Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 12-10-2021
Exécuté par Laurenceau (administrateur) sur LAURENCEAU-HP (Hewlett-Packard HP Pavilion g7 Notebook PC) (13-10-2021 14:50:23)
Exécuté depuis C:\Users\Laurenceau\Desktop
Profils chargés: Laurenceau
Platform: Microsoft Windows 10 Famille Version 21H1 19043.1266 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe <5>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe <2>
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20436.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.9022.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.9022.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\Windows-KB890830-x64-V5.94.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MRT.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1220_none_7e21bc567c7ed16b\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <8>
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\updater-ws.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\ws.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe <6>
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Spotify AB -> Spotify Ltd) C:\Users\Laurenceau\AppData\Roaming\Spotify\Spotify.exe <6>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TomTom) [Fichier non signé] C:\Program Files\TomTom HOME\TTHOMEService.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-28] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339512 2021-09-22] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [704424 2017-06-15] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-2603305841-1989612468-1150847816-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-2603305841-1989612468-1150847816-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-12-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2603305841-1989612468-1150847816-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35093120 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2603305841-1989612468-1150847816-1001\...\Run: [Spotify] => C:\Users\Laurenceau\AppData\Roaming\Spotify\Spotify.exe [18616456 2021-10-02] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2603305841-1989612468-1150847816-1001\...\Policies\Explorer: []
HKLM\...\Print\Monitors\PDF Architect 7 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\pdf architect_pdfpmon_v.4.12.26.3.dll [932984 2020-08-10] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [181248 2021-09-03] (pdfforge GmbH) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\94.0.12309.64\Installer\chrmstp.exe [2021-10-08] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\94.0.4606.81\Installer\chrmstp.exe [2021-10-08] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {084F7954-7519-41B9-88FE-E7B56E3E55B6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0AA2DF51-1CD3-494B-A016-75E244963C40} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-13] (Piriform Software Ltd -> Piriform Software)
Task: {0F339EBD-6E64-4E9C-9E42-B75D2F62245A} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2356696 2021-09-30] (Piriform Software Ltd -> Piriform Software)
Task: {137F8010-A0FF-4476-9829-F8C470575E48} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-13] (Piriform Software Ltd -> Piriform Software)
Task: {233D4D15-9383-4109-BE7E-94213BF854DD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {243EFE76-C168-484D-B849-16CA5BDD5BDD} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {3AB6B673-4DCC-4450-8CBD-12A266600DD5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {3F4568CD-DFF5-443F-83E3-685482B99D4D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-09-10] (Piriform Software Ltd -> Piriform)
Task: {4790DB6D-0B6D-4A4A-A444-469B3A08BD57} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {68BDDA44-CBA8-4434-8889-5CF9C605B435} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {6E9A6329-EAE5-4F5A-AEA3-7DE439A77D13} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2356696 2021-09-30] (Piriform Software Ltd -> Piriform Software)
Task: {87908028-8FC5-4009-AF81-0E011830DE51} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8E322011-1B60-43B4-AB78-D7C0D9D1E7C8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
Task: {8F09E83C-53B8-4505-BE5A-CAFAA59EB3B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-06] (Google Inc -> Google Inc.)
Task: {9CFBC879-0D5E-4DB1-B391-A6A68E4AE61E} - System32\Tasks\CCleanerSkipUAC - Laurenceau => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A1DDEF15-EB13-45C2-98F5-88DF97D91ED7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-06] (Google Inc -> Google Inc.)
