Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19-07-2021 01
Exécuté par Pierre (administrateur) sur PIERRE-PC (27-07-2021 09:40:20)
Exécuté depuis C:\Users\Pierre\Desktop
Profils chargés: Pierre
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc.) [Fichier non signé] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) [Fichier non signé] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) [Fichier non signé] C:\Windows\explorer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2011-05-19] (Brother Industries, Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-09-30] (Advanced Micro Devices, Inc.) [Fichier non signé]
HKLM\...\Winlogon: [Shell] C:\Windows\SysWOW64\explorer.exe [2972672 2016-08-29] (Microsoft Corporation) [Fichier non signé]
HKLM-x32\...\Winlogon: [Shell] C:\Windows\SysWOW64\explorer.exe [2972672 2016-08-29] (Microsoft Corporation) [Fichier non signé]
HKU\S-1-5-21-781771610-3839439289-4288105445-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2015-02-15] (Google Inc -> Google Inc.)
HKU\S-1-5-21-781771610-3839439289-4288105445-1000\...\MountPoints2: {09171b84-00e5-11eb-891e-14dae995ba0a} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-781771610-3839439289-4288105445-1000\...\MountPoints2: {2f53e64a-ab0f-11ea-945d-14dae995ba0a} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-781771610-3839439289-4288105445-1000\...\MountPoints2: {2f53e65c-ab0f-11ea-945d-14dae995ba0a} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-781771610-3839439289-4288105445-1000\...\MountPoints2: {8afb5237-7f69-11eb-8c6f-14dae995ba0a} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-781771610-3839439289-4288105445-1000\...\MountPoints2: {fc728e8e-6d4c-11e8-9471-14dae995ba0a} - E:\HiSuiteDownLoader.exe
HKLM\...\Providers\Internet Print Provider: inetpp.dll
HKLM\...\Providers\LanMan Print Services: C:\Windows\SysWOW64\win32spl.dll [497664 2017-08-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Local Port: localspl.dll
HKLM\...\Print\Monitors\Microsoft Shared Fax Monitor: FXSMON.DLL
HKLM\...\Print\Monitors\Standard TCP/IP Port: tcpmon.dll
HKLM\...\Print\Monitors\USB Monitor: usbmon.dll
HKLM\...\Print\Monitors\WSD Port: WSDMon.dll
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.164\Installer\chrmstp.exe [2021-07-23] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{8bf9a910-a8ff-457f-999f-a5ca10b4a885}] -> C:\Windows\SysWOW64\SmartcardCredentialProvider.dll [2013-10-04] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{94596c7e-3744-41ce-893e-bbf09122f76a}] -> C:\Windows\SysWOW64\SmartcardCredentialProvider.dll [2013-10-04] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> C:\Windows\SysWOW64\wlgpclnt.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> C:\Windows\SysWOW64\fdeploy.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> C:\Windows\SysWOW64\gptext.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\Windows\SysWOW64\scecli.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> C:\Windows\SysWOW64\dot3gpclnt.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}] -> C:\Windows\SysWOW64\gptext.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{f3ccc681-b74c-4060-9f26-cd84525dca2a}] -> auditcse.dll
HKLM\Software\...\Winlogon\GPExtensions: [{FB2CA36D-0B40-4307-821B-A13B252DE56C}] -> C:\Windows\SysWOW64\gptext.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}] -> C:\Windows\SysWOW64\gptext.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-04-30]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [Fichier non signé]
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0DF09668-78B9-46C3-AD05-3B733DCF547D} - System32\Tasks\{BD54CBEE-3306-4A61-8B40-A88C78CAB19C}
Task: {1BC3CFF6-D444-486D-BD2F-E52E2DE08830} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [64920 2020-02-15] (Microsoft Corporation -> Microsoft)
Task: {2020813F-370A-494F-A7C3-D5C431CACCE0} - System32\Tasks\{06BEBEF5-9A85-498F-B365-4783E6F5CB48} => C:\Windows\system32\pcalua.exe -a "C:\Users\Pierre\Documents\IMPRESSION 3D et CNC\Alfawise U30 pro\CH340G_USB Device Driver\SETUP.EXE" -d "C:\Users\Pierre\Documents\IMPRESSION 3D et CNC\Alfawise U30 pro\CH340G_USB Device Driver"
Task: {22C82D79-EEA7-488A-B016-55FFF0C33C60} - System32\Tasks\{C549660B-14C2-48B3-8902-C9357FFDF2C7} => C:\Users\Pierre\Documents\TECHNIQUE\ESPRESSO\SIN1.EXE
Task: {4DD37914-5B54-4EB6-81EF-96D21A81127B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {54986FF3-DF02-4586-96C1-FA0BDE12C749} - System32\Tasks\{1DDBEB2D-1CBE-4C47-99B3-73EA6BC77513} => D:\SETUP.exe
Task: {5A8CAB16-CD99-414D-835D-EFB419870316} - System32\Tasks\{DA1A203D-7602-4A32-BB17-4AB0E6109A11} => D:\SETUP.exe
Task: {5BA6F805-8AFA-434C-8C7C-96DC55918C6B} - System32\Tasks\{3ABC82A6-0A45-4BD3-86EE-CC88CE57C9A5} => C:\Program Files (x86)\Nikon\NkScan4\Nikon Scan.exe [602112 2003-07-12] (Nikon Inc.) [Fichier non signé]
Task: {650D1D1C-30BF-47C4-9700-55174A7D32E3} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {7067AF71-3A52-4D26-9F3D-D96A7482F0B3} - System32\Tasks\{E72DEC9D-D063-425F-B25A-ADE99F4769F9} => C:\Users\Pierre\Documents\TECHNIQUE\ESPRESSO\AMGEN1.EXE
Task: {707A36AD-D34B-4210-B9D3-F5EAF7177975} - System32\Tasks\{9BA4F73F-FAAB-4904-A802-A62F3D539DE4} => C:\Users\Pierre\Documents\TECHNIQUE\ESPRESSO\SIN1.EXE
