Publicité
Publicité
Commentaire : Rapoort FRST
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 08-05-2021 01
Exécuté par Marie (administrateur) sur DESKTOP-8NCEP6C (HP HP 250 G4 Notebook PC) (09-05-2021 11:20:09)
Exécuté depuis C:\Users\Marie\Desktop
Profils chargés: Marie & MSSQLFDLauncher$MARIESERVER & MSSQL$MARIESERVER & MsDtsServer120 & MSOLAP$MARIESERVER
Platform: Windows 10 Home Version 1909 18363.1500 (X64) Langue: Anglais (États-Unis) -> Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Marie\AppData\Roaming\uTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Marie\AppData\Roaming\uTorrent\updates\3.5.5_45988\utorrentie.exe <2>
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Marie\AppData\Roaming\uTorrent\uTorrent.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\Creator\FoxitProxyServer_Socket_RD.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <17>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\120\DTS\Binn\MsDtsSrvr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSAS12.MARIESERVER\OLAP\bin\msmdsrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.MARIESERVER\MSSQL\Binn\fdhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.MARIESERVER\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.MARIESERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <16>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\Marie\AppData\Roaming\Telegram Desktop\Telegram.exe
(Tonec Inc. -> Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
(Tonec Inc.) [Fichier non signé] C:\Program Files (x86)\Internet Download Manager\IDMan.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8911872 2016-10-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1744744131-901005740-3955675482-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [5468672 2020-12-25] (Tonec Inc.) [Fichier non signé]
HKU\S-1-5-21-1744744131-901005740-3955675482-1001\...\Run: [uTorrent] => C:\Users\Marie\AppData\Roaming\uTorrent\uTorrent.exe [2133032 2021-05-01] (BitTorrent Inc -> BitTorrent Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\Installer\chrmstp.exe [2021-04-28] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {109A36B7-2429-4567-8587-80B17EA27E6D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1CC14F36-11A2-4183-A810-F2E2DFB168CA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4D944344-DC90-48AF-9C34-581E0A537E87} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [139448 2016-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {599ECC7E-29F4-4907-ABAE-A9003F64B75E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {72FAC421-7047-4AF4-9A99-A47EC3C238FB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-18] (Google Inc -> Google LLC)
Task: {7B0D1305-4A3F-4EE0-A731-7A43B4D00220} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-18] (Google Inc -> Google LLC)
Task: {7B7BEE2B-6495-4334-AC6F-F06F5ADCF20F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {D8A668CF-83E8-4B66-8AC4-AD25ECA99F3A} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [70792 2020-05-16] (Oracle America, Inc. -> Oracle Corporation)
Task: {DF027271-B9CF-468F-878B-B9FE8EA3E7A6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF6FAABD-818A-4753-9C1A-8629F83BB250} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF8FCA18-B023-491F-9AC7-59E34494A470} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2e7ac689-c0c7-4bf5-ae05-5b3f86b28a6d}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{51203d06-fd4d-418a-ac68-052b85f491a1}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{93b5ac33-5e38-4996-b406-ec4e86e45437}: [NameServer] 192.168.0.1
Tcpip\..\Interfaces\{c576998d-712f-4f43-a90a-a8d3ec68c158}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Marie\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-09]
Edge Extension: (IDM Integration Module) - C:\Users\Marie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-04-18]
Edge HKU\S-1-5-21-1744744131-901005740-3955675482-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2020-12-25]
FireFox:
========
FF HKU\S-1-5-21-1744744131-901005740-3955675482-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Marie\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Marie\AppData\Roaming\IDM\idmmzcc5 [2021-01-05] [] [non signé]
FF HKU\S-1-5-21-1744744131-901005740-3955675482-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] []
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-05-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-05-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default [2021-05-09]
CHR Notifications: Default -> hxxps://ftmo.com; hxxps://mail.google.com; hxxps://www.youtube.com
CHR DefaultSearchURL: Default -> hxxps://www.gstatic.com/youtube/img/branding/favicon/favicon_144x144.png
CHR DefaultSearchKeyword: Default -> ConverterSearchNow
CHR DefaultSuggestURL: Default -> hxxps://api.convertersearchnow.com/suggest/get?q={searchTerms}