Task: {BF85DE92-2EE6-467F-8804-81CDAA1B7E4C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EB8E3C4E-2C5B-4CD8-87B1-7A1A14FAE6EA} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [627128 2021-10-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {FFF2BCDE-B5DC-4178-8814-78506B48094A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{52b7afb2-8dba-4717-9c88-36c47f7eea88}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Laurenceau\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-08]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Laurenceau\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-07-30]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 4xcggmmh.default-1627902458596
FF ProfilePath: C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\4xcggmmh.default-1627902458596 [non trouvé(e)] <==== ATTENTION
FF ProfilePath: C:\Users\Laurenceau\AppData\Roaming\TomTom\HOME\Profiles\g44v2ne5.default [2019-11-17]
FF Extension: (Pas de nom) - D:\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [non trouvé(e)]
FF ProfilePath: C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\3hvqpqmv.default-release-1630333763739 [2021-10-13]
FF Homepage: Mozilla\Firefox\Profiles\3hvqpqmv.default-release-1630333763739 -> 20minutes.fr
FF Extension: (AdBlocker Ultimate) - C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\3hvqpqmv.default-release-1630333763739\Extensions\adblockultimate@adblockultimate.net.xpi [2021-10-08]
FF Extension: (AdGuard AdBlocker) - C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\3hvqpqmv.default-release-1630333763739\Extensions\adguardadblocker@adguard.com.xpi [2021-10-08]
FF Extension: (Clear Cache) - C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\3hvqpqmv.default-release-1630333763739\Extensions\clearcache@michel.de.almeida.xpi [2021-10-08]
FF Extension: (Enhancer for YouTube™) - C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\3hvqpqmv.default-release-1630333763739\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2021-10-08]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\3hvqpqmv.default-release-1630333763739\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-10-09]
FF Extension: (Green Blocker) - C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\3hvqpqmv.default-release-1630333763739\Extensions\{585d400a-21d7-4270-a3c5-8c09aa351c1d}.xpi [2021-10-03]
FF HKLM\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi
FF Extension: (PDF Architect 7 Creator) - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi [2019-10-02]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-12-13] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-03] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Laurenceau\AppData\Local\Google\Chrome\User Data\Default [2021-10-08]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Laurenceau\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-09-06]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1353208 2017-06-15] (Autodesk, Inc -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc. -> Autodesk, Inc.)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-13] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\94.0.12309.64\elevation_service.exe [1436280 2021-09-30] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-13] (Piriform Software Ltd -> Piriform Software)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7801016 2021-10-08] (Malwarebytes Inc -> Malwarebytes)
R3 PDF Architect 7; C:\Program Files\PDF Architect 7\ws.exe [2579752 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 7 Creator; C:\Program Files\PDF Architect 7\creator\common\creator-ws.exe [692008 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 7 Update Service; C:\Program Files\PDF Architect 7\updater-ws.exe [1832232 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 TTHOMEService; C:\Program Files\TomTom HOME\TTHOMEService.exe [97792 2019-04-17] (TomTom) [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe [2855512 2021-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe [128392 2021-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Browser; %SystemRoot%\System32\browser.dll [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2021-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-16] (Malwarebytes Inc -> Malwarebytes)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-29] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-10-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-10-08] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-10-08] (Microsoft Windows -> Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-03-06] (Zemana Ltd. -> Zemana Ltd.)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-10-13 14:50 - 2021-10-13 15:04 - 000023927 _____ C:\Users\Laurenceau\Desktop\FRST.txt
2021-10-13 14:41 - 2021-10-13 15:01 - 000000000 ____D C:\FRST
2021-10-13 14:27 - 2021-10-13 14:27 - 002310656 _____ (Farbar) C:\Users\Laurenceau\Desktop\FRST64.exe
2021-10-13 13:41 - 2021-10-13 13:41 - 000000000 ___HD C:\$WinREAgent
2021-10-11 14:41 - 2021-10-11 14:41 - 000302021 _____ C:\Users\Laurenceau\Desktop\ZHPDiag.txt
2021-10-11 14:17 - 2021-10-11 14:18 - 003476632 _____ (Nicolas Coolman) C:\Users\Laurenceau\Desktop\ZHPSuite.exe
2021-10-10 13:46 - 2021-10-10 13:46 - 000000000 ____D C:\Users\Laurenceau\AppData\Local\ZHP
2021-10-10 13:33 - 2021-10-10 13:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-10-09 14:00 - 2021-10-10 13:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-10-08 16:42 - 2021-10-08 16:42 - 000210344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-10-08 16:24 - 2021-10-08 16:26 - 030230360 _____ C:\Users\Laurenceau\Desktop\UCheck_portable64(21).exe
2021-10-03 18:01 - 2021-10-03 18:01 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2021-10-03 18:01 - 2021-10-03 18:01 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2021-10-03 18:00 - 2021-10-03 18:00 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-10-03 17:58 - 2021-10-03 17:58 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-10-03 17:58 - 2021-10-03 17:58 - 000011453 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-10-03 17:57 - 2021-10-03 17:57 - 001823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-10-03 17:57 - 2021-10-03 17:57 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-10-03 17:57 - 2021-10-03 17:57 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-10-03 17:56 - 2021-10-03 17:56 - 000567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-10-03 17:56 - 2021-10-03 17:56 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-10-03 17:55 - 2021-10-03 17:55 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-09-19 17:17 - 2021-09-19 17:17 - 000000000 ____D C:\Users\Laurenceau\AppData\Local\Apple Inc
