cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-12-2021
Exécuté par user (administrateur) sur TEMZI (Hewlett-Packard HP ProBook 450 G2) (13-12-2021 13:58:44)
Exécuté depuis C:\Users\user\Desktop
Profils chargés: user & openpgsvc
Plate-forme: Microsoft Windows 10 Professionnel Version 20H2 19042.985 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

() [Fichier non signé] C:\Program Files (x86)\Odoo 11.0\nssm\win64\nssm.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <31>
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\Ssms.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\msmdsrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(NetSupport Ltd -> NetSupport Ltd) C:\Users\user\AppData\Roaming\WinSupport\client32.exe
(PostgreSQL Global Development Group) [Fichier non signé] C:\Program Files (x86)\Odoo 11.0\PostgreSQL\bin\pg_ctl.exe
(PostgreSQL Global Development Group) [Fichier non signé] C:\Program Files (x86)\Odoo 11.0\PostgreSQL\bin\postgres.exe <7>
(Python Software Foundation -> Python Software Foundation) C:\Program Files (x86)\Odoo 11.0\python\python.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Smadsoft) [Fichier non signé] C:\Program Files (x86)\SMADAV\SMΔRTP.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Zainuddin Nafarin -> Smadav Software) C:\Program Files (x86)\SMADAV\SmadavProtect64.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKLM\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files (x86)\Wondershare\UniConverter\WSVCUUpdateHelper.exe (Pas de fichier)
HKLM-x32\...\Run: [SMΔRT-Protection] => C:\Program Files (x86)\Smadav\SMΔRTP.exe [1916440 2021-11-04] (Smadsoft) [Fichier non signé]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1136279609-3541499935-843867756-1001\...\Run: [MicrosoftEdgeAutoLaunch_8714F0D917266FE3AFB7F8BB98EEBC18] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKLM\...\Windows x64\Print Processors\LMADTP4C: C:\Windows\System32\spool\prtprocs\x64\LMADTP4C.DLL [269312 2013-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Lexmark International Inc.)
HKLM\...\Print\Monitors\LM_LMADTP: C:\WINDOWS\system32\LMADTPLANG.DLL [3059712 2013-07-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\96.0.4664.93\Installer\chrmstp.exe [2021-12-08] (Google LLC -> Google LLC)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\autoruning.ini.lnk [2021-05-19] <==== ATTENTION
ShortcutTarget: autoruning.ini.lnk -> C:\Users\user\AppData\Roaming\WinSupport\client32.exe (NetSupport Ltd -> NetSupport Ltd) <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {1E5D4917-0C47-4CD0-B540-C591D5320A00} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1FF67A09-5C0A-49CE-B570-F937D96ACB3E} - System32\Tasks\PostponeDeviceSetupToast_S-1-5-21-1136279609-3541499935-843867756-1001_1 => {5ded83ef-1e99-48cf-bf83-676d2a6db408} C:\Windows\System32\oobe\UserOOBE.dll [412160 2021-04-12] (Microsoft Windows -> Microsoft Corporation)
Task: {306982C2-AD74-4BAF-BDBD-33245A35CB11} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-26] (Google LLC -> Google LLC)
Task: {319F9B55-D3C1-4E3B-8464-C40117557BB0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {37AFEDB5-3DA7-412C-96FD-C88AEF52F7F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-26] (Google LLC -> Google LLC)
Task: {62A0BC71-78CC-489F-9CFD-F3A2136E24A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B4C22D4E-E9B2-4823-822D-B2A44D33E3CE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D558C8A6-76A1-4522-AA1C-215C54FB1342} - System32\Tasks\smadav => C:\Program Files (x86)\Smadav\SMΔRTP.exe [1916440 2021-11-04] (Smadsoft) [Fichier non signé]
Task: {FA98632C-462D-4188-BFAF-2B3397413B99} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 172.30.0.53 172.30.0.54 172.30.0.55 8.8.8.8
Tcpip\..\Interfaces\{8d22abd6-4eb8-4f5d-8626-f8b24f0225b5}: [DhcpNameServer] 172.30.0.53 172.30.0.54 172.30.0.55 8.8.8.8

Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-13]
Edge Extension: (IDM Integration Module) - C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-10-21]
Edge HKU\S-1-5-21-1136279609-3541499935-843867756-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2021-03-05]

