Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-08-2021
Exécuté par fabien (administrateur) sur PCFABIEN (Hewlett-Packard HP Pavilion 15 Notebook PC) (19-08-2021 19:22:52)
Exécuté depuis C:\Users\fabien\Downloads
Profils chargés: fabien
Platform: Windows 10 Home Version 2004 19041.1165 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel® Services Manager -> ) C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
(Intel® Services Manager -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\ui\updateui.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\fabien\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Softex Inc.) [Fichier non signé] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7642328 2014-10-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1889272996-68939449-3391977258-1001\...\MountPoints2: {1acfb248-5ab6-11e5-8265-d85de2db7c06} - "F:\WD SmartWare.exe" autoplay=true
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [423936 2014-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-18] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2014-09-23] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [Fichier non signé]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [Fichier non signé]
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {02B83D3A-46E4-4F77-9977-0381CE028161} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {0F8F84AA-FA83-438E-8712-87D32CC08469} - System32\Tasks\Opera scheduled Autoupdate 1603474347 => C:\Users\fabien\AppData\Local\Programs\Opera\launcher.exe
Task: {11DC5981-C4A2-4122-9D50-11531E0C1704} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {1299E9C3-E220-42A8-A398-3CE2874086E6} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1354552 2014-05-19] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
Task: {1FA3D65C-A223-4AF8-9A10-AC5BCE522F81} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {2671AEF0-6D8D-4101-B8F2-D48E9DC2641D} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {2E710B2D-5460-49B1-9AD4-593C653DD7EE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3EC74AAD-5D1B-49E4-9B1E-4B9A9BDF6F6F} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe
Task: {500F2B3E-CE0E-408A-8928-4A0EAB9338A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-03] (Google Inc -> Google Inc.)
Task: {541CA4A6-C508-47D1-8D3A-A365BD3BE824} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {5B142BC7-1925-4953-B573-87A3EA9EE582} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION
Task: {5B78CABC-07D4-4674-9A35-2BF06DC799BD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> Pas de fichier <==== ATTENTION
Task: {6CE1AAC7-283C-4E16-ADDF-E37E0CA1A6CB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7509CD9D-37D9-4C26-BA1E-70D2C531D76F} - System32\Tasks\Opera scheduled assistant Autoupdate 1603474453 => C:\Users\fabien\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\fabien\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {767535F2-2779-4E7B-AD96-C8F124F40F09} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2014-09-23] (CyberLink Corp. -> CyberLink Corp.)
Task: {76CD7BA3-D5D2-410B-9D37-FA190FB8E81A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [458296 2015-12-21] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {76D59061-0F08-4F18-A61C-3F14AE5096BA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {7BFA51AF-E967-4BAC-9FB1-6A8B0E950D4A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [458296 2015-12-21] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {7C4EB11C-16FC-41FE-B192-5787F08A6BB8} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {820E283F-E540-4587-9EE5-8170FA3883E7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {846E4AEC-DDF6-48C4-839A-D6929A369716} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-04-09] (Intel® Services Manager -> )
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8D502DAC-AA24-4DC5-957C-89F049E12B01} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-15] (Dropbox, Inc -> )
Task: {A6435080-44AD-4610-B775-D6FC532BBB71} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {B84509ED-4EA1-4A06-8D1D-276F84BE65A6} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [673720 2021-08-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {C5099558-DE1B-4FB9-845C-057B486ACEFE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-03] (Google Inc -> Google Inc.)
