Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2021
Exécuté par frank (administrateur) sur DESKTOP-B973GJC (Intel(R) Client Systems NUC8i5BEK) (09-04-2021 10:53:53)
Exécuté depuis C:\Users\frank\Desktop
Profils chargés: frank
Platform: Windows 10 Pro Version 20H2 19042.906 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Flexera Software LLC -> InstallShield Software Corporation) [Fichier non signé] C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\iKernel.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <30>
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_26993080a5dec4cf\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_26993080a5dec4cf\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\regedit.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\pacjsworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATINXE.EXE
(Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1126128 2020-07-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [287648 2021-04-06] (IDSA Production signing key 2021 -> Intel)
HKU\S-1-5-21-1342190831-2367824799-1252841984-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINXE.EXE [298560 2014-03-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON ET-2550 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBNXE.DLL [180224 2014-03-05] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-01] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {1BD2B671-42F7-4C64-B803-8FC3BCF5280E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {31F7027D-88C6-4091-8FB0-546009D72783} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141168 2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {3B67AA15-A156-4DBB-8042-3AF7F875D2D9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4DA44522-F4D7-40C3-B568-2EA701AFEF7D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {63248562-2A8C-456A-89EA-6D0B0ACB0A88} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6C98F1C4-B9D0-4430-AF73-6266CBC51F9B} - System32\Tasks\InstallShield® Setup Engine Kernel => C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\iKernel.exe [72880 2020-10-16] (Flexera Software LLC -> InstallShield Software Corporation) [Fichier non signé]
Task: {734A4E64-7096-4DF1-AAB5-7C0F9049B70E} - System32\Tasks\Optimize Thumbnail Cache => C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\isupdate.exe [61104 2020-09-26] (Flexera Software LLC -> InstallShield®) [Fichier non signé]
Task: {8915E0E0-5C3F-41C0-B82D-7E4D5620912F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {933BB5EE-2BA0-4483-BDCD-AD607A121943} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696816 2021-03-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {98A586A9-5B49-45BB-8FB5-D143F6ABD02B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {98FC8501-CEBE-4C5D-948E-EB701474E5E2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5255104 2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {9DC52C59-BE51-43E9-8C1D-1A81132B8E9A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141168 2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {A1656BA0-DD11-46C2-9157-60B2E29279D6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5255104 2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 <==== ATTENTION (Restriction - ProxySettings)
AutoConfigURL: [HKLM] => hxxp://127.0.0.1:86/
AutoConfigURL: [HKLM-x32] => hxxp://127.0.0.1:86/
AutoConfigURL: [{570EE183-7779-4DA6-9B19-DD1E4F69B77B}] => hxxp://127.0.0.1:86/
AutoConfigURL: [{8842CA16-38F9-482E-A549-52E7F15011E0}] => hxxp://127.0.0.1:86/
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{a6ddb93e-e6e0-41e8-b65d-146e5787a1e3}: [DhcpNameServer] 192.168.1.254
ManualProxies: 0hxxp://127.0.0.1:86/
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge Profile: C:\Users\frank\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-09]
FireFox:
========
FF DefaultProfile: 3pxx7hen.default
FF ProfilePath: C:\Users\frank\AppData\Roaming\Mozilla\Firefox\Profiles\3pxx7hen.default [2020-12-19]
FF ProfilePath: C:\Users\frank\AppData\Roaming\Mozilla\Firefox\Profiles\kst2n67y.default-release-1617689116301 [2021-04-09]
FF Homepage: Mozilla\Firefox\Profiles\kst2n67y.default-release-1617689116301 -> hxxps://www.google.fr/
FF Extension: (LastPass: Free Password Manager) - C:\Users\frank\AppData\Roaming\Mozilla\Firefox\Profiles\kst2n67y.default-release-1617689116301\Extensions\support@lastpass.com.xpi [2021-04-06]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default [2021-04-09]
CHR HomePage: Default -> hxxp://news.google.fr/
CHR StartupUrls: Default -> "hxxp://news.google.fr/"
CHR Extension: (Google Traduction) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-12-19]
CHR Extension: (Slides) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-04-08]
CHR Extension: (Docs) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-04-08]
CHR Extension: (Google Drive) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-19]