FireFox:
========
FF DefaultProfile: olz23u3l.default
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\olz23u3l.default [2021-05-19]
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1z7f9zyw.default-release [2021-12-09]

Chrome:
=======
CHR DefaultProfile: Profile 3
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-11-17]
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3 [2021-12-13]
CHR Notifications: Profile 3 -> hxxps://www.facebook.com
CHR Extension: (Slides) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-11-17]
CHR Extension: (Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2021-11-17]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-11-17]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-11-17]
CHR Extension: (Sheets) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-11-17]
CHR Extension: (Google Docs hors connexion) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-05]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-17]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-11-17]
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\System Profile [2021-11-17]
CHR StartupUrls: System Profile -> "hxxp://sc2.searchpo.com/searcher/bingsearch"

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [12872144 2021-05-26] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 fpCsEvtSvc; C:\WINDOWS\system32\fpCSEvtSvc.exe [22496 2017-05-24] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 MsDtsServer100; C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [210784 2010-04-03] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [32096 2010-04-03] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [61913952 2010-04-03] (Microsoft Corporation -> Microsoft Corporation)
R2 odoo-server-11.0; C:\Program Files (x86)\Odoo 11.0\nssm\win64\nssm.exe [331264 2017-09-28] () [Fichier non signé]
R2 PostgreSQL_For_Odoo; C:\Program Files (x86)\Odoo 11.0\PostgreSQL\bin\pg_ctl.exe [80384 2017-08-08] (PostgreSQL Global Development Group) [Fichier non signé]
R2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2175328 2010-04-03] (Microsoft Corporation -> Microsoft Corporation)
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [526800 2021-05-26] (EnigmaSoft Limited -> EnigmaSoft Limited)
S3 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [428384 2010-04-03] (Microsoft Corporation -> Microsoft Corporation)
S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [82912 2017-05-24] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [57360 2021-04-12] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [47016 2021-04-12] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S2 AppServicea; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
S2 AppServiceb; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
S2 AppServicec; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
S2 AppServiced; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
S2 AppServicee; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
S2 AppServicef; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
S2 AppServiceg; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
S2 AppServiceh; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
S2 AppServicei; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
S2 AppServicej; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
S2 AppServicek; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
S2 AppServicel; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
S2 AppServicem; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
S2 AppServicen; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
S2 AppServiceo; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
S2 AppServicep; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
S2 AppServiceq; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
S2 AppServicer; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
S2 AppServices; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
S2 AppServicet; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
S2 AppServiceu; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
S2 AppServicev; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
S2 AppServicew; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
S2 AppServicex; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
S2 AppServicey; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION
R2 MSSQLServerOLAPService; "C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\msmdsrv.exe" -s "C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\Config"
S2 pubgame-updater; C:\WINDOWS\PublicGaming\appsetup.exe [X] <==== ATTENTION
S2 WinDefender; C:\WINDOWS\windefender.exe [X] <==== ATTENTION

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 EnigmaFileMonDriver; C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys [76744 2021-11-02] (EnigmaSoft Limited -> EnigmaSoft Limited)
R3 HpqKbFiltr; C:\WINDOWS\System32\drivers\HpqKbFiltr64.sys [37112 2015-06-17] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 MpKslc4f8ad10; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B92F356C-28D7-4EB2-A0A8-CCDFF560E75F}\MpKslDrv.sys [107744 2021-05-19] (Microsoft Windows -> Microsoft Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-12-13 13:58 - 2021-12-13 14:02 - 000019509 _____ C:\Users\user\Desktop\FRST.txt
2021-12-13 13:57 - 2021-12-13 13:57 - 002311168 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2021-12-13 08:51 - 2021-12-13 14:00 - 000000000 ____D C:\FRST
2021-12-13 08:41 - 2021-12-13 08:43 - 000003490 _____ C:\RstAssociations.txt
2021-12-09 09:43 - 2021-12-09 09:43 - 000004036 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-1136279609-3541499935-843867756-1001_1
2021-12-07 11:04 - 2021-12-07 11:05 - 000000000 ____D C:\LMD70SE
2021-12-07 11:02 - 2020-11-08 10:05 - 000000000 ____D C:\LMD 70
2021-12-06 14:47 - 2021-12-06 14:47 - 003799373 _____ C:\Users\user\Downloads\MGT.PDF
2021-11-30 11:03 - 2021-12-13 11:14 - 000030720 _____ C:\Users\user\Desktop\CREANCES 2021 PAR CLIENT.xls
2021-11-29 16:10 - 2021-11-29 16:32 - 000462848 _____ C:\Users\user\Desktop\CHIFFRE D'AFFAIRE ET CRANCES 2014_2020.xls
2021-11-28 15:33 - 2021-11-28 15:33 - 000025534 _____ C:\Users\user\Downloads\Balance odoo.xlsx
2021-11-24 16:21 - 2021-11-24 16:21 - 000060928 _____ C:\Users\user\Downloads\CA_CREANCES_CANEVA (1).xls
2021-11-16 10:44 - 2021-11-16 11:25 - 000047616 _____ C:\Users\user\Desktop\LISTE DES EQUIPEMENTS OBSOLETES AU 31-12-2020.xls

