Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-11-2021
Exécuté par mthev (administrateur) sur DESKTOP-CD6TEAN (HP HP Spectre x360 Convertible 13-ac0XX) (24-11-2021 15:35:41)
Exécuté depuis C:\Users\mthev\Desktop
Profils chargés: mthev
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1348 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\ProgramData\myCANAL\nssm.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Calendly LLC -> Calendly) C:\Program Files (x86)\Calendly for Outlook\calendly.exe
(Formagrid, Inc. -> Airtable) C:\Users\mthev\AppData\Local\Airtable\app-1.4.5\Airtable.exe <5>
(Gadwin, Ltd. -> Gadwin Systems) C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\53.0.8.0\crashpad_handler.exe <2>
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe <7>
(Groupe Canal+ -> ) C:\ProgramData\myCANAL\myCANAL.Service.exe
(HP Inc. -> ) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
(HP Inc.) [Fichier non signé] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125049.inf_amd64_77ae5ee10f2a986a\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125049.inf_amd64_77ae5ee10f2a986a\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125049.inf_amd64_77ae5ee10f2a986a\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125049.inf_amd64_77ae5ee10f2a986a\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Logitech Inc -> ) C:\Program Files (x86)\Logitech\LogiSync\sync-agent\LogiSyncHandler.exe
(Logitech Inc -> ) C:\Program Files (x86)\Logitech\LogiSync\sync-agent\LogiSyncMiddleware.exe
(Logitech Inc -> ) C:\Program Files (x86)\Logitech\LogiSync\sync-agent\LogiSyncProxy.exe
(Logitech Inc -> ) C:\Program Files (x86)\Logitech\LogiSync\sync-agent\rightsight\crashpad_handler.exe
(Logitech Inc -> ) C:\Program Files (x86)\Logitech\LogiSyncStub\LogiSyncStub.exe
(Logitech Inc -> Logitech Europe S.A.) C:\Program Files (x86)\Logitech\LogiSync\sync-agent\rightsight\RightSightService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> ColorPickerUI) C:\Program Files\PowerToys\modules\ColorPicker\ColorPickerUI.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.29\msedgewebview2.exe <12>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\FancyZones\PowerToys.FancyZones.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\KeyboardManager\KeyboardManagerEngine\PowerToys.KeyboardManagerEngine.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\launcher\PowerLauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\mthev\AppData\Local\Microsoft\OneDrive\21.230.1107.0004\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> PowerToys.Awake) C:\Program Files\PowerToys\modules\Awake\PowerToys.Awake.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(voidtools -> voidtools) C:\Program Files\Everything\Everything.exe <2>
(Wox) [Fichier non signé] C:\Users\mthev\AppData\Local\Wox\app-1.4.1196\Wox.exe
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\mthev\AppData\Roaming\Zoom\bin\Zoom.exe <2>
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\mthev\AppData\Roaming\Zoom\bin\ZoomOutlookIMPlugin.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9213440 2017-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Session] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2237256 2020-03-13] (voidtools -> voidtools)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324592 2017-10-31] (HP Inc. -> HP)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-962103061-607530579-3897627773-1001\...\Run: [Mattermost] => C:\Users\mthev\AppData\Local\Programs\mattermost-desktop\Mattermost.exe [98029384 2019-11-29] (Mattermost, Inc. -> Mattermost, Inc.)
HKU\S-1-5-21-962103061-607530579-3897627773-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\mthev\AppData\Local\Microsoft\Teams\Update.exe [2459280 2021-11-03] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-962103061-607530579-3897627773-1001\...\Run: [Wox] => C:\Users\mthev\AppData\Local\Wox\app-1.4.1196\Wox.exe [218112 2021-01-03] (Wox) [Fichier non signé]
HKU\S-1-5-21-962103061-607530579-3897627773-1001\...\Run: [Gadwin PrintScreen (64-bit)] => C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe [15216928 2017-09-20] (Gadwin, Ltd. -> Gadwin Systems)
HKU\S-1-5-21-962103061-607530579-3897627773-1001\...\Run: [Calendly for Outlook] => c:\program files (x86)\calendly for outlook\calendly.exe [9132984 2021-04-27] (Calendly LLC -> Calendly)
HKU\S-1-5-21-962103061-607530579-3897627773-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\UDC: C:\WINDOWS\system32\udcpm.dll [42456 2017-03-28] (fCoder SIA -> fCoder Group, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-19] (Google LLC -> Google LLC)
Startup: C:\Users\mthev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2021-07-01]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\mthev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wox.lnk [2021-01-03]
ShortcutTarget: Wox.lnk -> C:\Users\mthev\AppData\Local\Wox\Wox.exe (Wox) [Fichier non signé]
GroupPolicy-x32: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0053CFB0-B8E8-4668-B601-6EB405CADE15} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-11-17] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {039ECF9D-2E2B-4411-A0D0-A31A65719FED} - System32\Tasks\PowerToys\Autorun for mthev => C:\Program Files\PowerToys\PowerToys.exe [1192328 2021-10-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F9DEE7F-176D-4619-B477-6B2D0C426F0A} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [456544 2016-11-03] (HP Inc. -> )
Task: {108E3781-3725-4165-A36C-08FA63FCDBF7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {252A478C-38D4-47CB-A614-23D193AFFB6D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
Task: {28A0A941-0910-4EE5-B5D9-4FB21B6ADE3D} - System32\Tasks\G2MUpdateTask-S-1-5-21-962103061-607530579-3897627773-1001 => C:\Users\mthev\AppData\Local\GoToMeeting\19932\g2mupdate.exe [31176 2021-11-12] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {3A8AC637-C764-4232-A929-CFAD4550C6B9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {40175BF7-DA03-462B-86F4-B2484567C5ED} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-11] (Piriform Ltd -> Piriform Ltd)
Task: {4D43CDBA-AE74-4069-A726-1B5F0F0EE99A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4D630FDE-E9C1-4A5E-ADFF-E4E0E0E6EFFF} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1657880 2016-10-04] (HP Inc. -> HP Inc.)
Task: {54ACB1A5-4339-4EE6-B763-E4A085FBC9C4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (Pas de fichier)
Task: {55683CC1-09DE-4868-AFA6-6FCA2324E5A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1148080 2021-10-27] (HP Inc. -> HP Inc.)
Task: {5917A9A6-4B78-4B4B-B90E-21F44DD9B3A5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5F4DA93E-A178-469E-9C1F-B2292303A5F9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {6D570C51-0E09-473C-A960-95CB6A5C25E5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {714389C8-130A-4543-996A-B1A6AB5EE256} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22817672 2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {7A1D1098-7B7C-41FE-B142-C9753BAAE218} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [222944 2016-08-15] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {8F6496C6-FCA6-4BB4-86E7-498D902145AF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {92B9FED2-7D4C-47AE-8097-C21877040AC7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108936 2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F1EA308-2C7B-491D-A0E7-E952D2FF42AC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [314032 2021-10-27] (HP Inc. -> HP Inc.)
Task: {A063AEEF-5E93-4725-99EF-C70E4BA03F3C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108936 2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A1F6747C-5DBC-465F-851F-E894BC7A4890} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2015968 2016-08-15] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {A37E289C-5CCA-48FE-AF4C-D9ED90EAC9E9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-20] (Google Inc -> Google Inc.)
Task: {A4AD1BCF-F458-4F45-A3CB-A4A0B9B1BE72} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {AB0A87FD-EB27-4677-82AA-9D2F0D6D3252} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22817672 2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {D110749B-798F-4B31-8758-A5EA89899DD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-20] (Google Inc -> Google Inc.)
