Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2021 01
Exécuté par Philippe (administrateur) sur DESKTOP-EEUN360 (ASUSTeK COMPUTER INC. X751LJ) (07-06-2021 06:24:26)
Exécuté depuis C:\Users\Philippe\Downloads
Profils chargés: Philippe
Platform: Windows 10 Home Version 20H2 19042.985 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BatchCaller.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files (x86)\TrayStatus\TrayStatus.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(GoPro, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2105.19601.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20122.11121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <8>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\ProgramData\SetupTPDriver\SetupSync.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\NisSrv.exe
(Mixbyte Inc -> ) C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Mixbyte Inc -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Ralink Technology, Corp.) [Fichier non signé] C:\Program Files (x86)\ALFA\Common\RaRegistry.exe
(Ralink Technology, Corp.) [Fichier non signé] C:\Program Files (x86)\ALFA\Common\RaRegistry64.exe
(Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [188808 2021-05-26] (Mixbyte Inc -> )
HKU\S-1-5-21-140641448-3471451293-3027832417-1001\...\Run: [TrayStatus] => C:\Program Files (x86)\TrayStatus\TrayStatus.exe [4446656 2021-05-03] (Binary Fortress Software Ltd -> Binary Fortress Software)
HKU\S-1-5-21-140641448-3471451293-3027832417-1001\...\Run: [OpenVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [755296 2020-10-28] (OpenVPN Inc. -> )
HKU\S-1-5-21-140641448-3471451293-3027832417-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33770112 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-140641448-3471451293-3027832417-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [581120 2021-01-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP 7012 Status Monitor: C:\Windows\system32\hpinksts7012LM.dll [328704 2014-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP DC11 Status Monitor: C:\Windows\system32\hpinkstsDC11LM.dll [391984 2019-03-15] (HP Inc -> HP Inc.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP ENVY 7640 series): C:\Windows\system32\HPDiscoPMDC11.dll [751624 2014-05-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\PDF Architect 8 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\architect_pdfpmon_v.4.12.26.3.dll [932984 2021-01-14] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116736 2021-01-14] (pdfforge GmbH) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-06-04] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{E5931AF4-2A8F-48A5-AFC8-3605AD5C0A0C}] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ALFA Wireless Utility.lnk [2018-07-06]
ShortcutTarget: ALFA Wireless Utility.lnk -> C:\Program Files (x86)\ALFA\Common\RaUI.exe (ALFA Inc.) [Fichier non signé]
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {03CE6368-0A92-4227-BBFB-06A0E05D7130} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-05-20] (Piriform Software Ltd -> Piriform)
Task: {06740463-45FA-4CF5-A3B3-8618F252B46B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0C65BDE7-2E6C-42E7-9921-90A1CABCD2D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-26] (Google Inc -> Google Inc.)
Task: {17B70175-3C6F-4AB6-B999-9A0D8798BA4A} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-04-12] () [Fichier non signé]
Task: {279EE901-0FFF-417B-97E7-51C70F16A92D} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-11-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {32D4F984-19BB-4DBA-B53D-6883D99C4A5C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {34549394-E174-4866-9EE8-A7F318B963EA} - System32\Tasks\HPCustParticipation HP ENVY Photo 6200 series => C:\Program Files\HP\HP ENVY Photo 6200 series\Bin\HPCustPartic.exe [6659488 2019-03-18] (HP Inc -> HP Inc.)
Task: {431412E1-BA9C-4C1D-A0AD-6239D9D672C4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3953096 2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {4757E70A-6E8C-42E3-A5E9-F1F4404355E9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {4AFBA267-AB2D-4342-AD78-CBC0D8A92A77} - System32\Tasks\HPCustParticipation HP ENVY 7640 series => C:\Program Files\HP\HP ENVY 7640 series\Bin\HPCustPartic.exe [5853704 2014-05-06] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {6B5F6317-E742-44B4-96A0-D394488C2239} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {741B298D-3EBF-4970-BE4B-745C2267F90D} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.exe /NOUACCHECK
Task: {768A1537-63E9-41DC-8523-BD02273B852D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {7FFE603D-2022-4E5F-BA5D-A5ECBF34475E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3953096 2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {86764A12-1E9A-4DA7-8BC6-0E3F64E6B07C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {88B7C981-A5EE-473D-A477-E416F3351DA2} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {88E6AFF7-98CB-4929-9460-116E56AE2AE9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {97AB92A8-B219-4AB1-890B-AA83CC13FCF6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {998BBE05-CD23-4F2B-B5F7-71ED9BD63763} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16409496 2015-11-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {BDE58024-ED04-47AE-BC96-0F721651E346} - System32\Tasks\UCheck => C:\Program Files\UCheck\UCheck64.exe [26952000 2021-02-16] (Adlice -> )
Task: {CFABC7D5-1560-425E-9C2F-5811C783460F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28158080 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EF6CE991-92E8-4CEE-B620-763A04CD0C0E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-26] (Google Inc -> Google Inc.)