CHR Extension: (Slides) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-18]
CHR Extension: (YouTube) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnkijcaahngcdmfeangaknmldooml [2021-01-23]
CHR Extension: (Docs) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-18]
CHR Extension: (Google Drive) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-18]
CHR Extension: (TradingView: Free Stock Charts) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dokcepkiahcpognlgpeeiompfhcleagb [2020-04-19]
CHR Extension: (Sheets) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-18]
CHR Extension: (Google Docs hors connexion) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-14]
CHR Extension: (TradingView - Analyze Your Chart) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnogfeejigcaanajpgggkdaijilpgjgl [2019-12-11]
CHR Extension: (IDM Integration Module) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2021-03-10]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (ConverterSearchNow) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nphojlinhmpgjpekmcbmgigbbiglnpbm [2020-09-26]
CHR Extension: (Gmail) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-23]
CHR Profile: C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-06-29]
CHR Profile: C:\Users\Marie\AppData\Local\Google\Chrome\User Data\System Profile [2020-10-21]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 Main Service; C:\Program Files (x86)\MachinerData\RecoveRx.exe [2007040 2021-05-08] () [Fichier non signé]
R2 MsDtsServer120; C:\Program Files (x86)\Microsoft SQL Server\120\DTS\Binn\MsDtsSrvr.exe [217280 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQL$MARIESERVER; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.MARIESERVER\MSSQL\Binn\sqlservr.exe [197824 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher$MARIESERVER; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.MARIESERVER\MSSQL\Binn\fdlauncher.exe [44224 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
S3 ReportServer$MARIESERVER; C:\Program Files (x86)\Microsoft SQL Server\MSRS12.MARIESERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2030272 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 SQL Server Distributed Replay Client; C:\Program Files (x86)\Microsoft SQL Server\120\Tools\DReplayClient\DReplayClient.exe [139968 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
S3 SQL Server Distributed Replay Controller; C:\Program Files (x86)\Microsoft SQL Server\120\Tools\DReplayController\DReplayController.exe [345280 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
S3 SQLAgent$MARIESERVER; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.MARIESERVER\MSSQL\Binn\SQLAGENT.EXE [454848 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation -> Microsoft Corporation)
S3 wampapache64; c:\wamp64\bin\apache\apache2.4.46\bin\httpd.exe [29696 2020-08-02] (Apache Software Foundation) [Fichier non signé]
S3 wampmariadb64; c:\wamp64\bin\mariadb\mariadb10.4.13\bin\mysqld.exe [16058280 2020-05-09] (MariaDB Corporation Ab -> )
S3 wampmysqld64; c:\wamp64\bin\mysql\mysql8.0.21\bin\mysqld.exe [48581632 2020-06-16] () [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MSOLAP$MARIESERVER; "C:\Program Files (x86)\Microsoft SQL Server\MSAS12.MARIESERVER\OLAP\bin\msmdsrv.exe" -s "C:\Program Files (x86)\Microsoft SQL Server\MSAS12.MARIESERVER\OLAP\Config"
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [36280 2019-05-28] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2019-04-12] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2021-03-17] (Martin Malik - REALiX -> REALiX(tm))
S3 MpKsldbd6f91f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{890E46E4-01E2-4A21-9120-ED825E5FAEC0}\MpKslDrv.sys [107744 2021-05-08] (Microsoft Windows -> Microsoft Corporation)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [297984 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421088 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-05-09 11:20 - 2021-05-09 11:27 - 000023065 _____ C:\Users\Marie\Desktop\FRST.txt
2021-05-09 11:19 - 2021-05-09 11:19 - 002298880 _____ (Farbar) C:\Users\Marie\Desktop\FRST64-2.1.exe
2021-05-08 23:39 - 2021-05-08 23:39 - 000002036 _____ C:\Users\Marie\Desktop\fifaconfig - Raccourci.lnk
2021-05-08 23:20 - 2021-05-08 23:22 - 000000000 ____D C:\Users\Marie\Documents\FIFA 11
2021-05-08 19:24 - 2021-05-08 19:24 - 000000099 _____ C:\WINDOWS\Reimage.ini
2021-05-08 19:21 - 2021-05-09 11:23 - 000000000 ____D C:\FRST
2021-05-08 19:07 - 2021-05-09 11:31 - 000000000 ____D C:\Program Files (x86)\MachinerData
2021-05-08 19:07 - 2021-05-08 19:16 - 000000000 ____D C:\ProgramData\Garbage Cleaner
2021-05-08 19:07 - 2021-05-08 19:07 - 000000014 _____ C:\ProgramData\kaosdma.txt
2021-05-08 19:07 - 2021-05-08 19:07 - 000000000 ____D C:\Users\Marie\AppData\Roaming\nailedp
2021-05-08 19:07 - 2021-05-08 19:07 - 000000000 ____D C:\Users\Marie\AppData\Roaming\Mario