Task: {DC76C314-4B42-4CE7-BC5A-1C5EC78B3819} - System32\Tasks\G2MUploadTask-S-1-5-21-962103061-607530579-3897627773-1001 => C:\Users\mthev\AppData\Local\GoToMeeting\19932\g2mupload.exe [31176 2021-11-12] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {E71083F4-3702-41CE-BADA-77B6A9901B42} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [222944 2016-08-15] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {EBC7579E-08C0-44B2-85AA-380B3959651B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2021-10-27] (HP Inc. -> HP Inc.)
Task: {EEC0E0AB-8535-48D8-B6ED-5446FE2B15C8} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (Pas de fichier)
Task: {F3D814B1-027F-47A3-9FF1-AAFD1F989159} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1176992 2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-962103061-607530579-3897627773-1001.job => C:\Users\mthev\AppData\Local\GoToMeeting\19932\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-962103061-607530579-3897627773-1001.job => C:\Users\mthev\AppData\Local\GoToMeeting\19932\g2mupload.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{1b219cf8-74f9-4e86-8193-ad1563228849}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{564dcd70-eaed-468e-b214-28cd2a116698}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{b81b1671-f4ac-4849-945c-ade8868ad19c}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Edge:
=======
DownloadDir: C:\Users\mthev\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\mthev\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-22]
Edge StartupUrls: Default -> "hxxps://google.fr/"
FireFox:
========
FF DefaultProfile: lc90toee.default-1509961176254-1594545559276
FF ProfilePath: C:\Users\mthev\AppData\Roaming\Mozilla\Firefox\Profiles\lc90toee.default-1509961176254-1594545559276 [2021-11-24]
FF DownloadDir: C:\Users\mthev\Downloads
FF Notifications: Mozilla\Firefox\Profiles\lc90toee.default-1509961176254-1594545559276 -> hxxps://web.whatsapp.com; hxxps://padlet.com; hxxps://www.beecome.io; hxxps://www.loom.com; hxxps://pomofocus.io
FF Extension: (LastPass: Free Password Manager) - C:\Users\mthev\AppData\Roaming\Mozilla\Firefox\Profiles\lc90toee.default-1509961176254-1594545559276\Extensions\support@lastpass.com.xpi [2021-09-24]
FF Extension: (Diigo Web Collector - Capture and Annotate) - C:\Users\mthev\AppData\Roaming\Mozilla\Firefox\Profiles\lc90toee.default-1509961176254-1594545559276\Extensions\{fc2b8f80-d9a5-4f51-8076-7c7ce3c67ee3}.xpi [2020-07-12]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-17] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-06-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-06-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-17] (Adobe Systems Incorporated -> )
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-962103061-607530579-3897627773-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\mthev\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google Inc -> Google)
FF Plugin HKU\S-1-5-21-962103061-607530579-3897627773-1001: @talk.google.com/O1DPlugin -> C:\Users\mthev\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google Inc -> Google)
FF Plugin HKU\S-1-5-21-962103061-607530579-3897627773-1001: @tools.google.com/Google Update;version=3 -> C:\Users\mthev\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-962103061-607530579-3897627773-1001: @tools.google.com/Google Update;version=9 -> C:\Users\mthev\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin ProgramFiles/Appdata: C:\Users\mthev\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2017-11-03]
FF Plugin ProgramFiles/Appdata: C:\Users\mthev\AppData\Roaming\mozilla\plugins\npo1d.dll [2017-11-03]
Chrome:
=======
CHR Profile: C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default [2021-11-23]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://pomofocus.io; hxxps://web.skype.com
CHR HomePage: Default -> hxxp://www.google.com
CHR Extension: (Slides) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-20]
CHR Extension: (Docs) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20]
CHR Extension: (Google Drive) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-20]
CHR Extension: (CaretTab - Nouvelle horloge à onglet et date) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\cojpndognjdcakkimaloeealehpkljna [2021-10-18]
CHR Extension: (Facebook Pixel Helper) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2020-10-04]
CHR Extension: (Sheets) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-20]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-11-23]
CHR Extension: (Office Online - Copier et coller) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej [2021-01-12]
CHR Extension: (Save to Pocket) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2021-11-11]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Diigo Web Collector - Capture and Annotate) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhplgjpclknigjpccbcnmicgcieojbh [2021-08-29]
CHR HKU\S-1-5-21-962103061-607530579-3897627773-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-11-17] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12131744 2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
R2 Everything; C:\Program Files\Everything\Everything.exe [2237256 2020-03-13] (voidtools -> voidtools)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [Fichier non signé]
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [755704 2021-10-06] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [754184 2021-10-06] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [751104 2021-10-06] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [754688 2021-10-06] (HP Inc. -> HP Inc.)
S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc. -> HP Inc.)
R2 LogiSyncHandler; C:\Program Files (x86)\Logitech\LogiSync\sync-agent\LogiSyncHandler.exe [5820928 2021-10-27] (Logitech Inc -> )
R2 LogiSyncMiddleware; C:\Program Files (x86)\Logitech\LogiSync\sync-agent\LogiSyncMiddleware.exe [6866432 2021-11-16] (Logitech Inc -> )
R2 LogiSyncProxy; C:\Program Files (x86)\Logitech\LogiSync\sync-agent\LogiSyncProxy.exe [6054912 2021-11-10] (Logitech Inc -> )
R2 LogiSyncStub; C:\Program Files (x86)\Logitech\LogiSyncStub\LogiSyncStub.exe [2229264 2021-02-17] (Logitech Inc -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-12] (Malwarebytes Inc -> Malwarebytes)
R2 myCANAL Server; C:\ProgramData\myCANAL\nssm.exe [294912 2019-06-26] () [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-09-09] (Google LLC -> Google, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2020-12-30] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193448 2021-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2021-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-12] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [909728 2020-05-26] (Sunplus Innovation Technology Inc. -> Sunplus Innovation Technology Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-11-24 15:35 - 2021-11-24 15:37 - 000033827 _____ C:\Users\mthev\Desktop\FRST.txt
2021-11-24 15:34 - 2021-11-24 15:34 - 002311680 _____ (Farbar) C:\Users\mthev\Desktop\FRST64.exe
2021-11-24 12:59 - 2021-11-24 12:59 - 003477656 _____ (Nicolas Coolman) C:\Users\mthev\Downloads\ZHPSuite(1).exe
2021-11-24 12:58 - 2021-11-24 12:58 - 000193448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-11-24 12:58 - 2021-11-24 12:58 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-11-24 12:58 - 2021-11-24 12:58 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-11-24 12:52 - 2021-11-24 13:00 - 000000872 _____ C:\Users\mthev\Desktop\ZHPSuite.lnk
