Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 08-11-2021 02
Exécuté par Henri (administrateur) sur DESKTOP-Q0K07EU (ASUSTeK Computer Inc. N55SF) (09-11-2021 15:11:48)
Exécuté depuis C:\Users\Henri\Desktop
Profils chargés: Henri
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1288 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Alcor Micro Corp.) [Fichier non signé] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.Service.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\Henri\AppData\Local\FluxSoftware\Flux\flux.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <14>
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
(Intel(R) Turbo Boost Technology Monitor -> Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> ) C:\Program Files\PCHealthCheck\PCHealthCheck.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_4.1.6.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1220_none_7e21bc567c7ed16b\TiWorker.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <10>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp -> Realtek) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2019-09-02] (Alcor Micro Corp.) [Fichier non signé]
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" (Pas de fichier)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3952096 2020-03-10] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-1822477884-1138651688-768760665-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35116160 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1822477884-1138651688-768760665-1001\...\Run: [f.lux] => C:\Users\Henri\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-1822477884-1138651688-768760665-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 8\Dashboard.exe [1320688 2021-10-05] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
HKU\S-1-5-21-1822477884-1138651688-768760665-1001\...\Run: [Opera Browser Assistant] => C:\Users\Henri\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\WINDOWS\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe [2021-11-03] (Google LLC -> Google LLC)
AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvinitx.dll [208616 2017-12-12] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvinit.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvinit.dll [182272 2017-12-12] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {097F2D50-CCB0-4FEF-8DB6-E3039D4D5A4F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {202315D8-DD6E-4DFA-B36E-E2511A0D4632} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {2474309D-99ED-4E26-B6A3-9F57626C71AE} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3087184 2020-03-10] (Intel(R) Software Development Products -> Intel Corporation)
Task: {285002AD-662F-4531-9D1F-DE46900607BC} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {39E63C9A-728E-4057-8CE8-E5B5A1BAE875} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3087184 2020-03-10] (Intel(R) Software Development Products -> Intel Corporation)
Task: {513E867B-DB8D-46B4-909D-A98F0FE5A868} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {6BA3CF1C-A101-40F8-9084-161CF861FCB6} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [628664 2021-11-05] (Mozilla Corporation -> Mozilla Foundation)
Task: {71E02A7E-50E1-4192-87A2-6D5E94CE01E2} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1675120 2021-10-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {7B2294CC-CDA1-4D0F-913B-037B330665C9} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {7DA0B21B-3AE0-4B8B-AD58-FFB56C5495CA} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {87BD6A81-B85C-4CCC-A247-4361B3A71445} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2648424 2021-10-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {93D7D372-AB66-446E-8541-C9DDEA614B4B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Pas de fichier)
Task: {9B9CD591-E624-458D-8A3F-8146E0243FD2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-06] (Google LLC -> Google LLC)
Task: {A03B6819-2B3B-4F92-B391-91C217517711} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-06] (Google LLC -> Google LLC)
Task: {BA85670C-22C7-46AD-B108-0990C1BFB428} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {BF3741A7-0FA9-45A2-9904-36B7074B431D} - System32\Tasks\CCleanerSkipUAC - Henri => C:\Program Files\CCleaner\CCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C5AB5BCF-B6B1-48AF-87F4-A97663E8FF5C} - System32\Tasks\Opera scheduled Autoupdate 1567489080 => C:\Users\Henri\AppData\Local\Programs\Opera\launcher.exe [46227664 2021-10-20] (Opera Software AS -> Opera Software)
Task: {D1B796F5-2F55-451E-9FB9-1E1BC4973EDE} - System32\Tasks\Opera scheduled assistant Autoupdate 1582727841 => C:\Users\Henri\AppData\Local\Programs\Opera\launcher.exe [46227664 2021-10-20] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Henri\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {EB6026EA-BF08-4435-B29F-10E4D8097F40} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [236704 2021-10-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {F243654B-0F69-4F5D-B1E1-32D6CA5E38BA} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {F56CE5EA-9E46-4732-BEE7-861ECEC8D674} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUSTeK Computer Inc. -> ASUS)
Task: {FC25C2FE-0119-4A3D-8E12-FF68730976B9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-10-19] (Piriform Software Ltd -> Piriform)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{9fdd09d7-aa09-4e22-9103-50b273eec01a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{baa9abd9-1d0b-4dc9-8ba5-9a397fbbc370}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\Henri\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-28]
FireFox:
========
FF DefaultProfile: ga95avna.default
FF ProfilePath: C:\Users\Henri\AppData\Roaming\Mozilla\Firefox\Profiles\ga95avna.default [2019-09-02]
FF Extension: (Avira Password Manager) - C:\Users\Henri\AppData\Roaming\Mozilla\Firefox\Profiles\ga95avna.default\Extensions\passwordmanager@avira.com [2019-09-02]