2021-05-08 18:49 - 2021-05-08 18:49 - 000000000 ____D C:\Users\Marie\AppData\Roaming\Leadertech
2021-05-08 18:26 - 2021-05-08 18:26 - 000000000 ____D C:\Program Files (x86)\EA Sports
2021-05-08 18:14 - 2021-05-09 09:06 - 000000000 ____D C:\Users\Marie\AppData\LocalLow\uTorrent
2021-05-07 16:38 - 2021-05-07 16:38 - 000000424 _____ C:\Users\Marie\Desktop\Ce PC.lnk
2021-05-06 18:51 - 2021-05-06 18:51 - 000000000 ____D C:\Users\Marie\AppData\Roaming\Windows
2021-05-06 14:09 - 2021-05-06 14:10 - 000000000 ____D C:\Users\Public\Documents\DocPartagé1
2021-05-06 14:09 - 2021-05-06 14:10 - 000000000 ____D C:\ProgramData\Documents\DocPartagé1
2021-05-05 16:41 - 2021-05-05 16:41 - 000000000 __SHD C:\found.003
2021-05-05 16:41 - 2021-05-05 16:41 - 000000000 __SHD C:\found.002
2021-05-05 16:05 - 2021-05-05 16:05 - 000000000 ____D C:\Users\Marie\AppData\Local\LogMeIn
2021-05-05 16:05 - 2021-05-05 16:05 - 000000000 ____D C:\ProgramData\LogMeIn
2021-05-05 00:24 - 2021-05-05 00:24 - 000000000 ____D C:\Users\Marie\AppData\Local\ElevatedDiagnostics
2021-05-04 16:23 - 2021-05-04 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2021-05-04 16:23 - 2021-05-04 16:23 - 000000000 ____D C:\Program Files (x86)\WinPcap
2021-05-04 16:07 - 2021-05-05 19:50 - 000000000 ____D C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cain
2021-05-03 21:33 - 2021-05-04 10:02 - 000000000 ____D C:\Users\Marie\AppData\Roaming\draw.io
2021-05-03 21:33 - 2021-05-03 21:33 - 000000000 ____D C:\Users\Marie\AppData\Local\draw.io-updater
2021-05-02 10:32 - 2021-05-02 10:32 - 000000000 ____D C:\Users\Marie\Documents\KONAMI
2021-05-02 10:32 - 2021-05-02 10:32 - 000000000 ____D C:\ProgramData\Steam
2021-05-02 10:32 - 2021-05-02 10:32 - 000000000 ____D C:\ProgramData\KONAMI
2021-05-01 18:59 - 2021-05-01 13:58 - 100127720 _____ (Foxit Software Inc. ) C:\Users\Marie\Documents\FoxitReader1013_L10N_Setup_Prom.exe
2021-04-28 19:11 - 2021-04-28 19:20 - 000011713 ____H C:\Users\Marie\Desktop\~WRL1399.tmp
2021-04-27 17:18 - 2021-05-02 10:31 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2021-04-27 17:18 - 2021-05-02 10:28 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2021-04-27 17:17 - 2021-04-27 17:17 - 000000710 _____ C:\Users\Public\Desktop\RomStation.lnk
2021-04-27 17:17 - 2021-04-27 17:17 - 000000710 _____ C:\ProgramData\Desktop\RomStation.lnk
2021-04-27 17:17 - 2021-04-27 17:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RomStation
2021-04-27 17:16 - 2021-05-07 16:05 - 000000000 ____D C:\RomStation
2021-04-27 11:05 - 2021-04-27 11:05 - 000000000 ____D C:\Users\Marie\AppData\LocalLow\Temp
2021-04-21 16:51 - 2021-04-21 16:58 - 000000000 ____D C:\Users\Marie\AppData\Roaming\texstudio
2021-04-21 16:49 - 2021-05-02 08:47 - 000000000 ____D C:\Program Files\texstudio
2021-04-20 23:47 - 2021-04-20 23:47 - 000000000 ___HD C:\$WinREAgent
2021-04-18 12:38 - 2021-04-18 12:38 - 000341436 _____ C:\Users\Marie\Downloads\smart_co_bd (1).sql
2021-04-18 12:37 - 2021-04-18 12:37 - 000108484 _____ C:\Users\Marie\Downloads\smart_co_bd.csv
2021-04-17 13:33 - 2021-04-17 13:33 - 000000000 ____D C:\Users\Marie\AppData\Roaming\Microsoft Corporation
2021-04-16 04:31 - 2021-04-16 04:31 - 000000016 _____ C:\ProgramData\rtmeslt
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-04-15 18:03 - 2021-04-15 18:03 - 001758672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-15 18:02 - 2021-04-15 18:02 - 000232760 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-11 20:52 - 2021-04-11 20:53 - 000192946 _____ C:\Users\Marie\Downloads\telegram_audio.ogg
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-05-09 11:32 - 2019-07-28 10:38 - 000000000 ____D C:\Users\Marie\AppData\Roaming\uTorrent
2021-05-09 11:20 - 2020-10-20 01:54 - 000000000 ____D C:\Users\Marie\Desktop\David Files
2021-05-09 10:56 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-09 10:01 - 2019-07-24 08:48 - 000000000 ____D C:\Users\Marie\Downloads\Telegram Desktop
2021-05-09 09:59 - 2019-07-24 08:47 - 000000000 ____D C:\Users\Marie\AppData\Roaming\Telegram Desktop
2021-05-09 09:55 - 2020-07-09 19:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-09 09:08 - 2021-01-10 19:33 - 000000000 _____ C:\WINDOWS\BcdLog.txt
2021-05-09 09:08 - 2020-12-10 19:26 - 000000028 _____ C:\WINDOWS\OutLog.txt
2021-05-09 09:06 - 2019-07-28 10:39 - 000000000 ____D C:\Users\Marie\AppData\Local\BitTorrentHelper
2021-05-09 09:04 - 2019-06-17 21:04 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-05-09 09:04 - 2019-06-17 21:04 - 000000000 __SHD C:\Users\Marie\IntelGraphicsProfiles
2021-05-09 09:02 - 2020-07-09 19:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-09 08:53 - 2021-01-10 19:33 - 000001412 ____H C:\WINDOWS\EPMBatch.ept
2021-05-09 08:53 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-05-09 08:52 - 2021-01-05 23:50 - 000000000 ____D C:\Users\Marie\AppData\Roaming\DMCache
2021-05-09 00:28 - 2020-07-09 19:18 - 000000000 ____D C:\Users\Marie