2021-11-24 12:51 - 2021-11-24 12:51 - 003477656 _____ (Nicolas Coolman) C:\Users\mthev\Downloads\ZHPSuite.exe
2021-11-24 12:29 - 2021-11-24 13:11 - 000417605 _____ C:\Users\mthev\Desktop\ZHPDiag.txt
2021-11-24 12:16 - 2021-11-24 12:16 - 000000872 _____ C:\Users\mthev\Desktop\ZHPDiag.lnk
2021-11-24 12:15 - 2021-11-24 12:15 - 003282584 _____ (Nicolas Coolman) C:\Users\mthev\Downloads\ZHPDiag3.exe
2021-11-23 10:25 - 2021-11-23 10:25 - 000207276 _____ C:\Users\mthev\Downloads\evaluationIndividuelle_3378-BenoitKOSCIELNIAK-fusionné.pdf
2021-11-23 09:58 - 2021-11-23 09:58 - 000056451 _____ C:\Users\mthev\Downloads\evaluationIndividuelle_3378-FabienSIMIAN_MERMIER.pdf
2021-11-23 08:01 - 2021-11-23 23:11 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-11-22 22:08 - 2021-11-22 22:08 - 002558622 _____ C:\Users\mthev\Downloads\ilovepdf_rotated.zip
2021-11-22 22:00 - 2021-11-22 22:00 - 002606357 _____ C:\Users\mthev\Downloads\sejda-1YEHDW.zip
2021-11-22 21:42 - 2021-11-22 21:42 - 001048550 _____ C:\Users\mthev\Downloads\sejda-GBY5LL.zip
2021-11-22 19:19 - 2021-11-22 19:19 - 000000000 ___SD C:\Users\mthev\Documents\Mes sources de données
2021-11-20 16:25 - 2021-11-20 16:25 - 000027120 _____ C:\Users\mthev\Downloads\feuilledepresence-3378(1).pdf
2021-11-20 16:24 - 2021-11-20 16:24 - 000026573 _____ C:\Users\mthev\Downloads\feuilledepresence-3378.pdf
2021-11-19 23:57 - 2021-11-19 23:57 - 005318454 _____ C:\Users\mthev\Downloads\Le corps n'oublie rien - Extrait (1).pdf
2021-11-19 23:57 - 2021-11-19 23:57 - 000478533 _____ C:\Users\mthev\Downloads\Travail préparatoire.pdf
2021-11-19 23:57 - 2021-11-19 23:57 - 000172131 _____ C:\Users\mthev\Downloads\La theorie de l'attachement - apports et controverses (1).pdf
2021-11-19 17:04 - 2021-11-19 17:04 - 001905068 _____ C:\Users\mthev\Downloads\evaluationIndividuelle_fusionné.pdf
2021-11-19 17:01 - 2021-11-19 17:02 - 000257507 _____ C:\Users\mthev\Downloads\evaluationIndividuelle_3438-CcileLE_COADOU(1)-fusionné(2).pdf
2021-11-19 17:01 - 2021-11-19 17:01 - 000257507 _____ C:\Users\mthev\Downloads\evaluationIndividuelle_3438-CcileLE_COADOU(1)-fusionné(1).pdf
2021-11-19 16:59 - 2021-11-19 16:59 - 000257507 _____ C:\Users\mthev\Downloads\evaluationIndividuelle_3438-CcileLE_COADOU(1)-fusionné.pdf
2021-11-19 09:37 - 2021-11-19 09:37 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-11-16 13:59 - 2021-11-16 14:00 - 000000000 ____D C:\Users\mthev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-11-12 16:12 - 2021-11-12 16:12 - 000056523 _____ C:\Users\mthev\Downloads\evaluationIndividuelle_3437-JaniceMITHOUARD(1).pdf
2021-11-12 15:03 - 2021-11-12 15:10 - 000056523 _____ C:\Users\mthev\Downloads\evaluationIndividuelle_3437-JaniceMITHOUARD.pdf
2021-11-12 11:29 - 2021-11-12 11:29 - 000001863 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind.lnk
2021-11-12 10:47 - 2021-11-12 10:47 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-11-11 20:38 - 2021-10-08 11:00 - 000160376 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys
2021-11-10 21:15 - 2021-11-10 21:15 - 001328408 _____ C:\WINDOWS\system32\FaceTrackerInternal.dll
2021-11-10 21:15 - 2021-11-10 21:15 - 001321984 _____ C:\WINDOWS\system32\FaceProcessor.dll
2021-11-10 21:15 - 2021-11-10 21:15 - 000503576 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2021-11-10 21:14 - 2021-11-10 21:14 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-10 21:14 - 2021-11-10 21:14 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-10 21:14 - 2021-11-10 21:14 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-10 21:14 - 2021-11-10 21:14 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-10 21:07 - 2021-11-10 21:07 - 000000000 ___HD C:\$WinREAgent
2021-11-10 19:12 - 2021-11-10 19:12 - 000045800 _____ C:\Users\mthev\Downloads\VwznN5wpvzrE.pdf
2021-11-10 19:12 - 2021-11-10 19:12 - 000045790 _____ C:\Users\mthev\Downloads\CEF3B7D6-E31A-410E-8732-E6F464605EF2(1).pdf
2021-11-09 10:37 - 2021-11-09 10:38 - 737097729 _____ C:\Users\mthev\Downloads\Bio-Logic-20211109_090100-Enregistrement de la réunion.mp4
2021-11-09 10:32 - 2021-11-09 10:32 - 000004804 _____ C:\Users\mthev\Downloads\meetingAttendanceReport(Bio-Logic).csv
2021-11-08 16:16 - 2021-11-08 16:16 - 000000000 ____D C:\Users\mthev\AppData\Local\SolidDocuments
2021-11-08 16:06 - 2021-11-08 16:06 - 000000000 ____D C:\Program Files\Adobe
2021-11-08 16:05 - 2021-11-10 20:08 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-11-08 12:24 - 2021-11-08 12:24 - 000056398 _____ C:\Users\mthev\Downloads\evaluationIndividuelle_3438-CcileLE_COADOU.pdf
2021-11-08 12:09 - 2021-11-08 12:09 - 000010745 _____ C:\Users\mthev\Downloads\20211108 - meetingAttendanceReport(Stryker - Formation Télétravail pour les collaborateurs) (3).csv.xlsx
2021-11-08 12:08 - 2021-11-08 12:08 - 000002682 _____ C:\Users\mthev\Downloads\meetingAttendanceReport(Stryker - Formation Télétravail pour les collaborateurs) (3).csv
2021-11-05 09:50 - 2021-11-05 09:50 - 010865676 _____ C:\Users\mthev\Desktop\sauvegarde feedback.pptx
2021-11-04 16:58 - 2021-11-04 16:58 - 000200206 _____ C:\Users\mthev\Downloads\besoins.pdf
2021-11-04 08:46 - 2021-11-04 08:46 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-04 08:46 - 2021-11-04 08:46 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-11-03 14:42 - 2021-11-03 14:42 - 000001700 _____ C:\Users\mthev\Downloads\meetingAttendanceReport(MINITUBES - groupes de pairs) (2).csv
2021-11-03 14:38 - 2021-11-03 14:38 - 000002246 _____ C:\Users\mthev\Downloads\meetingAttendanceReport(MINITUBES - groupes de pairs) (1).csv
2021-11-02 14:46 - 2021-11-24 12:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys
2021-11-02 14:46 - 2021-11-02 14:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerToys (Preview)
2021-10-29 13:33 - 2021-10-29 13:33 - 000257250 _____ C:\Users\mthev\Downloads\evaluationIndividuelle_3347-AlexisROGER-fusionné.pdf
2021-10-28 20:16 - 2021-10-28 20:16 - 012245264 _____ (UCAYA) C:\Users\mthev\Downloads\myCANAL-setup(1).exe
2021-10-28 08:42 - 2021-10-28 08:42 - 003130924 _____ C:\Users\mthev\Downloads\managing-emotions-infographic.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-11-24 15:38 - 2017-10-20 11:58 - 000000000 ____D C:\Users\mthev\AppData\Roaming\Slack
2021-11-24 15:36 - 2019-11-19 10:42 - 000000000 ____D C:\FRST
2021-11-24 15:33 - 2021-01-03 10:44 - 000000000 ____D C:\Users\mthev\AppData\LocalLow\IGDump
2021-11-24 15:26 - 2018-05-29 15:28 - 000000000 ____D C:\Users\mthev\Documents\Fichiers Outlook
2021-11-24 15:26 - 2017-10-20 10:01 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-24 13:53 - 2020-09-27 06:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-24 13:13 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-24 13:12 - 2018-03-12 22:04 - 000000000 ____D C:\Users\mthev\AppData\Roaming\ZHP
2021-11-24 13:05 - 2020-12-02 23:50 - 001924270 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-24 13:05 - 2019-12-07 15:49 - 000834610 _____ C:\WINDOWS\system32\perfh00C.dat
2021-11-24 13:05 - 2019-12-07 15:49 - 000168324 _____ C:\WINDOWS\system32\perfc00C.dat
2021-11-24 13:05 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-24 13:03 - 2018-04-16 12:50 - 000000000 ____D C:\Users\mthev\AppData\Roaming\Airtable
2021-11-24 12:59 - 2021-09-28 06:59 - 000000292 _____ C:\Users\mthev\Google Drive.lnk
2021-11-24 12:59 - 2020-12-02 23:33 - 000000000 ____D C:\Users\mthev