Task: {F8E5BBB6-3C79-41E6-BE79-F0352DD97F6A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984 2011-06-01] (Apple Inc. -> Apple Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{10917f6b-a8a8-49ab-943c-652f1b4c23b0}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4bfd9fc5-be24-4863-976a-31010a05a92b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5206e2b0-e09d-47dc-a41d-0cb8b1c17b89}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{db8ff22b-354e-4522-9329-38889bda4a69}: [DhcpNameServer] 172.17.2.1
Tcpip\..\Interfaces\{e05cfd02-feeb-4961-8153-f0e50cc52206}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fe252ed7-096a-4999-b486-ea8373437931}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Edge:
=======
DownloadDir: C:\Users\Philippe\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\Philippe\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-07]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: zcd5gh60.default-1604656495019
FF ProfilePath: C:\Users\Philippe\AppData\Roaming\Mozilla\Firefox\Profiles\zcd5gh60.default-1604656495019 [2021-06-04]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google Inc -> Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR Profile: C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default [2021-06-07]
CHR HomePage: Default -> qwant.com
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.fr/"
CHR DefaultSearchURL: Default -> hxxps://www.qwant.com/?q={searchTerms}&client=opensearch
CHR DefaultSearchKeyword: Default -> qwant.com
CHR DefaultSuggestURL: Default -> hxxps://api.qwant.com/api/suggest/?q={searchTerms}&client=opensearch
CHR Extension: (Slides) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-06-04]
CHR Extension: (Duolingo sur le Web) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2021-01-07]
CHR Extension: (IBM Security Rapport) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2021-02-18]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-19]
CHR Extension: (uBlock Origin) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-05-07]
CHR Extension: (Google Docs hors connexion) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-04]
CHR Extension: (Qwant) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnlkiofnhhoahaiimdicppgemmmomijo [2021-01-07]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Chrome Media Router) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-04]
CHR Profile: C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\System Profile [2018-08-01]
CHR HKU\S-1-5-21-140641448-3471451293-3027832417-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Philippe\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-03-19]
CHR HKU\S-1-5-21-140641448-3471451293-3027832417-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [86920 2021-05-26] (Mixbyte Inc -> Freemake)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-04-14] (GoPro, Inc. -> )
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-07] (HP Inc. -> HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Fichier non signé]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-09] (Malwarebytes Inc -> Malwarebytes)
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74336 2020-10-28] (OpenVPN Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74336 2020-10-28] (OpenVPN Inc. -> The OpenVPN Project)
R2 RalinkRegistryWriter; C:\Program Files (x86)\ALFA\Common\RaRegistry.exe [372736 2012-07-04] (Ralink Technology, Corp.) [Fichier non signé]
R2 RalinkRegistryWriter64; C:\Program Files (x86)\ALFA\Common\RaRegistry64.exe [447488 2012-07-04] (Ralink Technology, Corp.) [Fichier non signé]
S3 RaMediaServer; C:\Program Files (x86)\ALFA\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [Fichier non signé]
R2 RealtekWlanU; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [48856 2014-05-19] (Realtek Semiconductor Corp -> Realtek)
S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-04-23] (Realtek Semiconductor Corp -> Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] (Realtek Semiconductor Corp -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12849960 2021-03-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\NisSrv.exe [2644760 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MsMpEng.exe [136656 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-05-09] (Malwarebytes Inc -> Malwarebytes)
S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [395384 2019-10-06] (IBM -> IBM Corp.)
S0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [445240 2019-10-06] (IBM -> IBM Corp.)