Task: {CDAE1926-3850-4A25-8A9A-060B44BD8DE4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D95F1CFA-7638-4759-9D0B-286099A4C4AE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {DE687B66-6DFA-4EF3-AA26-20D15E670AC1} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-04-09] (Intel® Services Manager -> )
Task: {E0FDA1CA-1701-4DF6-B733-0E1AFB7C9F63} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier <==== ATTENTION
Task: {E59B66EC-9865-4A0E-AC6C-1E780AA5748B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
Task: {EF4BDEBD-D9D7-402E-9C29-405034F6BC34} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {F89E2214-3503-4A30-B8B5-EA58272D4B8C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{87425ea6-811b-4638-91ac-84150f8e01c6}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{8981d079-bf6a-4a76-95d2-3730dc5d5e78}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{de7214e4-5937-432f-9394-ae930b14e8dc}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{e1ee4af5-9946-4c4c-b8cf-28d9ad5cb4d8}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{f6b4cfb7-a73b-422e-a041-9de6802c526c}: [DhcpNameServer] 192.168.42.129
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\fabien\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-19]
Edge Extension: (Avast Online Security) - C:\Users\fabien\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2021-03-05]
Edge Extension: (Print Friendly & PDF) - C:\Users\fabien\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nhiebejbpolmpkikgbijamagibifhjib [2020-06-27]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: jnui7p4v.default
FF ProfilePath: C:\Users\fabien\AppData\Roaming\Mozilla\Firefox\Profiles\jnui7p4v.default [2021-08-19]
FF Homepage: Mozilla\Firefox\Profiles\jnui7p4v.default -> hxxps://www.google.com/
FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\fabien\AppData\Roaming\Mozilla\Firefox\Profiles\jnui7p4v.default\Extensions\sp@avast.com.xpi [2020-12-10]
FF Extension: (Avast Online Security) - C:\Users\fabien\AppData\Roaming\Mozilla\Firefox\Profiles\jnui7p4v.default\Extensions\wrc@avast.com.xpi [2021-06-01]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_453.dll [2020-12-10] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_453.dll [2020-12-10] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] (Foxit Corporation -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] (Foxit Corporation -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] (WildTangent Inc -> )
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default [2021-08-19]
CHR Notifications: Default -> hxxps://www.centerparcs.fr; hxxps://www.conforama.fr; hxxps://www.econologie.com; hxxps://www.encoreungateau.com; hxxps://www.facebook.com; hxxps://www.santediscount.com; hxxps://www.teteamodeler.com; hxxps://www.tirexo.pro; hxxps://www.zone-telechargement.al
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Safe Torrent Scanner) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-07-01]
CHR Extension: (Docs) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-09]
CHR Extension: (Google Drive) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-23]
CHR Extension: (YouTube) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-20]
CHR Extension: (Avira Password Manager) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-08-02]
CHR Extension: (Avira Safe Shopping) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2021-08-19]
CHR Extension: (Recherche Google) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-05-20]
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-10]
CHR Extension: (Sheets) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-09]
CHR Extension: (Google Docs hors connexion) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-25]
CHR Extension: (Avast Online Security) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-17]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-08-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Print Friendly & PDF) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlencieiipommannpdfcmfdpjjmeolj [2021-04-14]
CHR Extension: (Gmail) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-02]
CHR Profile: C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-12-18]
CHR Profile: C:\Users\fabien\AppData\Local\Google\Chrome\User Data\System Profile [2019-12-18]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-08-25] (WildTangent Inc -> WildTangent)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-12] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [387928 2020-06-30] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-04-09] (Intel® Services Manager -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-08-19] (Malwarebytes Inc -> Malwarebytes)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [Fichier non signé]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [194168 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-08-19] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-08-19] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-08-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-08-19] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69016 2021-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-19] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-08-19] (Malwarebytes Inc -> Malwarebytes)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-08] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-08-19 19:22 - 2021-08-19 19:25 - 000028353 _____ C:\Users\fabien\Downloads\FRST.txt