FF ProfilePath: C:\Users\Henri\AppData\Roaming\Mozilla\Firefox\Profiles\m4h1jirn.default-release [2021-11-09]
FF Notifications: Mozilla\Firefox\Profiles\m4h1jirn.default-release -> hxxps://www.instagram.com
FF Extension: (Easy Screenshot) - C:\Users\Henri\AppData\Roaming\Mozilla\Firefox\Profiles\m4h1jirn.default-release\Extensions\easyscreenshot@mozillaonline.com.xpi [2021-07-30]
FF Extension: (uBlock Origin) - C:\Users\Henri\AppData\Roaming\Mozilla\Firefox\Profiles\m4h1jirn.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-10-16]
FF Extension: (MetaMask) - C:\Users\Henri\AppData\Roaming\Mozilla\Firefox\Profiles\m4h1jirn.default-release\Extensions\webextension@metamask.io.xpi [2021-11-04]
FF Extension: (NoScript) - C:\Users\Henri\AppData\Roaming\Mozilla\Firefox\Profiles\m4h1jirn.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-07-29]
FF Extension: (WOT pour la sécurité des sites Web et une navigation sûre) - C:\Users\Henri\AppData\Roaming\Mozilla\Firefox\Profiles\m4h1jirn.default-release\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2021-11-09]
FF Extension: (Feedbro) - C:\Users\Henri\AppData\Roaming\Mozilla\Firefox\Profiles\m4h1jirn.default-release\Extensions\{a9c2ad37-e940-4892-8dce-cd73c6cbbc0c}.xpi [2021-09-01]
FF Extension: (Video DownloadHelper) - C:\Users\Henri\AppData\Roaming\Mozilla\Firefox\Profiles\m4h1jirn.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-01]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default [2021-11-09]
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.youtube.com
CHR DefaultSearchURL: Default -> hxxps://www.gstatic.com/youtube/media/ytm/images/applauncher/music_icon_48x48.png
CHR Extension: (Slides) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-06]
CHR Extension: (Docs) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-06]
CHR Extension: (Google Drive) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-06]
CHR Extension: (WOT pour la sécurité des sites Web et une navigation sûre) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2021-11-02]
CHR Extension: (YouTube) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-06]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-09-02]
CHR Extension: (YouTube Music) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\cinhimbnkkaeohfgghhklpknlkffjgod [2021-05-14]
CHR Extension: (NoScript) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\doojmbjmlfjjnbmnoijecmcbfeoakpjm [2021-08-18]
CHR Extension: (Sheets) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-06]
CHR Extension: (Google Docs hors connexion) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-13]
CHR Extension: (Video DownloadHelper) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2021-07-03]
CHR Extension: (MetaMask) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2021-11-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-06]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
Opera:
=======
OPR Profile: C:\Users\Henri\AppData\Roaming\Opera Software\Opera Stable [2021-11-09]
OPR Notifications: Opera Stable -> hxxps://tools.unimonitor.io; hxxps://www.reddit.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Henri\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-11-02]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Henri\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-13]
OPR Extension: (Web Clipper : Easy Screenshot) - C:\Users\Henri\AppData\Roaming\Opera Software\Opera Stable\Extensions\nlhabdnjcoggnpnnaamopkaolcggpdmi [2020-07-07]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1206648 2021-07-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [538000 2021-07-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [485048 2021-07-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485048 2021-07-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574672 2021-07-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [272672 2021-10-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [275088 2021-10-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [159080 2021-04-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 CyberGhost8Service; C:\Program Files\CyberGhost 8\Dashboard.Service.exe [67312 2021-10-05] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-07-25] (Malwarebytes Inc -> Malwarebytes)
R2 RealtekWlanU; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [48856 2014-05-19] (Realtek Semiconductor Corp -> Realtek)
S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-04-23] (Realtek Semiconductor Corp -> Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] (Realtek Semiconductor Corp -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 asmthub3; C:\WINDOWS\System32\drivers\asmthub3.sys [128488 2011-06-02] (MCCI Internal Testing Software -> ASMedia Technology Inc)
S3 asmtxhci; C:\WINDOWS\System32\drivers\asmtxhci.sys [401896 2011-06-02] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22848 2021-07-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209088 2021-10-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [15416 2019-09-02] (ASUSTeK Computer Inc. -> )
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-11-09] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-13] (Malwarebytes Inc -> Malwarebytes)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R2 TurboB; C:\WINDOWS\system32\DRIVERS\TurboB.sys [13832 2010-04-16] (Intel(R) Turbo Boost Technology Monitor -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-11-09 15:11 - 2021-11-09 15:13 - 000028564 _____ C:\Users\Henri\Desktop\FRST.txt
2021-11-09 15:11 - 2021-11-09 15:12 - 000000000 ____D C:\FRST
2021-11-09 15:10 - 2021-11-09 15:10 - 002312192 _____ (Farbar) C:\Users\Henri\Desktop\FRST64.exe
2021-11-09 15:06 - 2021-11-09 15:06 - 000352893 _____ C:\Users\Henri\Desktop\ZHPDiag.txt
2021-11-09 14:55 - 2021-11-09 15:06 - 000000000 ____D C:\Users\Henri\AppData\Roaming\ZHP
2021-11-09 14:55 - 2021-11-09 14:55 - 000000865 _____ C:\Users\Henri\Desktop\ZHPSuite.lnk
2021-11-09 14:55 - 2021-11-09 14:55 - 000000000 ____D C:\Users\Henri\AppData\Local\ZHP
