Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2019 Exécuté par edwar (administrateur) sur LAPTOP-LF3TMEC6 (HP HP Laptop 15-da0xxx) (09-12-2019 10:39:19) Exécuté depuis C:\Users\edwar\Desktop Profils chargés: edwar (Profils disponibles: edwar) Platform: Windows 10 Home Version 1909 18363.476 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Conexant Systems LLC -> Conexant Systems LLC.) C:\Windows\System32\CxAudioSvc.exe (Conexant Systems LLC -> Synaptics Incorporated.) C:\Windows\System32\SynAudSrv.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_d52c63e0e1c02c96\jhi_service.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130274.inf_amd64_bafd2440fa1ffdd6\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130274.inf_amd64_bafd2440fa1ffdd6\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130274.inf_amd64_bafd2440fa1ffdd6\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130274.inf_amd64_bafd2440fa1ffdd6\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_8559c34713c70ce4\RstMwService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-05-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-02-23] (Realtek Semiconductor Corp. -> Realtek) HKLM-x32\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-02-23] (Realtek Semiconductor Corp. -> Realtek) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-1254648378-2022100744-2433976430-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-1254648378-2022100744-2433976430-1001\...\Run: [Discord] => C:\Users\edwar\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-1254648378-2022100744-2433976430-1001\...\MountPoints2: {c3ff9405-d5c5-11e9-949a-84a93ea5d46e} - "F:\HiSuiteDownLoader.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-19] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2019-09-25] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.) Startup: C:\Users\edwar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de pantalla e Inicio rápido de OneNote 2007.lnk [2019-09-05] ShortcutTarget: Recorte de pantalla e Inicio rápido de OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) GroupPolicy: Restriction ? <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {129E5284-2F74-442B-905E-6E102B9CA402} - System32\Tasks\HPCeeScheduleForedwar => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2019-05-17] (HP Inc. -> HP Inc.) Task: {151662D2-66DE-4671-8EB2-8A59158C2719} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe Task: {22B97B60-6B13-4090-95AA-C3976ABC1CA7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd) Task: {48982985-CB7E-4D13-9418-76437EBC33AB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe Task: {4FAAF468-D465-4764-9933-26AD050A7121} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd) Task: {545FEB49-A091-428B-8040-20790A61BDCD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe Task: {552BBA25-540C-43EC-AC75-9FBF35200C92} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\edwar\Downloads\esetonlinescanner_fra.exe Task: {5F68752F-42AD-4587-9758-F1353B95627E} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe Task: {7EC0CA46-6551-4415-BB05-BDF3088D6015} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-30] (Google Inc -> Google LLC) Task: {81AAC39C-7020-4FB4-BA12-0B9783E679EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Task: {84372301-F0B2-4F49-BA83-9DE4CFD90B94} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_pepper.exe [1453112 2019-11-14] (Adobe Inc. -> Adobe) Task: {B2901144-B7D6-4D39-8A83-6480A1673AD5} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\edwar\Downloads\esetonlinescanner_fra.exe Task: {C0754B81-57B7-4E52-8C12-5FC48D616FAB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe Task: {C16A7CE7-4949-47E9-8451-E11110418B87} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-30] (Google Inc -> Google LLC) Task: {CA826D5D-264D-42F0-A8B6-9A800D52B6D1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Task: {E47AA9C8-7727-4D88-9F7C-0A0753DBC311} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-11-14] (Adobe Inc. -> Adobe) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\HPCeeScheduleForedwar.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\..\Interfaces\{8c926b38-f8a3-400a-802f-087cda068196}: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{98d969c7-f588-464c-8508-aa3d7cebbdab}: [DhcpNameServer] 192.168.0.254 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE HKU\S-1-5-21-1254648378-2022100744-2433976430-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE HKU\S-1-5-21-1254648378-2022100744-2433976430-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC) Chrome: ======= CHR DefaultProfile: Default CHR StartupUrls: Default -> "hxxps://mail.yahoo.com/" CHR DefaultSearchURL: Default -> hxxps://wordpress.com/calypso/images/manifest/icon-144x144.png?source=pwa CHR Notifications: Default -> hxxps://francais.rt.com; hxxps://giletsjaunestoulouse.fr; hxxps://toute-la-franchise.pushcrew.com; hxxps://vk.com; hxxps://wordpress.com; hxxps://www.conforama.fr; hxxps://www.facebook.com; hxxps://www.tameteo.com; hxxps://www.youtube.com CHR Profile: C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default [2019-12-09] CHR Extension: (Slides) - C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-30] CHR Extension: (Docs) - C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-30] CHR Extension: (Google Drive) - C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-08-30] CHR Extension: (YouTube) - C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-30] CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-23] CHR Extension: (Sheets) - C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-30] CHR Extension: (Google Docs hors