2021-08-19 19:21 - 2021-08-19 19:24 - 000000000 ____D C:\FRST
2021-08-19 19:21 - 2021-08-19 19:21 - 002300416 _____ (Farbar) C:\Users\fabien\Downloads\FRST64.exe
2021-08-19 19:07 - 2021-08-19 19:07 - 000000000 ____D C:\Users\fabien\AppData\LocalLow\IGDump
2021-08-19 18:55 - 2021-08-19 18:55 - 000001416 _____ C:\Users\fabien\Desktop\ZHPDiag - Raccourci.lnk
2021-08-19 18:53 - 2021-08-19 18:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-08-19 18:51 - 2021-08-19 18:51 - 000415844 _____ C:\Users\fabien\Desktop\ZHPDiag.html
2021-08-19 18:35 - 2021-08-19 18:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-08-19 18:34 - 2021-08-19 18:34 - 003475096 _____ (Nicolas Coolman) C:\Users\fabien\ZHPSuite.exe
2021-08-19 18:30 - 2021-08-19 18:30 - 000003036 _____ C:\Users\fabien\Desktop\Mb.txt
2021-08-19 18:17 - 2021-08-19 18:17 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-08-19 18:17 - 2021-08-19 18:17 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-08-19 18:17 - 2021-08-19 18:17 - 000069016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-08-19 18:15 - 2021-08-19 18:15 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-08-19 18:15 - 2021-08-19 18:15 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-08-19 18:15 - 2021-08-19 18:15 - 000002000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-08-19 18:15 - 2021-08-19 18:15 - 000001988 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-08-19 18:15 - 2021-08-19 18:15 - 000000000 ____D C:\Users\fabien\AppData\Local\mbam
2021-08-19 18:14 - 2021-08-19 18:13 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-08-19 18:14 - 2021-08-19 18:13 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-08-19 18:13 - 2021-08-19 18:13 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-08-19 18:10 - 2021-08-19 18:10 - 002120496 _____ (Malwarebytes) C:\Users\fabien\Downloads\MBSetup.exe
2021-08-19 18:10 - 2021-08-19 18:10 - 000000000 ____D C:\Program Files\Malwarebytes
2021-08-19 18:09 - 2021-08-19 18:09 - 000002999 _____ C:\Users\fabien\Desktop\AdwCleaner[C00] 1.txt
2021-08-19 17:58 - 2021-08-19 18:00 - 000000000 ____D C:\AdwCleaner
2021-08-19 17:58 - 2021-08-19 17:58 - 008553680 _____ (Malwarebytes) C:\Users\fabien\Downloads\adwcleaner_8.3.0.exe
2021-08-18 21:53 - 2021-08-18 21:53 - 000012519 _____ C:\Users\fabien\Desktop\ZHPCleaner (R).html
2021-08-18 21:53 - 2021-08-18 21:53 - 000005448 _____ C:\Users\fabien\Desktop\ZHPCleaner (R).txt
2021-08-18 21:47 - 2021-08-18 21:47 - 000011825 _____ C:\Users\fabien\Desktop\ZHPCleaner (S).html
2021-08-18 21:47 - 2021-08-18 21:47 - 000004974 _____ C:\Users\fabien\Desktop\ZHPCleaner (S).txt
2021-08-18 21:28 - 2021-08-18 21:28 - 000000922 _____ C:\Users\fabien\Desktop\ZHPCleaner.lnk
2021-08-18 21:27 - 2021-08-18 21:28 - 002824093 _____ C:\Users\fabien\Downloads\ZHPCleaner.zip
2021-08-17 21:40 - 2021-08-17 21:40 - 003181960 _____ (Avira Operations GmbH & Co. KG) C:\Users\fabien\Downloads\avira-registry-cleaner_2-0-2-7_en_433959 (2).exe
2021-08-17 21:39 - 2021-08-17 21:39 - 003181960 _____ (Avira Operations GmbH & Co. KG) C:\Users\fabien\Downloads\avira-registry-cleaner_2-0-2-7_en_433959 (1).exe
2021-08-17 21:31 - 2021-08-17 21:31 - 003181960 _____ (Avira Operations GmbH & Co. KG) C:\Users\fabien\Downloads\avira-registry-cleaner_2-0-2-7_en_433959.exe
2021-08-17 21:22 - 2021-08-17 21:22 - 000477806 _____ C:\Users\fabien\Downloads\Plaquette-IFAP (1).pdf
2021-08-17 21:19 - 2021-08-17 21:19 - 000477806 _____ C:\Users\fabien\Downloads\Plaquette-IFAP.pdf
2021-08-17 21:05 - 2021-08-17 21:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2021-08-17 15:11 - 2021-08-17 15:11 - 000084297 _____ C:\Users\fabien\Downloads\Bordereau-Vinted-2160771773 (1).pdf
2021-08-17 14:59 - 2021-08-19 18:50 - 000340383 _____ C:\Users\fabien\Desktop\ZHPDiag.txt
2021-08-17 14:45 - 2021-08-19 18:50 - 000000000 ____D C:\Users\fabien\AppData\Roaming\ZHP
2021-08-17 14:45 - 2021-08-19 18:34 - 000000771 _____ C:\Users\fabien\Desktop\ZHPSuite.lnk
2021-08-17 14:45 - 2021-08-18 21:28 - 000000000 ____D C:\Users\fabien\AppData\Local\ZHP
2021-08-17 14:44 - 2021-08-17 14:44 - 003019629 _____ C:\Users\fabien\Downloads\ZHPSuite.zip
2021-08-17 13:58 - 2021-08-19 14:40 - 000018611 _____ C:\Users\fabien\Desktop\s34 2021.ods
2021-08-15 10:02 - 2021-08-15 10:02 - 000084297 _____ C:\Users\fabien\Downloads\Bordereau-Vinted-2160771773.pdf
2021-08-12 21:17 - 2021-08-12 21:17 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-12 21:16 - 2021-08-12 21:16 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-12 21:16 - 2021-08-12 21:16 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-12 21:16 - 2021-08-12 21:16 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-12 21:15 - 2021-08-12 21:15 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-12 21:15 - 2021-08-12 21:15 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-12 21:13 - 2021-08-12 21:13 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-12 20:38 - 2021-08-12 20:38 - 000000000 ___HD C:\$WinREAgent