2021-11-09 14:52 - 2021-11-09 14:52 - 003477144 _____ (Nicolas Coolman) C:\Users\Henri\Desktop\ZHPSuite.exe
2021-11-09 13:28 - 2021-11-09 13:28 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-11-05 17:09 - 2021-11-05 17:09 - 000009255 _____ C:\Users\Henri\Downloads\DHL_Disco.pdf
2021-11-05 08:41 - 2021-11-05 08:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-11-04 18:34 - 2021-11-04 19:06 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2021-11-03 01:46 - 2021-11-03 01:46 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-03 01:46 - 2021-11-03 01:46 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-10-30 12:15 - 2021-10-30 12:24 - 1447400802 _____ C:\Users\Henri\Downloads\11421.mp4
2021-10-28 18:51 - 2021-10-28 18:51 - 000026258 _____ C:\Users\Henri\Downloads\Expedition-58525765.pdf
2021-10-28 14:14 - 2021-10-28 14:14 - 000000000 _____ C:\ProgramData\UpdateLock-D78BF5DD33499EC2
2021-10-26 16:12 - 2021-10-26 16:29 - 000000000 ____D C:\Users\Henri\Downloads\kucoin
2021-10-17 17:58 - 2021-10-17 18:57 - 413885414 _____ C:\Users\Henri\Downloads\Dune.2021.VOSTFR.FANSUB.1080p.HDRip.DD5.1.X264-TRUEDUKES.mkv
2021-10-17 12:31 - 2021-10-17 12:31 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2021-10-17 12:22 - 2021-10-17 12:22 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000026-000000.txt
2021-10-14 16:19 - 2021-10-14 16:19 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-10-14 16:19 - 2021-10-14 16:19 - 000011495 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-10-14 16:18 - 2021-10-14 16:18 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2021-10-14 16:18 - 2021-10-14 16:18 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-10-14 16:17 - 2021-10-14 16:17 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-10-14 15:43 - 2021-10-14 15:47 - 000000000 ___HD C:\$WinREAgent
2021-10-12 14:52 - 2021-10-12 14:52 - 000108191 _____ C:\Users\Henri\Downloads\confirmation_paiement_elm_leblanc_2021_10.pdf
2021-10-12 14:03 - 2021-10-12 14:03 - 000169386 _____ C:\Users\Henri\Downloads\telereglement_THCAP_20211012_150332.pdf
2021-10-11 12:21 - 2021-10-11 12:21 - 000078215 _____ C:\Users\Henri\Downloads\vosTimbres.pdf
2021-10-09 11:23 - 2021-11-05 09:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-10-06 17:16 - 2021-10-06 17:16 - 000703998 _____ C:\Users\Henri\Downloads\Avis_de_taxe_d_habitation_CAP_2021.pdf
2021-10-06 11:13 - 2021-10-06 11:33 - 1939612431 _____ C:\Users\Henri\Downloads\What.If.2021.S01E09.What.If.The.Watcher.Broke.His.Oath.1080p.DSNP.WEB-DL.DDP5.1.Atmos.H.264-FLUX.mkv
2021-09-29 15:36 - 2021-09-29 15:54 - 1670481530 _____ C:\Users\Henri\Downloads\What.If.2021.S01E08.What.If.Ultron.Won.1080p.DSNP.WEB-DL.DDP5.1.Atmos.H.264-FLUX.mkv
2021-09-24 13:02 - 2021-09-24 13:02 - 000099912 _____ C:\Users\Henri\Downloads\Service de retours.pdf
2021-09-22 12:47 - 2021-09-22 13:05 - 1727690888 _____ C:\Users\Henri\Downloads\What.If.S01E07.What.If.Thor.Were.an.Only.Child.1080p.DSNP.WEB-DL.DDP5.1.Atmos.H.264-TEPES.mkv
2021-09-17 08:48 - 2021-09-17 08:48 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-17 08:48 - 2021-09-17 08:48 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-17 08:48 - 2021-09-17 08:48 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-17 08:48 - 2021-09-17 08:48 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-17 08:48 - 2021-09-17 08:48 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-17 08:47 - 2021-09-17 08:47 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-17 08:47 - 2021-09-17 08:47 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-17 08:46 - 2021-09-17 08:46 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-17 08:46 - 2021-09-17 08:46 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-14 19:20 - 2021-09-14 19:20 - 000000000 ____D C:\Users\Henri\Desktop\remboursement_sncf
2021-09-11 16:23 - 2021-09-11 16:28 - 000000000 ____D C:\Users\Henri\Desktop\santé
2021-09-11 04:43 - 2021-09-11 04:43 - 008553680 _____ (Malwarebytes) C:\Users\Henri\Downloads\adwcleaner_8.3.0.exe
2021-09-11 04:28 - 2021-09-13 16:10 - 000000000 ____D C:\Users\Henri\Downloads\films_bordeaux
2021-09-03 09:18 - 2021-09-03 09:18 - 000042027 _____ C:\Users\Henri\Downloads\lettre_pole_emploi.pdf
2021-09-02 18:06 - 2021-09-02 18:06 - 002298771 _____ C:\Users\Henri\Downloads\geiser_quittance_pca.pdf
2021-09-02 18:02 - 2021-09-02 18:02 - 000048975 _____ C:\Users\Henri\Downloads\quittance_pca.pdf
2021-08-29 22:25 - 2021-08-29 22:25 - 000000000 ____D C:\Users\Henri\Tracing
2021-08-29 22:24 - 2021-08-29 22:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-08-29 11:30 - 2021-08-29 11:56 - 2555371418 _____ C:\Users\Henri\Downloads\Tropic Thunder 1080p MULTi 2008 BluRay x264-Pop (Tonnerre sous les tropiques)-zone-Telechargement.ws.mkv
2021-08-28 21:03 - 2021-08-28 21:03 - 000000000 ___SD C:\Users\Henri\Documents\Mes sources de données
2021-08-26 17:27 - 2021-09-11 04:23 - 000000000 ____D C:\Users\Henri\Downloads\000_memes_trier
2021-08-22 17:12 - 2021-08-22 17:12 - 000049488 _____ C:\Users\Henri\Documents\cc_20210822_181201.reg
2021-08-22 16:48 - 2021-08-22 16:48 - 000002904 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Henri
2021-08-22 16:00 - 2021-08-22 16:00 - 000000000 ____D C:\Users\Henri\.local
2021-08-22 15:59 - 2021-08-22 17:11 - 000000000 ____D C:\Users\Henri\AppData\Local\Finkit
2021-08-19 13:53 - 2021-08-20 11:35 - 000013486 _____ C:\Users\Henri\Desktop\inventaire.xlsx
2021-08-17 18:50 - 2021-08-17 18:50 - 000000847 _____ C:\Users\Henri\Downloads\lecture.lnk
2021-08-12 23:23 - 2021-08-12 23:23 - 000001435 _____ C:\WINDOWS\system32\default_error_stack-000025-000000.txt
2021-08-12 13:37 - 2021-08-12 13:37 - 000001035 _____ C:\Users\Henri\Desktop\to_do_list.lnk
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-11-09 14:56 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-09 14:23 - 2020-12-06 10:16 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-09 14:13 - 2019-09-02 11:38 - 000000000 ____D C:\Users\Henri\AppData\LocalLow\Mozilla