2021-11-24 12:59 - 2019-01-31 08:47 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-24 12:58 - 2020-09-27 08:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-24 12:58 - 2020-09-27 06:51 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-24 12:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-11-24 12:58 - 2017-10-20 10:26 - 000000000 ____D C:\Users\mthev\AppData\LocalLow\Mozilla
2021-11-24 12:58 - 2017-10-20 09:55 - 000000000 ___RD C:\Users\mthev\OneDrive
2021-11-24 12:58 - 2017-10-20 09:54 - 000000000 __SHD C:\Users\mthev\IntelGraphicsProfiles
2021-11-24 12:57 - 2021-02-02 22:54 - 000000000 ____D C:\Users\mthev\AppData\Local\Everything
2021-11-24 12:57 - 2021-02-02 08:42 - 000000000 ____D C:\Users\mthev\AppData\Roaming\Everything
2021-11-24 12:57 - 2019-12-07 10:03 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2021-11-24 12:52 - 2018-03-12 22:04 - 000000000 ____D C:\Users\mthev\AppData\Local\ZHP
2021-11-24 10:36 - 2020-12-02 23:53 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-962103061-607530579-3897627773-1001
2021-11-24 10:36 - 2020-12-02 23:33 - 000002424 _____ C:\Users\mthev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-23 23:11 - 2019-11-15 18:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-23 19:04 - 2019-05-08 17:26 - 000000000 ____D C:\Users\mthev\Documents\Zoom
2021-11-23 17:55 - 2021-10-07 06:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-11-23 17:55 - 2019-11-15 18:45 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-23 10:57 - 2018-07-24 07:58 - 000000000 ____D C:\Users\mthev\AppData\Local\CrashDumps
2021-11-23 08:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-22 18:00 - 2018-06-11 16:22 - 000000000 ____D C:\Users\mthev\AppData\Local\D3DSCache
2021-11-22 14:31 - 2020-12-02 23:53 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-11-21 11:05 - 2020-11-04 10:28 - 000000000 ____D C:\Users\mthev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-11-21 11:05 - 2020-11-04 10:28 - 000000000 ____D C:\Users\mthev\AppData\Roaming\discord
2021-11-21 11:05 - 2020-11-04 10:28 - 000000000 ____D C:\Users\mthev\AppData\Local\Discord
2021-11-21 11:02 - 2019-11-19 21:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-11-21 10:16 - 2020-09-27 08:54 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-21 10:16 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-20 12:26 - 2020-09-27 08:55 - 000000000 ____D C:\ProgramData\Packages
2021-11-19 22:16 - 2021-09-22 11:53 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2021-11-19 22:16 - 2021-09-22 11:53 - 000001906 _____ C:\Users\Default\Desktop\Google Slides.lnk
2021-11-19 22:16 - 2021-09-22 11:53 - 000001906 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2021-11-19 22:16 - 2021-09-22 11:53 - 000001894 _____ C:\Users\Default\Desktop\Google Docs.lnk
2021-11-19 09:38 - 2021-07-01 07:26 - 000002482 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-11-19 09:37 - 2016-12-29 13:44 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-11-17 06:52 - 2021-01-12 08:35 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6c8fd88686135
2021-11-17 06:52 - 2020-09-27 08:53 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-16 17:11 - 2017-12-16 13:01 - 000000000 ____D C:\Users\mthev\AppData\Local\Packages
2021-11-16 14:00 - 2018-02-14 22:40 - 000000000 ____D C:\Users\mthev\AppData\Roaming\Zoom
2021-11-15 08:22 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-13 09:41 - 2018-06-07 10:30 - 000000666 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-962103061-607530579-3897627773-1001.job
2021-11-13 09:41 - 2018-06-07 10:30 - 000000570 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-962103061-607530579-3897627773-1001.job
2021-11-12 11:29 - 2020-08-07 11:09 - 000000000 ____D C:\Program Files\XMind
2021-11-12 11:03 - 2019-02-04 07:32 - 000000000 ____D C:\Users\mthev\AppData\Roaming\HandBrake
2021-11-12 09:17 - 2020-12-02 23:53 - 000003832 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-962103061-607530579-3897627773-1001
2021-11-12 09:17 - 2020-12-02 23:53 - 000003736 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-962103061-607530579-3897627773-1001
2021-11-12 09:17 - 2018-06-07 10:30 - 000000000 ____D C:\Users\mthev\AppData\Local\GoToMeeting
2021-11-11 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-11-10 23:43 - 2020-09-27 06:51 - 000544424 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-10 23:42 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-10 23:42 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-10 23:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-10 23:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-10 23:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-10 23:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-10 23:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-10 23:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-10 23:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-10 23:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-10 23:42 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-10 21:06 - 2017-10-24 09:08 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-10 21:02 - 2017-10-24 09:08 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-08 20:01 - 2019-11-07 14:34 - 000000000 ____D C:\Users\mthev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
2021-11-08 20:01 - 2017-10-20 11:57 - 000000000 ____D C:\Users\mthev\AppData\Local\SquirrelTemp
2021-11-08 20:01 - 2017-10-20 11:57 - 000000000 ____D C:\Users\mthev\AppData\Local\slack
2021-11-08 16:16 - 2017-10-20 09:54 - 000000000 ____D C:\Users\mthev\AppData\Roaming\Adobe
2021-11-08 16:05 - 2017-10-20 14:17 - 000000000 ____D C:\ProgramData\Adobe
2021-11-04 17:15 - 2020-12-10 18:01 - 000000000 ____D C:\Users\mthev\AppData\Roaming\Loom
2021-11-03 08:05 - 2020-09-27 08:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-11-03 08:03 - 2020-03-17 15:57 - 000002371 _____ C:\Users\mthev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-11-02 14:46 - 2021-08-06 07:34 - 000000000 ____D C:\Program Files\PowerToys
2021-10-28 20:17 - 2018-10-26 20:10 - 000002507 _____ C:\Users\mthev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\myCANAL.lnk
2021-10-28 18:35 - 2020-09-27 08:55 - 000000000 __RHD C:\Users\Public\AccountPictures
==================== Fichiers à la racine de certains dossiers ========
2019-05-20 20:50 - 2019-05-20 20:50 - 001151544 _____ (Google LLC) C:\Users\mthev\installbackupandsync.exe
2019-01-02 17:38 - 2019-01-02 17:38 - 000001631 _____ () C:\Users\mthev\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par mthev (administrateur) sur DESKTOP-CD6TEAN (HP HP Spectre x360 Convertible 13-ac0XX) (24-11-2021 15:35:41)
Exécuté depuis C:\Users\mthev\Desktop
Profils chargés: mthev
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1348 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\ProgramData\myCANAL\nssm.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Calendly LLC -> Calendly) C:\Program Files (x86)\Calendly for Outlook\calendly.exe
(Formagrid, Inc. -> Airtable) C:\Users\mthev\AppData\Local\Airtable\app-1.4.5\Airtable.exe <5>
(Gadwin, Ltd. -> Gadwin Systems) C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\53.0.8.0\crashpad_handler.exe <2>
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe <7>
(Groupe Canal+ -> ) C:\ProgramData\myCANAL\myCANAL.Service.exe
(HP Inc. -> ) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