2021-08-12 09:20 - 2021-08-19 19:09 - 000020625 _____ C:\Users\fabien\Desktop\s33 2021.ods
2021-08-02 12:08 - 2021-08-19 12:06 - 000021683 _____ C:\Users\fabien\Desktop\s32 2021.ods
2021-07-26 21:35 - 2021-07-26 21:35 - 000764737 _____ C:\Users\fabien\Downloads\Devis FNEP - MOREAUD n°210604095JB.pdf
2021-07-26 15:31 - 2021-07-26 15:31 - 000082406 _____ C:\Users\fabien\Downloads\Répartition individuelle (3).PDF
2021-07-26 15:30 - 2021-07-26 15:30 - 000089376 _____ C:\Users\fabien\Downloads\Appel de fonds (12).PDF
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-08-19 19:20 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-19 19:14 - 2015-09-03 21:10 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-19 18:54 - 2016-11-21 14:39 - 000000000 ____D C:\Users\fabien\AppData\LocalLow\Mozilla
2021-08-19 18:53 - 2019-05-22 15:38 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-19 18:53 - 2015-09-03 21:03 - 000001178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-19 18:53 - 2015-09-03 21:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-08-19 18:34 - 2020-08-03 19:14 - 000000000 ____D C:\Users\fabien
2021-08-19 18:14 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-08-19 18:11 - 2018-10-20 21:10 - 000000000 ____D C:\Users\fabien\AppData\Local\CrashDumps
2021-08-19 18:11 - 2015-09-03 20:48 - 000000000 ____D C:\Users\fabien\Documents\Youcam
2021-08-19 18:07 - 2015-09-06 20:38 - 000000000 ___RD C:\Users\fabien\OneDrive
2021-08-19 18:06 - 2017-10-24 22:33 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-08-19 18:06 - 2015-09-03 20:43 - 000000000 __SHD C:\Users\fabien\IntelGraphicsProfiles
2021-08-19 18:02 - 2020-08-04 18:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-19 18:02 - 2020-08-03 19:08 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-19 18:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-08-19 18:01 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-19 18:00 - 2020-10-23 19:27 - 000000000 ____D C:\Users\fabien\AppData\Local\Lavasoft
2021-08-19 18:00 - 2020-10-23 19:24 - 000000000 ____D C:\ProgramData\Lavasoft
2021-08-19 14:13 - 2020-08-03 19:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-19 09:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-19 09:19 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-18 21:53 - 2020-10-23 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2021-08-18 21:53 - 2020-10-23 19:26 - 000000000 ____D C:\Users\fabien\AppData\Roaming\Lavasoft
2021-08-18 21:25 - 2020-12-10 13:22 - 000000000 ____D C:\Program Files (x86)\Avira
2021-08-18 21:24 - 2020-08-04 18:36 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1889272996-68939449-3391977258-1001
2021-08-18 21:24 - 2020-08-03 19:14 - 000002466 _____ C:\Users\fabien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-18 21:20 - 2020-08-04 18:36 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-18 21:20 - 2020-08-04 18:36 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-17 21:30 - 2020-10-23 19:34 - 000000000 ____D C:\Users\fabien\AppData\Local\Opera Software
2021-08-17 21:30 - 2020-10-23 19:23 - 000000000 ____D C:\Users\fabien\AppData\Roaming\Opera Software
2021-08-17 21:29 - 2021-04-15 15:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-08-17 21:29 - 2020-12-10 13:22 - 000000000 ____D C:\ProgramData\Avira
2021-08-17 21:25 - 2015-06-15 17:04 - 000000000 ____D C:\ProgramData\McAfee
2021-08-17 21:19 - 2015-06-15 16:52 - 000000000 ____D C:\ProgramData\AVAST Software
2021-08-17 21:18 - 2020-08-04 18:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-08-17 21:05 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-17 21:02 - 2016-09-13 11:34 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-08-17 14:00 - 2019-07-10 16:13 - 000000000 ____D C:\Users\fabien\Desktop\PLANNING
2021-08-13 19:26 - 2020-10-23 19:34 - 000004202 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1603474347
2021-08-13 19:18 - 2020-08-03 19:36 - 001925694 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-13 19:18 - 2019-12-07 16:49 - 000833030 _____ C:\WINDOWS\system32\perfh00C.dat
2021-08-13 19:18 - 2019-12-07 16:49 - 000167760 _____ C:\WINDOWS\system32\perfc00C.dat
2021-08-13 10:11 - 2020-06-27 02:10 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-13 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-08-13 00:19 - 2020-08-03 19:08 - 000309168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-13 00:15 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-13 00:15 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-13 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-13 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-13 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-13 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-13 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-13 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-13 00:15 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-12 21:30 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-12 20:32 - 2015-09-09 22:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-12 20:26 - 2015-09-09 22:25 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-12 17:29 - 2021-06-15 21:18 - 000004432 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1603474453