CHR Extension: (YouTube) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-19]
CHR Extension: (Comic CBR, CBZ Viewer) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\eaifaeoakhlihifailnlnpbpcncogkld [2020-12-19]
CHR Extension: (Sheets) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-04-08]
CHR Extension: (Google Docs hors connexion) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-08]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-04-09]
CHR Extension: (Google Play Music) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2020-12-19]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-04-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Office) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdlmjhbenodhlknglojajgokahchlkk [2020-12-19]
CHR Extension: (Gmail) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-19]
CHR Extension: (Chrome Media Router) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-03]
CHR Extension: (RSS Feed Reader) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2020-12-19]
CHR HKU\S-1-5-21-1342190831-2367824799-1252841984-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788368 2021-03-29] (Microsoft Corporation -> Microsoft Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [356472 2019-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-19] (Malwarebytes Inc -> Malwarebytes)
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13688656 2021-03-24] (Adlice -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5361256 2021-03-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-06-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [935352 2020-06-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-08] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsla0334aa9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3C2943CF-89CE-4B24-B903-410CD9D5FDBC}\MpKslDrv.sys [97528 2021-04-09] (Microsoft Windows -> Microsoft Corporation)
S3 RkFlt; C:\Windows\System32\drivers\rkflt.sys [42056 2021-04-08] (Adlice -> )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2021-04-08] (Adlice -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-04-09 10:53 - 2021-04-09 10:54 - 000019413 _____ C:\Users\frank\Desktop\FRST.txt
2021-04-09 10:53 - 2021-04-09 10:53 - 002298368 _____ (Farbar) C:\Users\frank\Desktop\FRST64.exe
2021-04-09 10:22 - 2021-04-09 10:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-04-09 10:12 - 2021-04-09 10:12 - 000283055 _____ C:\Users\frank\Desktop\ZHPDiag.txt
2021-04-09 10:04 - 2021-04-09 10:04 - 003467416 _____ (Nicolas Coolman) C:\Users\frank\Downloads\ZHPSuite.exe
2021-04-09 10:04 - 2021-04-09 10:04 - 000000865 _____ C:\Users\frank\Desktop\ZHPSuite.lnk
2021-04-09 09:35 - 2021-04-09 09:35 - 000003022 _____ C:\Users\frank\Desktop\ZHPCleaner (R).txt
2021-04-09 08:39 - 2021-04-09 08:39 - 000448512 _____ (OldTimer Tools) C:\Users\frank\Downloads\TFC.exe
2021-04-08 15:18 - 2021-04-08 15:18 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-04-08 15:18 - 2020-12-19 16:20 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-04-08 08:01 - 2021-04-08 08:01 - 000042056 _____ C:\WINDOWS\system32\Drivers\rkflt.sys
2021-04-08 08:01 - 2021-04-08 08:01 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2021-04-08 07:59 - 2021-04-09 10:12 - 000000000 ____D C:\Users\frank\AppData\Roaming\ZHP
2021-04-08 07:59 - 2021-04-09 10:04 - 000000000 ____D C:\Users\frank\AppData\Local\ZHP
2021-04-08 07:59 - 2021-04-09 09:30 - 000000875 _____ C:\Users\frank\Desktop\ZHPCleaner.lnk
2021-04-08 07:50 - 2021-04-08 07:50 - 000000000 ____D C:\WINDOWS\Panther
2021-04-07 11:50 - 2021-04-09 07:04 - 000004178 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{837D39EB-0B79-4BA4-9F36-F53E32D34874}
2021-04-07 11:13 - 2021-04-07 11:18 - 000000000 ____D C:\ProgramData\RogueKiller
2021-04-07 11:13 - 2021-04-07 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2021-04-07 11:13 - 2021-04-07 11:13 - 000000000 ____D C:\Program Files\RogueKiller
2021-04-07 11:07 - 2021-04-07 11:07 - 000000778 _____ C:\Users\frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-04-07 11:07 - 2021-04-07 11:07 - 000000000 ____D C:\Users\frank\AppData\Local\ESET
2021-04-07 10:00 - 2021-04-09 10:54 - 000000000 ____D C:\FRST
2021-04-07 07:19 - 2021-04-07 17:22 - 000000000 ____D C:\WINDOWS\Minidump
2021-04-06 13:42 - 2021-04-06 13:42 - 000000000 ___HD C:\OneDriveTemp
2021-04-06 11:01 - 2021-04-08 07:42 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1342190831-2367824799-1252841984-1001