Task: {7284523B-386D-47A2-B687-8A3D1B85389B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {7EF17101-2740-4E44-946B-29661C0F397F} - System32\Tasks\GoogleUpdateTaskMachineCore1d72654eff6d32e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {816F78AA-DAA9-4346-A2E4-F43806BAD866} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {87F33B4C-6105-407C-947B-FBD5A8E5D6EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {92A9FE87-EFC3-4569-8BA4-17B1A758E3A9} - System32\Tasks\GoogleUpdateTaskMachineUA1d72654f04bf94d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {97789488-AE56-423B-9FFE-1DE3B413AE3F} - System32\Tasks\{8C4005BC-C7D9-4BC6-A16A-9F370AAD4A4A} => C:\Users\Pierre\Documents\TECHNIQUE\ESPRESSO\SIN1.EXE
Task: {9A96D030-4D9E-452E-957B-0405A85456D3} - System32\Tasks\{A0A42B69-61D2-417C-9D0A-DD156E587276} => C:\Windows\system32\pcalua.exe -a C:\MAGIX\audiocleanic3.0\AudioCleanic.exe -d C:\MAGIX\audiocleanic3.0
Task: {A0F922FC-45A7-4676-9619-2C9F1CF211FF} - System32\Tasks\{4743EF82-2882-4FF4-97EF-F514F9DED4DD} => C:\Windows\system32\pcalua.exe -a D:\Welcome.exe -d D:\
Task: {A6A71E6C-F6A7-460A-A57A-72D0EE31B95E} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Pas de fichier <==== ATTENTION
Task: {AAABAB3F-09BA-4669-99DD-1831CFD7F2CA} - System32\Tasks\{F1D7AEE2-AE3C-41BA-9C53-A2C5AAC4DD1D} => C:\Program Files (x86)\Adobe\Photoshop Elements 2\PhotoshopElements.exe
Task: {AAC6D818-9378-4C0E-B792-3E493C9D0FDF} - System32\Tasks\{1F97DCE9-8A46-4035-A402-3E2AAF6EA27D} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Nikon\NkScan4\Nikon Scan.exe"
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe <==== ATTENTION
Task: {AD0535A8-BE5B-450B-9E55-AED8EB3ADF68} - System32\Tasks\{88457EE3-DAF6-4D52-A66B-32AB600A2E36} => C:\Windows\system32\pcalua.exe -a "G:\PROGRAMMES\e-carte bleue\ecb_LBP\LBP.EXE" -d "G:\PROGRAMMES\e-carte bleue\ecb_LBP"
Task: {ADFD18A7-B325-44F9-8900-84EF9F4A9E8C} - System32\Tasks\{75E96D1C-FD44-42FC-8BCC-D007AE05B2E9} => C:\Users\Pierre\Documents\TECHNIQUE\ESPRESSO\SIN1.EXE
Task: {B40168DD-C54C-40B5-8D61-F5D07B0D39C8} - System32\Tasks\{EBD88895-7399-4E6B-9E77-8820539DF31E} => C:\Windows\system32\pcalua.exe -a D:\Autorun.exe -d D:\
Task: {C3BBD88C-538B-42D9-94D8-5C763D1AC36E} - System32\Tasks\{C704DF23-D53C-4CA6-BC5A-FE6655543272} => C:\Windows\system32\pcalua.exe -a "D:\Nikon Scan 4\FR\Disk1\setup.exe" -d "D:\Nikon Scan 4\FR\Disk1"
Task: {C60EF48E-4706-45D6-8AE5-443CE4F2D484} - System32\Tasks\{41429EB3-D213-4C64-90FE-6F4F830CDD70} => C:\Users\Pierre\Documents\TECHNIQUE\ESPRESSO\SIN1.EXE
Task: {CAD0A04F-F449-4D5D-B3C2-88BE5E64D412} - System32\Tasks\{4CB43313-4AB3-432E-9167-D7E67C25A557} => C:\Windows\system32\pcalua.exe -a D:\Welcome.exe -d D:\
Task: {CCB29FFF-2CB2-4AB7-B4C3-B3513A21F086} - System32\Tasks\{B4C9F364-F38A-4144-A0DF-FFC04D8DBA4B} => C:\Users\Pierre\Documents\TECHNIQUE\ESPRESSO\SIN1.EXE
Task: {DEAC4A30-C655-4CA3-9D97-DDF3B65AB8E8} - System32\Tasks\{AA138F0C-D7CD-4D4A-BBA9-CCD5CB57195F} => C:\Users\Pierre\Documents\TECHNIQUE\ESPRESSO\SIN1.EXE
Task: {E1780D62-8B83-40B6-A699-063635B415EA} - System32\Tasks\{3ACEA4FC-2703-4C4A-B40E-F7DE3B495A3F} => C:\Users\Pierre\Documents\TECHNIQUE\ESPRESSO\AMGEN1.EXE
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\SysWOW64\BthUdTask.exe [35328 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
Task: {E5A324AF-1DDC-4266-BF74-4F8A4609B394} - System32\Tasks\{6F1A54E0-22EB-4D06-B68C-37823B1DD841} => C:\Program Files (x86)\Adobe\Photoshop Elements 2\PhotoshopElements.exe
Task: {F2C72FF0-20D5-4F35-AA85-DD604704ACE5} - System32\Tasks\{0060C041-8503-44F7-9114-29D97390E64E} => D:\INSTALL.EXE
Task: {F2CA674A-D3D4-43BC-ACE4-76572C75764B} - System32\Tasks\{7FE35AFC-5485-4F60-B5DF-E018FA5DBDD3} => C:\Windows\system32\pcalua.exe -a C:\Users\Pierre\AppData\Local\Temp\jre-8u191-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {F49E9335-62BD-46D1-B154-E0047809AE3F} - System32\Tasks\{A2F9B12A-62BC-4CC8-B158-3D2D039AE0AB} => C:\Users\Pierre\Documents\TECHNIQUE\ESPRESSO\SIN1.EXE
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [Fichier non signé]
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [Fichier non signé]
Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [Fichier non signé]
Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [Fichier non signé]
Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [Fichier non signé]
Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [Fichier non signé]
Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [Fichier non signé]
Winsock: Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [Fichier non signé]
Winsock: Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [Fichier non signé]
Winsock: Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [Fichier non signé]
Winsock: Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [Fichier non signé]
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{64F800E2-7180-435C-816E-A42D734B1725}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Pierre\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-19]
FireFox:
========
FF DefaultProfile: e7nf905l.default
FF ProfilePath: C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\e7nf905l.default [2021-06-01]
FF NewTab: Mozilla\Firefox\Profiles\e7nf905l.default -> about:newtab
FF Extension: (UnPlug) - C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\e7nf905l.default\Extensions\unplug@compunach.xpi [2016-11-16] []
FF Extension: (Hotfix for Firefox bug 1548973 (armagaddon 2.0) mitigation) - C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\e7nf905l.default\features\{acbb7a06-5b6a-4782-9a88-299afa1d2caf}\hotfix-bug-1548973@mozilla.org.xpi [2021-04-15] []
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-06-27] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-781771610-3839439289-4288105445-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Pierre\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2018-10-19] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default [2021-07-27]
