Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2021
Exécuté par Mathieu (administrateur) sur HERMÈS (Dell Inc. Latitude E5440) (05-04-2021 17:11:08)
Exécuté depuis C:\Users\mathi\Desktop
Profils chargés: Mathieu
Platform: Windows 10 Pro Version 2004 19041.867 (X64) Langue: Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files\qBittorrent\qbittorrent.exe
(2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) C:\Program Files\2BrightSparks\SyncBackSE\SyncBackSE.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.) C:\Program Files\DellTPad\hidfind.exe
(Bertrand EISELE & Nicolas JOUVRAY) [Fichier non signé] C:\PopitNG\popitng_popitng_4.0_francais_43874.exe
(BitTorrent Inc -> BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\mathi\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.6-0\NisSrv.exe
(Open-Shell) [Fichier non signé] C:\Program Files\Open-Shell\StartMenu.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ROCCAT GmbH Co., Ltd.) [Fichier non signé] C:\Program Files (x86)\ROCCAT\Ryos Keyboard\Ryos MK Monitor.exe
(Softdeluxe) [Fichier non signé] C:\Users\mathi\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\helperservice.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [779152 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8474880 2015-05-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403800 2015-05-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [224768 2019-10-26] (Open-Shell) [Fichier non signé]
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17987704 2017-10-19] (Logitech Inc -> Logitech Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKU\S-1-5-21-1697020474-2207435933-3713565860-1002\...\Run: [PopitNG] => C:\PopitNG\popitng_popitng_4.0_francais_43874.exe [704512 2018-03-30] (Bertrand EISELE & Nicolas JOUVRAY) [Fichier non signé]
HKU\S-1-5-21-1697020474-2207435933-3713565860-1002\...\Run: [HP Deskjet 3050 J610 series (NET)] => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-1697020474-2207435933-3713565860-1002\...\Run: [qBittorrent] => C:\Program Files\qBittorrent\qbittorrent.exe [25509376 2020-04-24] () [Fichier non signé]
HKU\S-1-5-21-1697020474-2207435933-3713565860-1002\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [641400 2020-07-21] (BitTorrent Inc -> BitTorrent, Inc.)
HKU\S-1-5-21-1697020474-2207435933-3713565860-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [224768 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP 9311 Status Monitor: C:\WINDOWS\system32\hpinksts9311LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3050 J610 series): C:\WINDOWS\system32\HPDiscoPM9311.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [110264 2014-09-23] (pdfforge GmbH -> pdfforge GmbH)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2020-06-30]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ryos Driver.lnk [2020-07-02]
ShortcutTarget: Ryos Driver.lnk -> C:\Program Files (x86)\ROCCAT\Ryos Keyboard\Ryos MK Monitor.exe (ROCCAT GmbH Co., Ltd.) [Fichier non signé]
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {095D6DBB-A690-4D7F-8AE0-C67033C541EC} - System32\Tasks\2BrightSparks\SyncBackSEx64\HERMÈS-Mathieu\SyncBackSE Mes documents (A l'ouverture de session) => C:\Program Files\2BrightSparks\SyncBackSE\SyncBackSE.exe [45559216 2019-12-03] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
Task: {0CCF0926-E861-41CB-B3FF-DE071DCD02AB} - System32\Tasks\2BrightSparks\SyncBackSEx64\HERMÈS-Mathieu\SyncBackSE => C:\Program Files\2BrightSparks\SyncBackSE\SyncBackSE.exe [45559216 2019-12-03] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
Task: {0D750B22-28F1-47CD-9B0C-47B9E20A9291} - System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {4E496DA5-8998-4B6C-83ED-505E90E5A2F4} - System32\Tasks\2BrightSparks\SyncBackSEx64\HERMÈS-Mathieu\SyncBackSE Récup (A l'ouverture de session) => C:\Program Files\2BrightSparks\SyncBackSE\SyncBackSE.exe [45559216 2019-12-03] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
Task: {66D461E0-F525-4BD1-8A68-56CEFDC62313} - System32\Tasks\Opera scheduled Autoupdate 1593274267 => C:\Users\mathi\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-03-11] (Opera Software AS -> Opera Software)
