Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-09-2019 Exécuté par edema (administrateur) sur LAPTOP-JQ6PQOL4 (LENOVO 80XV) (15-09-2019 12:53:27) Exécuté depuis C:\Users\edema\Downloads Profils chargés: edema & (Profils disponibles: defaultuser0 & edema) Platform: Windows 10 Home Version 1803 17134.1006 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Bloomberg Finance L.P.) [Fichier non signé] C:\blp\Wintrv\Smartclient\OfficeHost\blpaddinhost.exe (Bloomberg L.P. -> Bloomberg L.P.) C:\blp\DAPI\bbcomm.exe (Bloomberg L.P.) [Fichier non signé] C:\blp\API\Office Tools\bxlartd.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\LenovoUtility\utility.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\edema\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\FileCoAuth.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\edema\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0331206.inf_amd64_4459b27c3381c034\B330720\atieclxx.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0331206.inf_amd64_4459b27c3381c034\B330720\atiesrxx.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe (SweetLabs Inc. -> SweetLabs, Inc) C:\Users\edema\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [1044904 2016-12-30] (LENOVO -> Lenovo(beijing) Limited) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-04-08] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [82183912 2019-07-11] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301146\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953747\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300064\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301193\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953779\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-3655374664-1735676624-2911693723-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300095\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-3655374664-1735676624-2911693723-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301350\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-3655374664-1735676624-2911693723-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953794\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-3655374664-1735676624-2911693723-1001\...\Run: [Discord] => C:\Users\edema\AppData\Local\Discord\app-0.0.304\Discord.exe [81747288 2019-01-15] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-3655374664-1735676624-2911693723-1001\...\Run: [CLRHost] => C:\blp\API\Office Tools\bbxlcmd.exe [2158592 2018-01-25] (Bloomberg L.P. -> ) HKU\S-1-5-21-3655374664-1735676624-2911693723-1001\...\Run: [Chromium] => c:\users\edema\appdata\local\chromium\application\chrome.exe [828416 2017-01-21] (The Chromium Authors) [Fichier non signé] HKU\S-1-5-21-3655374664-1735676624-2911693723-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe -startwithoutDA HKU\S-1-5-21-3655374664-1735676624-2911693723-1001\...\Run: [EpicGamesLauncher] => "E:\FRNT\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent HKU\S-1-5-21-3655374664-1735676624-2911693723-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\edema\AppData\Local\Microsoft\Teams\Update.exe [1789768 2019-08-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-3655374664-1735676624-2911693723-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300142\...\Run: [Discord] => C:\Users\edema\AppData\Local\Discord\app-0.0.304\Discord.exe [81747288 2019-01-15] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300142\...\Run: [CLRHost] => C:\blp\API\Office Tools\bbxlcmd.exe [2158592 2018-01-25] (Bloomberg L.P. -> ) HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300142\...\Run: [Chromium] => c:\users\edema\appdata\local\chromium\application\chrome.exe [828416 2017-01-21] (The Chromium Authors) [Fichier non signé] HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300142\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe -startwithoutDA HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300142\...\Run: [EpicGamesLauncher] => "E:\FRNT\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300142\...\Run: [com.squirrel.Teams.Teams] => C:\Users\edema\AppData\Local\Microsoft\Teams\Update.exe [1789768 2019-08-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300142\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE [179208 2019-08-31] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300142\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301396\...\Run: [Discord] => C:\Users\edema\AppData\Local\Discord\app-0.0.304\Discord.exe [81747288 2019-01-15] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301396\...\Run: [CLRHost] => C:\blp\API\Office Tools\bbxlcmd.exe [2158592 2018-01-25] (Bloomberg L.P. -> ) HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301396\...\Run: [Chromium] => c:\users\edema\appdata\local\chromium\application\chrome.exe [828416 2017-01-21] (The Chromium Authors) [Fichier non signé] HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301396\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe -startwithoutDA HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301396\...\Run: [EpicGamesLauncher] => "E:\FRNT\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301396\...\Run: [com.squirrel.Teams.Teams] => C:\Users\edema\AppData\Local\Microsoft\Teams\Update.exe [1789768 2019-08-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301396\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE [179208 2019-08-31] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301396\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953841\...\Run: [Discord] => C:\Users\edema\AppData\Local\Discord\app-0.0.304\Discord.exe [81747288 2019-01-15] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953841\...\Run: [CLRHost] => C:\blp\API\Office Tools\bbxlcmd.exe [2158592 2018-01-25] (Bloomberg L.P. -> ) HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953841\...\Run: [Chromium] => c:\users\edema\appdata\local\chromium\application\chrome.exe [828416 2017-01-21] (The Chromium Authors) [Fichier non signé] HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953841\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe -startwithoutDA HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953841\...\Run: [EpicGamesLauncher] => "E:\FRNT\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953841\...