S3 RimUsb; C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Research In Motion Limited)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2021-01-14] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-06-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425208 2021-06-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-06-06] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2021-01-14] (WireGuard LLC -> WireGuard LLC)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-06-07 06:24 - 2021-06-07 06:25 - 000026231 _____ C:\Users\Philippe\Downloads\FRST.txt
2021-06-07 06:20 - 2021-06-07 06:21 - 002300416 _____ (Farbar) C:\Users\Philippe\Downloads\FRST64.exe
2021-06-05 07:15 - 2021-06-05 07:15 - 000104409 _____ C:\Users\Philippe\Downloads\Download.PDF
2021-06-04 21:39 - 2021-06-04 21:39 - 003256472 _____ (Nicolas Coolman) C:\Users\Philippe\Downloads\ZHPCleaner (2).exe
2021-06-04 21:28 - 2021-06-04 21:30 - 031491256 _____ (Piriform Software Ltd) C:\Users\Philippe\Downloads\ccsetup580.exe
2021-06-01 15:29 - 2021-06-01 15:29 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2021-05-31 18:00 - 2021-05-31 18:26 - 000000000 ____D C:\Users\Philippe\Desktop\Appartement Maybelline
2021-05-29 08:35 - 2021-05-29 08:35 - 000036251 _____ C:\Users\Philippe\Downloads\Releve_CB_28_05_2021 (1).pdf
2021-05-29 08:33 - 2021-05-29 08:33 - 000039126 _____ C:\Users\Philippe\Downloads\Releve_CB_28_05_2021.pdf
2021-05-22 19:26 - 2021-05-22 19:26 - 000002590 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Entreprise.lnk
2021-05-22 19:26 - 2021-05-22 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office
2021-05-22 19:26 - 2021-05-22 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office
2021-05-21 13:14 - 2021-05-21 13:14 - 000000000 ____D C:\WINDOWS\LastGood
2021-05-18 21:04 - 2021-05-18 21:04 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-05-18 12:42 - 2021-05-18 12:42 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-18 12:42 - 2021-05-18 12:42 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-18 12:42 - 2021-05-18 12:42 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-18 12:41 - 2021-05-18 12:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-18 12:41 - 2021-05-18 12:41 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-18 12:41 - 2021-05-18 12:41 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-18 12:41 - 2021-05-18 12:41 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-18 12:41 - 2021-05-18 12:41 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-18 12:41 - 2021-05-18 12:41 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-18 12:41 - 2021-05-18 12:41 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-18 12:41 - 2021-05-18 12:41 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-18 12:41 - 2021-05-18 12:41 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-08 10:05 - 2021-05-08 10:05 - 000000525 _____ C:\Users\Philippe\Downloads\CoursesU.ics
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-06-07 06:24 - 2021-01-21 12:52 - 000000000 ____D C:\FRST
2021-06-07 06:11 - 2017-07-30 07:57 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-06-07 06:11 - 2016-02-25 20:26 - 000000000 __SHD C:\Users\Philippe\IntelGraphicsProfiles
2021-06-06 22:49 - 2020-06-18 18:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-06 22:49 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-06 22:49 - 2017-07-30 07:58 - 000000000 ____D C:\ProgramData\NVIDIA
2021-06-06 21:31 - 2016-02-26 07:48 - 000000000 ____D C:\Program Files\CCleaner
2021-06-06 09:59 - 2016-02-25 20:03 - 000000000 ____D C:\Users\Philippe\AppData\Roaming\BankPerfect
2021-06-06 09:59 - 2016-02-25 20:00 - 000465999 _____ C:\Users\Philippe\Documents\Compte Courant Boursorama.bp
2021-06-06 07:56 - 2018-07-14 15:08 - 000000000 ____D C:\Users\Philippe\AppData\Local\AxCrypt
2021-06-06 06:52 - 2018-02-27 21:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-05 22:48 - 2020-06-26 17:37 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-05 22:48 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-05 22:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-05 06:16 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-04 22:02 - 2016-02-26 07:46 - 000000000 ___RD C:\Users\Philippe\Desktop\Logiciel maintenance
2021-06-04 22:01 - 2016-03-06 15:38 - 000000000 ____D C:\Users\Philippe\AppData\Roaming\ZHP
2021-06-04 21:32 - 2021-03-28 20:37 - 000000000 ____D C:\Users\Philippe\AppData\Roaming\MPC-HC
2021-06-04 21:31 - 2021-01-14 16:43 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-06-03 22:12 - 2017-12-03 02:01 - 000000000 ____D C:\Users\Philippe\AppData\Local\Packages
2021-06-03 19:56 - 2017-07-30 07:57 - 000000000 ____D C:\Program Files (x86)\ASUS
2021-06-03 06:40 - 2020-06-18 19:01 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-03 06:40 - 2019-12-07 16:49 - 000794488 _____ C:\WINDOWS\system32\perfh00C.dat
2021-06-03 06:40 - 2019-12-07 16:49 - 000150602 _____ C:\WINDOWS\system32\perfc00C.dat