Task: {82A735EE-7FAC-4480-AF00-9D3D0EC72E73} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.6-0\MpCmdRun.exe [566384 2021-04-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8335B39C-B6FE-46F3-B0D7-8060F0FB7B2D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.6-0\MpCmdRun.exe [566384 2021-04-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {90917EAE-50B2-4E50-84C6-0E1A7B2DC052} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {90E4C3CF-C47B-4A5C-8579-B2D98B432066} - System32\Tasks\Opera scheduled assistant Autoupdate 1594907012 => C:\Users\mathi\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-03-11] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\mathi\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {94269539-6BBE-4BC8-ADF5-0D46B9D55935} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403800 2015-05-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {A2A14125-FC0E-4930-95D6-2DEF6E0C2C79} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.6-0\MpCmdRun.exe [566384 2021-04-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D952C091-C927-472C-BDEE-7CFA36EDDE65} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.6-0\MpCmdRun.exe [566384 2021-04-05] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{39305a20-7441-4f22-a379-899f22b34360}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7c80950c-d0f5-42a1-8bf0-6a294afe720a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f2375fca-7019-49d5-8c5c-6908dbc8a595}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\mathi\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-31]
FireFox:
========
FF DefaultProfile: 3zuzfi31.default
FF ProfilePath: C:\Users\mathi\AppData\Roaming\Mozilla\Firefox\Profiles\3zuzfi31.default [2021-04-05]
FF ProfilePath: C:\Users\mathi\AppData\Roaming\Mozilla\Firefox\Profiles\a86ia322.default-release [2021-04-05]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-12-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Opera:
=======
OPR Profile: C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable [2021-04-05]
OPR Notifications: Opera Stable -> hxxps://tii.ai
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Free Download Manager) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2021-02-15]
OPR Extension: (Video Downloader Multiformat) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\beemgnphifpbdehfmohojkhlklfaddih [2020-12-05]
OPR Extension: (Translator) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2020-06-30]
OPR Extension: (Rich Hints Agent) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-03-10]
OPR Extension: (Youtube Downloader) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\enpmcplhdgmglcikkcgoeepoalooagbg [2020-12-25]
OPR Extension: (VDP: Best Video Downloader) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibehiiilehaakkhkigckfjfknboalpbe [2020-12-10]
OPR Extension: (InstagramPhotoLink) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\igkjblibdnkkjhknjlccfjpkccncmjhd [2021-02-13]
OPR Extension: (Video Downloader GetThemAll) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\ipjignndhlpeimkmgpfnappdcohjealh [2020-06-30]
OPR Extension: (Online Video Converter) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\jeklbfjkdfdjafjfmcldbgdecmknacef [2020-12-05]
OPR Extension: (Installer des extensions Chrome) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2020-07-02]
OPR Extension: (Download All Images) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\nfpdjlfbhfidgghjfdnopogegakbinkk [2020-12-05]
OPR Extension: (Downloader for Instagram™) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\nhddjiapfjkfbooicpajnllkinjnncao [2021-02-13]
OPR Extension: (Image Searcher) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\njffefebkflfmooaoohkhkddmhailjgj [2020-06-30]
OPR Extension: (SaveFrom.net Helper) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2021-03-12]
StartMenuInternet: (HKU\S-1-5-21-1697020474-2207435933-3713565860-1002) OperaStable - "C:\Users\mathi\AppData\Local\Programs\Opera\Launcher.exe"
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65192 2012-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [114960 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