2021-05-09 00:27 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-09 00:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-09 00:10 - 2019-12-07 11:22 - 000000000 ___HD C:\$WINDOWS.~BT
2021-05-09 00:07 - 2020-07-09 19:39 - 000080013 _____ C:\WINDOWS\diagwrn.xml
2021-05-09 00:07 - 2020-07-09 19:39 - 000080013 _____ C:\WINDOWS\diagerr.xml
2021-05-08 23:52 - 2021-03-24 22:54 - 000000000 ____D C:\WINDOWS\Panther
2021-05-08 19:01 - 2021-01-05 23:50 - 000000000 ____D C:\Users\Marie\Downloads\Compressed
2021-05-08 14:17 - 2020-07-10 03:31 - 000833088 _____ C:\WINDOWS\system32\perfh00C.dat
2021-05-08 14:17 - 2020-07-10 03:31 - 000168054 _____ C:\WINDOWS\system32\perfc00C.dat
2021-05-08 14:17 - 2020-07-09 19:32 - 002088314 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-08 14:17 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-05-08 12:35 - 2020-06-08 00:54 - 000002481 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-08 12:35 - 2020-06-08 00:54 - 000002319 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-05-08 12:35 - 2020-06-08 00:54 - 000002319 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-05-07 19:01 - 2021-01-24 00:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2021-05-07 19:01 - 2020-10-14 15:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-05-07 19:01 - 2020-10-14 15:50 - 000000000 ____D C:\Program Files\Java
2021-05-07 18:44 - 2020-10-14 15:50 - 000000000 ____D C:\ProgramData\Oracle
2021-05-07 18:36 - 2019-06-29 11:27 - 000000000 ____D C:\Users\Marie\AppData\Roaming\vlc
2021-05-07 16:26 - 2020-10-19 23:40 - 000000000 ____D C:\Users\Marie\Documents\Python Scripts
2021-05-07 15:36 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-07 12:49 - 2020-10-09 08:06 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-05-07 12:35 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-05-07 11:50 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-07 11:27 - 2020-12-21 23:07 - 000000000 ____D C:\Users\Marie\AppData\Roaming\xm1
2021-05-07 11:10 - 2021-03-16 12:38 - 000000000 ____D C:\Users\Marie\AppData\Local\MiKTeX
2021-05-07 11:10 - 2019-06-17 20:23 - 000000000 ____D C:\Users\Marie\AppData\Local\Packages
2021-05-05 15:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-05-04 16:07 - 2020-07-09 19:18 - 000000000 ____D C:\Users\defaultuser0
2021-05-04 11:56 - 2019-11-03 14:27 - 000000000 ____D C:\Users\Marie\Documents\SQL Server Management Studio
2021-04-30 15:43 - 2020-07-09 19:41 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1744744131-901005740-3955675482-1001
2021-04-30 15:43 - 2020-07-09 19:18 - 000002446 _____ C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-30 15:43 - 2019-06-17 20:25 - 000000000 ___RD C:\Users\Marie\OneDrive
2021-04-26 18:34 - 2021-03-10 16:09 - 000000000 ____D C:\Users\Marie\Documents\Visual Studio 2015
2021-04-25 09:34 - 2020-07-09 19:41 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-25 09:34 - 2020-07-09 19:41 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-04-22 23:20 - 2019-11-20 09:53 - 000000000 ____D C:\Users\Marie\AppData\Local\D3DSCache
2021-04-20 23:49 - 2020-07-09 19:41 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-20 23:49 - 2020-07-09 19:41 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-16 11:39 - 2019-06-21 09:34 - 000000000 ___RD C:\Users\Marie\3D Objects
2021-04-16 11:39 - 2019-06-17 20:23 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-04-16 11:32 - 2020-07-09 19:11 - 000433280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-16 11:28 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-16 11:28 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-16 11:28 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-16 11:28 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-16 11:28 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-16 11:28 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-16 11:27 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-16 11:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-04-16 11:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-16 11:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-16 11:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-16 04:03 - 2019-06-18 18:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-15 18:19 - 2019-06-18 18:34 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-11 20:00 - 2019-06-21 09:28 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-04-10 16:46 - 2020-11-01 18:28 - 000000000 ____D C:\Users\Marie\AppData\Roaming\jupyter
2021-04-10 16:15 - 2020-11-04 01:22 - 000000000 ____D C:\Users\Marie\AppData\Roaming\Code
2021-04-10 16:05 - 2020-11-03 14:58 - 000000000 ____D C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
==================== Fichiers à la racine de certains dossiers ========
2019-06-18 18:21 - 2019-06-18 18:21 - 001151544 _____ (Google LLC) C:\Users\Marie\ChromeSetup.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Marie (administrateur) sur DESKTOP-8NCEP6C (HP HP 250 G4 Notebook PC) (09-05-2021 11:20:09)