CHR Extension: (Slides) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-13]
CHR Extension: (Docs) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-13]
CHR Extension: (Google Drive) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-20]
CHR Extension: (YouTube) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-13]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-19]
CHR Extension: (Sheets) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-13]
CHR Extension: (Google Docs hors connexion) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-23]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-23]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-02-19] (Adobe Systems) [Fichier non signé]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [Fichier non signé]
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-09-07] (Huawei Technologies Co., Ltd. -> )
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Fichier non signé]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG -> Nero AG)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-09-20] (Nero AG -> Nero AG)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145736 2013-08-15] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-05-01] (Microsoft Corporation -> Microsoft Corporation)
S3 wampapache64; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [24576 2014-05-01] (Apache Software Foundation) [Fichier non signé]
S3 wampmysqld64; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [12942848 2014-05-01] () [Fichier non signé]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) [Fichier non signé]
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 BrSerIb; C:\Windows\System32\DRIVERS\BrSerIb.sys [87552 2009-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Brother Industries Ltd.)
R3 BrUsbSIb; C:\Windows\System32\DRIVERS\BrUsbSIb.sys [14592 2009-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Brother Industries Ltd.)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2014-11-08] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
S3 DCamUSBEMPIA; C:\Windows\System32\DRIVERS\emDevice64.sys [215808 2007-06-21] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology, Inc.)
S3 DSTDSO; C:\Windows\System32\Drivers\dstusbamd64.SYS [17904 2014-09-25] (青岛汉泰电子有限公司 -> DSO)
S3 DSTDSO; C:\Windows\SysWOW64\Drivers\dstusbamd64.SYS [17904 2014-09-25] (青岛汉泰电子有限公司 -> DSO)
S3 emAudio; C:\Windows\System32\drivers\emAudio64.sys [79872 2007-08-31] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology, Inc.)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 FiltUSBEMPIA; C:\Windows\System32\DRIVERS\emFilter64.sys [6400 2007-06-21] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology, Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Pinnacle Systems GmbH)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 ScanUSBEMPIA; C:\Windows\System32\DRIVERS\emScan64.sys [6144 2007-06-21] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology, Inc.)
S3 ser2pl; C:\Windows\System32\DRIVERS\ser2pl64.sys [261640 2019-08-11] (WDKTestCert charles-yeh,132058328970830801 -> Prolific Technology Inc.)
S3 SynasUSB; C:\Windows\System32\drivers\SynUSB64.sys [31248 2006-11-16] (SIA Syncrosoft -> SIA Syncrosoft)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Apple, Inc.) [Fichier non signé]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-07-27 08:53 - 2021-07-27 09:41 - 000026454 _____ C:\Users\Pierre\Desktop\FRST.txt
2021-07-27 08:49 - 2021-07-27 08:49 - 002300416 _____ (Farbar) C:\Users\Pierre\Desktop\FRST64.exe
2021-07-26 22:52 - 2021-07-26 22:52 - 000276696 _____ C:\Windows\Minidump\072621-36223-01.dmp
2021-07-26 17:31 - 2021-07-26 17:31 - 000319485 _____ C:\Users\Pierre\Desktop\ZHPDiag.txt
2021-07-26 17:15 - 2021-07-26 13:44 - 003473048 _____ (Nicolas Coolman) C:\Users\Pierre\Desktop\ZHPSuite.exe
2021-07-26 17:13 - 2021-07-26 17:13 - 003017819 _____ C:\Users\Pierre\Desktop\ZHPSuite.zip
2021-07-26 17:06 - 2021-07-26 17:04 - 000053760 _____ C:\Users\Pierre\1036.MST
2021-07-26 17:06 - 2017-10-12 16:00 - 010466304 _____ C:\Users\Pierre\Pinnacle_Video_Driver_64bit.msi
2021-07-26 17:03 - 2021-07-26 17:03 - 000003040 _____ C:\Windows\system32\Tasks\{4CB43313-4AB3-432E-9167-D7E67C25A557}
2021-07-24 22:33 - 2021-07-24 22:33 - 000276696 _____ C:\Windows\Minidump\072421-18844-01.dmp
2021-07-24 13:04 - 2021-07-24 13:05 - 000276696 _____ C:\Windows\Minidump\072421-28875-01.dmp
2021-07-23 12:24 - 2019-08-18 13:09 - 730980352 _____ C:\Users\Pierre\Desktop\Adeus Pai.avi
2021-07-23 12:24 - 2019-08-18 12:55 - 000060312 _____ C:\Users\Pierre\Desktop\Adeus Pai FR.srt
2021-07-23 12:24 - 2019-08-18 12:55 - 000059848 _____ C:\Users\Pierre\Desktop\Adeus Pai PL.srt
2021-07-23 12:24 - 2019-08-18 12:55 - 000059751 _____ C:\Users\Pierre\Desktop\Adeus Pai EN.srt
2021-07-23 12:03 - 2021-07-23 12:15 - 724565604 _____ C:\Users\Pierre\Desktop\adeus-pai-1996-dvdrip.zip
2021-07-22 23:54 - 2019-09-24 21:39 - 000052970 _____ C:\Users\Pierre\Desktop\Léolo.por.srt
2021-07-22 23:54 - 2019-09-24 21:39 - 000052834 _____ C:\Users\Pierre\Desktop\Léolo.ita.srt
2021-07-22 23:54 - 2019-09-24 21:39 - 000050545 _____ C:\Users\Pierre\Desktop\Léolo.spa.srt
2021-07-22 23:54 - 2019-09-24 21:39 - 000048425 _____ C:\Users\Pierre\Desktop\Léolo.eng.srt
2021-07-22 23:53 - 2019-09-24 23:32 - 1399433556 _____ C:\Users\Pierre\Desktop\Léolo.avi