R2 fpCsEvtSvc; C:\WINDOWS\system32\fpCSEvtSvc.exe [22528 2016-12-06] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-10-19] (Logitech Inc -> Logitech Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-03-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [82944 2016-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.6-0\NisSrv.exe [2624088 2021-04-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.6-0\MsMpEng.exe [128384 2021-04-05] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 bcmsmbsp; C:\WINDOWS\System32\drivers\bcmsmbsp.sys [54552 2015-12-17] (Broadcom Corporation -> Broadcom Corporation.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [29160 2018-07-26] (Dell Inc -> OSR Open Systems Resources, Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-10-19] (Logitech Inc -> Logitech Inc.)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2018-12-07] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-04-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-04-05] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72936 2021-04-05] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl7dfba3e1; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{781F9D34-1009-42AA-BBC7-7F339599448C}\MpKslDrv.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-04-05 17:11 - 2021-04-05 17:15 - 000019159 _____ C:\Users\mathi\Desktop\FRST.txt
2021-04-05 16:51 - 2021-04-05 16:51 - 000280343 _____ C:\Users\mathi\Desktop\ZHPDiag.txt
2021-04-05 15:54 - 2021-04-05 15:54 - 000000875 _____ C:\Users\mathi\Desktop\ZHPCleaner.lnk
2021-04-05 15:17 - 2021-04-05 15:17 - 003467416 _____ (Nicolas Coolman) C:\Users\mathi\ZHPSuite.exe
2021-04-05 12:23 - 2021-04-05 12:23 - 000034328 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2021-04-05 12:19 - 2021-04-05 12:11 - 000251904 _____ C:\Users\mathi\Documents\Gestion des achats.xls
2021-03-30 15:18 - 2021-03-31 14:37 - 000000000 ____D C:\Users\mathi\AppData\Local\IP-Tools
2021-03-30 15:17 - 2021-03-30 15:17 - 000000000 ____D C:\Program Files (x86)\IP-Tools
2021-03-30 15:12 - 2021-03-30 15:12 - 000000000 ____D C:\Program Files (x86)\NirSoft
2021-03-24 13:35 - 2021-04-05 16:34 - 000000000 ____D C:\Users\mathi\Desktop\Hermès
2021-03-24 13:15 - 2021-04-05 17:13 - 000000000 ____D C:\FRST
2021-03-24 13:04 - 2021-04-05 14:50 - 002298368 _____ (Farbar) C:\Users\mathi\Desktop\FRST64.exe
2021-03-24 12:56 - 2021-04-05 16:51 - 000000000 ____D C:\Users\mathi\AppData\Roaming\ZHP
2021-03-24 12:56 - 2021-04-05 16:37 - 000000728 _____ C:\Users\mathi\Desktop\ZHPSuite.lnk
2021-03-24 12:56 - 2021-04-05 15:54 - 000000000 ____D C:\Users\mathi\AppData\Local\ZHP
2021-03-16 16:31 - 2021-03-16 18:00 - 000001777 _____ C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\MusicBee.lnk
2021-03-16 11:30 - 2021-03-16 17:59 - 000001708 _____ C:\Users\mathi\Desktop\MusicBee.lnk
2021-03-16 10:58 - 2021-04-04 09:44 - 000000000 ____D C:\Users\mathi\AppData\Roaming\MusicBee
2021-03-16 10:58 - 2021-03-16 11:18 - 000000000 ____D C:\Users\mathi\AppData\Local\MusicBee
2021-03-16 10:57 - 2021-03-16 10:58 - 000000000 ____D C:\Program Files (x86)\MusicBee
2021-03-16 10:35 - 2021-03-16 10:35 - 000000000 ____D C:\Users\mathi\.config
2021-03-16 10:35 - 2021-03-16 10:35 - 000000000 ____D C:\Program Files (x86)\Clementine
2021-03-16 09:01 - 2021-03-16 09:01 - 000000000 ___RD C:\Users\mathi\Documents\Scanned Documents
2021-03-16 09:01 - 2021-03-16 09:01 - 000000000 ____D C:\Users\mathi\Documents\Fax
2021-03-09 19:41 - 2021-03-09 19:41 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-03-09 19:40 - 2021-03-09 19:40 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-09 19:40 - 2021-03-09 19:40 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-09 19:40 - 2021-03-09 19:40 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-09 19:40 - 2021-03-09 19:40 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-09 19:39 - 2021-03-09 19:39 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-09 19:39 - 2021-03-09 19:39 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-09 19:39 - 2021-03-09 19:39 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-09 19:39 - 2021-03-09 19:39 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-09 19:38 - 2021-03-09 19:38 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-09 19:38 - 2021-03-09 19:38 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-09 19:38 - 2021-03-09 19:38 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-04-05 17:18 - 2020-07-01 16:02 - 000000000 ____D C:\Users\mathi\AppData\Roaming\qBittorrent
2021-04-05 17:12 - 2020-07-21 17:47 - 000000000 ____D C:\Users\mathi\AppData\Roaming\uTorrent
2021-04-05 17:02 - 2020-06-27 11:55 - 000000000 ___RD C:\Users\mathi\OneDrive
2021-04-05 17:01 - 2020-06-27 17:11 - 000000000 ____D C:\Users\mathi\AppData\Local\OpenShell