Exécuté depuis C:\Users\Marie\Desktop
Profils chargés: Marie & MSSQLFDLauncher$MARIESERVER & MSSQL$MARIESERVER & MsDtsServer120 & MSOLAP$MARIESERVER
Platform: Windows 10 Home Version 1909 18363.1500 (X64) Langue: Anglais (États-Unis) -> Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Marie\AppData\Roaming\uTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Marie\AppData\Roaming\uTorrent\updates\3.5.5_45988\utorrentie.exe <2>
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Marie\AppData\Roaming\uTorrent\uTorrent.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\Creator\FoxitProxyServer_Socket_RD.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <17>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\120\DTS\Binn\MsDtsSrvr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSAS12.MARIESERVER\OLAP\bin\msmdsrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.MARIESERVER\MSSQL\Binn\fdhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.MARIESERVER\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.MARIESERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <16>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\Marie\AppData\Roaming\Telegram Desktop\Telegram.exe
(Tonec Inc. -> Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
(Tonec Inc.) [Fichier non signé] C:\Program Files (x86)\Internet Download Manager\IDMan.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8911872 2016-10-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1744744131-901005740-3955675482-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [5468672 2020-12-25] (Tonec Inc.) [Fichier non signé]
HKU\S-1-5-21-1744744131-901005740-3955675482-1001\...\Run: [uTorrent] => C:\Users\Marie\AppData\Roaming\uTorrent\uTorrent.exe [2133032 2021-05-01] (BitTorrent Inc -> BitTorrent Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\Installer\chrmstp.exe [2021-04-28] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {109A36B7-2429-4567-8587-80B17EA27E6D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1CC14F36-11A2-4183-A810-F2E2DFB168CA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4D944344-DC90-48AF-9C34-581E0A537E87} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [139448 2016-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {599ECC7E-29F4-4907-ABAE-A9003F64B75E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {72FAC421-7047-4AF4-9A99-A47EC3C238FB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-18] (Google Inc -> Google LLC)
Task: {7B0D1305-4A3F-4EE0-A731-7A43B4D00220} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-18] (Google Inc -> Google LLC)
Task: {7B7BEE2B-6495-4334-AC6F-F06F5ADCF20F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {D8A668CF-83E8-4B66-8AC4-AD25ECA99F3A} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [70792 2020-05-16] (Oracle America, Inc. -> Oracle Corporation)
Task: {DF027271-B9CF-468F-878B-B9FE8EA3E7A6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF6FAABD-818A-4753-9C1A-8629F83BB250} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF8FCA18-B023-491F-9AC7-59E34494A470} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2e7ac689-c0c7-4bf5-ae05-5b3f86b28a6d}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{51203d06-fd4d-418a-ac68-052b85f491a1}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{93b5ac33-5e38-4996-b406-ec4e86e45437}: [NameServer] 192.168.0.1
Tcpip\..\Interfaces\{c576998d-712f-4f43-a90a-a8d3ec68c158}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Marie\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-09]
Edge Extension: (IDM Integration Module) - C:\Users\Marie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-04-18]
Edge HKU\S-1-5-21-1744744131-901005740-3955675482-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2020-12-25]
FireFox:
========
FF HKU\S-1-5-21-1744744131-901005740-3955675482-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Marie\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Marie\AppData\Roaming\IDM\idmmzcc5 [2021-01-05] [] [non signé]
FF HKU\S-1-5-21-1744744131-901005740-3955675482-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] []
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-05-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-05-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default [2021-05-09]
CHR Notifications: Default -> hxxps://ftmo.com; hxxps://mail.google.com; hxxps://www.youtube.com
CHR DefaultSearchURL: Default -> hxxps://www.gstatic.com/youtube/img/branding/favicon/favicon_144x144.png
CHR DefaultSearchKeyword: Default -> ConverterSearchNow
CHR DefaultSuggestURL: Default -> hxxps://api.convertersearchnow.com/suggest/get?q={searchTerms}
CHR Extension: (Slides) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-18]