2021-06-03 06:36 - 2020-06-18 18:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-03 06:36 - 2020-06-18 18:51 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-03 06:36 - 2020-06-18 16:52 - 000000000 ____D C:\Users\Philippe
2021-06-03 06:36 - 2020-03-22 13:04 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-06-03 06:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-01 15:26 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-05-29 08:05 - 2021-01-09 19:43 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-05-29 05:44 - 2016-02-26 08:56 - 000000000 ___RD C:\Users\Philippe\Desktop\Logiciels musique
2021-05-29 05:18 - 2021-03-28 09:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2021-05-27 10:34 - 2021-03-28 18:12 - 000000000 ____D C:\Users\Philippe\Desktop\Musique à sauvegarder
2021-05-23 07:51 - 2016-03-12 19:01 - 000000000 ____D C:\Users\Philippe\AppData\Roaming\ObviousIdea
2021-05-22 19:26 - 2021-01-09 19:52 - 000002516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-05-22 19:26 - 2021-01-09 19:52 - 000002516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-05-22 19:26 - 2021-01-09 19:52 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-05-22 19:26 - 2021-01-09 19:52 - 000002489 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-05-22 19:26 - 2021-01-09 19:52 - 000002489 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-05-22 19:26 - 2021-01-09 19:52 - 000002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-05-22 19:26 - 2021-01-09 19:52 - 000002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-05-21 13:25 - 2020-06-18 18:58 - 000003384 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-140641448-3471451293-3027832417-1001
2021-05-21 13:25 - 2020-06-18 16:52 - 000002412 _____ C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-21 13:25 - 2016-02-25 20:28 - 000000000 ___RD C:\Users\Philippe\OneDrive
2021-05-21 06:14 - 2020-03-22 17:01 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-05-18 21:05 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-18 21:03 - 2020-06-18 18:51 - 000446136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-18 21:02 - 2019-12-07 16:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-18 18:12 - 2020-06-18 18:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2021-05-18 12:44 - 2019-12-07 16:53 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-18 12:44 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-18 12:35 - 2016-02-26 18:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-18 12:32 - 2016-02-26 18:40 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-17 10:06 - 2016-02-26 07:59 - 000000000 ___RD C:\Users\Philippe\Desktop\Logiciels vidéo
2021-05-15 08:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-05-09 06:19 - 2020-11-25 08:39 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-05-09 06:18 - 2021-02-21 11:57 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-05-09 06:18 - 2020-04-09 14:34 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
==================== Fichiers à la racine de certains dossiers ========
2019-12-21 16:41 - 2021-04-10 10:20 - 003325592 _____ (Nicolas Coolman) C:\Users\Philippe\ZHPCleaner.exe
2020-10-04 10:54 - 2020-10-04 10:55 - 000000003 _____ () C:\Users\Philippe\AppData\Roaming\.ptbt
2016-11-03 22:15 - 2016-12-12 14:21 - 000001019 _____ () C:\Users\Philippe\AppData\Roaming\.ptbt0
2016-02-26 10:07 - 2016-02-26 10:07 - 000000268 ___RH () C:\Users\Philippe\AppData\Roaming\Smooth Strings
2016-02-26 10:07 - 2016-02-26 10:07 - 000000268 ___RH () C:\Users\Philippe\AppData\Roaming\Solid Colors
2016-02-26 10:07 - 2016-02-26 10:07 - 000000268 ___RH () C:\Users\Philippe\AppData\Roaming\Sound Effects
2016-02-25 20:26 - 2018-07-01 06:02 - 000000184 _____ () C:\Users\Philippe\AppData\Roaming\sp_data.sys
2016-05-27 16:53 - 2021-04-27 14:49 - 000037376 _____ () C:\Users\Philippe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-11-25 18:25 - 2020-11-25 18:25 - 000000036 _____ () C:\Users\Philippe\AppData\Local\housecall.guid.cache
2018-07-15 17:02 - 2018-07-15 17:02 - 000000000 _____ () C:\Users\Philippe\AppData\Local\{0600CFA4-271C-429C-9B15-7E423B6B44E7}
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Philippe (administrateur) sur DESKTOP-EEUN360 (ASUSTeK COMPUTER INC. X751LJ) (07-06-2021 06:24:26)
Exécuté depuis C:\Users\Philippe\Downloads
Profils chargés: Philippe
Platform: Windows 10 Home Version 20H2 19042.985 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BatchCaller.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files (x86)\TrayStatus\TrayStatus.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(GoPro, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2105.19601.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20122.11121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <8>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\ProgramData\SetupTPDriver\SetupSync.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\NisSrv.exe