2021-04-05 17:01 - 2020-06-27 11:11 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-04-05 17:01 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-05 16:55 - 2020-06-30 17:55 - 000000000 ____D C:\Users\mathi\AppData\Roaming\discord
2021-04-05 16:53 - 2021-02-11 17:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-05 15:17 - 2021-02-11 17:41 - 000000000 ____D C:\Users\mathi
2021-04-05 15:08 - 2021-02-11 17:53 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-05 15:08 - 2019-12-07 10:50 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2021-04-05 15:08 - 2019-12-07 10:50 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2021-04-05 15:07 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-05 15:01 - 2021-02-11 18:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-05 15:01 - 2021-02-11 17:35 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-05 15:01 - 2020-05-18 08:09 - 000000000 ____D C:\ProgramData\Synaptics
2021-04-05 14:59 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-04-05 14:56 - 2020-09-22 17:34 - 000000000 ____D C:\Users\mathi\AppData\LocalLow\Temp
2021-04-05 14:47 - 2020-06-29 14:44 - 000000000 ___RD C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lecteurs multimédia
2021-04-05 14:46 - 2020-06-29 14:26 - 000000000 ___RD C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Édition audio-visuelle
2021-04-05 12:25 - 2020-09-07 16:28 - 000000000 ____D C:\Program Files (x86)\AVerMedia
2021-04-05 12:25 - 2020-06-29 10:55 - 000000000 ____D C:\ProgramData\Package Cache
2021-04-05 12:23 - 2020-09-07 16:27 - 000000018 _____ C:\SystemBoardInfoResult.txt
2021-04-05 11:04 - 2020-06-30 11:55 - 000000000 ___RD C:\Users\mathi\Desktop\Récup
2021-04-05 10:07 - 2020-01-23 11:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-04-03 14:08 - 2020-08-22 13:43 - 000000000 ____D C:\Users\mathi\AppData\Roaming\XnView
2021-04-03 09:50 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-03 09:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-01 17:36 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-01 15:33 - 2020-06-30 15:32 - 000000000 ____D C:\Users\mathi\Documents\Publications électroniques
2021-03-30 15:18 - 2020-06-29 14:21 - 000000000 ___RD C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Entretien et sauvegarde
2021-03-26 09:08 - 2020-06-27 17:46 - 000000000 ____D C:\Users\mathi\AppData\Local\D3DSCache
2021-03-16 11:30 - 2020-06-29 14:27 - 000000000 ___RD C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outils pour Internet
2021-03-16 10:54 - 2020-07-25 10:51 - 000000000 ____D C:\Users\mathi\AppData\Roaming\vlc
2021-03-15 08:54 - 2021-02-11 18:01 - 000004190 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1593274267
2021-03-10 15:11 - 2021-02-11 17:35 - 000418192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-09 20:47 - 2019-12-07 10:53 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-03-09 20:47 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-09 20:47 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-09 20:47 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-09 20:47 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-09 20:47 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-09 20:47 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-09 20:47 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-09 20:47 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-09 20:47 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-09 20:46 - 2019-12-07 10:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-09 20:46 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-09 20:46 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-09 20:46 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-09 20:46 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-09 19:49 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\servicing
2021-03-09 18:54 - 2020-06-27 14:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-09 18:49 - 2020-06-27 14:17 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-09 15:26 - 2020-06-29 10:58 - 000000000 ____D C:\Users\mathi\AppData\Local\Windows Live
2021-03-08 18:17 - 2021-02-11 18:01 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1697020474-2207435933-3713565860-1002
==================== Fichiers à la racine de certains dossiers ========
2021-04-05 15:17 - 2021-04-05 15:17 - 003467416 _____ (Nicolas Coolman) C:\Users\mathi\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Mathieu (administrateur) sur HERMÈS (Dell Inc. Latitude E5440) (05-04-2021 17:11:08)