2021-08-12 17:15 - 2018-02-05 23:39 - 000000000 ____D C:\Users\fabien\AppData\Local\Packages
2021-08-08 10:47 - 2021-01-22 15:39 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-07 11:08 - 2020-08-04 18:36 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-07 11:08 - 2020-08-04 18:36 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
==================== Fichiers à la racine de certains dossiers ========
2021-08-19 18:34 - 2021-08-19 18:34 - 003475096 _____ (Nicolas Coolman) C:\Users\fabien\ZHPSuite.exe
2017-10-05 20:13 - 2017-10-05 20:14 - 000000000 _____ () C:\Users\fabien\AppData\Local\{791A254B-8EF9-4533-A488-B97128B8DBB5}
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par fabien (administrateur) sur PCFABIEN (Hewlett-Packard HP Pavilion 15 Notebook PC) (19-08-2021 19:22:52)
Exécuté depuis C:\Users\fabien\Downloads
Profils chargés: fabien
Platform: Windows 10 Home Version 2004 19041.1165 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel® Services Manager -> ) C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
(Intel® Services Manager -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\ui\updateui.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\fabien\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Softex Inc.) [Fichier non signé] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7642328 2014-10-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1889272996-68939449-3391977258-1001\...\MountPoints2: {1acfb248-5ab6-11e5-8265-d85de2db7c06} - "F:\WD SmartWare.exe" autoplay=true
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [423936 2014-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-18] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2014-09-23] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [Fichier non signé]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [Fichier non signé]
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {02B83D3A-46E4-4F77-9977-0381CE028161} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {0F8F84AA-FA83-438E-8712-87D32CC08469} - System32\Tasks\Opera scheduled Autoupdate 1603474347 => C:\Users\fabien\AppData\Local\Programs\Opera\launcher.exe
Task: {11DC5981-C4A2-4122-9D50-11531E0C1704} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {1299E9C3-E220-42A8-A398-3CE2874086E6} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1354552 2014-05-19] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
Task: {1FA3D65C-A223-4AF8-9A10-AC5BCE522F81} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {2671AEF0-6D8D-4101-B8F2-D48E9DC2641D} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {2E710B2D-5460-49B1-9AD4-593C653DD7EE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3EC74AAD-5D1B-49E4-9B1E-4B9A9BDF6F6F} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe
Task: {500F2B3E-CE0E-408A-8928-4A0EAB9338A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-03] (Google Inc -> Google Inc.)
Task: {541CA4A6-C508-47D1-8D3A-A365BD3BE824} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {5B142BC7-1925-4953-B573-87A3EA9EE582} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION
Task: {5B78CABC-07D4-4674-9A35-2BF06DC799BD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> Pas de fichier <==== ATTENTION
Task: {6CE1AAC7-283C-4E16-ADDF-E37E0CA1A6CB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7509CD9D-37D9-4C26-BA1E-70D2C531D76F} - System32\Tasks\Opera scheduled assistant Autoupdate 1603474453 => C:\Users\fabien\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\fabien\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {767535F2-2779-4E7B-AD96-C8F124F40F09} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2014-09-23] (CyberLink Corp. -> CyberLink Corp.)
Task: {76CD7BA3-D5D2-410B-9D37-FA190FB8E81A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [458296 2015-12-21] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {76D59061-0F08-4F18-A61C-3F14AE5096BA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {7BFA51AF-E967-4BAC-9FB1-6A8B0E950D4A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [458296 2015-12-21] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {7C4EB11C-16FC-41FE-B192-5787F08A6BB8} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {820E283F-E540-4587-9EE5-8170FA3883E7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {846E4AEC-DDF6-48C4-839A-D6929A369716} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-04-09] (Intel® Services Manager -> )
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8D502DAC-AA24-4DC5-957C-89F049E12B01} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-15] (Dropbox, Inc -> )
Task: {A6435080-44AD-4610-B775-D6FC532BBB71} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {B84509ED-4EA1-4A06-8D1D-276F84BE65A6} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [673720 2021-08-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {C5099558-DE1B-4FB9-845C-057B486ACEFE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-03] (Google Inc -> Google Inc.)