(HP Inc.) [Fichier non signé] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125049.inf_amd64_77ae5ee10f2a986a\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125049.inf_amd64_77ae5ee10f2a986a\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125049.inf_amd64_77ae5ee10f2a986a\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125049.inf_amd64_77ae5ee10f2a986a\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Logitech Inc -> ) C:\Program Files (x86)\Logitech\LogiSync\sync-agent\LogiSyncHandler.exe
(Logitech Inc -> ) C:\Program Files (x86)\Logitech\LogiSync\sync-agent\LogiSyncMiddleware.exe
(Logitech Inc -> ) C:\Program Files (x86)\Logitech\LogiSync\sync-agent\LogiSyncProxy.exe
(Logitech Inc -> ) C:\Program Files (x86)\Logitech\LogiSync\sync-agent\rightsight\crashpad_handler.exe
(Logitech Inc -> ) C:\Program Files (x86)\Logitech\LogiSyncStub\LogiSyncStub.exe
(Logitech Inc -> Logitech Europe S.A.) C:\Program Files (x86)\Logitech\LogiSync\sync-agent\rightsight\RightSightService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> ColorPickerUI) C:\Program Files\PowerToys\modules\ColorPicker\ColorPickerUI.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.29\msedgewebview2.exe <12>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\FancyZones\PowerToys.FancyZones.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\KeyboardManager\KeyboardManagerEngine\PowerToys.KeyboardManagerEngine.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\launcher\PowerLauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\mthev\AppData\Local\Microsoft\OneDrive\21.230.1107.0004\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> PowerToys.Awake) C:\Program Files\PowerToys\modules\Awake\PowerToys.Awake.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(voidtools -> voidtools) C:\Program Files\Everything\Everything.exe <2>
(Wox) [Fichier non signé] C:\Users\mthev\AppData\Local\Wox\app-1.4.1196\Wox.exe
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\mthev\AppData\Roaming\Zoom\bin\Zoom.exe <2>
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\mthev\AppData\Roaming\Zoom\bin\ZoomOutlookIMPlugin.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9213440 2017-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Session] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2237256 2020-03-13] (voidtools -> voidtools)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324592 2017-10-31] (HP Inc. -> HP)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-962103061-607530579-3897627773-1001\...\Run: [Mattermost] => C:\Users\mthev\AppData\Local\Programs\mattermost-desktop\Mattermost.exe [98029384 2019-11-29] (Mattermost, Inc. -> Mattermost, Inc.)
HKU\S-1-5-21-962103061-607530579-3897627773-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\mthev\AppData\Local\Microsoft\Teams\Update.exe [2459280 2021-11-03] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-962103061-607530579-3897627773-1001\...\Run: [Wox] => C:\Users\mthev\AppData\Local\Wox\app-1.4.1196\Wox.exe [218112 2021-01-03] (Wox) [Fichier non signé]
HKU\S-1-5-21-962103061-607530579-3897627773-1001\...\Run: [Gadwin PrintScreen (64-bit)] => C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe [15216928 2017-09-20] (Gadwin, Ltd. -> Gadwin Systems)
HKU\S-1-5-21-962103061-607530579-3897627773-1001\...\Run: [Calendly for Outlook] => c:\program files (x86)\calendly for outlook\calendly.exe [9132984 2021-04-27] (Calendly LLC -> Calendly)
HKU\S-1-5-21-962103061-607530579-3897627773-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\UDC: C:\WINDOWS\system32\udcpm.dll [42456 2017-03-28] (fCoder SIA -> fCoder Group, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-19] (Google LLC -> Google LLC)
Startup: C:\Users\mthev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2021-07-01]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\mthev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wox.lnk [2021-01-03]
ShortcutTarget: Wox.lnk -> C:\Users\mthev\AppData\Local\Wox\Wox.exe (Wox) [Fichier non signé]
GroupPolicy-x32: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0053CFB0-B8E8-4668-B601-6EB405CADE15} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-11-17] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {039ECF9D-2E2B-4411-A0D0-A31A65719FED} - System32\Tasks\PowerToys\Autorun for mthev => C:\Program Files\PowerToys\PowerToys.exe [1192328 2021-10-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F9DEE7F-176D-4619-B477-6B2D0C426F0A} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [456544 2016-11-03] (HP Inc. -> )
Task: {108E3781-3725-4165-A36C-08FA63FCDBF7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {252A478C-38D4-47CB-A614-23D193AFFB6D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
Task: {28A0A941-0910-4EE5-B5D9-4FB21B6ADE3D} - System32\Tasks\G2MUpdateTask-S-1-5-21-962103061-607530579-3897627773-1001 => C:\Users\mthev\AppData\Local\GoToMeeting\19932\g2mupdate.exe [31176 2021-11-12] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {3A8AC637-C764-4232-A929-CFAD4550C6B9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {40175BF7-DA03-462B-86F4-B2484567C5ED} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-11] (Piriform Ltd -> Piriform Ltd)
Task: {4D43CDBA-AE74-4069-A726-1B5F0F0EE99A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4D630FDE-E9C1-4A5E-ADFF-E4E0E0E6EFFF} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1657880 2016-10-04] (HP Inc. -> HP Inc.)
Task: {54ACB1A5-4339-4EE6-B763-E4A085FBC9C4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (Pas de fichier)
Task: {55683CC1-09DE-4868-AFA6-6FCA2324E5A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1148080 2021-10-27] (HP Inc. -> HP Inc.)
Task: {5917A9A6-4B78-4B4B-B90E-21F44DD9B3A5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5F4DA93E-A178-469E-9C1F-B2292303A5F9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {6D570C51-0E09-473C-A960-95CB6A5C25E5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {714389C8-130A-4543-996A-B1A6AB5EE256} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22817672 2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {7A1D1098-7B7C-41FE-B142-C9753BAAE218} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [222944 2016-08-15] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {8F6496C6-FCA6-4BB4-86E7-498D902145AF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {92B9FED2-7D4C-47AE-8097-C21877040AC7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108936 2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F1EA308-2C7B-491D-A0E7-E952D2FF42AC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [314032 2021-10-27] (HP Inc. -> HP Inc.)
Task: {A063AEEF-5E93-4725-99EF-C70E4BA03F3C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108936 2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A1F6747C-5DBC-465F-851F-E894BC7A4890} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2015968 2016-08-15] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {A37E289C-5CCA-48FE-AF4C-D9ED90EAC9E9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-20] (Google Inc -> Google Inc.)
Task: {A4AD1BCF-F458-4F45-A3CB-A4A0B9B1BE72} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {AB0A87FD-EB27-4677-82AA-9D2F0D6D3252} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22817672 2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {D110749B-798F-4B31-8758-A5EA89899DD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-20] (Google Inc -> Google Inc.)