2021-04-06 11:00 - 2021-04-06 11:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-04-06 11:00 - 2021-04-06 11:00 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2021-04-06 11:00 - 2021-04-06 11:00 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-04-06 11:00 - 2021-04-06 11:00 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-04-06 11:00 - 2021-04-06 11:00 - 000002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-04-06 11:00 - 2021-04-06 11:00 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-04-06 11:00 - 2021-04-06 11:00 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-04-06 11:00 - 2021-04-06 11:00 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-04-06 11:00 - 2021-04-06 11:00 - 000002393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-04-06 10:59 - 2021-04-06 11:27 - 000000000 ____D C:\Program Files\Microsoft Office
2021-04-06 10:59 - 2021-04-06 10:59 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-04-06 10:58 - 2021-04-06 10:58 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-04-06 09:12 - 2021-04-09 09:28 - 092274688 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-04-06 09:09 - 2021-04-06 09:12 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2021-04-06 08:05 - 2021-04-06 08:05 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-06 08:05 - 2021-04-06 08:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-04-06 08:05 - 2021-04-06 08:05 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-04-05 16:19 - 2021-04-08 07:24 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-05 16:19 - 2021-04-08 07:24 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6d6d261d2c709
2021-04-05 11:48 - 2021-04-05 11:48 - 008534696 _____ (Malwarebytes) C:\Users\frank\Desktop\adwcleaner_8.2.exe
2021-04-04 12:01 - 2021-04-04 12:01 - 000003442 _____ C:\WINDOWS\system32\Tasks\InstallShield® Setup Engine Kernel
2021-04-02 17:08 - 2021-04-04 12:01 - 000003802 _____ C:\WINDOWS\system32\Tasks\Optimize Thumbnail Cache
2021-04-02 12:19 - 2021-04-02 12:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2021-03-30 18:09 - 2021-04-08 07:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-Link
2021-03-30 18:09 - 2021-04-08 07:44 - 000000000 ____D C:\Program Files (x86)\TP-Link
2021-03-30 18:09 - 2021-04-04 10:56 - 000000000 ____D C:\Users\frank\AppData\Roaming\tpPLC
2021-03-30 18:09 - 2021-03-30 18:09 - 000000000 ____D C:\Users\frank\AppData\Local\Downloaded Installations
2021-03-30 17:23 - 2021-03-30 17:23 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-13 11:30 - 2021-03-13 11:44 - 000000000 ____D C:\Users\frank\Downloads\captvty-3.0.0.65303
2021-03-12 08:45 - 2021-03-12 08:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-12 08:45 - 2021-03-12 08:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-12 08:45 - 2021-03-12 08:45 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-12 08:45 - 2021-03-12 08:45 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-12 08:44 - 2021-03-12 08:44 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-11 16:09 - 2021-03-11 16:09 - 008826224 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw08.sys
2021-03-11 16:09 - 2021-03-11 16:09 - 002677944 _____ C:\WINDOWS\system32\Drivers\Netwfw08.dat
2021-03-11 16:09 - 2021-03-11 16:09 - 001422192 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter08.dll
2021-03-10 10:07 - 2021-03-10 10:07 - 005448696 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ibtusb.sys
2021-03-10 10:07 - 2021-03-10 10:07 - 000540120 _____ (Intel Corporation) C:\WINDOWS\system32\ibtsiva.exe
2021-03-10 10:07 - 2021-03-10 10:07 - 000442360 _____ (Intel Corporation) C:\WINDOWS\system32\ibtproppage.dll
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-04-09 10:49 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-09 10:29 - 2020-12-19 10:37 - 000000000 ____D C:\Users\frank\AppData\LocalLow\Mozilla
2021-04-09 10:23 - 2020-12-19 10:33 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-09 10:22 - 2020-12-19 10:33 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-04-09 10:22 - 2020-12-19 10:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-09 09:51 - 2020-12-19 16:28 - 000000000 ____D C:\Users\frank\AppData\Roaming\libmanuels
2021-04-09 09:51 - 2020-12-19 16:28 - 000000000 ____D C:\Users\frank\AppData\Local\libmanuels
2021-04-09 09:39 - 2021-01-30 13:11 - 000000000 ____D C:\Program Files (x86)\Intel
2021-04-09 09:39 - 2020-12-19 11:54 - 000001510 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2021-04-09 09:39 - 2020-12-19 11:54 - 000000000 ____D C:\ProgramData\Package Cache
2021-04-09 09:33 - 2020-12-20 15:19 - 001681370 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-09 09:33 - 2019-12-07 16:50 - 000755264 _____ C:\WINDOWS\system32\perfh00C.dat
2021-04-09 09:33 - 2019-12-07 16:50 - 000142070 _____ C:\WINDOWS\system32\perfc00C.dat
2021-04-09 09:33 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-09 09:29 - 2020-12-19 10:30 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2021-04-09 09:29 - 2020-12-19 10:23 - 000000000 __SHD C:\Users\frank\IntelGraphicsProfiles
2021-04-09 09:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-04-09 09:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-09 09:28 - 2020-12-20 15:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-09 09:28 - 2020-12-20 15:12 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-09 09:28 - 2020-12-19 10:21 - 000000000 ____D C:\Intel