2021-07-22 23:28 - 2021-07-22 23:52 - 1382788284 _____ C:\Users\Pierre\Desktop\leolo-1992-720p-dvdrip.zip
2021-07-22 14:31 - 2021-07-22 14:31 - 000161583 _____ C:\Users\Pierre\Documents\JIM fr defenseur des droits - Extension du __ pas s sanitaire _ le Défenseur des droits dénonce un dispositif disproportionne.pdf
2021-07-06 12:40 - 2021-07-06 12:40 - 000002323 _____ C:\Users\Pierre\AppData\Local\recently-used.xbel
2021-07-06 12:06 - 2021-07-06 12:09 - 016113078 _____ C:\Users\Pierre\Sans titre 1.bmp
2021-07-02 14:02 - 2021-07-02 14:02 - 000276696 _____ C:\Windows\Minidump\070221-33306-01.dmp
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-07-27 09:41 - 2020-05-26 14:40 - 000000000 ____D C:\FRST
2021-07-27 09:38 - 2015-02-15 18:40 - 000000000 ____D C:\Program Files (x86)\Google
2021-07-27 09:35 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-07-27 08:52 - 2015-09-10 08:53 - 000271360 _____ C:\Users\Pierre\Desktop\Outlook.pst
2021-07-27 08:49 - 2009-07-14 06:45 - 000029136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-07-27 08:49 - 2009-07-14 06:45 - 000029136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-07-27 00:04 - 2015-02-16 17:36 - 000000000 ____D C:\Users\Pierre\Documents\GENEALOGIE
2021-07-26 22:52 - 2015-05-11 09:56 - 741165403 _____ C:\Windows\MEMORY.DMP
2021-07-26 22:52 - 2015-05-11 09:56 - 000000000 ____D C:\Windows\Minidump
2021-07-26 19:09 - 2015-05-11 09:42 - 000000000 ____D C:\Users\Pierre\AppData\Roaming\vlc
2021-07-26 17:31 - 2017-02-17 18:25 - 000000000 ____D C:\Users\Pierre\AppData\Roaming\ZHP
2021-07-26 17:07 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2021-07-26 17:06 - 2015-02-15 18:04 - 000000000 ____D C:\Users\Pierre
2021-07-24 19:05 - 2021-05-16 17:44 - 000002227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-23 11:57 - 2018-08-16 20:19 - 000007639 _____ C:\Users\Pierre\AppData\Local\Resmon.ResmonCfg
2021-07-23 11:20 - 2021-03-31 19:40 - 000003502 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA1d72654f04bf94d
2021-07-23 11:20 - 2021-03-31 19:40 - 000003374 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore1d72654eff6d32e
2021-07-19 14:04 - 2021-03-05 21:03 - 000000000 ____D C:\Users\Pierre\Documents\ACHATS
2021-07-14 23:20 - 2021-03-09 15:23 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-07-14 23:17 - 2015-02-16 17:35 - 000000000 ____D C:\Users\Pierre\Documents\CUISINE
2021-07-13 20:52 - 2015-03-16 00:17 - 000000000 ____D C:\Users\Pierre\AppData\Roaming\QCAD
2021-07-13 12:11 - 2015-02-16 18:48 - 000000000 ____D C:\Users\Pierre\AppData\Roaming\Audacity
2021-07-12 00:25 - 2020-04-02 11:32 - 000000000 ____D C:\Users\Pierre\Documents\_NOTES
2021-07-11 16:53 - 2021-03-02 23:11 - 000000000 ____D C:\Users\Pierre\AppData\Roaming\Scratch
2021-07-10 23:32 - 2020-12-08 12:10 - 000000000 ____D C:\Users\Pierre\AppData\Local\babl-0.1
2021-07-08 23:41 - 2017-03-13 22:39 - 000000250 _____ C:\Windows\AudioCleanic.INI
2021-07-06 12:08 - 2018-07-24 21:26 - 000117248 ___SH C:\Users\Pierre\Thumbs.db
2021-07-04 18:57 - 2009-07-14 07:08 - 000032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2021-07-02 08:56 - 2021-05-16 17:38 - 000003534 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-02 08:56 - 2021-05-16 17:38 - 000003406 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-06-30 14:31 - 2015-02-16 17:42 - 000000000 ____D C:\Users\Pierre\Documents\GESTION
==================== Fichiers à la racine de certains dossiers ========
2019-02-03 11:53 - 2019-02-03 11:53 - 000000025 _____ () C:\Users\Pierre\Liste.bat
2015-04-19 18:20 - 2021-06-03 15:21 - 000000000 _____ () C:\Users\Pierre\AppData\Roaming\Animals
2015-04-19 18:21 - 2015-04-19 18:21 - 000000268 ___RH () C:\Users\Pierre\AppData\Roaming\Application
2016-01-20 20:46 - 2016-01-20 20:46 - 000038438 _____ () C:\Users\Pierre\AppData\Roaming\Microsoft Excel.ADR
2016-01-02 20:58 - 2019-08-30 18:39 - 000005120 _____ () C:\Users\Pierre\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-07-06 12:40 - 2021-07-06 12:40 - 000002323 _____ () C:\Users\Pierre\AppData\Local\recently-used.xbel
2018-08-16 20:19 - 2021-07-23 11:57 - 000007639 _____ () C:\Users\Pierre\AppData\Local\Resmon.ResmonCfg
==================== FCheck ================================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
FCheck: C:\Windows\system32\WMVENCOD.DLL [2015-12-08] <==== ATTENTION (zéro octet Fichier/Dossier)
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le MD5 est légitime
C:\Windows\SysWOW64\explorer.exe => Le MD5 est légitime
LastRegBack: 2021-07-27 09:16
==================== Fin de FRST.txt ========================
Exécuté par Pierre (administrateur) sur PIERRE-PC (27-07-2021 09:40:20)
Exécuté depuis C:\Users\Pierre\Desktop
Profils chargés: Pierre
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc.) [Fichier non signé] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) [Fichier non signé] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) [Fichier non signé] C:\Windows\explorer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2011-05-19] (Brother Industries, Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-09-30] (Advanced Micro Devices, Inc.) [Fichier non signé]
HKLM\...\Winlogon: [Shell] C:\Windows\SysWOW64\explorer.exe [2972672 2016-08-29] (Microsoft Corporation) [Fichier non signé]
HKLM-x32\...\Winlogon: [Shell] C:\Windows\SysWOW64\explorer.exe [2972672 2016-08-29] (Microsoft Corporation) [Fichier non signé]
HKU\S-1-5-21-781771610-3839439289-4288105445-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2015-02-15] (Google Inc -> Google Inc.)
