\Tasks\Opera scheduled assistant Autoupdate 1583784480 => C:\Program Files (x86)\Opera\launcher.exe [1517592 2020-09-15] (Opera Software AS -> Opera Software)
Task: {61EEDBBB-5CE3-45B5-B697-5BDC238D4675} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe [1497656 2020-09-17] (Adobe Inc. -> Adobe)
Task: {699E6733-07B5-4DEF-96B3-1DCBC9E6DD1F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {699E6733-07B5-4DEF-96B3-1DCBC9E6DD1F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-02]] (Microsoft Windows -> Microsoft Corporation)
Task: {72497058-4BAE-4515-AC77-ED3094768D71} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [17920 2016-08-01] () [Fichier non signé]
Task: {72DDB6D8-4339-4B4B-8BBE-8FD87836293F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [5496600 2015-01-20] (Piriform Ltd -> Piriform Ltd)
Task: {7B551E42-382B-4C95-81F4-23703046A7B6} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [58440 2014-06-03] (ASUSTeK Computer Inc. -> ASUS)
Task: {7E6A53AC-9CA7-460B-A29B-554FB8A60010} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19723888 2014-03-27] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {809C8B5B-5CAC-492E-8B8A-18FEFE5F7158} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-17] (Adobe Inc. -> Adobe)
Task: {AE2C1B42-66B1-418A-8FC9-C34CF33AD71E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {B0C866EB-F129-4719-8F73-6D6336CF327D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-09-09] (Adobe Inc. -> Adobe)
Task: {BC26CC6C-1F5A-420E-BB01-4F5FE5A28EF4} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [17920 2016-08-01] () [Fichier non signé]
Task: {E660F8D2-71A9-41F5-9E8D-E0201B5355DC} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E945A1AE-259B-412C-BA87-A695E9AE9B71} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9217024 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {F0B51ADD-6C91-45B6-B0F1-8736A155F7CD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4F1690C-2BC3-4B00-8FC4-2527AFEB9776} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {F4F1690C-2BC3-4B00-8FC4-2527AFEB9776} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-02]] (Microsoft Windows -> Microsoft Corporation)
Task: {F991ACA3-BC54-40FC-B441-FA2C0FC86C97} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{4B298E5B-74BE-4C9C-8CBE-120E4386A4BF}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{E662FD56-41F8-48A6-A739-47339176622B}: [DhcpNameServer] 192.168.0.254
FireFox:
========
FF DefaultProfile: 8x9p96u3.default
FF ProfilePath: C:\Users\Dan Gégé\AppData\Roaming\TomTom\HOME\Profiles\4gjhvxn9.default [2016-05-12]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2016-05-12] [] [non signé]
FF ProfilePath: C:\Users\Dan Gégé\AppData\Roaming\Mozilla\Firefox\Profiles\8x9p96u3.default [2020-09-18]
FF DownloadDir: C:\Users\Dan Gégé\Desktop
FF Session Restore: Mozilla\Firefox\Profiles\8x9p96u3.default -> est activé.
FF Notifications: Mozilla\Firefox\Profiles\8x9p96u3.default -> hxxps://www.mailorama.fr; hxxps://www.tomtom.com
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2015-06-19] [] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-09-09] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-09] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc. -> Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [Pas de fichier]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-09-18]
Chrome:
=======
CHR Profile: C:\Users\Dan Gégé\AppData\Local\Google\Chrome\User Data\Default [2020-09-18]
CHR DownloadDir: C:\Users\Dan Gégé\Desktop
CHR Session Restore: Default -> est activé.