connexion) - C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-08-30] CHR Extension: (WordPress.com) - C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default\Extensions\jngpdldinpkemppfmelfbicfhdgemjca [2019-10-27] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03] CHR Extension: (Gmail) - C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-30] CHR Extension: (Chrome Media Router) - C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-06] CHR Profile: C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-12-03] CHR Profile: C:\Users\edwar\AppData\Local\Google\Chrome\User Data\System Profile [2019-12-03] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [679400 2018-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1865224 2019-09-01] (Intel Corporation -> Intel Corporation) S4 HfcDisableService; C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_8559c34713c70ce4\HfcDisableService.exe [1710736 2018-12-06] (Intel(R) Rapid Storage Technology -> Intel Corporation) S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP) S3 iaStorAfsService; C:\WINDOWS\System32\iaStorAfsService.exe [2788496 2018-12-06] (Intel(R) Rapid Storage Technology -> Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_e3f9b958faa255f1\lib\SocketHeciServer.exe [876304 2019-08-30] (Intel(R) Trust Services -> Intel(R) Corporation) S2 Intel(R) TPM Provisioning Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_e3f9b958faa255f1\lib\TPMProvisioningService.exe [806152 2019-08-30] (Intel(R) Trust Services -> Intel(R) Corporation) R2 jhi_service; C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_d52c63e0e1c02c96\jhi_service.exe [648080 2019-07-18] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-12-09] (Malwarebytes Inc -> Malwarebytes) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé] R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé] R2 RstMwService; C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_8559c34713c70ce4\RstMwService.exe [1969288 2018-12-06] (Intel(R) Rapid Storage Technology -> Intel Corporation) R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-05-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor) R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [717776 2019-06-06] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) R2 SECOMNService; C:\WINDOWS\System32\SECOMN64.exe [169680 2019-05-05] (Sound Research Corporation -> Sound Research, Corp.) R2 SynaAPOService; C:\WINDOWS\System32\SynAudSrv.exe [595176 2019-05-20] (Conexant Systems LLC -> Synaptics Incorporated.) R2 SynaAudioService; C:\WINDOWS\System32\CxAudioSvc.exe [83464 2019-05-20] (Conexant Systems LLC -> Conexant Systems LLC.) R2 SynTPEnhService; C:\WINDOWS\System32\SynTPEnhService.exe [382008 2019-08-15] (Synaptics Incorporated -> Synaptics Incorporated) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S2 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [108992 2018-04-27] (Alcorlink Corp. -> ) S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-18] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-18] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider) S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [49056 2012-10-18] (Hewlett-Packard Company -> Microsoft Corporation) R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [78680 2019-09-01] (Intel Corporation -> Intel Corporation) R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [71000 2019-09-01] (Intel Corporation -> Intel Corporation) R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [402264 2019-09-01] (Intel Corporation -> Intel Corporation) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2019-12-09] (Malwarebytes Corporation -> Malwarebytes) R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1094800 2018-12-06] (Intel(R) Rapid Storage Technology -> Intel Corporation) S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [73360 2018-12-06] (Intel(R) Rapid Storage Technology -> Intel Corporation) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216544 2019-12-09] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-12-09] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-12-09] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2019-12-09] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116832 2019-12-09] (Malwarebytes Corporation -> Malwarebytes) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1118648 2019-09-01] (Realtek Semiconductor Corp. -> Realtek ) R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [787736 2019-06-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation) R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [11708504 2019-07-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation ) S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [45096 2018-04-20] (Synaptics Incorporated -> Synaptics Incorporated) R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [49208 2019-08-15] (Synaptics Incorporated -> Synaptics Incorporated) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-08-06] (HP Inc. -> HP) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) =================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2019-12-09 10:39 - 2019-12-09 10:41 - 000023273 _____ C:\Users\edwar\Desktop\FRST.txt 2019-12-09 10:35 - 2019-12-09 10:33 - 002263552 _____ (Farbar) C:\Users\edwar\Desktop\FRST64.exe 2019-12-09 10:33 - 2019-12-09 10:40 - 000000000 ____D C:\FRST 2019-12-09 10:32 - 2019-12-09 10:33 - 002263552 _____ (Farbar) C:\Users\edwar\Downloads\FRST64.exe 2019-12-09 10:00 - 2019-12-09 10:00 - 000000000 ____D C:\Users\edwar\AppData\LocalLow\IGDump 2019-12-09 09:59 - 2019-12-09 09:59 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2019-12-09 09:58 - 2019-12-09 09:58 - 000224408 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2019-12-09 