HKU\S-1-5-21-781771610-3839439289-4288105445-1000\...\MountPoints2: {09171b84-00e5-11eb-891e-14dae995ba0a} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-781771610-3839439289-4288105445-1000\...\MountPoints2: {2f53e64a-ab0f-11ea-945d-14dae995ba0a} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-781771610-3839439289-4288105445-1000\...\MountPoints2: {2f53e65c-ab0f-11ea-945d-14dae995ba0a} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-781771610-3839439289-4288105445-1000\...\MountPoints2: {8afb5237-7f69-11eb-8c6f-14dae995ba0a} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-781771610-3839439289-4288105445-1000\...\MountPoints2: {fc728e8e-6d4c-11e8-9471-14dae995ba0a} - E:\HiSuiteDownLoader.exe
HKLM\...\Providers\Internet Print Provider: inetpp.dll
HKLM\...\Providers\LanMan Print Services: C:\Windows\SysWOW64\win32spl.dll [497664 2017-08-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Local Port: localspl.dll
HKLM\...\Print\Monitors\Microsoft Shared Fax Monitor: FXSMON.DLL
HKLM\...\Print\Monitors\Standard TCP/IP Port: tcpmon.dll
HKLM\...\Print\Monitors\USB Monitor: usbmon.dll
HKLM\...\Print\Monitors\WSD Port: WSDMon.dll
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.164\Installer\chrmstp.exe [2021-07-23] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{8bf9a910-a8ff-457f-999f-a5ca10b4a885}] -> C:\Windows\SysWOW64\SmartcardCredentialProvider.dll [2013-10-04] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{94596c7e-3744-41ce-893e-bbf09122f76a}] -> C:\Windows\SysWOW64\SmartcardCredentialProvider.dll [2013-10-04] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> C:\Windows\SysWOW64\wlgpclnt.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> C:\Windows\SysWOW64\fdeploy.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> C:\Windows\SysWOW64\gptext.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\Windows\SysWOW64\scecli.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> C:\Windows\SysWOW64\dot3gpclnt.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}] -> C:\Windows\SysWOW64\gptext.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{f3ccc681-b74c-4060-9f26-cd84525dca2a}] -> auditcse.dll
HKLM\Software\...\Winlogon\GPExtensions: [{FB2CA36D-0B40-4307-821B-A13B252DE56C}] -> C:\Windows\SysWOW64\gptext.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}] -> C:\Windows\SysWOW64\gptext.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-04-30]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [Fichier non signé]
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0DF09668-78B9-46C3-AD05-3B733DCF547D} - System32\Tasks\{BD54CBEE-3306-4A61-8B40-A88C78CAB19C}
Task: {1BC3CFF6-D444-486D-BD2F-E52E2DE08830} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [64920 2020-02-15] (Microsoft Corporation -> Microsoft)
Task: {2020813F-370A-494F-A7C3-D5C431CACCE0} - System32\Tasks\{06BEBEF5-9A85-498F-B365-4783E6F5CB48} => C:\Windows\system32\pcalua.exe -a "C:\Users\Pierre\Documents\IMPRESSION 3D et CNC\Alfawise U30 pro\CH340G_USB Device Driver\SETUP.EXE" -d "C:\Users\Pierre\Documents\IMPRESSION 3D et CNC\Alfawise U30 pro\CH340G_USB Device Driver"
Task: {22C82D79-EEA7-488A-B016-55FFF0C33C60} - System32\Tasks\{C549660B-14C2-48B3-8902-C9357FFDF2C7} => C:\Users\Pierre\Documents\TECHNIQUE\ESPRESSO\SIN1.EXE
Task: {4DD37914-5B54-4EB6-81EF-96D21A81127B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {54986FF3-DF02-4586-96C1-FA0BDE12C749} - System32\Tasks\{1DDBEB2D-1CBE-4C47-99B3-73EA6BC77513} => D:\SETUP.exe
Task: {5A8CAB16-CD99-414D-835D-EFB419870316} - System32\Tasks\{DA1A203D-7602-4A32-BB17-4AB0E6109A11} => D:\SETUP.exe
Task: {5BA6F805-8AFA-434C-8C7C-96DC55918C6B} - System32\Tasks\{3ABC82A6-0A45-4BD3-86EE-CC88CE57C9A5} => C:\Program Files (x86)\Nikon\NkScan4\Nikon Scan.exe [602112 2003-07-12] (Nikon Inc.) [Fichier non signé]
Task: {650D1D1C-30BF-47C4-9700-55174A7D32E3} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {7067AF71-3A52-4D26-9F3D-D96A7482F0B3} - System32\Tasks\{E72DEC9D-D063-425F-B25A-ADE99F4769F9} => C:\Users\Pierre\Documents\TECHNIQUE\ESPRESSO\AMGEN1.EXE
Task: {707A36AD-D34B-4210-B9D3-F5EAF7177975} - System32\Tasks\{9BA4F73F-FAAB-4904-A802-A62F3D539DE4} => C:\Users\Pierre\Documents\TECHNIQUE\ESPRESSO\SIN1.EXE
Task: {7284523B-386D-47A2-B687-8A3D1B85389B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {7EF17101-2740-4E44-946B-29661C0F397F} - System32\Tasks\GoogleUpdateTaskMachineCore1d72654eff6d32e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {816F78AA-DAA9-4346-A2E4-F43806BAD866} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {87F33B4C-6105-407C-947B-FBD5A8E5D6EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {92A9FE87-EFC3-4569-8BA4-17B1A758E3A9} - System32\Tasks\GoogleUpdateTaskMachineUA1d72654f04bf94d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {97789488-AE56-423B-9FFE-1DE3B413AE3F} - System32\Tasks\{8C4005BC-C7D9-4BC6-A16A-9F370AAD4A4A} => C:\Users\Pierre\Documents\TECHNIQUE\ESPRESSO\SIN1.EXE