CHR Extension: (YouTube) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnkijcaahngcdmfeangaknmldooml [2021-01-23]
CHR Extension: (Docs) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-18]
CHR Extension: (Google Drive) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-18]
CHR Extension: (TradingView: Free Stock Charts) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dokcepkiahcpognlgpeeiompfhcleagb [2020-04-19]
CHR Extension: (Sheets) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-18]
CHR Extension: (Google Docs hors connexion) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-14]
CHR Extension: (TradingView - Analyze Your Chart) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnogfeejigcaanajpgggkdaijilpgjgl [2019-12-11]
CHR Extension: (IDM Integration Module) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2021-03-10]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (ConverterSearchNow) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nphojlinhmpgjpekmcbmgigbbiglnpbm [2020-09-26]
CHR Extension: (Gmail) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-23]
CHR Profile: C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-06-29]
CHR Profile: C:\Users\Marie\AppData\Local\Google\Chrome\User Data\System Profile [2020-10-21]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 Main Service; C:\Program Files (x86)\MachinerData\RecoveRx.exe [2007040 2021-05-08] () [Fichier non signé]
R2 MsDtsServer120; C:\Program Files (x86)\Microsoft SQL Server\120\DTS\Binn\MsDtsSrvr.exe [217280 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQL$MARIESERVER; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.MARIESERVER\MSSQL\Binn\sqlservr.exe [197824 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher$MARIESERVER; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.MARIESERVER\MSSQL\Binn\fdlauncher.exe [44224 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
S3 ReportServer$MARIESERVER; C:\Program Files (x86)\Microsoft SQL Server\MSRS12.MARIESERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2030272 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 SQL Server Distributed Replay Client; C:\Program Files (x86)\Microsoft SQL Server\120\Tools\DReplayClient\DReplayClient.exe [139968 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
S3 SQL Server Distributed Replay Controller; C:\Program Files (x86)\Microsoft SQL Server\120\Tools\DReplayController\DReplayController.exe [345280 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
S3 SQLAgent$MARIESERVER; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.MARIESERVER\MSSQL\Binn\SQLAGENT.EXE [454848 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation -> Microsoft Corporation)
S3 wampapache64; c:\wamp64\bin\apache\apache2.4.46\bin\httpd.exe [29696 2020-08-02] (Apache Software Foundation) [Fichier non signé]
S3 wampmariadb64; c:\wamp64\bin\mariadb\mariadb10.4.13\bin\mysqld.exe [16058280 2020-05-09] (MariaDB Corporation Ab -> )
S3 wampmysqld64; c:\wamp64\bin\mysql\mysql8.0.21\bin\mysqld.exe [48581632 2020-06-16] () [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MSOLAP$MARIESERVER; "C:\Program Files (x86)\Microsoft SQL Server\MSAS12.MARIESERVER\OLAP\bin\msmdsrv.exe" -s "C:\Program Files (x86)\Microsoft SQL Server\MSAS12.MARIESERVER\OLAP\Config"
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [36280 2019-05-28] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2019-04-12] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2021-03-17] (Martin Malik - REALiX -> REALiX(tm))
S3 MpKsldbd6f91f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{890E46E4-01E2-4A21-9120-ED825E5FAEC0}\MpKslDrv.sys [107744 2021-05-08] (Microsoft Windows -> Microsoft Corporation)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [297984 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421088 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-05-09 11:20 - 2021-05-09 11:27 - 000023065 _____ C:\Users\Marie\Desktop\FRST.txt
2021-05-09 11:19 - 2021-05-09 11:19 - 002298880 _____ (Farbar) C:\Users\Marie\Desktop\FRST64-2.1.exe
2021-05-08 23:39 - 2021-05-08 23:39 - 000002036 _____ C:\Users\Marie\Desktop\fifaconfig - Raccourci.lnk
2021-05-08 23:20 - 2021-05-08 23:22 - 000000000 ____D C:\Users\Marie\Documents\FIFA 11
2021-05-08 19:24 - 2021-05-08 19:24 - 000000099 _____ C:\WINDOWS\Reimage.ini
2021-05-08 19:21 - 2021-05-09 11:23 - 000000000 ____D C:\FRST
2021-05-08 19:07 - 2021-05-09 11:31 - 000000000 ____D C:\Program Files (x86)\MachinerData
2021-05-08 19:07 - 2021-05-08 19:16 - 000000000 ____D C:\ProgramData\Garbage Cleaner
2021-05-08 19:07 - 2021-05-08 19:07 - 000000014 _____ C:\ProgramData\kaosdma.txt
2021-05-08 19:07 - 2021-05-08 19:07 - 000000000 ____D C:\Users\Marie\AppData\Roaming\nailedp
2021-05-08 19:07 - 2021-05-08 19:07 - 000000000 ____D C:\Users\Marie\AppData\Roaming\Mario
2021-05-08 18:49 - 2021-05-08 18:49 - 000000000 ____D C:\Users\Marie\AppData\Roaming\Leadertech