(Mixbyte Inc -> ) C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Mixbyte Inc -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Ralink Technology, Corp.) [Fichier non signé] C:\Program Files (x86)\ALFA\Common\RaRegistry.exe
(Ralink Technology, Corp.) [Fichier non signé] C:\Program Files (x86)\ALFA\Common\RaRegistry64.exe
(Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [188808 2021-05-26] (Mixbyte Inc -> )
HKU\S-1-5-21-140641448-3471451293-3027832417-1001\...\Run: [TrayStatus] => C:\Program Files (x86)\TrayStatus\TrayStatus.exe [4446656 2021-05-03] (Binary Fortress Software Ltd -> Binary Fortress Software)
HKU\S-1-5-21-140641448-3471451293-3027832417-1001\...\Run: [OpenVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [755296 2020-10-28] (OpenVPN Inc. -> )
HKU\S-1-5-21-140641448-3471451293-3027832417-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33770112 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-140641448-3471451293-3027832417-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [581120 2021-01-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP 7012 Status Monitor: C:\Windows\system32\hpinksts7012LM.dll [328704 2014-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP DC11 Status Monitor: C:\Windows\system32\hpinkstsDC11LM.dll [391984 2019-03-15] (HP Inc -> HP Inc.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP ENVY 7640 series): C:\Windows\system32\HPDiscoPMDC11.dll [751624 2014-05-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\PDF Architect 8 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\architect_pdfpmon_v.4.12.26.3.dll [932984 2021-01-14] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116736 2021-01-14] (pdfforge GmbH) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-06-04] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{E5931AF4-2A8F-48A5-AFC8-3605AD5C0A0C}] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ALFA Wireless Utility.lnk [2018-07-06]
ShortcutTarget: ALFA Wireless Utility.lnk -> C:\Program Files (x86)\ALFA\Common\RaUI.exe (ALFA Inc.) [Fichier non signé]
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {03CE6368-0A92-4227-BBFB-06A0E05D7130} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-05-20] (Piriform Software Ltd -> Piriform)
Task: {06740463-45FA-4CF5-A3B3-8618F252B46B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0C65BDE7-2E6C-42E7-9921-90A1CABCD2D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-26] (Google Inc -> Google Inc.)
Task: {17B70175-3C6F-4AB6-B999-9A0D8798BA4A} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-04-12] () [Fichier non signé]
Task: {279EE901-0FFF-417B-97E7-51C70F16A92D} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-11-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {32D4F984-19BB-4DBA-B53D-6883D99C4A5C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {34549394-E174-4866-9EE8-A7F318B963EA} - System32\Tasks\HPCustParticipation HP ENVY Photo 6200 series => C:\Program Files\HP\HP ENVY Photo 6200 series\Bin\HPCustPartic.exe [6659488 2019-03-18] (HP Inc -> HP Inc.)
Task: {431412E1-BA9C-4C1D-A0AD-6239D9D672C4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3953096 2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {4757E70A-6E8C-42E3-A5E9-F1F4404355E9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {4AFBA267-AB2D-4342-AD78-CBC0D8A92A77} - System32\Tasks\HPCustParticipation HP ENVY 7640 series => C:\Program Files\HP\HP ENVY 7640 series\Bin\HPCustPartic.exe [5853704 2014-05-06] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {6B5F6317-E742-44B4-96A0-D394488C2239} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {741B298D-3EBF-4970-BE4B-745C2267F90D} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.exe /NOUACCHECK
Task: {768A1537-63E9-41DC-8523-BD02273B852D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {7FFE603D-2022-4E5F-BA5D-A5ECBF34475E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3953096 2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {86764A12-1E9A-4DA7-8BC6-0E3F64E6B07C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {88B7C981-A5EE-473D-A477-E416F3351DA2} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {88E6AFF7-98CB-4929-9460-116E56AE2AE9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {97AB92A8-B219-4AB1-890B-AA83CC13FCF6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {998BBE05-CD23-4F2B-B5F7-71ED9BD63763} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16409496 2015-11-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {BDE58024-ED04-47AE-BC96-0F721651E346} - System32\Tasks\UCheck => C:\Program Files\UCheck\UCheck64.exe [26952000 2021-02-16] (Adlice -> )
Task: {CFABC7D5-1560-425E-9C2F-5811C783460F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28158080 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EF6CE991-92E8-4CEE-B620-763A04CD0C0E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-26] (Google Inc -> Google Inc.)