2021-04-09 09:28 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-04-09 08:32 - 2020-12-20 15:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-08 20:07 - 2020-12-19 14:08 - 000000000 ____D C:\Users\frank\AppData\Roaming\Molotov
2021-04-08 20:06 - 2020-12-19 14:08 - 000000000 ____D C:\Users\frank\AppData\Local\Molotov
2021-04-08 17:45 - 2020-12-19 14:08 - 000000000 ____D C:\Users\frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Molotov
2021-04-08 15:27 - 2020-12-19 10:50 - 000000000 ____D C:\Users\frank\AppData\Local\D3DSCache
2021-04-08 15:24 - 2020-12-19 11:16 - 000000000 ____D C:\Archives
2021-04-08 15:18 - 2020-12-19 16:20 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-04-08 15:18 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-08 15:17 - 2020-12-19 16:20 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-04-08 07:44 - 2020-12-19 12:53 - 000000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2021-04-08 07:42 - 2020-12-20 15:13 - 000002405 _____ C:\Users\frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-08 07:42 - 2020-12-19 10:25 - 000000000 ___RD C:\Users\frank\OneDrive
2021-04-08 07:22 - 2020-12-19 10:25 - 000000000 ____D C:\Users\frank\AppData\Local\PlaceholderTileLogoFolder
2021-04-07 11:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-07 07:19 - 2020-12-20 15:12 - 000439760 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-06 13:41 - 2020-12-19 18:54 - 000000000 ___RD C:\Users\frank\Google Drive
2021-04-06 11:27 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-04-06 10:58 - 2020-12-19 11:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-04-06 10:47 - 2020-12-19 10:51 - 000000000 ____D C:\Users\frank\Documents\Factures
2021-04-05 16:20 - 2020-12-19 10:18 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-05 16:20 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-05 13:50 - 2020-12-19 12:55 - 000001411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SyncBackFree.lnk
2021-04-05 13:40 - 2020-12-19 10:23 - 000000000 ____D C:\Users\frank\AppData\Local\Packages
2021-04-05 12:01 - 2020-12-19 16:27 - 000000000 ____D C:\Users\frank\AppData\Roaming\BiblioManuels
2021-04-05 10:45 - 2020-12-29 21:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-04-01 07:40 - 2020-12-19 10:27 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-01 07:17 - 2020-12-19 12:19 - 000000000 ____D C:\Program Files\Intel
2021-03-30 18:08 - 2020-12-19 11:05 - 000000000 ____D C:\Users\frank\Documents\Notice
2021-03-30 17:27 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-30 17:27 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-30 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-30 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-30 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-03-30 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-03-30 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-03-30 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-03-30 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-30 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-30 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-30 17:24 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-30 17:23 - 2020-12-20 15:15 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-03-29 09:11 - 2020-12-19 11:53 - 000000000 ____D C:\Users\frank\AppData\Roaming\vlc
2021-03-29 08:24 - 2020-12-19 16:20 - 000000000 ____D C:\Users\frank\Desktop\Wilson
2021-03-27 09:38 - 2020-12-19 10:46 - 000000000 ____D C:\Users\frank\Documents\EPub
2021-03-23 19:38 - 2020-12-19 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-03-23 15:54 - 2020-12-19 10:23 - 000000000 ____D C:\Users\frank\AppData\Local\VirtualStore
2021-03-21 15:34 - 2020-12-19 10:51 - 000000000 ____D C:\Users\frank\Documents\FGH
2021-03-16 16:44 - 2020-12-20 15:13 - 000000000 ____D C:\Users\frank
2021-03-16 11:40 - 2020-12-16 22:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-13 16:35 - 2020-12-19 11:50 - 000000000 ____D C:\Users\frank\AppData\Roaming\WinRAR
2021-03-12 08:46 - 2019-12-07 16:53 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-03-12 08:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-12 08:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-12 08:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-12 08:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-12 08:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-12 08:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-10 18:26 - 2020-12-19 10:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-10 18:24 - 2020-12-19 10:40 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Fichiers à la racine de certains dossiers ========