Exécuté depuis C:\Users\mathi\Desktop
Profils chargés: Mathieu
Platform: Windows 10 Pro Version 2004 19041.867 (X64) Langue: Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files\qBittorrent\qbittorrent.exe
(2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) C:\Program Files\2BrightSparks\SyncBackSE\SyncBackSE.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.) C:\Program Files\DellTPad\hidfind.exe
(Bertrand EISELE & Nicolas JOUVRAY) [Fichier non signé] C:\PopitNG\popitng_popitng_4.0_francais_43874.exe
(BitTorrent Inc -> BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\mathi\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.6-0\NisSrv.exe
(Open-Shell) [Fichier non signé] C:\Program Files\Open-Shell\StartMenu.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ROCCAT GmbH Co., Ltd.) [Fichier non signé] C:\Program Files (x86)\ROCCAT\Ryos Keyboard\Ryos MK Monitor.exe
(Softdeluxe) [Fichier non signé] C:\Users\mathi\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\helperservice.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [779152 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8474880 2015-05-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403800 2015-05-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [224768 2019-10-26] (Open-Shell) [Fichier non signé]
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17987704 2017-10-19] (Logitech Inc -> Logitech Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKU\S-1-5-21-1697020474-2207435933-3713565860-1002\...\Run: [PopitNG] => C:\PopitNG\popitng_popitng_4.0_francais_43874.exe [704512 2018-03-30] (Bertrand EISELE & Nicolas JOUVRAY) [Fichier non signé]
HKU\S-1-5-21-1697020474-2207435933-3713565860-1002\...\Run: [HP Deskjet 3050 J610 series (NET)] => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-1697020474-2207435933-3713565860-1002\...\Run: [qBittorrent] => C:\Program Files\qBittorrent\qbittorrent.exe [25509376 2020-04-24] () [Fichier non signé]
HKU\S-1-5-21-1697020474-2207435933-3713565860-1002\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [641400 2020-07-21] (BitTorrent Inc -> BitTorrent, Inc.)
HKU\S-1-5-21-1697020474-2207435933-3713565860-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [224768 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP 9311 Status Monitor: C:\WINDOWS\system32\hpinksts9311LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3050 J610 series): C:\WINDOWS\system32\HPDiscoPM9311.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [110264 2014-09-23] (pdfforge GmbH -> pdfforge GmbH)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2020-06-30]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ryos Driver.lnk [2020-07-02]
ShortcutTarget: Ryos Driver.lnk -> C:\Program Files (x86)\ROCCAT\Ryos Keyboard\Ryos MK Monitor.exe (ROCCAT GmbH Co., Ltd.) [Fichier non signé]
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {095D6DBB-A690-4D7F-8AE0-C67033C541EC} - System32\Tasks\2BrightSparks\SyncBackSEx64\HERMÈS-Mathieu\SyncBackSE Mes documents (A l'ouverture de session) => C:\Program Files\2BrightSparks\SyncBackSE\SyncBackSE.exe [45559216 2019-12-03] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
Task: {0CCF0926-E861-41CB-B3FF-DE071DCD02AB} - System32\Tasks\2BrightSparks\SyncBackSEx64\HERMÈS-Mathieu\SyncBackSE => C:\Program Files\2BrightSparks\SyncBackSE\SyncBackSE.exe [45559216 2019-12-03] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
Task: {0D750B22-28F1-47CD-9B0C-47B9E20A9291} - System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {4E496DA5-8998-4B6C-83ED-505E90E5A2F4} - System32\Tasks\2BrightSparks\SyncBackSEx64\HERMÈS-Mathieu\SyncBackSE Récup (A l'ouverture de session) => C:\Program Files\2BrightSparks\SyncBackSE\SyncBackSE.exe [45559216 2019-12-03] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
Task: {66D461E0-F525-4BD1-8A68-56CEFDC62313} - System32\Tasks\Opera scheduled Autoupdate 1593274267 => C:\Users\mathi\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-03-11] (Opera Software AS -> Opera Software)