Task: {9A96D030-4D9E-452E-957B-0405A85456D3} - System32\Tasks\{A0A42B69-61D2-417C-9D0A-DD156E587276} => C:\Windows\system32\pcalua.exe -a C:\MAGIX\audiocleanic3.0\AudioCleanic.exe -d C:\MAGIX\audiocleanic3.0
Task: {A0F922FC-45A7-4676-9619-2C9F1CF211FF} - System32\Tasks\{4743EF82-2882-4FF4-97EF-F514F9DED4DD} => C:\Windows\system32\pcalua.exe -a D:\Welcome.exe -d D:\
Task: {A6A71E6C-F6A7-460A-A57A-72D0EE31B95E} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Pas de fichier <==== ATTENTION
Task: {AAABAB3F-09BA-4669-99DD-1831CFD7F2CA} - System32\Tasks\{F1D7AEE2-AE3C-41BA-9C53-A2C5AAC4DD1D} => C:\Program Files (x86)\Adobe\Photoshop Elements 2\PhotoshopElements.exe
Task: {AAC6D818-9378-4C0E-B792-3E493C9D0FDF} - System32\Tasks\{1F97DCE9-8A46-4035-A402-3E2AAF6EA27D} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Nikon\NkScan4\Nikon Scan.exe"
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe <==== ATTENTION
Task: {AD0535A8-BE5B-450B-9E55-AED8EB3ADF68} - System32\Tasks\{88457EE3-DAF6-4D52-A66B-32AB600A2E36} => C:\Windows\system32\pcalua.exe -a "G:\PROGRAMMES\e-carte bleue\ecb_LBP\LBP.EXE" -d "G:\PROGRAMMES\e-carte bleue\ecb_LBP"
Task: {ADFD18A7-B325-44F9-8900-84EF9F4A9E8C} - System32\Tasks\{75E96D1C-FD44-42FC-8BCC-D007AE05B2E9} => C:\Users\Pierre\Documents\TECHNIQUE\ESPRESSO\SIN1.EXE
Task: {B40168DD-C54C-40B5-8D61-F5D07B0D39C8} - System32\Tasks\{EBD88895-7399-4E6B-9E77-8820539DF31E} => C:\Windows\system32\pcalua.exe -a D:\Autorun.exe -d D:\
Task: {C3BBD88C-538B-42D9-94D8-5C763D1AC36E} - System32\Tasks\{C704DF23-D53C-4CA6-BC5A-FE6655543272} => C:\Windows\system32\pcalua.exe -a "D:\Nikon Scan 4\FR\Disk1\setup.exe" -d "D:\Nikon Scan 4\FR\Disk1"
Task: {C60EF48E-4706-45D6-8AE5-443CE4F2D484} - System32\Tasks\{41429EB3-D213-4C64-90FE-6F4F830CDD70} => C:\Users\Pierre\Documents\TECHNIQUE\ESPRESSO\SIN1.EXE
Task: {CAD0A04F-F449-4D5D-B3C2-88BE5E64D412} - System32\Tasks\{4CB43313-4AB3-432E-9167-D7E67C25A557} => C:\Windows\system32\pcalua.exe -a D:\Welcome.exe -d D:\
Task: {CCB29FFF-2CB2-4AB7-B4C3-B3513A21F086} - System32\Tasks\{B4C9F364-F38A-4144-A0DF-FFC04D8DBA4B} => C:\Users\Pierre\Documents\TECHNIQUE\ESPRESSO\SIN1.EXE
Task: {DEAC4A30-C655-4CA3-9D97-DDF3B65AB8E8} - System32\Tasks\{AA138F0C-D7CD-4D4A-BBA9-CCD5CB57195F} => C:\Users\Pierre\Documents\TECHNIQUE\ESPRESSO\SIN1.EXE
Task: {E1780D62-8B83-40B6-A699-063635B415EA} - System32\Tasks\{3ACEA4FC-2703-4C4A-B40E-F7DE3B495A3F} => C:\Users\Pierre\Documents\TECHNIQUE\ESPRESSO\AMGEN1.EXE
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\SysWOW64\BthUdTask.exe [35328 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
Task: {E5A324AF-1DDC-4266-BF74-4F8A4609B394} - System32\Tasks\{6F1A54E0-22EB-4D06-B68C-37823B1DD841} => C:\Program Files (x86)\Adobe\Photoshop Elements 2\PhotoshopElements.exe
Task: {F2C72FF0-20D5-4F35-AA85-DD604704ACE5} - System32\Tasks\{0060C041-8503-44F7-9114-29D97390E64E} => D:\INSTALL.EXE
Task: {F2CA674A-D3D4-43BC-ACE4-76572C75764B} - System32\Tasks\{7FE35AFC-5485-4F60-B5DF-E018FA5DBDD3} => C:\Windows\system32\pcalua.exe -a C:\Users\Pierre\AppData\Local\Temp\jre-8u191-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {F49E9335-62BD-46D1-B154-E0047809AE3F} - System32\Tasks\{A2F9B12A-62BC-4CC8-B158-3D2D039AE0AB} => C:\Users\Pierre\Documents\TECHNIQUE\ESPRESSO\SIN1.EXE
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [Fichier non signé]
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [Fichier non signé]
Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [Fichier non signé]
Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [Fichier non signé]
Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [Fichier non signé]
Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [Fichier non signé]
Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [Fichier non signé]
Winsock: Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [Fichier non signé]
Winsock: Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [Fichier non signé]
Winsock: Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [Fichier non signé]
Winsock: Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [Fichier non signé]
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{64F800E2-7180-435C-816E-A42D734B1725}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Pierre\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-19]
FireFox:
========
FF DefaultProfile: e7nf905l.default
FF ProfilePath: C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\e7nf905l.default [2021-06-01]
FF NewTab: Mozilla\Firefox\Profiles\e7nf905l.default -> about:newtab
FF Extension: (UnPlug) - C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\e7nf905l.default\Extensions\unplug@compunach.xpi [2016-11-16] []
FF Extension: (Hotfix for Firefox bug 1548973 (armagaddon 2.0) mitigation) - C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\e7nf905l.default\features\{acbb7a06-5b6a-4782-9a88-299afa1d2caf}\hotfix-bug-1548973@mozilla.org.xpi [2021-04-15] []
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-06-27] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-781771610-3839439289-4288105445-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Pierre\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2018-10-19] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default [2021-07-27]