\Run: [com.squirrel.Teams.Teams] => C:\Users\edema\AppData\Local\Microsoft\Teams\Update.exe [1789768 2019-08-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953841\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\Installer\chrmstp.exe [2019-08-31] (Google LLC -> Google LLC) Startup: C:\Users\edema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2019-05-06] ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) ==================== Tâches planifiées (Avec liste blanche) ============= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {005150AB-48E5-457A-9338-BEFCFECC9126} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-03-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {0AC57BD3-9C0A-4510-8815-F91DA7D582AB} - System32\Tasks\{11279480-CCB7-C18F-C20E-41B8A20580B4}\Rilupe => C:\Users\edema\AppData\Local\Sogurekopud\Rilupe.exe [529920 2013-04-12] () [Fichier non signé] Task: {0B8570F3-FA5D-499A-ABA2-70D8C9C14402} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {0DD9C7CB-570C-458A-837C-592D2AF1E935} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49544 2018-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {14E0821B-E214-4A0D-AE76-0D4FBC221C6D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [117296 2019-08-31] (Microsoft Corporation -> Microsoft Corporation) Task: {1B018958-DE73-4708-AC78-D6DD361BCA10} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [117296 2019-08-31] (Microsoft Corporation -> Microsoft Corporation) Task: {24C6F4C9-E965-4501-BA08-AA539D40F818} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-18] (Google Inc -> Google Inc.) Task: {31C0F808-E3D5-4863-A1E2-7076239B827B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-08-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {45809232-0654-4C04-8ECA-E30623AD3EEB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a183bc84-f780-4989-812b-ba1b40a869a1 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.) Task: {4947F0F3-2AD7-498A-836A-2DF0B8C36B43} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [54440 2019-04-24] (Lenovo -> Lenovo Group Ltd.) Task: {498B709D-4F9A-4885-A188-D1F4CC83BA37} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1569912 2019-08-31] (Microsoft Corporation -> Microsoft Corporation) Task: {5D0A983E-B49E-4C85-AECF-59EFC0AA10F4} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION Task: {5D63CEF7-19AE-4A0A-8FBC-3F7FDD1C1385} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {7D1915C6-6D79-4655-978E-3F8DC3312074} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367016 2019-08-24] (Microsoft Corporation -> Microsoft Corporation) Task: {87A2FBB1-6774-456C-B223-EDC69A58D096} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.) Task: {A31FA9F4-7E58-4152-B812-490841C30D56} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-03-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {A6FB7274-56B3-49DD-A42B-FFDAD524A0A8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-18] (Google Inc -> Google Inc.) Task: {ABE1380D-16D3-46FD-BBA7-CD37946A6B37} - System32\Tasks\HPCustParticipation HP ENVY 7640 series => C:\Program Files\HP\HP ENVY 7640 series\Bin\HPCustPartic.exe [6438536 2017-05-23] (Hewlett Packard -> HP Inc.) Task: {AFB30E96-5636-4A1D-ABAF-D97459EB109C} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [69512 2018-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {B832FA77-4DC8-49A3-8AE0-D6B44723D9A0} - System32\Tasks\App Explorer => C:\Users\edema\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7399080 2019-06-04] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION Task: {BC60274E-B6C1-4C82-93A9-7D64FBF70769} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-08-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {BCFAEDF9-A5A4-4F15-B019-E3E91EFFD6AD} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-03-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {C2E2A9F4-33AC-4688-8072-11325DF5062B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-08-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {CF1A8F0B-8906-4C26-BEA7-3AD191999AAE} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\54c3e189-040e-4129-b719-0e368defb1c0 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.) Task: {D8C3D3DC-99DC-42DE-BF61-38EF866501BC} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-03-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {DDB865B8-A74F-4084-AFCC-8BAB4DEEA5B7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-08-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {DF0B6F6F-E4A3-441F-BADF-39599EB27841} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1428624 2019-08-31] (Microsoft Corporation -> Microsoft Corporation) Task: {E09227B4-D210-4E58-8032-199F82FA6D32} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1428624 2019-08-31] (Microsoft Corporation -> Microsoft Corporation) Task: {E42D8E76-8D15-4100-8830-6E8085FCD6F8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367016 2019-08-24] (Microsoft Corporation -> Microsoft Corporation) Task: {E4CF2B5B-C2C0-4095-8225-FC798FE7EFEB} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService Task: {F462D9F5-A439-4DA2-AA8D-28465B4F56B2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\968c013e-a93c-4e32-81d6-b1d1e8e17bab => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{14439d01-98a6-4a2e-9bbe-00c35ea33212}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{7d6fcace-7f28-407f-9e08-8b4472fbf8c1}: [DhcpNameServer] 192.168.1.254 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKU\S-1-5-21-3655374664-1735676624-2911693723-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE HKU\S-1-5-21-3655374664-1735676624-2911693723-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300142\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300142\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301396\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301396\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953841\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953841\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com SearchScopes: HKLM -> DefaultScope {88C25964-E496-45D5-BE0E-EA12B873EBA8} URL = SearchScopes: HKLM-x32 -> DefaultScope {88C25964-E496-45D5-BE0E-EA12B873EBA8} URL = SearchScopes: HKU\S-1-5-21-3655374664-1735676624-2911693723-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = SearchScopes: HKU\S-1-5-21-3655374664-1735676624-2911693723-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 SearchScopes: HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300142 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = SearchScopes: HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300142 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 SearchScopes: HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301396 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = SearchScopes: HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301396 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 SearchScopes: HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953841 