Task: {CDAE1926-3850-4A25-8A9A-060B44BD8DE4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D95F1CFA-7638-4759-9D0B-286099A4C4AE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {DE687B66-6DFA-4EF3-AA26-20D15E670AC1} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-04-09] (Intel® Services Manager -> )
Task: {E0FDA1CA-1701-4DF6-B733-0E1AFB7C9F63} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier <==== ATTENTION
Task: {E59B66EC-9865-4A0E-AC6C-1E780AA5748B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
Task: {EF4BDEBD-D9D7-402E-9C29-405034F6BC34} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {F89E2214-3503-4A30-B8B5-EA58272D4B8C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{87425ea6-811b-4638-91ac-84150f8e01c6}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{8981d079-bf6a-4a76-95d2-3730dc5d5e78}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{de7214e4-5937-432f-9394-ae930b14e8dc}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{e1ee4af5-9946-4c4c-b8cf-28d9ad5cb4d8}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{f6b4cfb7-a73b-422e-a041-9de6802c526c}: [DhcpNameServer] 192.168.42.129
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\fabien\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-19]
Edge Extension: (Avast Online Security) - C:\Users\fabien\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2021-03-05]
Edge Extension: (Print Friendly & PDF) - C:\Users\fabien\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nhiebejbpolmpkikgbijamagibifhjib [2020-06-27]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: jnui7p4v.default
FF ProfilePath: C:\Users\fabien\AppData\Roaming\Mozilla\Firefox\Profiles\jnui7p4v.default [2021-08-19]
FF Homepage: Mozilla\Firefox\Profiles\jnui7p4v.default -> hxxps://www.google.com/
FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\fabien\AppData\Roaming\Mozilla\Firefox\Profiles\jnui7p4v.default\Extensions\sp@avast.com.xpi [2020-12-10]
FF Extension: (Avast Online Security) - C:\Users\fabien\AppData\Roaming\Mozilla\Firefox\Profiles\jnui7p4v.default\Extensions\wrc@avast.com.xpi [2021-06-01]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_453.dll [2020-12-10] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_453.dll [2020-12-10] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] (Foxit Corporation -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] (Foxit Corporation -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] (WildTangent Inc -> )
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default [2021-08-19]
CHR Notifications: Default -> hxxps://www.centerparcs.fr; hxxps://www.conforama.fr; hxxps://www.econologie.com; hxxps://www.encoreungateau.com; hxxps://www.facebook.com; hxxps://www.santediscount.com; hxxps://www.teteamodeler.com; hxxps://www.tirexo.pro; hxxps://www.zone-telechargement.al
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Safe Torrent Scanner) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-07-01]
CHR Extension: (Docs) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-09]
CHR Extension: (Google Drive) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-23]
CHR Extension: (YouTube) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-20]
CHR Extension: (Avira Password Manager) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-08-02]
CHR Extension: (Avira Safe Shopping) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2021-08-19]
CHR Extension: (Recherche Google) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-05-20]
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-10]
CHR Extension: (Sheets) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-09]
CHR Extension: (Google Docs hors connexion) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-25]
CHR Extension: (Avast Online Security) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-17]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-08-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Print Friendly & PDF) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlencieiipommannpdfcmfdpjjmeolj [2021-04-14]
CHR Extension: (Gmail) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-02]
CHR Profile: C:\Users\fabien\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-12-18]
CHR Profile: C:\Users\fabien\AppData\Local\Google\Chrome\User Data\System Profile [2019-12-18]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-08-25] (WildTangent Inc -> WildTangent)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-12] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [387928 2020-06-30] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-04-09] (Intel® Services Manager -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-08-19] (Malwarebytes Inc -> Malwarebytes)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [Fichier non signé]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [194168 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-08-19] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-08-19] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-08-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-08-19] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69016 2021-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-19] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-08-19] (Malwarebytes Inc -> Malwarebytes)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-08] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-08-19 19:22 - 2021-08-19 19:25 - 000028353 _____ C:\Users\fabien\Downloads\FRST.txt