Task: {F8E5BBB6-3C79-41E6-BE79-F0352DD97F6A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984 2011-06-01] (Apple Inc. -> Apple Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{10917f6b-a8a8-49ab-943c-652f1b4c23b0}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4bfd9fc5-be24-4863-976a-31010a05a92b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5206e2b0-e09d-47dc-a41d-0cb8b1c17b89}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{db8ff22b-354e-4522-9329-38889bda4a69}: [DhcpNameServer] 172.17.2.1
Tcpip\..\Interfaces\{e05cfd02-feeb-4961-8153-f0e50cc52206}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fe252ed7-096a-4999-b486-ea8373437931}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Edge:
=======
DownloadDir: C:\Users\Philippe\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\Philippe\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-07]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: zcd5gh60.default-1604656495019
FF ProfilePath: C:\Users\Philippe\AppData\Roaming\Mozilla\Firefox\Profiles\zcd5gh60.default-1604656495019 [2021-06-04]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google Inc -> Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR Profile: C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default [2021-06-07]
CHR HomePage: Default -> qwant.com
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.fr/"
CHR DefaultSearchURL: Default -> hxxps://www.qwant.com/?q={searchTerms}&client=opensearch
CHR DefaultSearchKeyword: Default -> qwant.com
CHR DefaultSuggestURL: Default -> hxxps://api.qwant.com/api/suggest/?q={searchTerms}&client=opensearch
CHR Extension: (Slides) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-06-04]
CHR Extension: (Duolingo sur le Web) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2021-01-07]
CHR Extension: (IBM Security Rapport) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2021-02-18]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-19]
CHR Extension: (uBlock Origin) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-05-07]
CHR Extension: (Google Docs hors connexion) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-04]
CHR Extension: (Qwant) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnlkiofnhhoahaiimdicppgemmmomijo [2021-01-07]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Chrome Media Router) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-04]
CHR Profile: C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\System Profile [2018-08-01]
CHR HKU\S-1-5-21-140641448-3471451293-3027832417-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Philippe\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-03-19]
CHR HKU\S-1-5-21-140641448-3471451293-3027832417-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [86920 2021-05-26] (Mixbyte Inc -> Freemake)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-04-14] (GoPro, Inc. -> )
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-07] (HP Inc. -> HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Fichier non signé]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-09] (Malwarebytes Inc -> Malwarebytes)
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74336 2020-10-28] (OpenVPN Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74336 2020-10-28] (OpenVPN Inc. -> The OpenVPN Project)
R2 RalinkRegistryWriter; C:\Program Files (x86)\ALFA\Common\RaRegistry.exe [372736 2012-07-04] (Ralink Technology, Corp.) [Fichier non signé]
R2 RalinkRegistryWriter64; C:\Program Files (x86)\ALFA\Common\RaRegistry64.exe [447488 2012-07-04] (Ralink Technology, Corp.) [Fichier non signé]
S3 RaMediaServer; C:\Program Files (x86)\ALFA\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [Fichier non signé]
R2 RealtekWlanU; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [48856 2014-05-19] (Realtek Semiconductor Corp -> Realtek)
S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-04-23] (Realtek Semiconductor Corp -> Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] (Realtek Semiconductor Corp -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12849960 2021-03-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\NisSrv.exe [2644760 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MsMpEng.exe [136656 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-05-09] (Malwarebytes Inc -> Malwarebytes)
S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [395384 2019-10-06] (IBM -> IBM Corp.)
S0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [445240 2019-10-06] (IBM -> IBM Corp.)