Task: {DC76C314-4B42-4CE7-BC5A-1C5EC78B3819} - System32\Tasks\G2MUploadTask-S-1-5-21-962103061-607530579-3897627773-1001 => C:\Users\mthev\AppData\Local\GoToMeeting\19932\g2mupload.exe [31176 2021-11-12] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {E71083F4-3702-41CE-BADA-77B6A9901B42} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [222944 2016-08-15] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {EBC7579E-08C0-44B2-85AA-380B3959651B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2021-10-27] (HP Inc. -> HP Inc.)
Task: {EEC0E0AB-8535-48D8-B6ED-5446FE2B15C8} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (Pas de fichier)
Task: {F3D814B1-027F-47A3-9FF1-AAFD1F989159} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1176992 2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-962103061-607530579-3897627773-1001.job => C:\Users\mthev\AppData\Local\GoToMeeting\19932\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-962103061-607530579-3897627773-1001.job => C:\Users\mthev\AppData\Local\GoToMeeting\19932\g2mupload.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{1b219cf8-74f9-4e86-8193-ad1563228849}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{564dcd70-eaed-468e-b214-28cd2a116698}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{b81b1671-f4ac-4849-945c-ade8868ad19c}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Edge:
=======
DownloadDir: C:\Users\mthev\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\mthev\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-22]
Edge StartupUrls: Default -> "hxxps://google.fr/"
FireFox:
========
FF DefaultProfile: lc90toee.default-1509961176254-1594545559276
FF ProfilePath: C:\Users\mthev\AppData\Roaming\Mozilla\Firefox\Profiles\lc90toee.default-1509961176254-1594545559276 [2021-11-24]
FF DownloadDir: C:\Users\mthev\Downloads
FF Notifications: Mozilla\Firefox\Profiles\lc90toee.default-1509961176254-1594545559276 -> hxxps://web.whatsapp.com; hxxps://padlet.com; hxxps://www.beecome.io; hxxps://www.loom.com; hxxps://pomofocus.io
FF Extension: (LastPass: Free Password Manager) - C:\Users\mthev\AppData\Roaming\Mozilla\Firefox\Profiles\lc90toee.default-1509961176254-1594545559276\Extensions\support@lastpass.com.xpi [2021-09-24]
FF Extension: (Diigo Web Collector - Capture and Annotate) - C:\Users\mthev\AppData\Roaming\Mozilla\Firefox\Profiles\lc90toee.default-1509961176254-1594545559276\Extensions\{fc2b8f80-d9a5-4f51-8076-7c7ce3c67ee3}.xpi [2020-07-12]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-17] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-06-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-06-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-17] (Adobe Systems Incorporated -> )
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-962103061-607530579-3897627773-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\mthev\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google Inc -> Google)
FF Plugin HKU\S-1-5-21-962103061-607530579-3897627773-1001: @talk.google.com/O1DPlugin -> C:\Users\mthev\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google Inc -> Google)
FF Plugin HKU\S-1-5-21-962103061-607530579-3897627773-1001: @tools.google.com/Google Update;version=3 -> C:\Users\mthev\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-962103061-607530579-3897627773-1001: @tools.google.com/Google Update;version=9 -> C:\Users\mthev\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin ProgramFiles/Appdata: C:\Users\mthev\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2017-11-03]
FF Plugin ProgramFiles/Appdata: C:\Users\mthev\AppData\Roaming\mozilla\plugins\npo1d.dll [2017-11-03]
Chrome:
=======
CHR Profile: C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default [2021-11-23]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://pomofocus.io; hxxps://web.skype.com
CHR HomePage: Default -> hxxp://www.google.com
CHR Extension: (Slides) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-20]
CHR Extension: (Docs) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20]
CHR Extension: (Google Drive) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-20]
CHR Extension: (CaretTab - Nouvelle horloge à onglet et date) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\cojpndognjdcakkimaloeealehpkljna [2021-10-18]
CHR Extension: (Facebook Pixel Helper) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2020-10-04]
CHR Extension: (Sheets) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-20]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-11-23]
CHR Extension: (Office Online - Copier et coller) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej [2021-01-12]
CHR Extension: (Save to Pocket) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2021-11-11]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Diigo Web Collector - Capture and Annotate) - C:\Users\mthev\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhplgjpclknigjpccbcnmicgcieojbh [2021-08-29]
CHR HKU\S-1-5-21-962103061-607530579-3897627773-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-11-17] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12131744 2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
R2 Everything; C:\Program Files\Everything\Everything.exe [2237256 2020-03-13] (voidtools -> voidtools)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [Fichier non signé]
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [755704 2021-10-06] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [754184 2021-10-06] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [751104 2021-10-06] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [754688 2021-10-06] (HP Inc. -> HP Inc.)
S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc. -> HP Inc.)
R2 LogiSyncHandler; C:\Program Files (x86)\Logitech\LogiSync\sync-agent\LogiSyncHandler.exe [5820928 2021-10-27] (Logitech Inc -> )
R2 LogiSyncMiddleware; C:\Program Files (x86)\Logitech\LogiSync\sync-agent\LogiSyncMiddleware.exe [6866432 2021-11-16] (Logitech Inc -> )
R2 LogiSyncProxy; C:\Program Files (x86)\Logitech\LogiSync\sync-agent\LogiSyncProxy.exe [6054912 2021-11-10] (Logitech Inc -> )
R2 LogiSyncStub; C:\Program Files (x86)\Logitech\LogiSyncStub\LogiSyncStub.exe [2229264 2021-02-17] (Logitech Inc -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-12] (Malwarebytes Inc -> Malwarebytes)
R2 myCANAL Server; C:\ProgramData\myCANAL\nssm.exe [294912 2019-06-26] () [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-09-09] (Google LLC -> Google, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2020-12-30] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193448 2021-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2021-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-12] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [909728 2020-05-26] (Sunplus Innovation Technology Inc. -> Sunplus Innovation Technology Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-11-24 15:35 - 2021-11-24 15:37 - 000033827 _____ C:\Users\mthev\Desktop\FRST.txt
2021-11-24 15:34 - 2021-11-24 15:34 - 002311680 _____ (Farbar) C:\Users\mthev\Desktop\FRST64.exe
2021-11-24 12:59 - 2021-11-24 12:59 - 003477656 _____ (Nicolas Coolman) C:\Users\mthev\Downloads\ZHPSuite(1).exe