2020-12-20 15:32 - 2020-12-20 15:32 - 000007619 _____ () C:\Users\frank\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par frank (administrateur) sur DESKTOP-B973GJC (Intel(R) Client Systems NUC8i5BEK) (09-04-2021 10:53:53)
Exécuté depuis C:\Users\frank\Desktop
Profils chargés: frank
Platform: Windows 10 Pro Version 20H2 19042.906 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Flexera Software LLC -> InstallShield Software Corporation) [Fichier non signé] C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\iKernel.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <30>
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_26993080a5dec4cf\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_26993080a5dec4cf\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\regedit.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\pacjsworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATINXE.EXE
(Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1126128 2020-07-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [287648 2021-04-06] (IDSA Production signing key 2021 -> Intel)
HKU\S-1-5-21-1342190831-2367824799-1252841984-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINXE.EXE [298560 2014-03-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON ET-2550 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBNXE.DLL [180224 2014-03-05] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-01] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {1BD2B671-42F7-4C64-B803-8FC3BCF5280E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {31F7027D-88C6-4091-8FB0-546009D72783} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141168 2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {3B67AA15-A156-4DBB-8042-3AF7F875D2D9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4DA44522-F4D7-40C3-B568-2EA701AFEF7D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {63248562-2A8C-456A-89EA-6D0B0ACB0A88} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6C98F1C4-B9D0-4430-AF73-6266CBC51F9B} - System32\Tasks\InstallShield® Setup Engine Kernel => C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\iKernel.exe [72880 2020-10-16] (Flexera Software LLC -> InstallShield Software Corporation) [Fichier non signé]
Task: {734A4E64-7096-4DF1-AAB5-7C0F9049B70E} - System32\Tasks\Optimize Thumbnail Cache => C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\isupdate.exe [61104 2020-09-26] (Flexera Software LLC -> InstallShield®) [Fichier non signé]
Task: {8915E0E0-5C3F-41C0-B82D-7E4D5620912F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {933BB5EE-2BA0-4483-BDCD-AD607A121943} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696816 2021-03-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {98A586A9-5B49-45BB-8FB5-D143F6ABD02B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {98FC8501-CEBE-4C5D-948E-EB701474E5E2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5255104 2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {9DC52C59-BE51-43E9-8C1D-1A81132B8E9A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141168 2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {A1656BA0-DD11-46C2-9157-60B2E29279D6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5255104 2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 <==== ATTENTION (Restriction - ProxySettings)
AutoConfigURL: [HKLM] => hxxp://127.0.0.1:86/
AutoConfigURL: [HKLM-x32] => hxxp://127.0.0.1:86/
AutoConfigURL: [{570EE183-7779-4DA6-9B19-DD1E4F69B77B}] => hxxp://127.0.0.1:86/
AutoConfigURL: [{8842CA16-38F9-482E-A549-52E7F15011E0}] => hxxp://127.0.0.1:86/
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{a6ddb93e-e6e0-41e8-b65d-146e5787a1e3}: [DhcpNameServer] 192.168.1.254
ManualProxies: 0hxxp://127.0.0.1:86/
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge Profile: C:\Users\frank\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-09]
FireFox:
========
FF DefaultProfile: 3pxx7hen.default
FF ProfilePath: C:\Users\frank\AppData\Roaming\Mozilla\Firefox\Profiles\3pxx7hen.default [2020-12-19]
FF ProfilePath: C:\Users\frank\AppData\Roaming\Mozilla\Firefox\Profiles\kst2n67y.default-release-1617689116301 [2021-04-09]
FF Homepage: Mozilla\Firefox\Profiles\kst2n67y.default-release-1617689116301 -> hxxps://www.google.fr/
FF Extension: (LastPass: Free Password Manager) - C:\Users\frank\AppData\Roaming\Mozilla\Firefox\Profiles\kst2n67y.default-release-1617689116301\Extensions\support@lastpass.com.xpi [2021-04-06]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default [2021-04-09]
CHR HomePage: Default -> hxxp://news.google.fr/
CHR StartupUrls: Default -> "hxxp://news.google.fr/"
CHR Extension: (Google Traduction) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-12-19]
CHR Extension: (Slides) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-04-08]
CHR Extension: (Docs) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-04-08]
CHR Extension: (Google Drive) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-19]