S3 RimUsb; C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Research In Motion Limited)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2021-01-14] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-06-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425208 2021-06-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-06-06] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2021-01-14] (WireGuard LLC -> WireGuard LLC)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-06-07 06:24 - 2021-06-07 06:25 - 000026231 _____ C:\Users\Philippe\Downloads\FRST.txt
2021-06-07 06:20 - 2021-06-07 06:21 - 002300416 _____ (Farbar) C:\Users\Philippe\Downloads\FRST64.exe
2021-06-05 07:15 - 2021-06-05 07:15 - 000104409 _____ C:\Users\Philippe\Downloads\Download.PDF
2021-06-04 21:39 - 2021-06-04 21:39 - 003256472 _____ (Nicolas Coolman) C:\Users\Philippe\Downloads\ZHPCleaner (2).exe
2021-06-04 21:28 - 2021-06-04 21:30 - 031491256 _____ (Piriform Software Ltd) C:\Users\Philippe\Downloads\ccsetup580.exe
2021-06-01 15:29 - 2021-06-01 15:29 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2021-05-31 18:00 - 2021-05-31 18:26 - 000000000 ____D C:\Users\Philippe\Desktop\Appartement Maybelline
2021-05-29 08:35 - 2021-05-29 08:35 - 000036251 _____ C:\Users\Philippe\Downloads\Releve_CB_28_05_2021 (1).pdf
2021-05-29 08:33 - 2021-05-29 08:33 - 000039126 _____ C:\Users\Philippe\Downloads\Releve_CB_28_05_2021.pdf
2021-05-22 19:26 - 2021-05-22 19:26 - 000002590 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Entreprise.lnk
2021-05-22 19:26 - 2021-05-22 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office
2021-05-22 19:26 - 2021-05-22 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office
2021-05-21 13:14 - 2021-05-21 13:14 - 000000000 ____D C:\WINDOWS\LastGood
2021-05-18 21:04 - 2021-05-18 21:04 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-05-18 12:42 - 2021-05-18 12:42 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-18 12:42 - 2021-05-18 12:42 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-18 12:42 - 2021-05-18 12:42 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-18 12:41 - 2021-05-18 12:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-18 12:41 - 2021-05-18 12:41 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-18 12:41 - 2021-05-18 12:41 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-18 12:41 - 2021-05-18 12:41 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-18 12:41 - 2021-05-18 12:41 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-18 12:41 - 2021-05-18 12:41 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-18 12:41 - 2021-05-18 12:41 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-18 12:41 - 2021-05-18 12:41 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-18 12:41 - 2021-05-18 12:41 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-08 10:05 - 2021-05-08 10:05 - 000000525 _____ C:\Users\Philippe\Downloads\CoursesU.ics
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-06-07 06:24 - 2021-01-21 12:52 - 000000000 ____D C:\FRST
2021-06-07 06:11 - 2017-07-30 07:57 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-06-07 06:11 - 2016-02-25 20:26 - 000000000 __SHD C:\Users\Philippe\IntelGraphicsProfiles
2021-06-06 22:49 - 2020-06-18 18:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-06 22:49 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-06 22:49 - 2017-07-30 07:58 - 000000000 ____D C:\ProgramData\NVIDIA
2021-06-06 21:31 - 2016-02-26 07:48 - 000000000 ____D C:\Program Files\CCleaner
2021-06-06 09:59 - 2016-02-25 20:03 - 000000000 ____D C:\Users\Philippe\AppData\Roaming\BankPerfect
2021-06-06 09:59 - 2016-02-25 20:00 - 000465999 _____ C:\Users\Philippe\Documents\Compte Courant Boursorama.bp
2021-06-06 07:56 - 2018-07-14 15:08 - 000000000 ____D C:\Users\Philippe\AppData\Local\AxCrypt
2021-06-06 06:52 - 2018-02-27 21:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-05 22:48 - 2020-06-26 17:37 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-05 22:48 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-05 22:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-05 06:16 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-04 22:02 - 2016-02-26 07:46 - 000000000 ___RD C:\Users\Philippe\Desktop\Logiciel maintenance
2021-06-04 22:01 - 2016-03-06 15:38 - 000000000 ____D C:\Users\Philippe\AppData\Roaming\ZHP
2021-06-04 21:32 - 2021-03-28 20:37 - 000000000 ____D C:\Users\Philippe\AppData\Roaming\MPC-HC
2021-06-04 21:31 - 2021-01-14 16:43 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-06-03 22:12 - 2017-12-03 02:01 - 000000000 ____D C:\Users\Philippe\AppData\Local\Packages