2021-11-24 12:58 - 2021-11-24 12:58 - 000193448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-11-24 12:58 - 2021-11-24 12:58 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-11-24 12:58 - 2021-11-24 12:58 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-11-24 12:52 - 2021-11-24 13:00 - 000000872 _____ C:\Users\mthev\Desktop\ZHPSuite.lnk
2021-11-24 12:51 - 2021-11-24 12:51 - 003477656 _____ (Nicolas Coolman) C:\Users\mthev\Downloads\ZHPSuite.exe
2021-11-24 12:29 - 2021-11-24 13:11 - 000417605 _____ C:\Users\mthev\Desktop\ZHPDiag.txt
2021-11-24 12:16 - 2021-11-24 12:16 - 000000872 _____ C:\Users\mthev\Desktop\ZHPDiag.lnk
2021-11-24 12:15 - 2021-11-24 12:15 - 003282584 _____ (Nicolas Coolman) C:\Users\mthev\Downloads\ZHPDiag3.exe
2021-11-23 10:25 - 2021-11-23 10:25 - 000207276 _____ C:\Users\mthev\Downloads\evaluationIndividuelle_3378-BenoitKOSCIELNIAK-fusionné.pdf
2021-11-23 09:58 - 2021-11-23 09:58 - 000056451 _____ C:\Users\mthev\Downloads\evaluationIndividuelle_3378-FabienSIMIAN_MERMIER.pdf
2021-11-23 08:01 - 2021-11-23 23:11 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-11-22 22:08 - 2021-11-22 22:08 - 002558622 _____ C:\Users\mthev\Downloads\ilovepdf_rotated.zip
2021-11-22 22:00 - 2021-11-22 22:00 - 002606357 _____ C:\Users\mthev\Downloads\sejda-1YEHDW.zip
2021-11-22 21:42 - 2021-11-22 21:42 - 001048550 _____ C:\Users\mthev\Downloads\sejda-GBY5LL.zip
2021-11-22 19:19 - 2021-11-22 19:19 - 000000000 ___SD C:\Users\mthev\Documents\Mes sources de données
2021-11-20 16:25 - 2021-11-20 16:25 - 000027120 _____ C:\Users\mthev\Downloads\feuilledepresence-3378(1).pdf
2021-11-20 16:24 - 2021-11-20 16:24 - 000026573 _____ C:\Users\mthev\Downloads\feuilledepresence-3378.pdf
2021-11-19 23:57 - 2021-11-19 23:57 - 005318454 _____ C:\Users\mthev\Downloads\Le corps n'oublie rien - Extrait (1).pdf
2021-11-19 23:57 - 2021-11-19 23:57 - 000478533 _____ C:\Users\mthev\Downloads\Travail préparatoire.pdf
2021-11-19 23:57 - 2021-11-19 23:57 - 000172131 _____ C:\Users\mthev\Downloads\La theorie de l'attachement - apports et controverses (1).pdf
2021-11-19 17:04 - 2021-11-19 17:04 - 001905068 _____ C:\Users\mthev\Downloads\evaluationIndividuelle_fusionné.pdf
2021-11-19 17:01 - 2021-11-19 17:02 - 000257507 _____ C:\Users\mthev\Downloads\evaluationIndividuelle_3438-CcileLE_COADOU(1)-fusionné(2).pdf
2021-11-19 17:01 - 2021-11-19 17:01 - 000257507 _____ C:\Users\mthev\Downloads\evaluationIndividuelle_3438-CcileLE_COADOU(1)-fusionné(1).pdf
2021-11-19 16:59 - 2021-11-19 16:59 - 000257507 _____ C:\Users\mthev\Downloads\evaluationIndividuelle_3438-CcileLE_COADOU(1)-fusionné.pdf
2021-11-19 09:37 - 2021-11-19 09:37 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-11-16 13:59 - 2021-11-16 14:00 - 000000000 ____D C:\Users\mthev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-11-12 16:12 - 2021-11-12 16:12 - 000056523 _____ C:\Users\mthev\Downloads\evaluationIndividuelle_3437-JaniceMITHOUARD(1).pdf
2021-11-12 15:03 - 2021-11-12 15:10 - 000056523 _____ C:\Users\mthev\Downloads\evaluationIndividuelle_3437-JaniceMITHOUARD.pdf
2021-11-12 11:29 - 2021-11-12 11:29 - 000001863 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind.lnk
2021-11-12 10:47 - 2021-11-12 10:47 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-11-11 20:38 - 2021-10-08 11:00 - 000160376 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys
2021-11-10 21:15 - 2021-11-10 21:15 - 001328408 _____ C:\WINDOWS\system32\FaceTrackerInternal.dll
2021-11-10 21:15 - 2021-11-10 21:15 - 001321984 _____ C:\WINDOWS\system32\FaceProcessor.dll
2021-11-10 21:15 - 2021-11-10 21:15 - 000503576 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2021-11-10 21:14 - 2021-11-10 21:14 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-10 21:14 - 2021-11-10 21:14 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-10 21:14 - 2021-11-10 21:14 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-10 21:14 - 2021-11-10 21:14 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-10 21:07 - 2021-11-10 21:07 - 000000000 ___HD C:\$WinREAgent
2021-11-10 19:12 - 2021-11-10 19:12 - 000045800 _____ C:\Users\mthev\Downloads\VwznN5wpvzrE.pdf
2021-11-10 19:12 - 2021-11-10 19:12 - 000045790 _____ C:\Users\mthev\Downloads\CEF3B7D6-E31A-410E-8732-E6F464605EF2(1).pdf
2021-11-09 10:37 - 2021-11-09 10:38 - 737097729 _____ C:\Users\mthev\Downloads\Bio-Logic-20211109_090100-Enregistrement de la réunion.mp4
2021-11-09 10:32 - 2021-11-09 10:32 - 000004804 _____ C:\Users\mthev\Downloads\meetingAttendanceReport(Bio-Logic).csv
2021-11-08 16:16 - 2021-11-08 16:16 - 000000000 ____D C:\Users\mthev\AppData\Local\SolidDocuments
2021-11-08 16:06 - 2021-11-08 16:06 - 000000000 ____D C:\Program Files\Adobe
2021-11-08 16:05 - 2021-11-10 20:08 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-11-08 12:24 - 2021-11-08 12:24 - 000056398 _____ C:\Users\mthev\Downloads\evaluationIndividuelle_3438-CcileLE_COADOU.pdf
2021-11-08 12:09 - 2021-11-08 12:09 - 000010745 _____ C:\Users\mthev\Downloads\20211108 - meetingAttendanceReport(Stryker - Formation Télétravail pour les collaborateurs) (3).csv.xlsx
2021-11-08 12:08 - 2021-11-08 12:08 - 000002682 _____ C:\Users\mthev\Downloads\meetingAttendanceReport(Stryker - Formation Télétravail pour les collaborateurs) (3).csv
2021-11-05 09:50 - 2021-11-05 09:50 - 010865676 _____ C:\Users\mthev\Desktop\sauvegarde feedback.pptx
2021-11-04 16:58 - 2021-11-04 16:58 - 000200206 _____ C:\Users\mthev\Downloads\besoins.pdf
2021-11-04 08:46 - 2021-11-04 08:46 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-04 08:46 - 2021-11-04 08:46 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-11-03 14:42 - 2021-11-03 14:42 - 000001700 _____ C:\Users\mthev\Downloads\meetingAttendanceReport(MINITUBES - groupes de pairs) (2).csv
2021-11-03 14:38 - 2021-11-03 14:38 - 000002246 _____ C:\Users\mthev\Downloads\meetingAttendanceReport(MINITUBES - groupes de pairs) (1).csv
2021-11-02 14:46 - 2021-11-24 12:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys
2021-11-02 14:46 - 2021-11-02 14:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerToys (Preview)
2021-10-29 13:33 - 2021-10-29 13:33 - 000257250 _____ C:\Users\mthev\Downloads\evaluationIndividuelle_3347-AlexisROGER-fusionné.pdf
2021-10-28 20:16 - 2021-10-28 20:16 - 012245264 _____ (UCAYA) C:\Users\mthev\Downloads\myCANAL-setup(1).exe
2021-10-28 08:42 - 2021-10-28 08:42 - 003130924 _____ C:\Users\mthev\Downloads\managing-emotions-infographic.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-11-24 15:38 - 2017-10-20 11:58 - 000000000 ____D C:\Users\mthev\AppData\Roaming\Slack
2021-11-24 15:36 - 2019-11-19 10:42 - 000000000 ____D C:\FRST
2021-11-24 15:33 - 2021-01-03 10:44 - 000000000 ____D C:\Users\mthev\AppData\LocalLow\IGDump
2021-11-24 15:26 - 2018-05-29 15:28 - 000000000 ____D C:\Users\mthev\Documents\Fichiers Outlook
2021-11-24 15:26 - 2017-10-20 10:01 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-24 13:53 - 2020-09-27 06:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-24 13:13 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-24 13:12 - 2018-03-12 22:04 - 000000000 ____D C:\Users\mthev\AppData\Roaming\ZHP