CHR Extension: (YouTube) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-19]
CHR Extension: (Comic CBR, CBZ Viewer) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\eaifaeoakhlihifailnlnpbpcncogkld [2020-12-19]
CHR Extension: (Sheets) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-04-08]
CHR Extension: (Google Docs hors connexion) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-08]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-04-09]
CHR Extension: (Google Play Music) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2020-12-19]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-04-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Office) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdlmjhbenodhlknglojajgokahchlkk [2020-12-19]
CHR Extension: (Gmail) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-19]
CHR Extension: (Chrome Media Router) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-03]
CHR Extension: (RSS Feed Reader) - C:\Users\frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2020-12-19]
CHR HKU\S-1-5-21-1342190831-2367824799-1252841984-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788368 2021-03-29] (Microsoft Corporation -> Microsoft Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [356472 2019-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-19] (Malwarebytes Inc -> Malwarebytes)
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13688656 2021-03-24] (Adlice -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5361256 2021-03-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-06-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [935352 2020-06-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-08] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsla0334aa9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3C2943CF-89CE-4B24-B903-410CD9D5FDBC}\MpKslDrv.sys [97528 2021-04-09] (Microsoft Windows -> Microsoft Corporation)
S3 RkFlt; C:\Windows\System32\drivers\rkflt.sys [42056 2021-04-08] (Adlice -> )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2021-04-08] (Adlice -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-04-09 10:53 - 2021-04-09 10:54 - 000019413 _____ C:\Users\frank\Desktop\FRST.txt
2021-04-09 10:53 - 2021-04-09 10:53 - 002298368 _____ (Farbar) C:\Users\frank\Desktop\FRST64.exe
2021-04-09 10:22 - 2021-04-09 10:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-04-09 10:12 - 2021-04-09 10:12 - 000283055 _____ C:\Users\frank\Desktop\ZHPDiag.txt
2021-04-09 10:04 - 2021-04-09 10:04 - 003467416 _____ (Nicolas Coolman) C:\Users\frank\Downloads\ZHPSuite.exe
2021-04-09 10:04 - 2021-04-09 10:04 - 000000865 _____ C:\Users\frank\Desktop\ZHPSuite.lnk
2021-04-09 09:35 - 2021-04-09 09:35 - 000003022 _____ C:\Users\frank\Desktop\ZHPCleaner (R).txt
2021-04-09 08:39 - 2021-04-09 08:39 - 000448512 _____ (OldTimer Tools) C:\Users\frank\Downloads\TFC.exe
2021-04-08 15:18 - 2021-04-08 15:18 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-04-08 15:18 - 2020-12-19 16:20 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-04-08 08:01 - 2021-04-08 08:01 - 000042056 _____ C:\WINDOWS\system32\Drivers\rkflt.sys
2021-04-08 08:01 - 2021-04-08 08:01 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2021-04-08 07:59 - 2021-04-09 10:12 - 000000000 ____D C:\Users\frank\AppData\Roaming\ZHP
2021-04-08 07:59 - 2021-04-09 10:04 - 000000000 ____D C:\Users\frank\AppData\Local\ZHP
2021-04-08 07:59 - 2021-04-09 09:30 - 000000875 _____ C:\Users\frank\Desktop\ZHPCleaner.lnk
2021-04-08 07:50 - 2021-04-08 07:50 - 000000000 ____D C:\WINDOWS\Panther
2021-04-07 11:50 - 2021-04-09 07:04 - 000004178 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{837D39EB-0B79-4BA4-9F36-F53E32D34874}
2021-04-07 11:13 - 2021-04-07 11:18 - 000000000 ____D C:\ProgramData\RogueKiller
2021-04-07 11:13 - 2021-04-07 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2021-04-07 11:13 - 2021-04-07 11:13 - 000000000 ____D C:\Program Files\RogueKiller
2021-04-07 11:07 - 2021-04-07 11:07 - 000000778 _____ C:\Users\frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-04-07 11:07 - 2021-04-07 11:07 - 000000000 ____D C:\Users\frank\AppData\Local\ESET
2021-04-07 10:00 - 2021-04-09 10:54 - 000000000 ____D C:\FRST
2021-04-07 07:19 - 2021-04-07 17:22 - 000000000 ____D C:\WINDOWS\Minidump
2021-04-06 13:42 - 2021-04-06 13:42 - 000000000 ___HD C:\OneDriveTemp
2021-04-06 11:01 - 2021-04-08 07:42 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1342190831-2367824799-1252841984-1001
2021-04-06 11:00 - 2021-04-06 11:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-04-06 11:00 - 2021-04-06 11:00 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2021-04-06 11:00 - 2021-04-06 11:00 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-04-06 11:00 - 2021-04-06 11:00 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-04-06 11:00 - 2021-04-06 11:00 - 000002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-04-06 11:00 - 2021-04-06 11:00 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-04-06 11:00 - 2021-04-06 11:00 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-04-06 11:00 - 2021-04-06 11:00 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-04-06 11:00 - 2021-04-06 11:00 - 000002393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-04-06 10:59 - 2021-04-06 11:27 - 000000000 ____D C:\Program Files\Microsoft Office