Task: {82A735EE-7FAC-4480-AF00-9D3D0EC72E73} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.6-0\MpCmdRun.exe [566384 2021-04-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8335B39C-B6FE-46F3-B0D7-8060F0FB7B2D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.6-0\MpCmdRun.exe [566384 2021-04-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {90917EAE-50B2-4E50-84C6-0E1A7B2DC052} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {90E4C3CF-C47B-4A5C-8579-B2D98B432066} - System32\Tasks\Opera scheduled assistant Autoupdate 1594907012 => C:\Users\mathi\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-03-11] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\mathi\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {94269539-6BBE-4BC8-ADF5-0D46B9D55935} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403800 2015-05-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {A2A14125-FC0E-4930-95D6-2DEF6E0C2C79} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.6-0\MpCmdRun.exe [566384 2021-04-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D952C091-C927-472C-BDEE-7CFA36EDDE65} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.6-0\MpCmdRun.exe [566384 2021-04-05] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{39305a20-7441-4f22-a379-899f22b34360}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7c80950c-d0f5-42a1-8bf0-6a294afe720a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f2375fca-7019-49d5-8c5c-6908dbc8a595}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\mathi\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-31]
FireFox:
========
FF DefaultProfile: 3zuzfi31.default
FF ProfilePath: C:\Users\mathi\AppData\Roaming\Mozilla\Firefox\Profiles\3zuzfi31.default [2021-04-05]
FF ProfilePath: C:\Users\mathi\AppData\Roaming\Mozilla\Firefox\Profiles\a86ia322.default-release [2021-04-05]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-12-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Opera:
=======
OPR Profile: C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable [2021-04-05]
OPR Notifications: Opera Stable -> hxxps://tii.ai
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Free Download Manager) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2021-02-15]
OPR Extension: (Video Downloader Multiformat) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\beemgnphifpbdehfmohojkhlklfaddih [2020-12-05]
OPR Extension: (Translator) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2020-06-30]
OPR Extension: (Rich Hints Agent) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-03-10]
OPR Extension: (Youtube Downloader) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\enpmcplhdgmglcikkcgoeepoalooagbg [2020-12-25]
OPR Extension: (VDP: Best Video Downloader) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibehiiilehaakkhkigckfjfknboalpbe [2020-12-10]
OPR Extension: (InstagramPhotoLink) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\igkjblibdnkkjhknjlccfjpkccncmjhd [2021-02-13]
OPR Extension: (Video Downloader GetThemAll) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\ipjignndhlpeimkmgpfnappdcohjealh [2020-06-30]
OPR Extension: (Online Video Converter) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\jeklbfjkdfdjafjfmcldbgdecmknacef [2020-12-05]
OPR Extension: (Installer des extensions Chrome) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2020-07-02]
OPR Extension: (Download All Images) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\nfpdjlfbhfidgghjfdnopogegakbinkk [2020-12-05]
OPR Extension: (Downloader for Instagram™) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\nhddjiapfjkfbooicpajnllkinjnncao [2021-02-13]
OPR Extension: (Image Searcher) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\njffefebkflfmooaoohkhkddmhailjgj [2020-06-30]
OPR Extension: (SaveFrom.net Helper) - C:\Users\mathi\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2021-03-12]
StartMenuInternet: (HKU\S-1-5-21-1697020474-2207435933-3713565860-1002) OperaStable - "C:\Users\mathi\AppData\Local\Programs\Opera\Launcher.exe"
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65192 2012-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [114960 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