2021-11-24 13:05 - 2020-12-02 23:50 - 001924270 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-24 13:05 - 2019-12-07 15:49 - 000834610 _____ C:\WINDOWS\system32\perfh00C.dat
2021-11-24 13:05 - 2019-12-07 15:49 - 000168324 _____ C:\WINDOWS\system32\perfc00C.dat
2021-11-24 13:05 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-24 13:03 - 2018-04-16 12:50 - 000000000 ____D C:\Users\mthev\AppData\Roaming\Airtable
2021-11-24 12:59 - 2021-09-28 06:59 - 000000292 _____ C:\Users\mthev\Google Drive.lnk
2021-11-24 12:59 - 2020-12-02 23:33 - 000000000 ____D C:\Users\mthev
2021-11-24 12:59 - 2019-01-31 08:47 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-24 12:58 - 2020-09-27 08:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-24 12:58 - 2020-09-27 06:51 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-24 12:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-11-24 12:58 - 2017-10-20 10:26 - 000000000 ____D C:\Users\mthev\AppData\LocalLow\Mozilla
2021-11-24 12:58 - 2017-10-20 09:55 - 000000000 ___RD C:\Users\mthev\OneDrive
2021-11-24 12:58 - 2017-10-20 09:54 - 000000000 __SHD C:\Users\mthev\IntelGraphicsProfiles
2021-11-24 12:57 - 2021-02-02 22:54 - 000000000 ____D C:\Users\mthev\AppData\Local\Everything
2021-11-24 12:57 - 2021-02-02 08:42 - 000000000 ____D C:\Users\mthev\AppData\Roaming\Everything
2021-11-24 12:57 - 2019-12-07 10:03 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2021-11-24 12:52 - 2018-03-12 22:04 - 000000000 ____D C:\Users\mthev\AppData\Local\ZHP
2021-11-24 10:36 - 2020-12-02 23:53 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-962103061-607530579-3897627773-1001
2021-11-24 10:36 - 2020-12-02 23:33 - 000002424 _____ C:\Users\mthev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-23 23:11 - 2019-11-15 18:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-23 19:04 - 2019-05-08 17:26 - 000000000 ____D C:\Users\mthev\Documents\Zoom
2021-11-23 17:55 - 2021-10-07 06:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-11-23 17:55 - 2019-11-15 18:45 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-23 10:57 - 2018-07-24 07:58 - 000000000 ____D C:\Users\mthev\AppData\Local\CrashDumps
2021-11-23 08:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-22 18:00 - 2018-06-11 16:22 - 000000000 ____D C:\Users\mthev\AppData\Local\D3DSCache
2021-11-22 14:31 - 2020-12-02 23:53 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-11-21 11:05 - 2020-11-04 10:28 - 000000000 ____D C:\Users\mthev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-11-21 11:05 - 2020-11-04 10:28 - 000000000 ____D C:\Users\mthev\AppData\Roaming\discord
2021-11-21 11:05 - 2020-11-04 10:28 - 000000000 ____D C:\Users\mthev\AppData\Local\Discord
2021-11-21 11:02 - 2019-11-19 21:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-11-21 10:16 - 2020-09-27 08:54 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-21 10:16 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-20 12:26 - 2020-09-27 08:55 - 000000000 ____D C:\ProgramData\Packages
2021-11-19 22:16 - 2021-09-22 11:53 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2021-11-19 22:16 - 2021-09-22 11:53 - 000001906 _____ C:\Users\Default\Desktop\Google Slides.lnk
2021-11-19 22:16 - 2021-09-22 11:53 - 000001906 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2021-11-19 22:16 - 2021-09-22 11:53 - 000001894 _____ C:\Users\Default\Desktop\Google Docs.lnk
2021-11-19 09:38 - 2021-07-01 07:26 - 000002482 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-11-19 09:37 - 2016-12-29 13:44 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-11-17 06:52 - 2021-01-12 08:35 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6c8fd88686135
2021-11-17 06:52 - 2020-09-27 08:53 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-16 17:11 - 2017-12-16 13:01 - 000000000 ____D C:\Users\mthev\AppData\Local\Packages
2021-11-16 14:00 - 2018-02-14 22:40 - 000000000 ____D C:\Users\mthev\AppData\Roaming\Zoom
2021-11-15 08:22 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-13 09:41 - 2018-06-07 10:30 - 000000666 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-962103061-607530579-3897627773-1001.job
2021-11-13 09:41 - 2018-06-07 10:30 - 000000570 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-962103061-607530579-3897627773-1001.job
2021-11-12 11:29 - 2020-08-07 11:09 - 000000000 ____D C:\Program Files\XMind
2021-11-12 11:03 - 2019-02-04 07:32 - 000000000 ____D C:\Users\mthev\AppData\Roaming\HandBrake
2021-11-12 09:17 - 2020-12-02 23:53 - 000003832 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-962103061-607530579-3897627773-1001
2021-11-12 09:17 - 2020-12-02 23:53 - 000003736 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-962103061-607530579-3897627773-1001
2021-11-12 09:17 - 2018-06-07 10:30 - 000000000 ____D C:\Users\mthev\AppData\Local\GoToMeeting
2021-11-11 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-11-10 23:43 - 2020-09-27 06:51 - 000544424 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-10 23:42 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-10 23:42 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-10 23:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-10 23:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-10 23:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-10 23:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-10 23:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-10 23:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-10 23:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-10 23:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-10 23:42 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-10 21:06 - 2017-10-24 09:08 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-10 21:02 - 2017-10-24 09:08 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-08 20:01 - 2019-11-07 14:34 - 000000000 ____D C:\Users\mthev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
2021-11-08 20:01 - 2017-10-20 11:57 - 000000000 ____D C:\Users\mthev\AppData\Local\SquirrelTemp
2021-11-08 20:01 - 2017-10-20 11:57 - 000000000 ____D C:\Users\mthev\AppData\Local\slack
2021-11-08 16:16 - 2017-10-20 09:54 - 000000000 ____D C:\Users\mthev\AppData\Roaming\Adobe
2021-11-08 16:05 - 2017-10-20 14:17 - 000000000 ____D C:\ProgramData\Adobe
2021-11-04 17:15 - 2020-12-10 18:01 - 000000000 ____D C:\Users\mthev\AppData\Roaming\Loom
2021-11-03 08:05 - 2020-09-27 08:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-11-03 08:03 - 2020-03-17 15:57 - 000002371 _____ C:\Users\mthev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-11-02 14:46 - 2021-08-06 07:34 - 000000000 ____D C:\Program Files\PowerToys
2021-10-28 20:17 - 2018-10-26 20:10 - 000002507 _____ C:\Users\mthev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\myCANAL.lnk
2021-10-28 18:35 - 2020-09-27 08:55 - 000000000 __RHD C:\Users\Public\AccountPictures
==================== Fichiers à la racine de certains dossiers ========
2019-05-20 20:50 - 2019-05-20 20:50 - 001151544 _____ (Google LLC) C:\Users\mthev\installbackupandsync.exe
2019-01-02 17:38 - 2019-01-02 17:38 - 000001631 _____ () C:\Users\mthev\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================