2021-05-08 18:26 - 2021-05-08 18:26 - 000000000 ____D C:\Program Files (x86)\EA Sports
2021-05-08 18:14 - 2021-05-09 09:06 - 000000000 ____D C:\Users\Marie\AppData\LocalLow\uTorrent
2021-05-07 16:38 - 2021-05-07 16:38 - 000000424 _____ C:\Users\Marie\Desktop\Ce PC.lnk
2021-05-06 18:51 - 2021-05-06 18:51 - 000000000 ____D C:\Users\Marie\AppData\Roaming\Windows
2021-05-06 14:09 - 2021-05-06 14:10 - 000000000 ____D C:\Users\Public\Documents\DocPartagé1
2021-05-06 14:09 - 2021-05-06 14:10 - 000000000 ____D C:\ProgramData\Documents\DocPartagé1
2021-05-05 16:41 - 2021-05-05 16:41 - 000000000 __SHD C:\found.003
2021-05-05 16:41 - 2021-05-05 16:41 - 000000000 __SHD C:\found.002
2021-05-05 16:05 - 2021-05-05 16:05 - 000000000 ____D C:\Users\Marie\AppData\Local\LogMeIn
2021-05-05 16:05 - 2021-05-05 16:05 - 000000000 ____D C:\ProgramData\LogMeIn
2021-05-05 00:24 - 2021-05-05 00:24 - 000000000 ____D C:\Users\Marie\AppData\Local\ElevatedDiagnostics
2021-05-04 16:23 - 2021-05-04 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2021-05-04 16:23 - 2021-05-04 16:23 - 000000000 ____D C:\Program Files (x86)\WinPcap
2021-05-04 16:07 - 2021-05-05 19:50 - 000000000 ____D C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cain
2021-05-03 21:33 - 2021-05-04 10:02 - 000000000 ____D C:\Users\Marie\AppData\Roaming\draw.io
2021-05-03 21:33 - 2021-05-03 21:33 - 000000000 ____D C:\Users\Marie\AppData\Local\draw.io-updater
2021-05-02 10:32 - 2021-05-02 10:32 - 000000000 ____D C:\Users\Marie\Documents\KONAMI
2021-05-02 10:32 - 2021-05-02 10:32 - 000000000 ____D C:\ProgramData\Steam
2021-05-02 10:32 - 2021-05-02 10:32 - 000000000 ____D C:\ProgramData\KONAMI
2021-05-01 18:59 - 2021-05-01 13:58 - 100127720 _____ (Foxit Software Inc. ) C:\Users\Marie\Documents\FoxitReader1013_L10N_Setup_Prom.exe
2021-04-28 19:11 - 2021-04-28 19:20 - 000011713 ____H C:\Users\Marie\Desktop\~WRL1399.tmp
2021-04-27 17:18 - 2021-05-02 10:31 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2021-04-27 17:18 - 2021-05-02 10:28 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2021-04-27 17:17 - 2021-04-27 17:17 - 000000710 _____ C:\Users\Public\Desktop\RomStation.lnk
2021-04-27 17:17 - 2021-04-27 17:17 - 000000710 _____ C:\ProgramData\Desktop\RomStation.lnk
2021-04-27 17:17 - 2021-04-27 17:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RomStation
2021-04-27 17:16 - 2021-05-07 16:05 - 000000000 ____D C:\RomStation
2021-04-27 11:05 - 2021-04-27 11:05 - 000000000 ____D C:\Users\Marie\AppData\LocalLow\Temp
2021-04-21 16:51 - 2021-04-21 16:58 - 000000000 ____D C:\Users\Marie\AppData\Roaming\texstudio
2021-04-21 16:49 - 2021-05-02 08:47 - 000000000 ____D C:\Program Files\texstudio
2021-04-20 23:47 - 2021-04-20 23:47 - 000000000 ___HD C:\$WinREAgent
2021-04-18 12:38 - 2021-04-18 12:38 - 000341436 _____ C:\Users\Marie\Downloads\smart_co_bd (1).sql
2021-04-18 12:37 - 2021-04-18 12:37 - 000108484 _____ C:\Users\Marie\Downloads\smart_co_bd.csv
2021-04-17 13:33 - 2021-04-17 13:33 - 000000000 ____D C:\Users\Marie\AppData\Roaming\Microsoft Corporation
2021-04-16 04:31 - 2021-04-16 04:31 - 000000016 _____ C:\ProgramData\rtmeslt
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-04-15 18:05 - 2021-04-15 18:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-04-15 18:03 - 2021-04-15 18:03 - 001758672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-15 18:02 - 2021-04-15 18:02 - 000232760 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-11 20:52 - 2021-04-11 20:53 - 000192946 _____ C:\Users\Marie\Downloads\telegram_audio.ogg
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-05-09 11:32 - 2019-07-28 10:38 - 000000000 ____D C:\Users\Marie\AppData\Roaming\uTorrent
2021-05-09 11:20 - 2020-10-20 01:54 - 000000000 ____D C:\Users\Marie\Desktop\David Files
2021-05-09 10:56 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-09 10:01 - 2019-07-24 08:48 - 000000000 ____D C:\Users\Marie\Downloads\Telegram Desktop
2021-05-09 09:59 - 2019-07-24 08:47 - 000000000 ____D C:\Users\Marie\AppData\Roaming\Telegram Desktop
2021-05-09 09:55 - 2020-07-09 19:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-09 09:08 - 2021-01-10 19:33 - 000000000 _____ C:\WINDOWS\BcdLog.txt
2021-05-09 09:08 - 2020-12-10 19:26 - 000000028 _____ C:\WINDOWS\OutLog.txt
2021-05-09 09:06 - 2019-07-28 10:39 - 000000000 ____D C:\Users\Marie\AppData\Local\BitTorrentHelper
2021-05-09 09:04 - 2019-06-17 21:04 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-05-09 09:04 - 2019-06-17 21:04 - 000000000 __SHD C:\Users\Marie\IntelGraphicsProfiles
2021-05-09 09:02 - 2020-07-09 19:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-09 08:53 - 2021-01-10 19:33 - 000001412 ____H C:\WINDOWS\EPMBatch.ept
2021-05-09 08:53 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-05-09 08:52 - 2021-01-05 23:50 - 000000000 ____D C:\Users\Marie\AppData\Roaming\DMCache
2021-05-09 00:28 - 2020-07-09 19:18 - 000000000 ____D C:\Users\Marie