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = SearchScopes: HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953841 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-30] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-04] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-02-12] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-12] (Oracle America, Inc. -> Oracle Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-31] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-31] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-31] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-31] (Microsoft Corporation -> Microsoft Corporation) Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Pas de fichier Edge: ====== DownloadDir: C:\Users\edema\Downloads Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.17.0_neutral__d55gg7py3s0m0 [2019-08-15] FireFox: ======== FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-12] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-12] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-04] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-04] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Pas de fichier] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) Chrome: ======= CHR Profile: C:\Users\edema\AppData\Local\Google\Chrome\User Data\Default [2019-08-26] CHR Extension: (Slides) - C:\Users\edema\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-18] CHR Extension: (Docs) - C:\Users\edema\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-18] CHR Extension: (Google Drive) - C:\Users\edema\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-18] CHR Extension: (YouTube) - C:\Users\edema\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-18] CHR Extension: (Sheets) - C:\Users\edema\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-18] CHR Extension: (Google Docs hors connexion) - C:\Users\edema\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-21] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\edema\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-18] CHR Extension: (Evernote Web Clipper) - C:\Users\edema\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2019-07-01] CHR Extension: (Gmail) - C:\Users\edema\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-11] CHR Extension: (Chrome Media Router) - C:\Users\edema\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-26] ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0331206.inf_amd64_4459b27c3381c034\B330720\atiesrxx.exe [475328 2018-07-18] (Microsoft Windows Hardware Compatibility Publisher -> AMD) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-03-29] (Apple Inc. -> Apple Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5745672 2018-04-25] (BattlEye Innovations e.K. -> ) S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [680288 2016-12-06] (LENOVO -> Lenovo) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11568224 2019-08-24] (Microsoft Corporation -> Microsoft Corporation) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-14] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144608 2017-01-23] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2018-09-27] (FUTUREMARK INC -> Futuremark) R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes) R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [190808 2018-07-29] (Qualcomm Atheros -> Qualcomm Technologies Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-08-15] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-08-15] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare Technology Co.,Ltd -> Wondershare) R2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [120096 2018-01-16] (Wondershare Technology Co.,Ltd -> Wondershare) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [34696 2017-10-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc) R3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [54128 2017-05-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc) S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. ) R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0331206.inf_amd64_4459b27c3381c034\B330720\atikmdag.sys [44675376 2018-07-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0331206.inf_amd64_4459b27c3381c034\B330720\atikmpag.sys [545072 2018-07-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [97672 2018-01-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R1 amdpsp; C:\WINDOWS\system32\DRIVERS\amdpsp.sys [239976 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. ) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-04-18] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-04-18] (WDKTestCert build,131474841775766162 -> Apple Inc.) R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-12-08] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-04-10] (Bluestack Systems, Inc. -> Bluestack System Inc. ) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes) R3 ETDHCF; C:\WINDOWS\System32\drivers\ETDHCF.sys [28752 2017-01-23] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-09-10] (Malwarebytes Corporation -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-09-14] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-09-14] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-09-14] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116112 2019-09-14] (Malwarebytes Corporation -> Malwarebytes) S3 PVUSB; C:\WINDOWS\System32\drivers\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD. -> CASIO COMPUTER CO.,LTD.) R3 Qcamain10x64; C:\WINDOWS\system32\DRIVERS\Qcamain10x64.sys [2355544 2018-07-29] (Qualcomm Atheros -> Qualcomm Atheros, Inc.) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [964136 2017-03-02] (Realtek Semiconductor Corp. -> Realtek ) S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-10-27] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation) R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3224576 2016-12-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [212552 2018-04-27] (Oracle Corporation -> Oracle Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-08-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344288 2019-08-15] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-08-15] (Microsoft Windows -> Microsoft Corporation) R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation -> Microsoft Corporation) U4 AppMgmt; pas de ImagePath U4 CscService; pas de ImagePath U4 napagent; pas de ImagePath U4 PeerDistSvc; pas de ImagePath ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2019-09-15 12:53 - 2019-09-15 12:55 - 000041649 _____ C:\Users\edema\Downloads\FRST.txt 2019-09-15 12:52 - 2019-09-15 12:53 - 000000000 ____D C:\FRST 2019-09-15 12:50 - 2019-09-15 12:50 - 001614848 _____ (Farbar) C:\Users\edema\Downloads\FRST64.exe 2019-09-15 12:48 - 2019-09-15 12:48 - 000000000 ___HD C:\$WINDOWS.