2021-11-09 14:13 - 2019-09-02 10:43 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-09 12:40 - 2020-08-21 20:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-09 10:15 - 2021-07-07 05:26 - 000000000 ____D C:\Users\Henri\AppData\Local\CyberGhost
2021-11-09 10:15 - 2019-09-02 10:45 - 000000000 ____D C:\ProgramData\NVIDIA
2021-11-09 09:27 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-09 09:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-09 08:57 - 2019-09-02 11:51 - 000000000 ____D C:\Program Files\CCleaner
2021-11-08 14:49 - 2019-09-02 20:14 - 000000000 ____D C:\Users\Henri\AppData\Roaming\Telegram Desktop
2021-11-08 09:51 - 2019-09-02 17:14 - 000000000 ____D C:\Users\Henri\AppData\Roaming\vlc
2021-11-08 09:23 - 2019-09-03 17:15 - 000000000 ____D C:\Users\Henri\AppData\Roaming\Ledger Live
2021-11-08 09:20 - 2019-09-03 17:15 - 000000000 ____D C:\Program Files\Ledger Live
2021-11-06 17:28 - 2020-06-27 07:49 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-05 09:16 - 2019-09-02 10:43 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-05 08:32 - 2020-08-21 21:22 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-11-04 18:51 - 2021-05-29 21:56 - 000000000 ____D C:\Users\Henri\Downloads\binance
2021-11-03 01:24 - 2020-12-06 10:17 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-11-02 13:17 - 2021-08-04 09:31 - 000000000 ____D C:\Users\Henri\AppData\Roaming\discord
2021-11-02 12:58 - 2021-08-04 09:31 - 000000000 ____D C:\Users\Henri\AppData\Local\Discord
2021-11-01 09:18 - 2021-04-16 20:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-11-01 09:18 - 2020-09-23 08:55 - 000003644 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2021-10-30 09:18 - 2019-09-02 10:35 - 000000000 ____D C:\Users\Henri\AppData\Local\Packages
2021-10-29 14:02 - 2019-09-02 11:46 - 000209088 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2021-10-28 14:14 - 2019-09-02 10:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-10-23 11:21 - 2021-07-07 05:26 - 000000000 ____D C:\Users\Henri\AppData\Roaming\CyberGhost
2021-10-23 11:20 - 2021-07-07 05:26 - 000000000 ____D C:\Program Files\CyberGhost 8
2021-10-22 08:52 - 2020-08-21 21:22 - 000004232 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1567489080
2021-10-22 08:52 - 2019-09-03 06:38 - 000001405 _____ C:\Users\Henri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2021-10-21 14:51 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-10-17 12:25 - 2020-08-21 20:48 - 000435072 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-10-17 12:24 - 2020-08-21 21:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-17 12:24 - 2020-08-21 20:48 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-17 12:23 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-10-17 12:20 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-10-17 12:20 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-10-17 12:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-17 12:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-10-17 12:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-17 12:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-10-17 12:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-10-17 12:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-10-17 12:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-10-17 09:39 - 2021-04-15 10:45 - 000000000 ____D C:\Users\Henri\AppData\Local\CrashDumps
2021-10-14 16:32 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-14 16:19 - 2019-09-02 11:20 - 000414038 __RSH C:\bootmgr
2021-10-14 15:43 - 2019-09-02 11:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-10-14 15:38 - 2019-09-02 11:19 - 139806512 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-10-14 15:15 - 2021-06-30 06:52 - 000004460 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582727841
2021-10-12 19:49 - 2019-09-02 14:12 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-10-10 08:21 - 2020-08-21 21:22 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-10 08:21 - 2020-08-21 21:22 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== Fichiers à la racine de certains dossiers ========
2020-11-26 21:53 - 2020-11-26 22:14 - 000000148 _____ () C:\Users\Henri\AppData\Roaming\licecap.ini
==================== SigCheckExt =========================
2020-01-09 15:02 - 2015-03-17 08:51 - 000375296 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6PPM.DLL
2020-01-09 15:02 - 2015-03-17 08:51 - 000039424 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6UI.DLL
2019-12-23 18:27 - 2009-03-31 14:31 - 000380928 _____ (Realtek) C:\WINDOWS\RtlUI2.exe
2020-01-09 15:02 - 2015-03-17 08:50 - 000380928 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNMNPPM.DLL
2019-12-23 18:27 - 2010-12-01 09:31 - 000451072 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe
2021-11-09 15:10 - 2021-11-09 15:10 - 002312192 _____ (Farbar) C:\Users\Henri\Desktop\FRST64.exe
2021-11-09 14:52 - 2021-11-09 14:52 - 003477144 _____ (Nicolas Coolman) C:\Users\Henri\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=C:
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {82946562-e3ef-11ea-b72f-ec5d016c02be}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {a6fd5feb-e3e7-11ea-a130-d6085f554e11}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {82946562-e3ef-11ea-b72f-ec5d016c02be}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {a6fd5feb-e3e7-11ea-a130-d6085f554e11}
device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{a6fd5fec-e3e7-11ea-a130-d6085f554e11}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{a6fd5fec-e3e7-11ea-a130-d6085f554e11}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {82946562-e3ef-11ea-b72f-ec5d016c02be}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {a6fd5feb-e3e7-11ea-a130-d6085f554e11}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=C:
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {a6fd5fec-e3e7-11ea-a130-d6085f554e11}
description Windows Recovery