CHR Extension: (Slides) - C:\Users\Dan Gégé\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-09-09]
CHR Extension: (Docs) - C:\Users\Dan Gégé\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-09-09]
CHR Extension: (Google Drive) - C:\Users\Dan Gégé\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-09-09]
CHR Extension: (YouTube) - C:\Users\Dan Gégé\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-09-09]
CHR Extension: (Sheets) - C:\Users\Dan Gégé\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-09-09]
CHR Extension: (Google Docs hors connexion) - C:\Users\Dan Gégé\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-09]
CHR Extension: (Skype) - C:\Users\Dan Gégé\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2020-09-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Dan Gégé\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-09-09]
CHR Extension: (Gmail) - C:\Users\Dan Gégé\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-09-09]
CHR Extension: (Chrome Media Router) - C:\Users\Dan Gégé\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-09]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-07-08] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-17] (Adobe Inc. -> Adobe)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-05-20] (Apple Inc. -> Apple Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [Fichier non signé]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052944 2020-07-14] (Microsoft Corporation -> Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2371760 2020-08-29] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2371760 2020-08-29] (ESET, spol. s r.o. -> ESET)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [828656 2013-11-18] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7185288 2020-09-17] (Malwarebytes Inc -> Malwarebytes)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Sony Mobile Communications AB -> Avanquest Software) [Fichier non signé]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation -> Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [Fichier non signé]
S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2014-07-29] (ASUSTeK Computer Inc. -> ASUS Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [158512 2020-08-29] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [106640 2020-08-29] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15288 2020-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [195976 2020-08-29] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [53064 2020-08-29] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [79552 2020-08-29] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [116488 2020-08-29] (ESET, spol. s r.o. -> ESET)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [25840 2013-11-18] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [117488 2013-11-18] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> )
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [217592 2020-09-17] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-09-17] (Malwarebytes Inc -> Malwarebytes)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2020-08-06] (Adlice -> )
S3 WacomPen; C:\Windows\System32\drivers\wacompen.sys [26752 2013-08-22] (Microsoft Windows -> Microsoft Corporation)
R3 wanatw; C:\Windows\system32\DRIVERS\wanatw64.sys [24064 2006-11-30] (Microsoft Windows Hardware Compatibility Publisher -> America Online, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Windows -> Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) ===================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-09-18 15:32 - 2020-09-18 15:33 - 000034125 _____ C:\Users\Dan Gégé\Desktop\FRST.txt
2020-09-18 15:31 - 2020-09-18 15:32 - 000000000 ____D C:\FRST
2020-09-18 12:30 - 2020-09-18 12:30 - 000939105 _____ C:\Users\Dan Gégé\Desktop\Tribunal correctionnel.pdf
2020-09-18 11:54 - 2020-09-18 11:54 - 000347542 _____ C:\Users\Dan Gégé\Desktop\ZHPDiag.txt
2020-09-18 10:49 - 2020-09-18 10:49 - 002298368 _____ (Farbar) C:\Users\Dan Gégé\Desktop\FRST64.exe
2020-09-18 10:46 - 2020-09-18 10:46 - 000000833 _____ C:\Users\Dan Gégé\Desktop\ZHPSuite.lnk
2020-09-18 10:45 - 2020-09-18 10:45 - 003461504 _____ (Nicolas Coolman) C:\Users\Dan Gégé\Desktop\ZHPSuite.exe
2020-09-17 22:27 - 2020-09-17 22:27 - 000000000 ___SH C:\DkHyperbootSync
2020-09-17 22:03 - 2020-09-17 22:03 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-09-17 22:03 - 2020-09-17 22:03 - 000217592 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-09-17 21:19 - 2020-09-17 21:19 - 009605161 _____ C:\Users\Dan Gégé\Desktop\Zize Dupanier1.mp4
2020-09-17 19:35 - 2020-09-17 19:36 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Mme Delevaux