2021-05-09 00:27 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-09 00:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-09 00:10 - 2019-12-07 11:22 - 000000000 ___HD C:\$WINDOWS.~BT
2021-05-09 00:07 - 2020-07-09 19:39 - 000080013 _____ C:\WINDOWS\diagwrn.xml
2021-05-09 00:07 - 2020-07-09 19:39 - 000080013 _____ C:\WINDOWS\diagerr.xml
2021-05-08 23:52 - 2021-03-24 22:54 - 000000000 ____D C:\WINDOWS\Panther
2021-05-08 19:01 - 2021-01-05 23:50 - 000000000 ____D C:\Users\Marie\Downloads\Compressed
2021-05-08 14:17 - 2020-07-10 03:31 - 000833088 _____ C:\WINDOWS\system32\perfh00C.dat
2021-05-08 14:17 - 2020-07-10 03:31 - 000168054 _____ C:\WINDOWS\system32\perfc00C.dat
2021-05-08 14:17 - 2020-07-09 19:32 - 002088314 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-08 14:17 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-05-08 12:35 - 2020-06-08 00:54 - 000002481 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-08 12:35 - 2020-06-08 00:54 - 000002319 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-05-08 12:35 - 2020-06-08 00:54 - 000002319 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-05-07 19:01 - 2021-01-24 00:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2021-05-07 19:01 - 2020-10-14 15:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-05-07 19:01 - 2020-10-14 15:50 - 000000000 ____D C:\Program Files\Java
2021-05-07 18:44 - 2020-10-14 15:50 - 000000000 ____D C:\ProgramData\Oracle
2021-05-07 18:36 - 2019-06-29 11:27 - 000000000 ____D C:\Users\Marie\AppData\Roaming\vlc
2021-05-07 16:26 - 2020-10-19 23:40 - 000000000 ____D C:\Users\Marie\Documents\Python Scripts
2021-05-07 15:36 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-07 12:49 - 2020-10-09 08:06 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-05-07 12:35 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-05-07 11:50 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-07 11:27 - 2020-12-21 23:07 - 000000000 ____D C:\Users\Marie\AppData\Roaming\xm1
2021-05-07 11:10 - 2021-03-16 12:38 - 000000000 ____D C:\Users\Marie\AppData\Local\MiKTeX
2021-05-07 11:10 - 2019-06-17 20:23 - 000000000 ____D C:\Users\Marie\AppData\Local\Packages
2021-05-05 15:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-05-04 16:07 - 2020-07-09 19:18 - 000000000 ____D C:\Users\defaultuser0
2021-05-04 11:56 - 2019-11-03 14:27 - 000000000 ____D C:\Users\Marie\Documents\SQL Server Management Studio
2021-04-30 15:43 - 2020-07-09 19:41 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1744744131-901005740-3955675482-1001
2021-04-30 15:43 - 2020-07-09 19:18 - 000002446 _____ C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-30 15:43 - 2019-06-17 20:25 - 000000000 ___RD C:\Users\Marie\OneDrive
2021-04-26 18:34 - 2021-03-10 16:09 - 000000000 ____D C:\Users\Marie\Documents\Visual Studio 2015
2021-04-25 09:34 - 2020-07-09 19:41 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-25 09:34 - 2020-07-09 19:41 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-04-22 23:20 - 2019-11-20 09:53 - 000000000 ____D C:\Users\Marie\AppData\Local\D3DSCache
2021-04-20 23:49 - 2020-07-09 19:41 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-20 23:49 - 2020-07-09 19:41 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-16 11:39 - 2019-06-21 09:34 - 000000000 ___RD C:\Users\Marie\3D Objects
2021-04-16 11:39 - 2019-06-17 20:23 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-04-16 11:32 - 2020-07-09 19:11 - 000433280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-16 11:28 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-16 11:28 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-16 11:28 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-16 11:28 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-16 11:28 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-16 11:28 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-16 11:27 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-16 11:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-04-16 11:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-16 11:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-16 11:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-16 04:03 - 2019-06-18 18:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-15 18:19 - 2019-06-18 18:34 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-11 20:00 - 2019-06-21 09:28 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-04-10 16:46 - 2020-11-01 18:28 - 000000000 ____D C:\Users\Marie\AppData\Roaming\jupyter
2021-04-10 16:15 - 2020-11-04 01:22 - 000000000 ____D C:\Users\Marie\AppData\Roaming\Code
2021-04-10 16:05 - 2020-11-03 14:58 - 000000000 ____D C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
==================== Fichiers à la racine de certains dossiers ========
2019-06-18 18:21 - 2019-06-18 18:21 - 001151544 _____ (Google LLC) C:\Users\Marie\ChromeSetup.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================