2021-08-19 19:21 - 2021-08-19 19:24 - 000000000 ____D C:\FRST
2021-08-19 19:21 - 2021-08-19 19:21 - 002300416 _____ (Farbar) C:\Users\fabien\Downloads\FRST64.exe
2021-08-19 19:07 - 2021-08-19 19:07 - 000000000 ____D C:\Users\fabien\AppData\LocalLow\IGDump
2021-08-19 18:55 - 2021-08-19 18:55 - 000001416 _____ C:\Users\fabien\Desktop\ZHPDiag - Raccourci.lnk
2021-08-19 18:53 - 2021-08-19 18:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-08-19 18:51 - 2021-08-19 18:51 - 000415844 _____ C:\Users\fabien\Desktop\ZHPDiag.html
2021-08-19 18:35 - 2021-08-19 18:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-08-19 18:34 - 2021-08-19 18:34 - 003475096 _____ (Nicolas Coolman) C:\Users\fabien\ZHPSuite.exe
2021-08-19 18:30 - 2021-08-19 18:30 - 000003036 _____ C:\Users\fabien\Desktop\Mb.txt
2021-08-19 18:17 - 2021-08-19 18:17 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-08-19 18:17 - 2021-08-19 18:17 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-08-19 18:17 - 2021-08-19 18:17 - 000069016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-08-19 18:15 - 2021-08-19 18:15 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-08-19 18:15 - 2021-08-19 18:15 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-08-19 18:15 - 2021-08-19 18:15 - 000002000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-08-19 18:15 - 2021-08-19 18:15 - 000001988 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-08-19 18:15 - 2021-08-19 18:15 - 000000000 ____D C:\Users\fabien\AppData\Local\mbam
2021-08-19 18:14 - 2021-08-19 18:13 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-08-19 18:14 - 2021-08-19 18:13 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-08-19 18:13 - 2021-08-19 18:13 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-08-19 18:10 - 2021-08-19 18:10 - 002120496 _____ (Malwarebytes) C:\Users\fabien\Downloads\MBSetup.exe
2021-08-19 18:10 - 2021-08-19 18:10 - 000000000 ____D C:\Program Files\Malwarebytes
2021-08-19 18:09 - 2021-08-19 18:09 - 000002999 _____ C:\Users\fabien\Desktop\AdwCleaner[C00] 1.txt
2021-08-19 17:58 - 2021-08-19 18:00 - 000000000 ____D C:\AdwCleaner
2021-08-19 17:58 - 2021-08-19 17:58 - 008553680 _____ (Malwarebytes) C:\Users\fabien\Downloads\adwcleaner_8.3.0.exe
2021-08-18 21:53 - 2021-08-18 21:53 - 000012519 _____ C:\Users\fabien\Desktop\ZHPCleaner (R).html
2021-08-18 21:53 - 2021-08-18 21:53 - 000005448 _____ C:\Users\fabien\Desktop\ZHPCleaner (R).txt
2021-08-18 21:47 - 2021-08-18 21:47 - 000011825 _____ C:\Users\fabien\Desktop\ZHPCleaner (S).html
2021-08-18 21:47 - 2021-08-18 21:47 - 000004974 _____ C:\Users\fabien\Desktop\ZHPCleaner (S).txt
2021-08-18 21:28 - 2021-08-18 21:28 - 000000922 _____ C:\Users\fabien\Desktop\ZHPCleaner.lnk
2021-08-18 21:27 - 2021-08-18 21:28 - 002824093 _____ C:\Users\fabien\Downloads\ZHPCleaner.zip
2021-08-17 21:40 - 2021-08-17 21:40 - 003181960 _____ (Avira Operations GmbH & Co. KG) C:\Users\fabien\Downloads\avira-registry-cleaner_2-0-2-7_en_433959 (2).exe
2021-08-17 21:39 - 2021-08-17 21:39 - 003181960 _____ (Avira Operations GmbH & Co. KG) C:\Users\fabien\Downloads\avira-registry-cleaner_2-0-2-7_en_433959 (1).exe
2021-08-17 21:31 - 2021-08-17 21:31 - 003181960 _____ (Avira Operations GmbH & Co. KG) C:\Users\fabien\Downloads\avira-registry-cleaner_2-0-2-7_en_433959.exe
2021-08-17 21:22 - 2021-08-17 21:22 - 000477806 _____ C:\Users\fabien\Downloads\Plaquette-IFAP (1).pdf
2021-08-17 21:19 - 2021-08-17 21:19 - 000477806 _____ C:\Users\fabien\Downloads\Plaquette-IFAP.pdf
2021-08-17 21:05 - 2021-08-17 21:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2021-08-17 15:11 - 2021-08-17 15:11 - 000084297 _____ C:\Users\fabien\Downloads\Bordereau-Vinted-2160771773 (1).pdf
2021-08-17 14:59 - 2021-08-19 18:50 - 000340383 _____ C:\Users\fabien\Desktop\ZHPDiag.txt
2021-08-17 14:45 - 2021-08-19 18:50 - 000000000 ____D C:\Users\fabien\AppData\Roaming\ZHP
2021-08-17 14:45 - 2021-08-19 18:34 - 000000771 _____ C:\Users\fabien\Desktop\ZHPSuite.lnk
2021-08-17 14:45 - 2021-08-18 21:28 - 000000000 ____D C:\Users\fabien\AppData\Local\ZHP
2021-08-17 14:44 - 2021-08-17 14:44 - 003019629 _____ C:\Users\fabien\Downloads\ZHPSuite.zip
2021-08-17 13:58 - 2021-08-19 14:40 - 000018611 _____ C:\Users\fabien\Desktop\s34 2021.ods
2021-08-15 10:02 - 2021-08-15 10:02 - 000084297 _____ C:\Users\fabien\Downloads\Bordereau-Vinted-2160771773.pdf
2021-08-12 21:17 - 2021-08-12 21:17 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-12 21:16 - 2021-08-12 21:16 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-12 21:16 - 2021-08-12 21:16 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-12 21:16 - 2021-08-12 21:16 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-12 21:15 - 2021-08-12 21:15 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-12 21:15 - 2021-08-12 21:15 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-12 21:13 - 2021-08-12 21:13 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-12 20:38 - 2021-08-12 20:38 - 000000000 ___HD C:\$WinREAgent
2021-08-12 09:20 - 2021-08-19 19:09 - 000020625 _____ C:\Users\fabien\Desktop\s33 2021.ods
2021-08-02 12:08 - 2021-08-19 12:06 - 000021683 _____ C:\Users\fabien\Desktop\s32 2021.ods
2021-07-26 21:35 - 2021-07-26 21:35 - 000764737 _____ C:\Users\fabien\Downloads\Devis FNEP - MOREAUD n°210604095JB.pdf
2021-07-26 15:31 - 2021-07-26 15:31 - 000082406 _____ C:\Users\fabien\Downloads\Répartition individuelle (3).PDF
2021-07-26 15:30 - 2021-07-26 15:30 - 000089376 _____ C:\Users\fabien\Downloads\Appel de fonds (12).PDF