R2 fpCsEvtSvc; C:\WINDOWS\system32\fpCSEvtSvc.exe [22528 2016-12-06] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-10-19] (Logitech Inc -> Logitech Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-03-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [82944 2016-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.6-0\NisSrv.exe [2624088 2021-04-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.6-0\MsMpEng.exe [128384 2021-04-05] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 bcmsmbsp; C:\WINDOWS\System32\drivers\bcmsmbsp.sys [54552 2015-12-17] (Broadcom Corporation -> Broadcom Corporation.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [29160 2018-07-26] (Dell Inc -> OSR Open Systems Resources, Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-10-19] (Logitech Inc -> Logitech Inc.)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2018-12-07] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-04-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-04-05] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72936 2021-04-05] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl7dfba3e1; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{781F9D34-1009-42AA-BBC7-7F339599448C}\MpKslDrv.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-04-05 17:11 - 2021-04-05 17:15 - 000019159 _____ C:\Users\mathi\Desktop\FRST.txt
2021-04-05 16:51 - 2021-04-05 16:51 - 000280343 _____ C:\Users\mathi\Desktop\ZHPDiag.txt
2021-04-05 15:54 - 2021-04-05 15:54 - 000000875 _____ C:\Users\mathi\Desktop\ZHPCleaner.lnk
2021-04-05 15:17 - 2021-04-05 15:17 - 003467416 _____ (Nicolas Coolman) C:\Users\mathi\ZHPSuite.exe
2021-04-05 12:23 - 2021-04-05 12:23 - 000034328 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2021-04-05 12:19 - 2021-04-05 12:11 - 000251904 _____ C:\Users\mathi\Documents\Gestion des achats.xls
2021-03-30 15:18 - 2021-03-31 14:37 - 000000000 ____D C:\Users\mathi\AppData\Local\IP-Tools
2021-03-30 15:17 - 2021-03-30 15:17 - 000000000 ____D C:\Program Files (x86)\IP-Tools
2021-03-30 15:12 - 2021-03-30 15:12 - 000000000 ____D C:\Program Files (x86)\NirSoft
2021-03-24 13:35 - 2021-04-05 16:34 - 000000000 ____D C:\Users\mathi\Desktop\Hermès
2021-03-24 13:15 - 2021-04-05 17:13 - 000000000 ____D C:\FRST
2021-03-24 13:04 - 2021-04-05 14:50 - 002298368 _____ (Farbar) C:\Users\mathi\Desktop\FRST64.exe
2021-03-24 12:56 - 2021-04-05 16:51 - 000000000 ____D C:\Users\mathi\AppData\Roaming\ZHP
2021-03-24 12:56 - 2021-04-05 16:37 - 000000728 _____ C:\Users\mathi\Desktop\ZHPSuite.lnk
2021-03-24 12:56 - 2021-04-05 15:54 - 000000000 ____D C:\Users\mathi\AppData\Local\ZHP
2021-03-16 16:31 - 2021-03-16 18:00 - 000001777 _____ C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\MusicBee.lnk
2021-03-16 11:30 - 2021-03-16 17:59 - 000001708 _____ C:\Users\mathi\Desktop\MusicBee.lnk
2021-03-16 10:58 - 2021-04-04 09:44 - 000000000 ____D C:\Users\mathi\AppData\Roaming\MusicBee
2021-03-16 10:58 - 2021-03-16 11:18 - 000000000 ____D C:\Users\mathi\AppData\Local\MusicBee
2021-03-16 10:57 - 2021-03-16 10:58 - 000000000 ____D C:\Program Files (x86)\MusicBee
2021-03-16 10:35 - 2021-03-16 10:35 - 000000000 ____D C:\Users\mathi\.config
2021-03-16 10:35 - 2021-03-16 10:35 - 000000000 ____D C:\Program Files (x86)\Clementine
2021-03-16 09:01 - 2021-03-16 09:01 - 000000000 ___RD C:\Users\mathi\Documents\Scanned Documents
2021-03-16 09:01 - 2021-03-16 09:01 - 000000000 ____D C:\Users\mathi\Documents\Fax
2021-03-09 19:41 - 2021-03-09 19:41 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-03-09 19:40 - 2021-03-09 19:40 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-09 19:40 - 2021-03-09 19:40 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-09 19:40 - 2021-03-09 19:40 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-09 19:40 - 2021-03-09 19:40 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-09 19:39 - 2021-03-09 19:39 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-09 19:39 - 2021-03-09 19:39 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-09 19:39 - 2021-03-09 19:39 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-09 19:39 - 2021-03-09 19:39 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-09 19:38 - 2021-03-09 19:38 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-09 19:38 - 2021-03-09 19:38 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-09 19:38 - 2021-03-09 19:38 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-04-05 17:18 - 2020-07-01 16:02 - 000000000 ____D C:\Users\mathi\AppData\Roaming\qBittorrent
2021-04-05 17:12 - 2020-07-21 17:47 - 000000000 ____D C:\Users\mathi\AppData\Roaming\uTorrent
2021-04-05 17:02 - 2020-06-27 11:55 - 000000000 ___RD C:\Users\mathi\OneDrive
2021-04-05 17:01 - 2020-06-27 17:11 - 000000000 ____D C:\Users\mathi\AppData\Local\OpenShell