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par Henri (administrateur) sur DESKTOP-Q0K07EU (ASUSTeK Computer Inc. N55SF) (09-11-2021 15:11:48)
Exécuté depuis C:\Users\Henri\Desktop
Profils chargés: Henri
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1288 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Alcor Micro Corp.) [Fichier non signé] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.Service.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\Henri\AppData\Local\FluxSoftware\Flux\flux.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <14>
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
(Intel(R) Turbo Boost Technology Monitor -> Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> ) C:\Program Files\PCHealthCheck\PCHealthCheck.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_4.1.6.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1220_none_7e21bc567c7ed16b\TiWorker.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <10>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp -> Realtek) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2019-09-02] (Alcor Micro Corp.) [Fichier non signé]
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" (Pas de fichier)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3952096 2020-03-10] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-1822477884-1138651688-768760665-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35116160 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1822477884-1138651688-768760665-1001\...\Run: [f.lux] => C:\Users\Henri\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-1822477884-1138651688-768760665-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 8\Dashboard.exe [1320688 2021-10-05] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
HKU\S-1-5-21-1822477884-1138651688-768760665-1001\...\Run: [Opera Browser Assistant] => C:\Users\Henri\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\WINDOWS\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe [2021-11-03] (Google LLC -> Google LLC)
AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvinitx.dll [208616 2017-12-12] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvinit.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvinit.dll [182272 2017-12-12] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {097F2D50-CCB0-4FEF-8DB6-E3039D4D5A4F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {202315D8-DD6E-4DFA-B36E-E2511A0D4632} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {2474309D-99ED-4E26-B6A3-9F57626C71AE} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3087184 2020-03-10] (Intel(R) Software Development Products -> Intel Corporation)
Task: {285002AD-662F-4531-9D1F-DE46900607BC} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {39E63C9A-728E-4057-8CE8-E5B5A1BAE875} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3087184 2020-03-10] (Intel(R) Software Development Products -> Intel Corporation)
Task: {513E867B-DB8D-46B4-909D-A98F0FE5A868} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {6BA3CF1C-A101-40F8-9084-161CF861FCB6} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [628664 2021-11-05] (Mozilla Corporation -> Mozilla Foundation)
Task: {71E02A7E-50E1-4192-87A2-6D5E94CE01E2} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1675120 2021-10-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {7B2294CC-CDA1-4D0F-913B-037B330665C9} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {7DA0B21B-3AE0-4B8B-AD58-FFB56C5495CA} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {87BD6A81-B85C-4CCC-A247-4361B3A71445} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2648424 2021-10-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {93D7D372-AB66-446E-8541-C9DDEA614B4B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Pas de fichier)
Task: {9B9CD591-E624-458D-8A3F-8146E0243FD2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-06] (Google LLC -> Google LLC)
Task: {A03B6819-2B3B-4F92-B391-91C217517711} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-06] (Google LLC -> Google LLC)
Task: {BA85670C-22C7-46AD-B108-0990C1BFB428} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {BF3741A7-0FA9-45A2-9904-36B7074B431D} - System32\Tasks\CCleanerSkipUAC - Henri => C:\Program Files\CCleaner\CCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C5AB5BCF-B6B1-48AF-87F4-A97663E8FF5C} - System32\Tasks\Opera scheduled Autoupdate 1567489080 => C:\Users\Henri\AppData\Local\Programs\Opera\launcher.exe [46227664 2021-10-20] (Opera Software AS -> Opera Software)
Task: {D1B796F5-2F55-451E-9FB9-1E1BC4973EDE} - System32\Tasks\Opera scheduled assistant Autoupdate 1582727841 => C:\Users\Henri\AppData\Local\Programs\Opera\launcher.exe [46227664 2021-10-20] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Henri\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {EB6026EA-BF08-4435-B29F-10E4D8097F40} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [236704 2021-10-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {F243654B-0F69-4F5D-B1E1-32D6CA5E38BA} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {F56CE5EA-9E46-4732-BEE7-861ECEC8D674} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUSTeK Computer Inc. -> ASUS)
Task: {FC25C2FE-0119-4A3D-8E12-FF68730976B9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-10-19] (Piriform Software Ltd -> Piriform)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{9fdd09d7-aa09-4e22-9103-50b273eec01a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{baa9abd9-1d0b-4dc9-8ba5-9a397fbbc370}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\Henri\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-28]
FireFox:
========
FF DefaultProfile: ga95avna.default
FF ProfilePath: C:\Users\Henri\AppData\Roaming\Mozilla\Firefox\Profiles\ga95avna.default [2019-09-02]
FF Extension: (Avira Password Manager) - C:\Users\Henri\AppData\Roaming\Mozilla\Firefox\Profiles\ga95avna.default\Extensions\passwordmanager@avira.com [2019-09-02]
FF ProfilePath: C:\Users\Henri\AppData\Roaming\Mozilla\Firefox\Profiles\m4h1jirn.default-release [2021-11-09]