2021-04-06 10:59 - 2021-04-06 10:59 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-04-06 10:58 - 2021-04-06 10:58 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-04-06 09:12 - 2021-04-09 09:28 - 092274688 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-04-06 09:09 - 2021-04-06 09:12 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2021-04-06 08:05 - 2021-04-06 08:05 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-06 08:05 - 2021-04-06 08:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-04-06 08:05 - 2021-04-06 08:05 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-04-05 16:19 - 2021-04-08 07:24 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-05 16:19 - 2021-04-08 07:24 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6d6d261d2c709
2021-04-05 11:48 - 2021-04-05 11:48 - 008534696 _____ (Malwarebytes) C:\Users\frank\Desktop\adwcleaner_8.2.exe
2021-04-04 12:01 - 2021-04-04 12:01 - 000003442 _____ C:\WINDOWS\system32\Tasks\InstallShield® Setup Engine Kernel
2021-04-02 17:08 - 2021-04-04 12:01 - 000003802 _____ C:\WINDOWS\system32\Tasks\Optimize Thumbnail Cache
2021-04-02 12:19 - 2021-04-02 12:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2021-03-30 18:09 - 2021-04-08 07:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-Link
2021-03-30 18:09 - 2021-04-08 07:44 - 000000000 ____D C:\Program Files (x86)\TP-Link
2021-03-30 18:09 - 2021-04-04 10:56 - 000000000 ____D C:\Users\frank\AppData\Roaming\tpPLC
2021-03-30 18:09 - 2021-03-30 18:09 - 000000000 ____D C:\Users\frank\AppData\Local\Downloaded Installations
2021-03-30 17:23 - 2021-03-30 17:23 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-13 11:30 - 2021-03-13 11:44 - 000000000 ____D C:\Users\frank\Downloads\captvty-3.0.0.65303
2021-03-12 08:45 - 2021-03-12 08:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-12 08:45 - 2021-03-12 08:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-12 08:45 - 2021-03-12 08:45 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-12 08:45 - 2021-03-12 08:45 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-12 08:44 - 2021-03-12 08:44 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-11 16:09 - 2021-03-11 16:09 - 008826224 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw08.sys
2021-03-11 16:09 - 2021-03-11 16:09 - 002677944 _____ C:\WINDOWS\system32\Drivers\Netwfw08.dat
2021-03-11 16:09 - 2021-03-11 16:09 - 001422192 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter08.dll
2021-03-10 10:07 - 2021-03-10 10:07 - 005448696 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ibtusb.sys
2021-03-10 10:07 - 2021-03-10 10:07 - 000540120 _____ (Intel Corporation) C:\WINDOWS\system32\ibtsiva.exe
2021-03-10 10:07 - 2021-03-10 10:07 - 000442360 _____ (Intel Corporation) C:\WINDOWS\system32\ibtproppage.dll
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-04-09 10:49 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-09 10:29 - 2020-12-19 10:37 - 000000000 ____D C:\Users\frank\AppData\LocalLow\Mozilla
2021-04-09 10:23 - 2020-12-19 10:33 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-09 10:22 - 2020-12-19 10:33 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-04-09 10:22 - 2020-12-19 10:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-09 09:51 - 2020-12-19 16:28 - 000000000 ____D C:\Users\frank\AppData\Roaming\libmanuels
2021-04-09 09:51 - 2020-12-19 16:28 - 000000000 ____D C:\Users\frank\AppData\Local\libmanuels
2021-04-09 09:39 - 2021-01-30 13:11 - 000000000 ____D C:\Program Files (x86)\Intel
2021-04-09 09:39 - 2020-12-19 11:54 - 000001510 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2021-04-09 09:39 - 2020-12-19 11:54 - 000000000 ____D C:\ProgramData\Package Cache
2021-04-09 09:33 - 2020-12-20 15:19 - 001681370 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-09 09:33 - 2019-12-07 16:50 - 000755264 _____ C:\WINDOWS\system32\perfh00C.dat
2021-04-09 09:33 - 2019-12-07 16:50 - 000142070 _____ C:\WINDOWS\system32\perfc00C.dat
2021-04-09 09:33 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-09 09:29 - 2020-12-19 10:30 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2021-04-09 09:29 - 2020-12-19 10:23 - 000000000 __SHD C:\Users\frank\IntelGraphicsProfiles
2021-04-09 09:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-04-09 09:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-09 09:28 - 2020-12-20 15:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-09 09:28 - 2020-12-20 15:12 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-09 09:28 - 2020-12-19 10:21 - 000000000 ____D C:\Intel