CHR Extension: (Slides) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-13]
CHR Extension: (Docs) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-13]
CHR Extension: (Google Drive) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-20]
CHR Extension: (YouTube) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-13]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-19]
CHR Extension: (Sheets) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-13]
CHR Extension: (Google Docs hors connexion) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-23]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-23]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-02-19] (Adobe Systems) [Fichier non signé]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [Fichier non signé]
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-09-07] (Huawei Technologies Co., Ltd. -> )
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Fichier non signé]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG -> Nero AG)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-09-20] (Nero AG -> Nero AG)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145736 2013-08-15] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-05-01] (Microsoft Corporation -> Microsoft Corporation)
S3 wampapache64; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [24576 2014-05-01] (Apache Software Foundation) [Fichier non signé]
S3 wampmysqld64; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [12942848 2014-05-01] () [Fichier non signé]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) [Fichier non signé]
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 BrSerIb; C:\Windows\System32\DRIVERS\BrSerIb.sys [87552 2009-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Brother Industries Ltd.)
R3 BrUsbSIb; C:\Windows\System32\DRIVERS\BrUsbSIb.sys [14592 2009-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Brother Industries Ltd.)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2014-11-08] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
S3 DCamUSBEMPIA; C:\Windows\System32\DRIVERS\emDevice64.sys [215808 2007-06-21] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology, Inc.)
S3 DSTDSO; C:\Windows\System32\Drivers\dstusbamd64.SYS [17904 2014-09-25] (青岛汉泰电子有限公司 -> DSO)
S3 DSTDSO; C:\Windows\SysWOW64\Drivers\dstusbamd64.SYS [17904 2014-09-25] (青岛汉泰电子有限公司 -> DSO)
S3 emAudio; C:\Windows\System32\drivers\emAudio64.sys [79872 2007-08-31] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology, Inc.)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 FiltUSBEMPIA; C:\Windows\System32\DRIVERS\emFilter64.sys [6400 2007-06-21] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology, Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Pinnacle Systems GmbH)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 ScanUSBEMPIA; C:\Windows\System32\DRIVERS\emScan64.sys [6144 2007-06-21] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology, Inc.)
S3 ser2pl; C:\Windows\System32\DRIVERS\ser2pl64.sys [261640 2019-08-11] (WDKTestCert charles-yeh,132058328970830801 -> Prolific Technology Inc.)
S3 SynasUSB; C:\Windows\System32\drivers\SynUSB64.sys [31248 2006-11-16] (SIA Syncrosoft -> SIA Syncrosoft)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Apple, Inc.) [Fichier non signé]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-07-27 08:53 - 2021-07-27 09:41 - 000026454 _____ C:\Users\Pierre\Desktop\FRST.txt
2021-07-27 08:49 - 2021-07-27 08:49 - 002300416 _____ (Farbar) C:\Users\Pierre\Desktop\FRST64.exe
2021-07-26 22:52 - 2021-07-26 22:52 - 000276696 _____ C:\Windows\Minidump\072621-36223-01.dmp
2021-07-26 17:31 - 2021-07-26 17:31 - 000319485 _____ C:\Users\Pierre\Desktop\ZHPDiag.txt
2021-07-26 17:15 - 2021-07-26 13:44 - 003473048 _____ (Nicolas Coolman) C:\Users\Pierre\Desktop\ZHPSuite.exe
2021-07-26 17:13 - 2021-07-26 17:13 - 003017819 _____ C:\Users\Pierre\Desktop\ZHPSuite.zip
2021-07-26 17:06 - 2021-07-26 17:04 - 000053760 _____ C:\Users\Pierre\1036.MST
2021-07-26 17:06 - 2017-10-12 16:00 - 010466304 _____ C:\Users\Pierre\Pinnacle_Video_Driver_64bit.msi
2021-07-26 17:03 - 2021-07-26 17:03 - 000003040 _____ C:\Windows\system32\Tasks\{4CB43313-4AB3-432E-9167-D7E67C25A557}
2021-07-24 22:33 - 2021-07-24 22:33 - 000276696 _____ C:\Windows\Minidump\072421-18844-01.dmp
2021-07-24 13:04 - 2021-07-24 13:05 - 000276696 _____ C:\Windows\Minidump\072421-28875-01.dmp
2021-07-23 12:24 - 2019-08-18 13:09 - 730980352 _____ C:\Users\Pierre\Desktop\Adeus Pai.avi
2021-07-23 12:24 - 2019-08-18 12:55 - 000060312 _____ C:\Users\Pierre\Desktop\Adeus Pai FR.srt
2021-07-23 12:24 - 2019-08-18 12:55 - 000059848 _____ C:\Users\Pierre\Desktop\Adeus Pai PL.srt
2021-07-23 12:24 - 2019-08-18 12:55 - 000059751 _____ C:\Users\Pierre\Desktop\Adeus Pai EN.srt
2021-07-23 12:03 - 2021-07-23 12:15 - 724565604 _____ C:\Users\Pierre\Desktop\adeus-pai-1996-dvdrip.zip