~BT 2019-09-14 14:23 - 2019-09-14 14:23 - 000224408 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2019-09-14 14:23 - 2019-09-14 14:23 - 000116112 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2019-09-14 14:23 - 2019-09-14 14:23 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2019-09-14 14:23 - 2019-09-14 14:23 - 000000000 ___HD C:\OneDriveTemp 2019-09-14 14:22 - 2019-09-14 14:22 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2019-09-14 12:36 - 2019-09-14 12:36 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3655374664-1735676624-2911693723-1001 2019-09-14 12:36 - 2019-09-14 12:36 - 000002458 _____ C:\Users\edema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-09-13 18:07 - 2019-09-04 12:16 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2019-09-13 18:07 - 2019-09-04 12:16 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2019-09-13 18:07 - 2019-09-04 12:16 - 000810808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2019-09-13 18:07 - 2019-09-04 12:16 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2019-09-13 18:07 - 2019-09-04 12:16 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2019-09-13 18:07 - 2019-09-04 12:15 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2019-09-13 18:07 - 2019-09-04 12:15 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2019-09-13 18:07 - 2019-09-04 12:15 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2019-09-13 18:07 - 2019-09-04 12:15 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll 2019-09-13 18:07 - 2019-09-04 12:06 - 000581016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll 2019-09-13 18:07 - 2019-09-04 12:06 - 000541200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2019-09-13 18:07 - 2019-09-04 12:06 - 000402016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2019-09-13 18:07 - 2019-09-04 12:01 - 004527800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2019-09-13 18:07 - 2019-09-04 12:01 - 001516632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2019-09-13 18:07 - 2019-09-04 12:00 - 021399576 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2019-09-13 18:07 - 2019-09-04 12:00 - 001616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2019-09-13 18:07 - 2019-09-04 11:44 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2019-09-13 18:07 - 2019-09-04 11:43 - 008627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2019-09-13 18:07 - 2019-09-04 11:40 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-09-13 18:07 - 2019-09-04 11:40 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll 2019-09-13 18:07 - 2019-09-04 11:40 - 000957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll 2019-09-13 18:07 - 2019-09-04 11:40 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2019-09-13 18:07 - 2019-09-04 11:39 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe 2019-09-13 18:07 - 2019-09-04 10:50 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2019-09-13 18:07 - 2019-09-04 10:33 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2019-09-13 18:07 - 2019-09-04 07:25 - 003180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2019-09-13 18:07 - 2019-09-04 07:25 - 001613096 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll 2019-09-13 18:07 - 2019-09-04 07:24 - 000705336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2019-09-13 18:07 - 2019-09-04 07:19 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2019-09-13 18:07 - 2019-09-04 07:19 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2019-09-13 18:07 - 2019-09-04 07:19 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2019-09-13 18:07 - 2019-09-04 07:17 - 001213264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2019-09-13 18:07 - 2019-09-04 07:17 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-09-13 18:07 - 2019-09-04 07:15 - 005627280 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2019-09-13 18:07 - 2019-09-04 07:15 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-09-13 18:07 - 2019-09-04 07:15 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-09-13 18:07 - 2019-09-04 07:15 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2019-09-13 18:07 - 2019-09-04 07:15 - 000323904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2019-09-13 18:07 - 2019-09-04 07:14 - 007437592 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-09-13 18:07 - 2019-09-04 07:14 - 003290584 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2019-09-13 18:07 - 2019-09-04 07:14 - 002469920 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2019-09-13 18:07 - 2019-09-04 07:14 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2019-09-13 18:07 - 2019-09-04 07:14 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2019-09-13 18:07 - 2019-09-04 07:14 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2019-09-13 18:07 - 2019-09-04 07:14 - 000594032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2019-09-13 18:07 - 2019-09-04 07:14 - 000420984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xbgmengine.dll 2019-09-13 18:07 - 2019-09-04 07:14 - 000361752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2019-09-13 18:07 - 2019-09-04 07:13 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-09-13 18:07 - 2019-09-04 07:13 - 001141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-09-13 18:07 - 2019-09-04 07:13 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2019-09-13 18:07 - 2019-09-04 07:13 - 000692352 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2019-09-13 18:07 - 2019-09-04 07:13 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2019-09-13 18:07 - 2019-09-04 07:13 - 000335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2019-09-13 18:07 - 2019-09-04 07:13 - 000129040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys 2019-09-13 18:07 - 2019-09-04 07:10 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll 2019-09-13 18:07 - 2019-09-04 07:03 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2019-09-13 18:07 - 2019-09-04 07:03 - 001993136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2019-09-13 18:07 - 2019-09-04 07:02 - 006568280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-09-13 18:07 - 2019-09-04 06:55 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-09-13 18:07 - 2019-09-04 06:48 - 019385344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-09-13 18:07 - 2019-09-04 06:48 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2019-09-13 18:07 - 2019-09-04 06:46 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2019-09-13 18:07 - 2019-09-04 06:46 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll 2019-09-13 18:07 - 2019-09-04 06:45 - 022734336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-09-13 18:07 - 2019-09-04 06:45 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll 2019-09-13 18:07 - 2019-09-04 06:45 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys 2019-09-13 18:07 - 2019-09-04 06:43 - 003402240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-09-13 18:07 - 2019-09-04 06:43 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll 2019-09-13 18:07 - 2019-09-04 06:43 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2019-09-13 18:07 - 2019-09-04 06:43 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2019-09-13 18:07 - 2019-09-04 06:43 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2019-09-13 18:07 - 2019-09-04 06:43 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2019-09-13 18:07 - 2019-09-04 06:43 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll 2019-09-13 18:07 - 2019-09-04 06:42 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2019-09-13 18:07 - 2019-09-04 06:42 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll 2019-09-13 18:07 - 2019-09-04 06:42 - 002929152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll 2019-09-13 18:07 - 2019-09-04 06:42 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2019-09-13 18:07 - 2019-09-04 06:41 - 001347584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll 2019-09-13 18:07 - 2019-09-04 06:41 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2019-09-13 18:07 - 2019-09-04 06:40 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2019-09-13 18:07 - 2019-09-04 06:40 - 002602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2019-09-13 18:07 - 2019-09-04 06:40 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll 2019-09-13 18:07 - 2019-09-04 06:40 - 002179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-09-13 18:07 - 2019-09-04 06:40 - 001563648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-09-13 18:07 - 2019-09-04 06:40 - 001232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2019-09-13 18:07 - 2019-09-04 06:40 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2019-09-13 18:07 - 2019-09-04 06:40 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll 2019-09-13 18:07 - 2019-09-04 06:39 - 003203072 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2019-09-13 18:07 - 2019-09-04 06:39 - 002166272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-09-13 18:07 - 2019-09-04 06:39 - 001920512 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2019-09-13 18:07 - 2019-09-04 06:39 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2019-09-13 18:07 - 2019-09-04 06:39 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2019-09-13 18:07 - 2019-09-04 06:39 - 000927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll 2019-09-13 18:07 - 2019-09-04 06:39 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2019-09-13 18:07 - 2019-09-04 06:39 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2019-09-13 18:07 - 2019-09-04 06:39 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2019-09-13 18:07 - 2019-09-04 06:38 - 001398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2019-09-13 18:07 - 2019-09-04 06:38 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2019-09-13 18:07 - 2019-09-04 06:38 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2019-09-13 18:07 - 2019-09-04 06:38 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-09-13 18:07 - 2019-09-04 05:22 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim 2019-09-13 18:07 - 2019-08-16 00:55 - 000786072 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2019-09-13 18:07 - 2019-08-16 00:55 - 000604000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2019-09-13 18:07 - 2019-08-13 12:09 - 000771384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll 2019-09-13 18:07 - 2019-08-13 12:09 - 000571688 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe 2019-09-13 18:07 - 2019-08-13 12:08 - 000117240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe 2019-09-13 18:07 - 2019-08-13 11:51 - 004853248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2019-09-13 18:07 - 2019-08-13 11:51 - 000905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe 2019-09-13 18:07 - 2019-08-13 11:50 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll 2019-09-13 18:07 - 2019-08-13 11:47 - 001262080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2019-09-13 18:07 - 2019-08-13 06:54 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll 2019-09-13 18:07 - 2019-08-13 06:46 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2019-09-13 18:07 - 2019-08-13 06:46 - 000510288 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2019-09-13 18:07 - 2019-08-13 06:46 - 000194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll 2019-09-13 18:07 - 2019-08-13 06:45 - 000723216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2019-09-13 18:07 - 2019-08-13 06:44 - 002161288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2019-09-13 18:07 - 2019-08-13 06:44 - 001793472 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2019-09-13 18:07 - 2019-08-13 06:17 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2019-09-13 18:07 - 2019-08-13 06:16 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2019-09-13 18:07 - 2019-08-13 06:15 - 001626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2019-09-13 18:07 - 2019-08-13 06:14 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2019-09-13 18:07 - 2019-08-13 06:13 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2019-09-13 18:07 - 2019-08-13 06:13 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll 2019-09-13 18:07 - 2019-08-13 06:12 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll 2019-09-13 18:07 - 2019-08-13 06:12 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll 2019-09-13 18:07 - 2019-08-13 06:12 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll 2019-09-13 18:07 - 2019-08-13 06:12 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll 2019-09-13 18:07 - 2019-08-13 06:11 - 000737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll 2019-09-13 18:07 - 2019-08-13 06:08 - 001221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2019-09-13 18:07 - 2019-08-13 06:08 - 000662016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2019-09-13 18:07 - 2019-08-13 06:08 - 000320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2019-09-13 18:07 - 2019-08-13 04:51 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe 2019-09-13 18:07 - 2019-08-13 04:49 - 000806328 _____ C:\WINDOWS\SysWOW64\locale.nls 2019-09-13 18:07 - 2019-08-13 04:49 - 000806328 _____ C:\WINDOWS\system32\locale.nls 2019-09-13 18:06 - 2019-09-04 12:01 - 