2020-09-16 19:28 - 2020-09-16 19:28 - 000414340 _____ C:\Users\Dan Gégé\Desktop\Sept_Dec_2020.pdf
2020-09-12 12:34 - 2020-09-12 12:34 - 006646559 _____ C:\Users\Dan Gégé\Desktop\Juge.pdf
2020-09-11 13:59 - 2020-09-14 12:53 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Décès
2020-09-11 13:26 - 2020-09-11 13:26 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Déclaration machine
2020-09-10 19:31 - 2020-09-10 19:32 - 023087183 _____ C:\Users\Dan Gégé\Downloads\542110_Leuloup.ppsx
2020-09-10 13:28 - 2020-09-10 13:28 - 001089228 _____ C:\Users\Dan Gégé\Desktop\Tour de France.pdf
2020-09-04 18:32 - 2020-09-04 18:32 - 001208758 _____ C:\Users\Dan Gégé\Desktop\CR Dr Lazar 4 5 2020.pdf
2020-09-01 19:48 - 2020-09-01 19:48 - 009737067 _____ C:\Users\Dan Gégé\Desktop\memo.pdf
2020-08-31 11:25 - 2020-08-31 11:25 - 000168697 _____ C:\Users\Dan Gégé\Desktop\Echéancier EDF aout 2020.pdf
2020-08-28 18:17 - 2020-08-28 18:17 - 000000000 ____D C:\Users\Dan Gégé\Desktop\EDF bizarre
2020-08-25 15:17 - 2020-09-11 16:47 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Gilbert
2020-08-14 17:57 - 2020-08-14 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2020-08-11 13:52 - 2020-08-17 11:40 - 000000000 ____D C:\Users\Dan Gégé\Desktop\RR
2020-08-07 21:39 - 2020-08-07 21:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2020-08-07 21:39 - 2020-08-07 21:39 - 000000000 ____D C:\Program Files\iTunes
2020-08-07 21:39 - 2020-08-07 21:39 - 000000000 ____D C:\Program Files\iPod
2020-08-07 18:48 - 2020-09-11 14:21 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Gendarmerie pour 58
2020-08-05 22:58 - 2020-08-05 22:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2020-08-05 22:58 - 2020-08-05 22:58 - 000000000 ____D C:\ProgramData\ESET
2020-08-05 22:58 - 2020-08-05 22:58 - 000000000 ____D C:\Program Files\ESET
2020-07-30 12:01 - 2020-09-18 12:00 - 000003480 _____ C:\Windows\system32\Tasks\ASUS Live Update1
2020-07-27 21:06 - 2020-07-27 21:06 - 000912440 _____ C:\Users\Dan Gégé\Desktop\Bail.pdf
2020-07-27 20:08 - 2020-07-27 20:08 - 000080177 _____ C:\Users\Dan Gégé\Desktop\CAF 27 7 2020.pdf
2020-07-23 12:24 - 2020-08-29 16:14 - 000079552 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2020-07-23 12:24 - 2020-08-29 16:14 - 000053064 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2020-07-22 00:33 - 2020-07-22 00:33 - 000000000 ____D C:\Users\Dan Gégé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
2020-07-14 10:02 - 2020-09-09 21:27 - 000000674 _____ C:\Users\Dan Gégé\Desktop\ZHPCleaner.lnk
2020-07-10 12:28 - 2020-08-04 11:10 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Cité réservation
2020-07-02 11:44 - 2020-07-02 11:44 - 000072448 _____ C:\Users\Dan Gégé\Desktop\Dr Lebbe 6 4 2018.pdf
2020-07-01 21:27 - 2020-09-17 22:03 - 000001978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-06-25 11:32 - 2020-06-25 11:33 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Assurance Asus 24 6 2020
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-09-18 12:00 - 2015-05-13 13:40 - 000003470 _____ C:\Windows\system32\Tasks\ASUS Live Update2
2020-09-18 11:54 - 2019-03-28 09:44 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Astro
2020-09-18 11:54 - 2018-01-13 16:22 - 000000135 _____ C:\Users\Dan
2020-09-18 11:54 - 2015-03-15 23:50 - 000000000 ____D C:\Users\Dan Gégé\AppData\Roaming\ZHP
2020-09-18 11:53 - 2015-01-10 20:42 - 000000000 ____D C:\Users\Dan Gégé\AppData\Local\Packages
2020-09-18 10:46 - 2017-08-10 09:19 - 000000000 ____D C:\Users\Dan Gégé\AppData\Local\ZHP
2020-09-18 09:56 - 2015-01-10 20:42 - 000000093 _____ C:\Users\Dan Gégé\AppData\Roaming\sp_data.sys
2020-09-18 09:55 - 2019-11-16 13:46 - 000003020 _____ C:\Windows\system32\Tasks\RogueKiller Anti-Malware
2020-09-17 23:07 - 2015-04-10 11:34 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Anti virus nettoyage
2020-09-17 22:47 - 2015-01-10 19:47 - 000003596 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-532971009-118802181-1045223145-1001
2020-09-17 22:02 - 2019-07-06 07:19 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-09-17 21:56 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-09-17 21:20 - 2019-10-31 18:03 - 000000000 ____D C:\Users\Dan Gégé\Desktop\En cours
2020-09-17 19:35 - 2018-11-18 01:20 - 000000000 ____D C:\Users\Dan Gégé\Desktop\PDF Novembre 2018
2020-09-17 19:30 - 2015-01-11 02:03 - 000000000 ____D C:\Users\Dan Gégé\AppData\Local\Adobe