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-12-13 13:57 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-13 13:53 - 2020-11-26 14:23 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-13 13:38 - 2021-04-12 17:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-12-13 10:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-13 10:13 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-13 09:20 - 2020-12-23 00:00 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-13 08:14 - 2021-05-24 11:03 - 000000000 ____D C:\Users\user\AppData\Roaming\Smadav
2021-12-13 08:12 - 2020-07-30 12:29 - 000000000 __SHD C:\Users\user\IntelGraphicsProfiles
2021-12-13 08:11 - 2020-07-30 12:29 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-12-12 12:10 - 2021-06-20 11:42 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-12 12:10 - 2021-06-20 11:42 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d72fbcbcf4e903
2021-12-08 14:04 - 2021-04-12 17:58 - 002079696 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-08 14:04 - 2019-12-07 15:50 - 000833160 _____ C:\WINDOWS\system32\perfh00C.dat
2021-12-08 14:04 - 2019-12-07 15:50 - 000167890 _____ C:\WINDOWS\system32\perfc00C.dat
2021-12-08 14:04 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-08 11:16 - 2020-11-26 14:34 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-07 11:05 - 2020-11-08 09:43 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LMD-Tools SE
2021-12-06 10:39 - 2020-11-05 09:46 - 000000000 ____D C:\Users\user\Documents\SQL Server Management Studio
2021-11-17 10:43 - 2021-05-24 11:03 - 000000000 __SHD C:\[Smad-Cage]

==================== Fichiers à la racine de certains dossiers ========

2021-05-19 16:49 - 2021-05-20 08:09 - 000334288 _____ (Mozilla Foundation) C:\ProgramData\freebl3.dll
2021-05-19 16:49 - 2021-05-20 08:10 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2021-05-19 16:49 - 2021-05-20 08:10 - 000440120 _____ (Microsoft Corporation) C:\ProgramData\msvcp140.dll
2021-05-19 16:49 - 2021-05-20 08:10 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2021-05-19 16:49 - 2021-05-20 08:10 - 000144848 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll
2021-05-19 16:49 - 2021-05-20 08:10 - 000083784 _____ (Microsoft Corporation) C:\ProgramData\vcruntime140.dll
2021-05-19 16:31 - 2021-05-19 16:32 - 000000000 _____ () C:\Program Files (x86)\temp_files
2021-05-19 16:30 - 2021-05-19 16:30 - 000032768 _____ () C:\Users\user\AppData\Roaming\1621438220683-shm
2021-05-19 16:30 - 2021-05-19 16:30 - 000000000 _____ () C:\Users\user\AppData\Roaming\1621438220683-wal
2021-04-12 16:28 - 2021-04-12 16:28 - 000321226 ___SH () C:\Users\user\AppData\Roaming\viesvic
2021-05-19 14:56 - 2021-05-19 14:56 - 000000560 _____ () C:\Users\user\AppData\Local\bowsakkdestx.txt

==================== FLock ==============================

2021-11-02 13:42 C:\WINDOWS\system32\config\SYSTEM
2021-08-04 08:11 C:\WINDOWS\system32\Drivers\192vn335.sys

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================

Publicité


Signaler le contenu de ce document

Publicité