000790936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2019-09-13 18:06 - 2019-09-04 12:01 - 000396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2019-09-13 18:06 - 2019-09-04 12:00 - 001632112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2019-09-13 18:06 - 2019-09-04 11:46 - 012838400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-09-13 18:06 - 2019-09-04 11:45 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2019-09-13 18:06 - 2019-09-04 11:42 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll 2019-09-13 18:06 - 2019-09-04 11:41 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2019-09-13 18:06 - 2019-09-04 10:52 - 001453624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2019-09-13 18:06 - 2019-09-04 10:52 - 000467400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll 2019-09-13 18:06 - 2019-09-04 10:51 - 000662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2019-09-13 18:06 - 2019-09-04 10:51 - 000322360 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2019-09-13 18:06 - 2019-09-04 10:50 - 000356896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2019-09-13 18:06 - 2019-09-04 10:48 - 020393120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2019-09-13 18:06 - 2019-09-04 10:38 - 012039680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-09-13 18:06 - 2019-09-04 10:38 - 007990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2019-09-13 18:06 - 2019-09-04 10:35 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2019-09-13 18:06 - 2019-09-04 07:24 - 002417744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2019-09-13 18:06 - 2019-09-04 07:24 - 001298960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll 2019-09-13 18:06 - 2019-09-04 07:15 - 000500744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2019-09-13 18:06 - 2019-09-04 07:15 - 000491208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2019-09-13 18:06 - 2019-09-04 07:13 - 009084424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-09-13 18:06 - 2019-09-04 07:13 - 004405232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2019-09-13 18:06 - 2019-09-04 07:13 - 002773816 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-09-13 18:06 - 2019-09-04 07:13 - 002571848 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2019-09-13 18:06 - 2019-09-04 07:13 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2019-09-13 18:06 - 2019-09-04 07:13 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-09-13 18:06 - 2019-09-04 07:13 - 001260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-09-13 18:06 - 2019-09-04 07:13 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2019-09-13 18:06 - 2019-09-04 07:13 - 000983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-09-13 18:06 - 2019-09-04 07:13 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll 2019-09-13 18:06 - 2019-09-04 07:13 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2019-09-13 18:06 - 2019-09-04 07:13 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2019-09-13 18:06 - 2019-09-04 07:05 - 000550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2019-09-13 18:06 - 2019-09-04 07:04 - 000286616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2019-09-13 18:06 - 2019-09-04 07:03 - 006046096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2019-09-13 18:06 - 2019-09-04 07:03 - 002331696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2019-09-13 18:06 - 2019-09-04 07:03 - 002261448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2019-09-13 18:06 - 2019-09-04 07:03 - 001980264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2019-09-13 18:06 - 2019-09-04 07:03 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2019-09-13 18:06 - 2019-09-04 07:03 - 000581264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll 2019-09-13 18:06 - 2019-09-04 07:03 - 000538192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2019-09-13 18:06 - 2019-09-04 07:02 - 004790160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2019-09-13 18:06 - 2019-09-04 07:02 - 001805872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2019-09-13 18:06 - 2019-09-04 07:02 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2019-09-13 18:06 - 2019-09-04 07:02 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2019-09-13 18:06 - 2019-09-04 06:54 - 022017024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-09-13 18:06 - 2019-09-04 06:45 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2019-09-13 18:06 - 2019-09-04 06:45 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2019-09-13 18:06 - 2019-09-04 06:44 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2019-09-13 18:06 - 2019-09-04 06:44 - 004388864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-09-13 18:06 - 2019-09-04 06:44 - 003687424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2019-09-13 18:06 - 2019-09-04 06:43 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2019-09-13 18:06 - 2019-09-04 06:43 - 004849664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2019-09-13 18:06 - 2019-09-04 06:42 - 007572992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-09-13 18:06 - 2019-09-04 06:42 - 005769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-09-13 18:06 - 2019-09-04 06:42 - 001862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll 2019-09-13 18:06 - 2019-09-04 06:42 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-09-13 18:06 - 2019-09-04 06:42 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-09-13 18:06 - 2019-09-04 06:42 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2019-09-13 18:06 - 2019-09-04 06:42 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2019-09-13 18:06 - 2019-09-04 06:42 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2019-09-13 18:06 - 2019-09-04 06:42 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2019-09-13 18:06 - 2019-09-04 06:42 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2019-09-13 18:06 - 2019-09-04 06:41 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll 2019-09-13 18:06 - 2019-09-04 06:41 - 002373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2019-09-13 18:06 - 2019-09-04 06:41 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll 2019-09-13 18:06 - 2019-09-04 06:41 - 001634304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2019-09-13 18:06 - 2019-09-04 06:41 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2019-09-13 18:06 - 2019-09-04 06:40 - 001808896 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2019-09-13 18:06 - 2019-09-04 06:40 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2019-09-13 18:06 - 2019-09-04 06:40 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2019-09-13 18:06 - 2019-09-04 06:39 