2021-04-05 17:01 - 2020-06-27 11:11 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-04-05 17:01 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-05 16:55 - 2020-06-30 17:55 - 000000000 ____D C:\Users\mathi\AppData\Roaming\discord
2021-04-05 16:53 - 2021-02-11 17:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-05 15:17 - 2021-02-11 17:41 - 000000000 ____D C:\Users\mathi
2021-04-05 15:08 - 2021-02-11 17:53 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-05 15:08 - 2019-12-07 10:50 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2021-04-05 15:08 - 2019-12-07 10:50 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2021-04-05 15:07 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-05 15:01 - 2021-02-11 18:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-05 15:01 - 2021-02-11 17:35 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-05 15:01 - 2020-05-18 08:09 - 000000000 ____D C:\ProgramData\Synaptics
2021-04-05 14:59 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-04-05 14:56 - 2020-09-22 17:34 - 000000000 ____D C:\Users\mathi\AppData\LocalLow\Temp
2021-04-05 14:47 - 2020-06-29 14:44 - 000000000 ___RD C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lecteurs multimédia
2021-04-05 14:46 - 2020-06-29 14:26 - 000000000 ___RD C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Édition audio-visuelle
2021-04-05 12:25 - 2020-09-07 16:28 - 000000000 ____D C:\Program Files (x86)\AVerMedia
2021-04-05 12:25 - 2020-06-29 10:55 - 000000000 ____D C:\ProgramData\Package Cache
2021-04-05 12:23 - 2020-09-07 16:27 - 000000018 _____ C:\SystemBoardInfoResult.txt
2021-04-05 11:04 - 2020-06-30 11:55 - 000000000 ___RD C:\Users\mathi\Desktop\Récup
2021-04-05 10:07 - 2020-01-23 11:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-04-03 14:08 - 2020-08-22 13:43 - 000000000 ____D C:\Users\mathi\AppData\Roaming\XnView
2021-04-03 09:50 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-03 09:50 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-01 17:36 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-01 15:33 - 2020-06-30 15:32 - 000000000 ____D C:\Users\mathi\Documents\Publications électroniques
2021-03-30 15:18 - 2020-06-29 14:21 - 000000000 ___RD C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Entretien et sauvegarde
2021-03-26 09:08 - 2020-06-27 17:46 - 000000000 ____D C:\Users\mathi\AppData\Local\D3DSCache
2021-03-16 11:30 - 2020-06-29 14:27 - 000000000 ___RD C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outils pour Internet
2021-03-16 10:54 - 2020-07-25 10:51 - 000000000 ____D C:\Users\mathi\AppData\Roaming\vlc
2021-03-15 08:54 - 2021-02-11 18:01 - 000004190 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1593274267
2021-03-10 15:11 - 2021-02-11 17:35 - 000418192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-09 20:47 - 2019-12-07 10:53 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-03-09 20:47 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-09 20:47 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-09 20:47 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-09 20:47 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-09 20:47 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-09 20:47 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-09 20:47 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-09 20:47 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-09 20:47 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-09 20:46 - 2019-12-07 10:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-09 20:46 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-09 20:46 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-09 20:46 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-09 20:46 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-09 19:49 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\servicing
2021-03-09 18:54 - 2020-06-27 14:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-09 18:49 - 2020-06-27 14:17 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-09 15:26 - 2020-06-29 10:58 - 000000000 ____D C:\Users\mathi\AppData\Local\Windows Live
2021-03-08 18:17 - 2021-02-11 18:01 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1697020474-2207435933-3713565860-1002
==================== Fichiers à la racine de certains dossiers ========
2021-04-05 15:17 - 2021-04-05 15:17 - 003467416 _____ (Nicolas Coolman) C:\Users\mathi\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================