2020-09-17 19:29 - 2016-04-08 17:49 - 000004602 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-09-17 19:29 - 2015-01-11 02:04 - 000004460 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-09-17 19:29 - 2013-08-22 17:38 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-09-17 19:29 - 2013-08-22 17:38 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-17 19:29 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-09-17 19:29 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2020-09-17 15:11 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\FxsTmp
2020-09-17 12:53 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2020-09-16 15:36 - 2018-09-14 15:27 - 000003870 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1422391044
2020-09-16 15:36 - 2018-09-14 15:25 - 000001060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2020-09-16 15:36 - 2015-01-27 22:36 - 000000000 ____D C:\Program Files (x86)\Opera
2020-09-16 12:46 - 2020-03-09 22:08 - 000004048 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1583784480
2020-09-16 09:22 - 2015-01-23 20:53 - 000000000 ____D C:\Users\Dan Gégé\AppData\Local\CrashDumps
2020-09-15 22:12 - 2018-06-21 16:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-09-15 11:19 - 2016-05-12 10:48 - 000015288 _____ (ESET) C:\Windows\system32\Drivers\eelam.sys
2020-09-10 19:50 - 2019-07-02 17:35 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Mairie Boisné la Tude
2020-09-09 21:58 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2020-09-09 21:54 - 2020-01-07 23:21 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Oceane 2020
2020-09-09 21:27 - 2018-04-14 09:45 - 003325312 _____ (Nicolas Coolman) C:\Users\Dan Gégé\ZHPCleaner.exe
2020-09-09 21:27 - 2015-01-10 20:42 - 000000000 ____D C:\Users\Dan Gégé
2020-09-09 15:13 - 2015-01-28 14:17 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Raccourcis logiciels
2020-09-09 15:12 - 2017-04-11 17:00 - 000002041 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-09-09 15:09 - 2015-01-29 10:13 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-09-09 09:40 - 2019-01-23 23:16 - 000000000 ____D C:\Users\Dan Gégé\Desktop\SL
2020-09-09 09:25 - 2018-03-13 13:49 - 000004638 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-09-04 09:58 - 2019-07-11 11:12 - 000000000 ____D C:\Users\Dan Gégé\Desktop\JMB
2020-08-29 16:14 - 2018-01-19 16:32 - 000116488 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2020-08-29 16:14 - 2015-07-14 15:29 - 000195976 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2020-08-29 16:14 - 2015-07-14 15:29 - 000158512 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2020-08-29 16:14 - 2015-07-14 15:29 - 000106640 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2020-08-28 18:31 - 2014-05-16 01:55 - 000812350 _____ C:\Windows\system32\perfh00C.dat
2020-08-28 18:31 - 2014-05-16 01:55 - 000159412 _____ C:\Windows\system32\perfc00C.dat
2020-08-28 18:31 - 2014-03-18 17:26 - 001823836 _____ C:\Windows\system32\PerfStringBackup.INI
2020-08-28 18:22 - 2019-07-19 21:13 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Labo 2019
2020-08-28 18:18 - 2020-03-13 20:30 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Coronavirus
2020-08-25 15:25 - 2015-06-19 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2020-08-25 15:25 - 2015-06-19 13:28 - 000000000 ____D C:\ProgramData\EPSON
2020-08-24 22:54 - 2016-11-16 09:59 - 000000000 ____D C:\Users\Dan Gégé\AppData\LocalLow\Mozilla
2020-08-23 10:11 - 2019-06-11 09:09 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Ordo Phie en cours
2020-08-21 13:08 - 2019-11-19 12:17 - 000000000 ____D C:\Users\Dan Gégé\Desktop\Communauté de communes
2020-08-19 21:50 - 2013-08-22 17:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-08-19 21:49 - 2015-03-19 15:51 - 000000000 ____D C:\Program Files\Microsoft Office 15
==================== Fichiers à la racine de certains dossiers ========
2018-04-14 09:45 - 2020-09-09 21:27 - 003325312 _____ (Nicolas Coolman) C:\Users\Dan Gégé\ZHPCleaner.exe
2015-01-10 20:42 - 2020-09-18 09:56 - 000000093 _____ () C:\Users\Dan Gégé\AppData\Roaming\sp_data.sys
2015-07-17 14:06 - 2015-07-17 14:06 - 000121977 _____ () C:\Users\Dan Gégé\AppData\Local\ars.cache
2015-07-17 14:07 - 2015-07-17 14:07 - 000336958 _____ () C:\Users\Dan Gégé\AppData\Local\census.cache
2015-07-17 13:42 - 2015-07-17 13:42 - 000000036 _____ () C:\Users\Dan Gégé\AppData\Local\housecall.guid.cache
==================== SigCheckExt =========================
2014-02-25 20:54 - 2014-02-25 20:54 - 000088064 _____ (AOL Inc.) C:\Windows\system32\AOLDial.dll
2014-02-26 00:17 - 2014-02-26 00:17 - 000361600 _____ (Qualcomm®Atheros®) C:\Windows\system32\AthCredentialProvider.dll
2014-11-29 00:02 - 2015-05-08 02:34 - 001756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-11-29 00:02 - 2015-05-08 02:34 - 001570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-11-28 23:53 - 2013-08-21 09:16 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