FF Notifications: Mozilla\Firefox\Profiles\m4h1jirn.default-release -> hxxps://www.instagram.com
FF Extension: (Easy Screenshot) - C:\Users\Henri\AppData\Roaming\Mozilla\Firefox\Profiles\m4h1jirn.default-release\Extensions\easyscreenshot@mozillaonline.com.xpi [2021-07-30]
FF Extension: (uBlock Origin) - C:\Users\Henri\AppData\Roaming\Mozilla\Firefox\Profiles\m4h1jirn.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-10-16]
FF Extension: (MetaMask) - C:\Users\Henri\AppData\Roaming\Mozilla\Firefox\Profiles\m4h1jirn.default-release\Extensions\webextension@metamask.io.xpi [2021-11-04]
FF Extension: (NoScript) - C:\Users\Henri\AppData\Roaming\Mozilla\Firefox\Profiles\m4h1jirn.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-07-29]
FF Extension: (WOT pour la sécurité des sites Web et une navigation sûre) - C:\Users\Henri\AppData\Roaming\Mozilla\Firefox\Profiles\m4h1jirn.default-release\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2021-11-09]
FF Extension: (Feedbro) - C:\Users\Henri\AppData\Roaming\Mozilla\Firefox\Profiles\m4h1jirn.default-release\Extensions\{a9c2ad37-e940-4892-8dce-cd73c6cbbc0c}.xpi [2021-09-01]
FF Extension: (Video DownloadHelper) - C:\Users\Henri\AppData\Roaming\Mozilla\Firefox\Profiles\m4h1jirn.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-01]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default [2021-11-09]
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.youtube.com
CHR DefaultSearchURL: Default -> hxxps://www.gstatic.com/youtube/media/ytm/images/applauncher/music_icon_48x48.png
CHR Extension: (Slides) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-06]
CHR Extension: (Docs) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-06]
CHR Extension: (Google Drive) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-06]
CHR Extension: (WOT pour la sécurité des sites Web et une navigation sûre) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2021-11-02]
CHR Extension: (YouTube) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-06]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-09-02]
CHR Extension: (YouTube Music) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\cinhimbnkkaeohfgghhklpknlkffjgod [2021-05-14]
CHR Extension: (NoScript) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\doojmbjmlfjjnbmnoijecmcbfeoakpjm [2021-08-18]
CHR Extension: (Sheets) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-06]
CHR Extension: (Google Docs hors connexion) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-13]
CHR Extension: (Video DownloadHelper) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2021-07-03]
CHR Extension: (MetaMask) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2021-11-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-06]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
Opera:
=======
OPR Profile: C:\Users\Henri\AppData\Roaming\Opera Software\Opera Stable [2021-11-09]
OPR Notifications: Opera Stable -> hxxps://tools.unimonitor.io; hxxps://www.reddit.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Henri\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-11-02]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Henri\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-13]
OPR Extension: (Web Clipper : Easy Screenshot) - C:\Users\Henri\AppData\Roaming\Opera Software\Opera Stable\Extensions\nlhabdnjcoggnpnnaamopkaolcggpdmi [2020-07-07]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1206648 2021-07-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [538000 2021-07-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [485048 2021-07-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485048 2021-07-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574672 2021-07-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [272672 2021-10-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [275088 2021-10-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [159080 2021-04-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 CyberGhost8Service; C:\Program Files\CyberGhost 8\Dashboard.Service.exe [67312 2021-10-05] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-07-25] (Malwarebytes Inc -> Malwarebytes)
R2 RealtekWlanU; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [48856 2014-05-19] (Realtek Semiconductor Corp -> Realtek)
S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-04-23] (Realtek Semiconductor Corp -> Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] (Realtek Semiconductor Corp -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 asmthub3; C:\WINDOWS\System32\drivers\asmthub3.sys [128488 2011-06-02] (MCCI Internal Testing Software -> ASMedia Technology Inc)
S3 asmtxhci; C:\WINDOWS\System32\drivers\asmtxhci.sys [401896 2011-06-02] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22848 2021-07-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209088 2021-10-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [15416 2019-09-02] (ASUSTeK Computer Inc. -> )
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-11-09] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-13] (Malwarebytes Inc -> Malwarebytes)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R2 TurboB; C:\WINDOWS\system32\DRIVERS\TurboB.sys [13832 2010-04-16] (Intel(R) Turbo Boost Technology Monitor -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-11-09 15:11 - 2021-11-09 15:13 - 000028564 _____ C:\Users\Henri\Desktop\FRST.txt
2021-11-09 15:11 - 2021-11-09 15:12 - 000000000 ____D C:\FRST
2021-11-09 15:10 - 2021-11-09 15:10 - 002312192 _____ (Farbar) C:\Users\Henri\Desktop\FRST64.exe
2021-11-09 15:06 - 2021-11-09 15:06 - 000352893 _____ C:\Users\Henri\Desktop\ZHPDiag.txt
2021-11-09 14:55 - 2021-11-09 15:06 - 000000000 ____D C:\Users\Henri\AppData\Roaming\ZHP
2021-11-09 14:55 - 2021-11-09 14:55 - 000000865 _____ C:\Users\Henri\Desktop\ZHPSuite.lnk
2021-11-09 14:55 - 2021-11-09 14:55 - 000000000 ____D C:\Users\Henri\AppData\Local\ZHP