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2019-09-13 18:06 - 2019-09-04 06:39 - 000961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2019-09-13 18:06 - 2019-09-04 06:39 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll 2019-09-13 18:06 - 2019-09-04 06:39 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2019-09-13 18:06 - 2019-09-04 06:39 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-09-13 18:06 - 2019-09-04 06:38 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2019-09-13 18:06 - 2019-09-04 06:38 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2019-09-13 18:06 - 2019-08-15 11:59 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll 2019-09-13 18:06 - 2019-08-13 20:21 - 000665400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll 2019-09-13 18:06 - 2019-08-13 20:21 - 000221016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll 2019-09-13 18:06 - 2019-08-13 20:20 - 003701184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2019-09-13 18:06 - 2019-08-13 20:20 - 000106560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe 2019-09-13 18:06 - 2019-08-13 20:06 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll 2019-09-13 18:06 - 2019-08-13 20:06 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2019-09-13 18:06 - 2019-08-13 20:06 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe 2019-09-13 18:06 - 2019-08-13 20:05 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2019-09-13 18:06 - 2019-08-13 17:06 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2019-09-13 18:06 - 2019-08-13 17:04 - 001651040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2019-09-13 18:06 - 2019-08-13 17:04 - 001585304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll 2019-09-13 18:06 - 2019-08-13 16:46 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2019-09-13 18:06 - 2019-08-13 16:45 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2019-09-13 18:06 - 2019-08-13 16:44 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll 2019-09-13 18:06 - 2019-08-13 16:43 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2019-09-13 18:06 - 2019-08-13 16:43 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll 2019-09-13 18:06 - 2019-08-13 16:43 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll 2019-09-13 18:06 - 2019-08-13 16:42 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2019-09-13 18:06 - 2019-08-13 16:40 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2019-09-13 18:06 - 2019-08-13 16:39 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll 2019-09-13 18:06 - 2019-08-13 12:14 - 004040008 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2019-09-13 18:06 - 2019-08-13 11:49 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe 2019-09-13 18:06 - 2019-08-13 11:49 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe 2019-09-13 18:06 - 2019-08-13 11:46 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2019-09-13 18:06 - 2019-08-13 11:46 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2019-09-13 18:06 - 2019-08-13 08:37 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll 2019-09-13 18:06 - 2019-08-13 06:45 - 002718736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2019-09-13 18:06 - 2019-08-13 06:45 - 000722960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll 2019-09-13 18:06 - 2019-08-13 06:16 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll 2019-09-13 18:06 - 2019-08-13 06:12 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2019-09-13 18:06 - 2019-08-13 06:11 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2019-09-13 18:06 - 2019-08-13 06:11 - 000302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2019-09-13 18:06 - 2019-08-13 02:57 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2019-09-13 18:06 - 2019-08-13 02:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll 2019-09-13 18:06 - 2019-08-13 02:57 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2019-09-13 18:06 - 2019-08-13 02:57 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll 2019-09-11 19:06 - 2019-09-11 19:06 - 000009380 _____ C:\Users\edema\Desktop\Super calculateur.xlsx 2019-09-10 20:01 - 2019-09-10 20:01 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2019-09-10 19:58 - 2019-09-01 05:57 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2019-09-10 19:58 - 2019-09-01 05:57 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2019-09-10 19:56 - 2019-09-10 19:56 - 000001047 _____ C:\Users\edema\Desktop\Celestia.lnk 2019-09-10 19:56 - 2019-09-10 19:56 - 000000000 ____D C:\WINDOWS\System32\Tasks\{11279480-CCB7-C18F-C20E-41B8A20580B4} 2019-09-10 19:56 - 2019-09-10 19:56 - 000000000 ____D C:\Users\edema\AppData\Local\Sogurekopud 2019-09-10 19:56 - 2019-09-10 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Celestia 2019-09-10 19:55 - 2019-09-10 19:56 - 000000000 ____D C:\ProgramData\{3E1E0222-1636-7A5A-4E6E-5272A6868AAA} 2019-09-10 19:55 - 2019-09-10 19:56 - 000000000 ____D C:\Program Files (x86)\Celestia 2019-09-10 19:55 - 2019-09-10 19:55 - 000002983 _____ C:\Users\edema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search Powered by Yahoo!.lnk 2019-09-10 19:54 - 2019-09-10 19:56 - 000000000 ____D C:\ProgramData\xaaea 2019-09-10 19:54 - 2019-09-10 19:54 - 034363645 _____ (Shatters Software ) C:\Users\edema\Downloads\Celestia.exe 2019-08-31 11:28 - 2019-08-31 11:28 - 000002555 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Entreprise.lnk 2019-08-31 11:28 - 2019-08-31 11:28 - 000002481 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2019-08-31 11:28 - 2019-08-31 11:28 - 000002481 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2019-08-31 11:28 - 2019-08-31 11:28 - 000002464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2019-08-31 11:28 - 2019-08-31 11:28 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2019-08-31 11:28 - 2019-08-31 11:28 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2019-08-31 11:28 - 2019-08-31 11:28 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2019-08-31 11:28 - 2019-08-31 11:28 - 000002404 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2019-08-31 11:28 - 2019-08-31 11:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2019-08-31 11:20 - 2019-08-31 11:20 - 000212992 _____ C:\WINDOWS\system32\ClickToRun_Pipeline16 2019-08-26 19:17 - 2019-08-26 19:40 - 210309526 _____ C:\Users\edema\Downloads\FTBBeyondServer_1.11.0 (1).zip 2019-08-26 19:15 - 2019-08-26 19:15 - 000000000 ____D C:\Users\edema\AppData\Roaming\Google 2019-08-26 19:06 - 2019-08-26 19:06 - 210309526 _____ C:\Users\edema\Downloads\FTBBeyondServer_1.11.0.zip 2019-08-24 16:53 - 2019-08-24 16:56 - 000010197 _____ C:\Users\edema\Desktop\Simulation.xlsx 2019-08-24 16:52 - 