1998-07-13 01:00 - 1998-07-13 01:00 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETFR.DLL
2013-05-11 19:17 - 2013-05-11 19:17 - 000001536 _____ C:\Windows\SysWOW64\IusEventLog.dll
2015-02-12 23:28 - 2015-02-12 23:28 - 000163840 _____ (America Online) C:\Windows\SysWOW64\jgdw400.dll
2015-02-12 23:28 - 2015-02-12 23:28 - 000027648 _____ (Johnson-Grace Company) C:\Windows\SysWOW64\jgpl400.dll
2015-02-12 23:28 - 2015-02-12 23:28 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2015-02-12 23:28 - 2015-02-12 23:28 - 000348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-11-29 00:02 - 2015-05-08 02:35 - 001316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-11-29 00:02 - 2015-05-08 02:35 - 001316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
1998-07-13 01:00 - 1998-07-13 01:00 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RCHTXFR.DLL
1999-03-03 15:50 - 1999-03-03 15:50 - 000119568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6FR.DLL
2018-04-14 09:45 - 2020-09-09 21:27 - 003325312 _____ (Nicolas Coolman) C:\Users\Dan Gégé\ZHPCleaner.exe
2020-09-18 10:49 - 2020-09-18 10:49 - 002298368 _____ (Farbar) C:\Users\Dan Gégé\Desktop\FRST64.exe
2020-09-18 10:45 - 2020-09-18 10:45 - 003461504 _____ (Nicolas Coolman) C:\Users\Dan Gégé\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d�marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{036f0584-98f6-11e4-825e-806e6f6e6963}
{036f0585-98f6-11e4-825e-806e6f6e6963}
{036f0586-98f6-11e4-825e-806e6f6e6963}
timeout 2
Gestionnaire de d�marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
integrityservices Enable
default {current}
resumeobject {f851e63d-98f5-11e4-87c8-c69d26400a86}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {036f0584-98f6-11e4-825e-806e6f6e6963}
description UEFI:CD/DVD Drive
Application logicielle (101fffff)
--------------------------------
identificateur {036f0585-98f6-11e4-825e-806e6f6e6963}
description UEFI:Removable Device
Application logicielle (101fffff)
--------------------------------
identificateur {036f0586-98f6-11e4-825e-806e6f6e6963}
description UEFI:Network Device
Chargeur de d�marrage Windows
-----------------------------
identificateur {3fc7b738-7793-11e4-a82b-9fbc55f47b98}
device ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{3fc7b739-7793-11e4-a82b-9fbc55f47b98}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{3fc7b739-7793-11e4-a82b-9fbc55f47b98}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d�marrage Windows
-----------------------------
identificateur {3fc7b73a-7793-11e4-a82b-9fbc55f47b98}
device ramdisk=[\Device\HarddiskVolume2]\sources\boot.wim,{ramdiskoptions}
path \windows\system32\boot\winload.efi
description WinPE
osdevice ramdisk=[\Device\HarddiskVolume2]\sources\boot.wim,{ramdiskoptions}
systemroot \windows
nx OptIn
detecthal Yes
winpe Yes
Chargeur de d�marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.efi
description Windows 8.1
locale fr-FR
inherit {bootloadersettings}
recoverysequence {3fc7b738-7793-11e4-a82b-9fbc55f47b98}
integrityservices Enable
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {f851e63d-98f5-11e4-87c8-c69d26400a86}
nx OptIn
bootmenupolicy Standard
detecthal Yes
Reprendre � partir de la mise en veille prolong�e
-------------------------------------------------
identificateur {f851e63d-98f5-11e4-87c8-c69d26400a86}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {3fc7b738-7793-11e4-a82b-9fbc55f47b98}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m�moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m�moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Param�tres EMS
--------------
identificateur {emssettings}
bootems No
Param�tres du d�bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m�moire RAM
----------------------
identificateur {badmemory}
Param�tres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Param�tres du chargeur de d�marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Param�tres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Param�tres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p�riph�rique
-----------------------
identificateur {3fc7b739-7793-11e4-a82b-9fbc55f47b98}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume2
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options Ramdisk du programme d'installation
-------------------------------------------
identificateur {ramdiskoptions}
description Ramdisk options
ramdisksdidevice partition=\Device\HarddiskVolume2
ramdisksdipath \boot\boot.sdi
LastRegBack: 2020-09-10 09:25
==================== Fin de FRST.txt ========================