2021-09-17 13:54 - 2021-09-17 13:54 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-17 13:54 - 2021-09-17 13:54 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-17 13:54 - 2021-09-17 13:54 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-10-13 15:08 - 2018-03-06 18:13 - 000577472 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2021-10-13 15:07 - 2018-01-06 19:58 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-13 15:02 - 2016-09-12 13:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-10-13 14:55 - 2016-11-18 16:50 - 000000000 ____D C:\Users\Laurenceau\AppData\LocalLow\Mozilla
2021-10-13 14:49 - 2021-06-17 13:43 - 000000000 ____D C:\Users\Laurenceau\AppData\Roaming\Spotify
2021-10-13 14:41 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-13 14:16 - 2019-01-30 17:34 - 000000000 ____D C:\ProgramData\Mozilla
2021-10-13 14:13 - 2016-09-12 13:58 - 139806512 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-10-13 14:11 - 2020-06-23 11:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-13 14:06 - 2021-06-17 13:47 - 000000000 ____D C:\Users\Laurenceau\AppData\Local\Spotify
2021-10-13 14:06 - 2020-03-15 21:02 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-13 13:39 - 2017-10-04 14:27 - 000000000 ____D C:\Program Files\CCleaner
2021-10-11 14:41 - 2016-09-12 16:41 - 000000000 ____D C:\Users\Laurenceau\AppData\Roaming\ZHP
2021-10-11 13:48 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-11 13:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-10 13:37 - 2020-06-23 11:48 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-10 13:37 - 2020-06-23 11:48 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-10 13:34 - 2020-06-23 11:48 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-10-10 13:32 - 2021-08-18 14:30 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-10-09 14:00 - 2018-11-14 15:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-10-08 17:22 - 2021-06-14 16:00 - 000000000 ____D C:\Users\Laurenceau\AppData\LocalLow\IGDump
2021-10-08 17:12 - 2020-08-21 13:51 - 000002436 _____ C:\Users\Laurenceau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-08 17:12 - 2020-06-23 11:48 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2603305841-1989612468-1150847816-1001
2021-10-08 17:01 - 2019-11-23 15:50 - 000000000 ___RD C:\Users\Laurenceau\Desktop\CV
2021-10-08 16:42 - 2020-07-05 14:35 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-10-08 16:42 - 2019-10-07 14:50 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-10-08 16:13 - 2018-09-03 13:20 - 000000000 ____D C:\Users\Laurenceau\AppData\Local\CrashDumps
2021-10-08 16:12 - 2017-10-04 14:27 - 000001048 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-10-08 14:52 - 2021-02-22 14:47 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-08 14:35 - 2019-11-23 15:50 - 000014560 _____ C:\Users\Laurenceau\Desktop\Tableau contact employeurs.ods
2021-10-08 14:31 - 2019-11-23 15:50 - 000000000 ____D C:\Users\Laurenceau\Desktop\candidatures
2021-10-08 14:08 - 2020-12-13 17:51 - 000002385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2021-10-08 14:08 - 2020-12-13 17:48 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2021-10-08 14:04 - 2020-09-28 14:45 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-08 13:40 - 2020-06-23 11:30 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-08 13:40 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2021-10-08 13:40 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2021-10-08 13:40 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-10-08 13:28 - 2018-03-11 20:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-10-04 14:45 - 2019-11-23 15:50 - 000000000 ____D C:\Users\Laurenceau\Desktop\Lettre de motivation
2021-10-03 21:04 - 2020-06-23 11:00 - 000561336 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-10-03 21:02 - 2020-06-23 11:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-03 21:02 - 2020-06-23 11:00 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-03 21:01 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-10-03 21:00 - 2016-09-11 17:16 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-10-03 20:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-03 20:58 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-10-03 20:58 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-10-03 20:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-10-03 20:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-03 20:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-10-03 20:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-10-03 20:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-10-03 20:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-10-03 20:08 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-03 16:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-10-02 13:42 - 2020-06-23 11:48 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-02 13:42 - 2020-06-23 11:48 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-27 16:36 - 2021-08-18 14:30 - 000001220 _____ C:\Users\Public\Desktop\Firefox.lnk
2021-09-27 16:31 - 2021-04-29 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2021-09-27 16:31 - 2018-04-05 13:49 - 000000000 ____D C:\Program Files\iTunes
2021-09-19 16:48 - 2016-12-30 20:05 - 000000000 ____D C:\Program Files\Bonjour
2021-09-19 16:48 - 2016-12-30 20:05 - 000000000 ____D C:\Program Files (x86)\Bonjour
==================== Fichiers à la racine de certains dossiers ========
2019-02-14 18:22 - 2019-12-29 15:59 - 003328384 _____ (Nicolas Coolman) C:\Users\Laurenceau\ZHPCleaner.exe
2018-08-06 14:35 - 2018-08-06 14:35 - 003157376 _____ () C:\Users\Laurenceau\ZHPDiag3.exe
2020-03-16 13:30 - 2020-03-16 13:30 - 003425664 _____ (Nicolas Coolman) C:\Users\Laurenceau\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================