2021-11-09 14:52 - 2021-11-09 14:52 - 003477144 _____ (Nicolas Coolman) C:\Users\Henri\Desktop\ZHPSuite.exe
2021-11-09 13:28 - 2021-11-09 13:28 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-11-05 17:09 - 2021-11-05 17:09 - 000009255 _____ C:\Users\Henri\Downloads\DHL_Disco.pdf
2021-11-05 08:41 - 2021-11-05 08:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-11-04 18:34 - 2021-11-04 19:06 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2021-11-03 01:46 - 2021-11-03 01:46 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-03 01:46 - 2021-11-03 01:46 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-10-30 12:15 - 2021-10-30 12:24 - 1447400802 _____ C:\Users\Henri\Downloads\11421.mp4
2021-10-28 18:51 - 2021-10-28 18:51 - 000026258 _____ C:\Users\Henri\Downloads\Expedition-58525765.pdf
2021-10-28 14:14 - 2021-10-28 14:14 - 000000000 _____ C:\ProgramData\UpdateLock-D78BF5DD33499EC2
2021-10-26 16:12 - 2021-10-26 16:29 - 000000000 ____D C:\Users\Henri\Downloads\kucoin
2021-10-17 17:58 - 2021-10-17 18:57 - 413885414 _____ C:\Users\Henri\Downloads\Dune.2021.VOSTFR.FANSUB.1080p.HDRip.DD5.1.X264-TRUEDUKES.mkv
2021-10-17 12:31 - 2021-10-17 12:31 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2021-10-17 12:22 - 2021-10-17 12:22 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000026-000000.txt
2021-10-14 16:19 - 2021-10-14 16:19 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-10-14 16:19 - 2021-10-14 16:19 - 000011495 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-10-14 16:18 - 2021-10-14 16:18 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2021-10-14 16:18 - 2021-10-14 16:18 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-10-14 16:17 - 2021-10-14 16:17 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-10-14 15:43 - 2021-10-14 15:47 - 000000000 ___HD C:\$WinREAgent
2021-10-12 14:52 - 2021-10-12 14:52 - 000108191 _____ C:\Users\Henri\Downloads\confirmation_paiement_elm_leblanc_2021_10.pdf
2021-10-12 14:03 - 2021-10-12 14:03 - 000169386 _____ C:\Users\Henri\Downloads\telereglement_THCAP_20211012_150332.pdf
2021-10-11 12:21 - 2021-10-11 12:21 - 000078215 _____ C:\Users\Henri\Downloads\vosTimbres.pdf
2021-10-09 11:23 - 2021-11-05 09:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-10-06 17:16 - 2021-10-06 17:16 - 000703998 _____ C:\Users\Henri\Downloads\Avis_de_taxe_d_habitation_CAP_2021.pdf
2021-10-06 11:13 - 2021-10-06 11:33 - 1939612431 _____ C:\Users\Henri\Downloads\What.If.2021.S01E09.What.If.The.Watcher.Broke.His.Oath.1080p.DSNP.WEB-DL.DDP5.1.Atmos.H.264-FLUX.mkv
2021-09-29 15:36 - 2021-09-29 15:54 - 1670481530 _____ C:\Users\Henri\Downloads\What.If.2021.S01E08.What.If.Ultron.Won.1080p.DSNP.WEB-DL.DDP5.1.Atmos.H.264-FLUX.mkv
2021-09-24 13:02 - 2021-09-24 13:02 - 000099912 _____ C:\Users\Henri\Downloads\Service de retours.pdf
2021-09-22 12:47 - 2021-09-22 13:05 - 1727690888 _____ C:\Users\Henri\Downloads\What.If.S01E07.What.If.Thor.Were.an.Only.Child.1080p.DSNP.WEB-DL.DDP5.1.Atmos.H.264-TEPES.mkv
2021-09-17 08:48 - 2021-09-17 08:48 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-17 08:48 - 2021-09-17 08:48 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-17 08:48 - 2021-09-17 08:48 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-17 08:48 - 2021-09-17 08:48 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-17 08:48 - 2021-09-17 08:48 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-17 08:47 - 2021-09-17 08:47 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-17 08:47 - 2021-09-17 08:47 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-17 08:46 - 2021-09-17 08:46 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-17 08:46 - 2021-09-17 08:46 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-14 19:20 - 2021-09-14 19:20 - 000000000 ____D C:\Users\Henri\Desktop\remboursement_sncf
2021-09-11 16:23 - 2021-09-11 16:28 - 000000000 ____D C:\Users\Henri\Desktop\santé
2021-09-11 04:43 - 2021-09-11 04:43 - 008553680 _____ (Malwarebytes) C:\Users\Henri\Downloads\adwcleaner_8.3.0.exe
2021-09-11 04:28 - 2021-09-13 16:10 - 000000000 ____D C:\Users\Henri\Downloads\films_bordeaux
2021-09-03 09:18 - 2021-09-03 09:18 - 000042027 _____ C:\Users\Henri\Downloads\lettre_pole_emploi.pdf
2021-09-02 18:06 - 2021-09-02 18:06 - 002298771 _____ C:\Users\Henri\Downloads\geiser_quittance_pca.pdf
2021-09-02 18:02 - 2021-09-02 18:02 - 000048975 _____ C:\Users\Henri\Downloads\quittance_pca.pdf
2021-08-29 22:25 - 2021-08-29 22:25 - 000000000 ____D C:\Users\Henri\Tracing
2021-08-29 22:24 - 2021-08-29 22:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-08-29 11:30 - 2021-08-29 11:56 - 2555371418 _____ C:\Users\Henri\Downloads\Tropic Thunder 1080p MULTi 2008 BluRay x264-Pop (Tonnerre sous les tropiques)-zone-Telechargement.ws.mkv
2021-08-28 21:03 - 2021-08-28 21:03 - 000000000 ___SD C:\Users\Henri\Documents\Mes sources de données
2021-08-26 17:27 - 2021-09-11 04:23 - 000000000 ____D C:\Users\Henri\Downloads\000_memes_trier
2021-08-22 17:12 - 2021-08-22 17:12 - 000049488 _____ C:\Users\Henri\Documents\cc_20210822_181201.reg
2021-08-22 16:48 - 2021-08-22 16:48 - 000002904 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Henri
2021-08-22 16:00 - 2021-08-22 16:00 - 000000000 ____D C:\Users\Henri\.local
2021-08-22 15:59 - 2021-08-22 17:11 - 000000000 ____D C:\Users\Henri\AppData\Local\Finkit
2021-08-19 13:53 - 2021-08-20 11:35 - 000013486 _____ C:\Users\Henri\Desktop\inventaire.xlsx
2021-08-17 18:50 - 2021-08-17 18:50 - 000000847 _____ C:\Users\Henri\Downloads\lecture.lnk
2021-08-12 23:23 - 2021-08-12 23:23 - 000001435 _____ C:\WINDOWS\system32\default_error_stack-000025-000000.txt
2021-08-12 13:37 - 2021-08-12 13:37 - 000001035 _____ C:\Users\Henri\Desktop\to_do_list.lnk
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-11-09 14:56 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-09 14:23 - 2020-12-06 10:16 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-09 14:13 - 2019-09-02 11:38 - 000000000 ____D C:\Users\Henri\AppData\LocalLow\Mozilla