2021-06-03 19:56 - 2017-07-30 07:57 - 000000000 ____D C:\Program Files (x86)\ASUS
2021-06-03 06:40 - 2020-06-18 19:01 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-03 06:40 - 2019-12-07 16:49 - 000794488 _____ C:\WINDOWS\system32\perfh00C.dat
2021-06-03 06:40 - 2019-12-07 16:49 - 000150602 _____ C:\WINDOWS\system32\perfc00C.dat
2021-06-03 06:36 - 2020-06-18 18:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-03 06:36 - 2020-06-18 18:51 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-03 06:36 - 2020-06-18 16:52 - 000000000 ____D C:\Users\Philippe
2021-06-03 06:36 - 2020-03-22 13:04 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-06-03 06:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-01 15:26 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-05-29 08:05 - 2021-01-09 19:43 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-05-29 05:44 - 2016-02-26 08:56 - 000000000 ___RD C:\Users\Philippe\Desktop\Logiciels musique
2021-05-29 05:18 - 2021-03-28 09:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2021-05-27 10:34 - 2021-03-28 18:12 - 000000000 ____D C:\Users\Philippe\Desktop\Musique à sauvegarder
2021-05-23 07:51 - 2016-03-12 19:01 - 000000000 ____D C:\Users\Philippe\AppData\Roaming\ObviousIdea
2021-05-22 19:26 - 2021-01-09 19:52 - 000002516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-05-22 19:26 - 2021-01-09 19:52 - 000002516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-05-22 19:26 - 2021-01-09 19:52 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-05-22 19:26 - 2021-01-09 19:52 - 000002489 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-05-22 19:26 - 2021-01-09 19:52 - 000002489 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-05-22 19:26 - 2021-01-09 19:52 - 000002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-05-22 19:26 - 2021-01-09 19:52 - 000002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-05-21 13:25 - 2020-06-18 18:58 - 000003384 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-140641448-3471451293-3027832417-1001
2021-05-21 13:25 - 2020-06-18 16:52 - 000002412 _____ C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-21 13:25 - 2016-02-25 20:28 - 000000000 ___RD C:\Users\Philippe\OneDrive
2021-05-21 06:14 - 2020-03-22 17:01 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-05-18 21:05 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-18 21:03 - 2020-06-18 18:51 - 000446136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-18 21:02 - 2019-12-07 16:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-18 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-18 18:12 - 2020-06-18 18:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2021-05-18 12:44 - 2019-12-07 16:53 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-18 12:44 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-18 12:35 - 2016-02-26 18:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-18 12:32 - 2016-02-26 18:40 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-17 10:06 - 2016-02-26 07:59 - 000000000 ___RD C:\Users\Philippe\Desktop\Logiciels vidéo
2021-05-15 08:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-05-09 06:19 - 2020-11-25 08:39 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-05-09 06:18 - 2021-02-21 11:57 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-05-09 06:18 - 2020-04-09 14:34 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
==================== Fichiers à la racine de certains dossiers ========
2019-12-21 16:41 - 2021-04-10 10:20 - 003325592 _____ (Nicolas Coolman) C:\Users\Philippe\ZHPCleaner.exe
2020-10-04 10:54 - 2020-10-04 10:55 - 000000003 _____ () C:\Users\Philippe\AppData\Roaming\.ptbt
2016-11-03 22:15 - 2016-12-12 14:21 - 000001019 _____ () C:\Users\Philippe\AppData\Roaming\.ptbt0
2016-02-26 10:07 - 2016-02-26 10:07 - 000000268 ___RH () C:\Users\Philippe\AppData\Roaming\Smooth Strings
2016-02-26 10:07 - 2016-02-26 10:07 - 000000268 ___RH () C:\Users\Philippe\AppData\Roaming\Solid Colors
2016-02-26 10:07 - 2016-02-26 10:07 - 000000268 ___RH () C:\Users\Philippe\AppData\Roaming\Sound Effects
2016-02-25 20:26 - 2018-07-01 06:02 - 000000184 _____ () C:\Users\Philippe\AppData\Roaming\sp_data.sys
2016-05-27 16:53 - 2021-04-27 14:49 - 000037376 _____ () C:\Users\Philippe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-11-25 18:25 - 2020-11-25 18:25 - 000000036 _____ () C:\Users\Philippe\AppData\Local\housecall.guid.cache
2018-07-15 17:02 - 2018-07-15 17:02 - 000000000 _____ () C:\Users\Philippe\AppData\Local\{0600CFA4-271C-429C-9B15-7E423B6B44E7}
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================