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-08-19 19:20 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-19 19:14 - 2015-09-03 21:10 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-19 18:54 - 2016-11-21 14:39 - 000000000 ____D C:\Users\fabien\AppData\LocalLow\Mozilla
2021-08-19 18:53 - 2019-05-22 15:38 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-19 18:53 - 2015-09-03 21:03 - 000001178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-19 18:53 - 2015-09-03 21:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-08-19 18:34 - 2020-08-03 19:14 - 000000000 ____D C:\Users\fabien
2021-08-19 18:14 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-08-19 18:11 - 2018-10-20 21:10 - 000000000 ____D C:\Users\fabien\AppData\Local\CrashDumps
2021-08-19 18:11 - 2015-09-03 20:48 - 000000000 ____D C:\Users\fabien\Documents\Youcam
2021-08-19 18:07 - 2015-09-06 20:38 - 000000000 ___RD C:\Users\fabien\OneDrive
2021-08-19 18:06 - 2017-10-24 22:33 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-08-19 18:06 - 2015-09-03 20:43 - 000000000 __SHD C:\Users\fabien\IntelGraphicsProfiles
2021-08-19 18:02 - 2020-08-04 18:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-19 18:02 - 2020-08-03 19:08 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-19 18:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-08-19 18:01 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-19 18:00 - 2020-10-23 19:27 - 000000000 ____D C:\Users\fabien\AppData\Local\Lavasoft
2021-08-19 18:00 - 2020-10-23 19:24 - 000000000 ____D C:\ProgramData\Lavasoft
2021-08-19 14:13 - 2020-08-03 19:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-19 09:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-19 09:19 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-18 21:53 - 2020-10-23 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2021-08-18 21:53 - 2020-10-23 19:26 - 000000000 ____D C:\Users\fabien\AppData\Roaming\Lavasoft
2021-08-18 21:25 - 2020-12-10 13:22 - 000000000 ____D C:\Program Files (x86)\Avira
2021-08-18 21:24 - 2020-08-04 18:36 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1889272996-68939449-3391977258-1001
2021-08-18 21:24 - 2020-08-03 19:14 - 000002466 _____ C:\Users\fabien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-18 21:20 - 2020-08-04 18:36 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-18 21:20 - 2020-08-04 18:36 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-17 21:30 - 2020-10-23 19:34 - 000000000 ____D C:\Users\fabien\AppData\Local\Opera Software
2021-08-17 21:30 - 2020-10-23 19:23 - 000000000 ____D C:\Users\fabien\AppData\Roaming\Opera Software
2021-08-17 21:29 - 2021-04-15 15:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-08-17 21:29 - 2020-12-10 13:22 - 000000000 ____D C:\ProgramData\Avira
2021-08-17 21:25 - 2015-06-15 17:04 - 000000000 ____D C:\ProgramData\McAfee
2021-08-17 21:19 - 2015-06-15 16:52 - 000000000 ____D C:\ProgramData\AVAST Software
2021-08-17 21:18 - 2020-08-04 18:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-08-17 21:05 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-17 21:02 - 2016-09-13 11:34 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-08-17 14:00 - 2019-07-10 16:13 - 000000000 ____D C:\Users\fabien\Desktop\PLANNING
2021-08-13 19:26 - 2020-10-23 19:34 - 000004202 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1603474347
2021-08-13 19:18 - 2020-08-03 19:36 - 001925694 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-13 19:18 - 2019-12-07 16:49 - 000833030 _____ C:\WINDOWS\system32\perfh00C.dat
2021-08-13 19:18 - 2019-12-07 16:49 - 000167760 _____ C:\WINDOWS\system32\perfc00C.dat
2021-08-13 10:11 - 2020-06-27 02:10 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-13 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-08-13 00:19 - 2020-08-03 19:08 - 000309168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-13 00:15 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-13 00:15 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-13 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-13 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-13 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-13 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-13 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-13 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-13 00:15 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-12 21:30 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-12 20:32 - 2015-09-09 22:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-12 20:26 - 2015-09-09 22:25 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-12 17:29 - 2021-06-15 21:18 - 000004432 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1603474453
2021-08-12 17:15 - 2018-02-05 23:39 - 000000000 ____D C:\Users\fabien\AppData\Local\Packages
2021-08-08 10:47 - 2021-01-22 15:39 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-07 11:08 - 2020-08-04 18:36 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-07 11:08 - 2020-08-04 18:36 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
==================== Fichiers à la racine de certains dossiers ========
2021-08-19 18:34 - 2021-08-19 18:34 - 003475096 _____ (Nicolas Coolman) C:\Users\fabien\ZHPSuite.exe
2017-10-05 20:13 - 2017-10-05 20:14 - 000000000 _____ () C:\Users\fabien\AppData\Local\{791A254B-8EF9-4533-A488-B97128B8DBB5}
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================