2019-08-24 16:52 - 000000000 ____D C:\Users\edema\Desktop\Paul Landrin 2019-08-23 11:26 - 2019-08-23 11:26 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-08-23 11:26 - 2019-08-23 11:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-08-23 11:26 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2019-08-23 11:26 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2019-08-22 19:17 - 2019-08-22 19:17 - 000002413 _____ C:\Users\edema\Desktop\Microsoft Teams.lnk 2019-08-22 19:17 - 2019-08-22 19:17 - 000000000 ____D C:\Users\edema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation 2019-08-22 19:17 - 2019-08-22 19:17 - 000000000 ____D C:\Users\edema\AppData\Roaming\Microsoft Teams 2019-08-21 18:30 - 2019-08-21 18:30 - 000000000 ____D C:\Program Files (x86)\Teams Installer 2019-08-19 19:26 - 1996-12-25 00:32 - 1459978240 ____N C:\Users\edema\Downloads\Super Mario Sunshine (Europe) (En,Fr,De,Es,It).iso 2019-08-19 19:22 - 2019-08-19 19:22 - 1370729234 _____ C:\Users\edema\Downloads\Super Mario Sunshine (Europe) (En,Fr,De,Es,It).zip 2019-08-19 19:15 - 2019-08-19 19:15 - 000000000 ____D C:\Program Files\AVAST Software ==================== Un mois (modifiés) ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2019-09-15 12:57 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-09-15 12:48 - 2018-05-21 12:34 - 000000000 ___DC C:\WINDOWS\Panther 2019-09-15 12:38 - 2018-05-21 19:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-09-14 15:57 - 2017-12-26 17:07 - 000000000 ____D C:\Users\edema\AppData\Local\PlaceholderTileLogoFolder 2019-09-14 15:57 - 2017-12-26 16:49 - 000000000 ____D C:\Users\edema\AppData\Local\Packages 2019-09-14 14:34 - 2018-07-08 19:26 - 000000000 ____D C:\WINDOWS\Minidump 2019-09-14 14:27 - 2018-05-21 19:33 - 001766590 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-09-14 14:27 - 2018-04-12 18:18 - 000791028 _____ C:\WINDOWS\system32\perfh00C.dat 2019-09-14 14:27 - 2018-04-12 18:18 - 000149524 _____ C:\WINDOWS\system32\perfc00C.dat 2019-09-14 14:27 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF 2019-09-14 14:23 - 2017-12-24 21:45 - 000000000 ___RD C:\Users\edema\OneDrive 2019-09-14 14:22 - 2018-05-21 19:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-09-14 14:22 - 2018-05-21 19:24 - 000000000 ____D C:\Users\edema 2019-09-14 14:22 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2019-09-14 14:22 - 2017-09-18 05:51 - 000065536 _____ C:\WINDOWS\psp_storage.bin 2019-09-14 13:59 - 2017-12-24 22:35 - 000000000 ____D C:\Users\edema\Desktop\Papa 2019-09-14 13:50 - 2018-05-21 19:24 - 000000000 ____D C:\Users\edema\AppData\Local\Host App Service 2019-09-14 13:47 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-09-14 13:47 - 2017-12-26 17:05 - 000000000 ___RD C:\Users\edema\3D Objects 2019-09-14 13:47 - 2016-07-29 19:27 - 000000000 __RHD C:\Users\Public\AccountPictures 2019-09-14 12:51 - 2018-05-21 19:21 - 000290600 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-09-14 12:50 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2019-09-14 12:50 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2019-09-14 12:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput 2019-09-14 12:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2019-09-14 12:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe 2019-09-14 12:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-09-14 12:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellComponents 2019-09-14 12:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2019-09-14 12:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-09-14 12:50 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism 2019-09-14 12:34 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps 2019-09-13 18:14 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-09-08 21:46 - 2018-12-31 12:56 - 000000000 ____D C:\Users\edema\Desktop\Brignac 2019-09-01 16:29 - 2018-12-31 13:13 - 000000000 ____D C:\Users\edema\Desktop\Travaux Malesherbes 2018 2019-08-31 11:27 - 2017-09-18 05:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2019-08-31 11:25 - 2019-06-17 22:37 - 000002225 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-08-31 11:25 - 2018-09-18 22:35 - 000002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-08-31 11:24 - 2017-12-25 11:37 - 000000000 ____D C:\Program Files\rempl 2019-08-24 14:31 - 2019-06-23 15:37 - 000000000 ____D C:\Users\edema\Evernote 2019-08-23 11:26 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2019-08-22 19:18 - 2018-01-19 17:37 - 000000000 ____D C:\Users\edema\AppData\Local\SquirrelTemp 2019-08-16 01:17 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\UNP 2019-08-16 01:17 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning ==================== Fichiers à la racine de certains dossiers ================ 2018-04-18 12:10 - 2018-04-18 12:10 - 000003987 _____ () C:\Users\edema\AppData\Local\recently-used.xbel 2018-08-12 18:35 - 2018-11-20 14:49 - 000007597 _____ () C:\Users\edema\AppData\Local\Resmon.ResmonCfg ==================== SigCheckExt ================ 2018-06-27 20:03 - 2018-06-27 20:03 - 000155688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll 2018-06-27 20:03 - 2018-06-27 20:03 - 000126848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll 2018-02-08 18:40 - 1997-02-27 00:00 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMCT2FR.DLL 2018-02-08 18:40 - 1998-07-13 01:00 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGFR.DLL 2017-09-18 05:53 - 2017-09-18 15:26 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEShims.dll 2018-02-08 18:40 - 1997-02-27 00:00 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMFR.DLL 2018-02-08 18:40 - 1997-02-27 00:00 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMSKFR.DLL 2018-02-08 18:40 - 2001-08-28 14:00 - 001355776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm50.dll 2018-02-08 18:40 - 1997-02-27 00:00 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SYSINFR.DLL 2018-02-08 18:40 - 1998-07-13 01:00 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTFR.DLL 2018-02-08 18:40 - 1997-07-29 00:50 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5FR.DLL 2019-09-10 19:54 - 2019-09-10 19:54 - 034363645 _____ (Shatters Software ) C:\Users\edema\Downloads\Celestia.exe 2019-09-15 12:50 - 2019-09-15 12:50 - 001614848 _____ (Farbar) C:\Users\edema\Downloads\FRST64.exe 2019-05-29 14:05 - 2019-05-29 14:05 - 095911542 _____ (The Scribus Team) C:\Users\edema\Downloads\Scribus.exe 2019-05-06 17:50 - 2019-05-06 17:52 - 015382528 _____ C:\Users\edema\Downloads\Shotcut.exe ==================== SigCheck =============================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ============================