2021-04-09 09:28 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-04-09 08:32 - 2020-12-20 15:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-08 20:07 - 2020-12-19 14:08 - 000000000 ____D C:\Users\frank\AppData\Roaming\Molotov
2021-04-08 20:06 - 2020-12-19 14:08 - 000000000 ____D C:\Users\frank\AppData\Local\Molotov
2021-04-08 17:45 - 2020-12-19 14:08 - 000000000 ____D C:\Users\frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Molotov
2021-04-08 15:27 - 2020-12-19 10:50 - 000000000 ____D C:\Users\frank\AppData\Local\D3DSCache
2021-04-08 15:24 - 2020-12-19 11:16 - 000000000 ____D C:\Archives
2021-04-08 15:18 - 2020-12-19 16:20 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-04-08 15:18 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-08 15:17 - 2020-12-19 16:20 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-04-08 07:44 - 2020-12-19 12:53 - 000000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2021-04-08 07:42 - 2020-12-20 15:13 - 000002405 _____ C:\Users\frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-08 07:42 - 2020-12-19 10:25 - 000000000 ___RD C:\Users\frank\OneDrive
2021-04-08 07:22 - 2020-12-19 10:25 - 000000000 ____D C:\Users\frank\AppData\Local\PlaceholderTileLogoFolder
2021-04-07 11:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-07 07:19 - 2020-12-20 15:12 - 000439760 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-06 13:41 - 2020-12-19 18:54 - 000000000 ___RD C:\Users\frank\Google Drive
2021-04-06 11:27 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-04-06 10:58 - 2020-12-19 11:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-04-06 10:47 - 2020-12-19 10:51 - 000000000 ____D C:\Users\frank\Documents\Factures
2021-04-05 16:20 - 2020-12-19 10:18 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-05 16:20 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-05 13:50 - 2020-12-19 12:55 - 000001411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SyncBackFree.lnk
2021-04-05 13:40 - 2020-12-19 10:23 - 000000000 ____D C:\Users\frank\AppData\Local\Packages
2021-04-05 12:01 - 2020-12-19 16:27 - 000000000 ____D C:\Users\frank\AppData\Roaming\BiblioManuels
2021-04-05 10:45 - 2020-12-29 21:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-04-01 07:40 - 2020-12-19 10:27 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-01 07:17 - 2020-12-19 12:19 - 000000000 ____D C:\Program Files\Intel
2021-03-30 18:08 - 2020-12-19 11:05 - 000000000 ____D C:\Users\frank\Documents\Notice
2021-03-30 17:27 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-30 17:27 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-30 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-30 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-30 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-03-30 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-03-30 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-03-30 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-03-30 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-30 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-30 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-30 17:24 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-30 17:23 - 2020-12-20 15:15 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-03-29 09:11 - 2020-12-19 11:53 - 000000000 ____D C:\Users\frank\AppData\Roaming\vlc
2021-03-29 08:24 - 2020-12-19 16:20 - 000000000 ____D C:\Users\frank\Desktop\Wilson
2021-03-27 09:38 - 2020-12-19 10:46 - 000000000 ____D C:\Users\frank\Documents\EPub
2021-03-23 19:38 - 2020-12-19 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-03-23 15:54 - 2020-12-19 10:23 - 000000000 ____D C:\Users\frank\AppData\Local\VirtualStore
2021-03-21 15:34 - 2020-12-19 10:51 - 000000000 ____D C:\Users\frank\Documents\FGH
2021-03-16 16:44 - 2020-12-20 15:13 - 000000000 ____D C:\Users\frank
2021-03-16 11:40 - 2020-12-16 22:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-13 16:35 - 2020-12-19 11:50 - 000000000 ____D C:\Users\frank\AppData\Roaming\WinRAR
2021-03-12 08:46 - 2019-12-07 16:53 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-03-12 08:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-12 08:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-12 08:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-12 08:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-12 08:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-12 08:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-10 18:26 - 2020-12-19 10:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-10 18:24 - 2020-12-19 10:40 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Fichiers à la racine de certains dossiers ========
2020-12-20 15:32 - 2020-12-20 15:32 - 000007619 _____ () C:\Users\frank\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================