2021-07-22 23:54 - 2019-09-24 21:39 - 000052970 _____ C:\Users\Pierre\Desktop\Léolo.por.srt
2021-07-22 23:54 - 2019-09-24 21:39 - 000052834 _____ C:\Users\Pierre\Desktop\Léolo.ita.srt
2021-07-22 23:54 - 2019-09-24 21:39 - 000050545 _____ C:\Users\Pierre\Desktop\Léolo.spa.srt
2021-07-22 23:54 - 2019-09-24 21:39 - 000048425 _____ C:\Users\Pierre\Desktop\Léolo.eng.srt
2021-07-22 23:53 - 2019-09-24 23:32 - 1399433556 _____ C:\Users\Pierre\Desktop\Léolo.avi
2021-07-22 23:28 - 2021-07-22 23:52 - 1382788284 _____ C:\Users\Pierre\Desktop\leolo-1992-720p-dvdrip.zip
2021-07-22 14:31 - 2021-07-22 14:31 - 000161583 _____ C:\Users\Pierre\Documents\JIM fr defenseur des droits - Extension du __ pas s sanitaire _ le Défenseur des droits dénonce un dispositif disproportionne.pdf
2021-07-06 12:40 - 2021-07-06 12:40 - 000002323 _____ C:\Users\Pierre\AppData\Local\recently-used.xbel
2021-07-06 12:06 - 2021-07-06 12:09 - 016113078 _____ C:\Users\Pierre\Sans titre 1.bmp
2021-07-02 14:02 - 2021-07-02 14:02 - 000276696 _____ C:\Windows\Minidump\070221-33306-01.dmp
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-07-27 09:41 - 2020-05-26 14:40 - 000000000 ____D C:\FRST
2021-07-27 09:38 - 2015-02-15 18:40 - 000000000 ____D C:\Program Files (x86)\Google
2021-07-27 09:35 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-07-27 08:52 - 2015-09-10 08:53 - 000271360 _____ C:\Users\Pierre\Desktop\Outlook.pst
2021-07-27 08:49 - 2009-07-14 06:45 - 000029136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-07-27 08:49 - 2009-07-14 06:45 - 000029136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-07-27 00:04 - 2015-02-16 17:36 - 000000000 ____D C:\Users\Pierre\Documents\GENEALOGIE
2021-07-26 22:52 - 2015-05-11 09:56 - 741165403 _____ C:\Windows\MEMORY.DMP
2021-07-26 22:52 - 2015-05-11 09:56 - 000000000 ____D C:\Windows\Minidump
2021-07-26 19:09 - 2015-05-11 09:42 - 000000000 ____D C:\Users\Pierre\AppData\Roaming\vlc
2021-07-26 17:31 - 2017-02-17 18:25 - 000000000 ____D C:\Users\Pierre\AppData\Roaming\ZHP
2021-07-26 17:07 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2021-07-26 17:06 - 2015-02-15 18:04 - 000000000 ____D C:\Users\Pierre
2021-07-24 19:05 - 2021-05-16 17:44 - 000002227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-23 11:57 - 2018-08-16 20:19 - 000007639 _____ C:\Users\Pierre\AppData\Local\Resmon.ResmonCfg
2021-07-23 11:20 - 2021-03-31 19:40 - 000003502 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA1d72654f04bf94d
2021-07-23 11:20 - 2021-03-31 19:40 - 000003374 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore1d72654eff6d32e
2021-07-19 14:04 - 2021-03-05 21:03 - 000000000 ____D C:\Users\Pierre\Documents\ACHATS
2021-07-14 23:20 - 2021-03-09 15:23 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-07-14 23:17 - 2015-02-16 17:35 - 000000000 ____D C:\Users\Pierre\Documents\CUISINE
2021-07-13 20:52 - 2015-03-16 00:17 - 000000000 ____D C:\Users\Pierre\AppData\Roaming\QCAD
2021-07-13 12:11 - 2015-02-16 18:48 - 000000000 ____D C:\Users\Pierre\AppData\Roaming\Audacity
2021-07-12 00:25 - 2020-04-02 11:32 - 000000000 ____D C:\Users\Pierre\Documents\_NOTES
2021-07-11 16:53 - 2021-03-02 23:11 - 000000000 ____D C:\Users\Pierre\AppData\Roaming\Scratch
2021-07-10 23:32 - 2020-12-08 12:10 - 000000000 ____D C:\Users\Pierre\AppData\Local\babl-0.1
2021-07-08 23:41 - 2017-03-13 22:39 - 000000250 _____ C:\Windows\AudioCleanic.INI
2021-07-06 12:08 - 2018-07-24 21:26 - 000117248 ___SH C:\Users\Pierre\Thumbs.db
2021-07-04 18:57 - 2009-07-14 07:08 - 000032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2021-07-02 08:56 - 2021-05-16 17:38 - 000003534 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-02 08:56 - 2021-05-16 17:38 - 000003406 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-06-30 14:31 - 2015-02-16 17:42 - 000000000 ____D C:\Users\Pierre\Documents\GESTION
==================== Fichiers à la racine de certains dossiers ========
2019-02-03 11:53 - 2019-02-03 11:53 - 000000025 _____ () C:\Users\Pierre\Liste.bat
2015-04-19 18:20 - 2021-06-03 15:21 - 000000000 _____ () C:\Users\Pierre\AppData\Roaming\Animals
2015-04-19 18:21 - 2015-04-19 18:21 - 000000268 ___RH () C:\Users\Pierre\AppData\Roaming\Application
2016-01-20 20:46 - 2016-01-20 20:46 - 000038438 _____ () C:\Users\Pierre\AppData\Roaming\Microsoft Excel.ADR
2016-01-02 20:58 - 2019-08-30 18:39 - 000005120 _____ () C:\Users\Pierre\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-07-06 12:40 - 2021-07-06 12:40 - 000002323 _____ () C:\Users\Pierre\AppData\Local\recently-used.xbel
2018-08-16 20:19 - 2021-07-23 11:57 - 000007639 _____ () C:\Users\Pierre\AppData\Local\Resmon.ResmonCfg
==================== FCheck ================================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
FCheck: C:\Windows\system32\WMVENCOD.DLL [2015-12-08] <==== ATTENTION (zéro octet Fichier/Dossier)
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le MD5 est légitime
C:\Windows\SysWOW64\explorer.exe => Le MD5 est légitime
LastRegBack: 2021-07-27 09:16
==================== Fin de FRST.txt ========================