2021-11-09 14:13 - 2019-09-02 10:43 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-09 12:40 - 2020-08-21 20:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-09 10:15 - 2021-07-07 05:26 - 000000000 ____D C:\Users\Henri\AppData\Local\CyberGhost
2021-11-09 10:15 - 2019-09-02 10:45 - 000000000 ____D C:\ProgramData\NVIDIA
2021-11-09 09:27 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-09 09:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-09 08:57 - 2019-09-02 11:51 - 000000000 ____D C:\Program Files\CCleaner
2021-11-08 14:49 - 2019-09-02 20:14 - 000000000 ____D C:\Users\Henri\AppData\Roaming\Telegram Desktop
2021-11-08 09:51 - 2019-09-02 17:14 - 000000000 ____D C:\Users\Henri\AppData\Roaming\vlc
2021-11-08 09:23 - 2019-09-03 17:15 - 000000000 ____D C:\Users\Henri\AppData\Roaming\Ledger Live
2021-11-08 09:20 - 2019-09-03 17:15 - 000000000 ____D C:\Program Files\Ledger Live
2021-11-06 17:28 - 2020-06-27 07:49 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-05 09:16 - 2019-09-02 10:43 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-05 08:32 - 2020-08-21 21:22 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-11-04 18:51 - 2021-05-29 21:56 - 000000000 ____D C:\Users\Henri\Downloads\binance
2021-11-03 01:24 - 2020-12-06 10:17 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-11-02 13:17 - 2021-08-04 09:31 - 000000000 ____D C:\Users\Henri\AppData\Roaming\discord
2021-11-02 12:58 - 2021-08-04 09:31 - 000000000 ____D C:\Users\Henri\AppData\Local\Discord
2021-11-01 09:18 - 2021-04-16 20:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-11-01 09:18 - 2020-09-23 08:55 - 000003644 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2021-10-30 09:18 - 2019-09-02 10:35 - 000000000 ____D C:\Users\Henri\AppData\Local\Packages
2021-10-29 14:02 - 2019-09-02 11:46 - 000209088 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2021-10-28 14:14 - 2019-09-02 10:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-10-23 11:21 - 2021-07-07 05:26 - 000000000 ____D C:\Users\Henri\AppData\Roaming\CyberGhost
2021-10-23 11:20 - 2021-07-07 05:26 - 000000000 ____D C:\Program Files\CyberGhost 8
2021-10-22 08:52 - 2020-08-21 21:22 - 000004232 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1567489080
2021-10-22 08:52 - 2019-09-03 06:38 - 000001405 _____ C:\Users\Henri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2021-10-21 14:51 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-10-17 12:25 - 2020-08-21 20:48 - 000435072 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-10-17 12:24 - 2020-08-21 21:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-17 12:24 - 2020-08-21 20:48 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-17 12:23 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-10-17 12:20 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-10-17 12:20 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-10-17 12:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-17 12:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-10-17 12:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-17 12:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-10-17 12:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-10-17 12:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-10-17 12:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-10-17 09:39 - 2021-04-15 10:45 - 000000000 ____D C:\Users\Henri\AppData\Local\CrashDumps
2021-10-14 16:32 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-14 16:19 - 2019-09-02 11:20 - 000414038 __RSH C:\bootmgr
2021-10-14 15:43 - 2019-09-02 11:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-10-14 15:38 - 2019-09-02 11:19 - 139806512 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-10-14 15:15 - 2021-06-30 06:52 - 000004460 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582727841
2021-10-12 19:49 - 2019-09-02 14:12 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-10-10 08:21 - 2020-08-21 21:22 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-10 08:21 - 2020-08-21 21:22 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== Fichiers à la racine de certains dossiers ========
2020-11-26 21:53 - 2020-11-26 22:14 - 000000148 _____ () C:\Users\Henri\AppData\Roaming\licecap.ini
==================== SigCheckExt =========================
2020-01-09 15:02 - 2015-03-17 08:51 - 000375296 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6PPM.DLL
2020-01-09 15:02 - 2015-03-17 08:51 - 000039424 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6UI.DLL
2019-12-23 18:27 - 2009-03-31 14:31 - 000380928 _____ (Realtek) C:\WINDOWS\RtlUI2.exe
2020-01-09 15:02 - 2015-03-17 08:50 - 000380928 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNMNPPM.DLL
2019-12-23 18:27 - 2010-12-01 09:31 - 000451072 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe
2021-11-09 15:10 - 2021-11-09 15:10 - 002312192 _____ (Farbar) C:\Users\Henri\Desktop\FRST64.exe
2021-11-09 14:52 - 2021-11-09 14:52 - 003477144 _____ (Nicolas Coolman) C:\Users\Henri\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=C:
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {82946562-e3ef-11ea-b72f-ec5d016c02be}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {a6fd5feb-e3e7-11ea-a130-d6085f554e11}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {82946562-e3ef-11ea-b72f-ec5d016c02be}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {a6fd5feb-e3e7-11ea-a130-d6085f554e11}
device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{a6fd5fec-e3e7-11ea-a130-d6085f554e11}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{a6fd5fec-e3e7-11ea-a130-d6085f554e11}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {82946562-e3ef-11ea-b72f-ec5d016c02be}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {a6fd5feb-e3e7-11ea-a130-d6085f554e11}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=C:
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {a6fd5fec-e3e7-11ea-a130-d6085f554e11}
description Windows Recovery
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================