09:58 - 2019-12-09 09:58 - 000116832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2019-12-09 09:57 - 2019-12-09 09:57 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2019-12-09 09:57 - 2019-12-09 09:57 - 000216544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2019-12-09 09:55 - 2019-12-09 09:55 - 001883976 _____ (Malwarebytes) C:\Users\edwar\Downloads\MBSetup.exe 2019-12-09 09:44 - 2019-12-09 09:57 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-12-09 09:44 - 2019-12-09 09:57 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2019-12-09 09:44 - 2019-12-09 09:44 - 000000000 ____D C:\Users\edwar\AppData\Local\mbamtray 2019-12-09 09:44 - 2019-12-09 09:44 - 000000000 ____D C:\Users\edwar\AppData\Local\mbam 2019-12-09 09:44 - 2019-12-09 09:44 - 000000000 ____D C:\Users\edwar\AppData\Local\cache 2019-12-09 09:44 - 2019-12-09 09:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-12-09 09:43 - 2019-12-09 09:56 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2019-12-09 09:43 - 2019-12-09 09:56 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2019-12-09 09:43 - 2019-12-09 09:43 - 000000000 ____D C:\ProgramData\Malwarebytes 2019-12-09 09:42 - 2019-12-09 09:42 - 000000000 ____D C:\Program Files\Malwarebytes 2019-12-09 09:26 - 2019-12-09 09:27 - 008218800 _____ (Malwarebytes) C:\Users\edwar\Downloads\adwcleaner_8.0.0.exe 2019-12-09 09:21 - 2019-12-09 10:05 - 000286086 _____ C:\Users\edwar\Desktop\ZHPDiag.txt 2019-12-08 21:40 - 2019-12-08 21:51 - 000000000 ____D C:\Users\edwar\Documents\ARCHIVES 2019-11-28 18:28 - 2019-11-28 18:28 - 000000000 ____D C:\Users\edwar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2019-11-28 18:26 - 2019-12-03 00:43 - 000000000 ____D C:\Users\edwar\AppData\Roaming\discord 2019-11-28 18:26 - 2019-11-28 18:27 - 000000000 ____D C:\Users\edwar\AppData\Local\SquirrelTemp 2019-11-28 18:26 - 2019-11-28 18:27 - 000000000 ____D C:\Users\edwar\AppData\Local\Discord 2019-11-28 18:26 - 2019-11-28 18:26 - 000000000 ____D C:\Users\edwar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc 2019-11-28 12:56 - 2019-11-28 12:56 - 000042322 _____ C:\Users\edwar\Downloads\marché pur.html 2019-11-28 00:52 - 2019-11-28 00:52 - 000000688 _____ C:\Users\edwar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nouveau dossier.lnk 2019-11-26 07:32 - 2019-11-26 07:32 - 000000118 _____ C:\Users\edwar\Desktop\site.url 2019-11-24 07:13 - 2019-11-24 07:14 - 000000000 ____D C:\Users\edwar\Documents\Word Press 2019-11-23 09:29 - 2019-11-24 12:10 - 000001148 _____ C:\Users\edwar\Desktop\favoris_23_11_2019 - Raccourci.lnk 2019-11-23 09:28 - 2019-11-23 09:28 - 000428563 _____ C:\Users\edwar\Documents\favoris_23_11_2019.html 2019-11-23 09:21 - 2019-11-26 08:08 - 000000000 ____D C:\Users\edwar\Documents\vente de la france 2019-11-21 09:08 - 2019-11-21 09:07 - 003249536 _____ (Nicolas Coolman) C:\Users\edwar\ZHPDiag3.exe 2019-11-15 08:12 - 2019-11-15 08:12 - 000013053 _____ C:\Users\edwar\Documents\retraites 2018.pdf 2019-11-14 13:16 - 2019-11-14 13:16 - 000004720 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier 2019-11-14 13:16 - 2019-11-14 13:16 - 000004542 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater 2019-11-14 13:13 - 2019-11-14 13:16 - 000000000 ____D C:\Users\edwar\AppData\Local\Adobe 2019-11-13 10:32 - 2019-11-13 10:32 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2019-11-13 10:32 - 2019-11-13 10:32 - 006232576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-11-13 10:32 - 2019-11-13 10:32 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-11-13 10:32 - 2019-11-13 10:32 - 004578816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2019-11-13 10:32 - 2019-11-13 10:32 - 004129408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2019-11-13 10:32 - 2019-11-13 10:32 - 003487232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2019-11-13 10:32 - 2019-11-13 10:32 - 002956472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2019-11-13 10:32 - 2019-11-13 10:32 - 001866272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2019-11-13 10:32 - 2019-11-13 10:32 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2019-11-13 10:32 - 2019-11-13 10:32 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2019-11-13 10:32 - 2019-11-13 10:32 - 001098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll 2019-11-13 10:32 - 2019-11-13 10:32 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll 2019-11-13 10:32 - 2019-11-13 10:32 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2019-11-13 10:32 - 2019-11-13 10:32 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2019-11-13 10:32 - 2019-11-13 10:32 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2019-11-13 10:32 - 2019-11-13 10:32 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll 2019-11-13 10:32 - 2019-11-13 10:32 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2019-11-13 10:32 - 2019-11-13 10:32 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-11-13 10:32 - 2019-11-13 10:32 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2019-11-13 10:32 - 2019-11-13 10:32 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2019-11-13 10:32 - 2019-11-13 10:32 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll 2019-11-13 10:32 - 2019-11-13 10:32 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\reg.exe 2019-11-13 10:32 - 2019-11-13 10:32 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll 2019-11-13 10:32 - 2019-11-13 10:32 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe 2019-11-13 10:32 - 2019-11-13 10:32 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll 2019-11-13 10:32 - 2019-11-13 10:32 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-11-13 10:31 - 2019-11-13 10:31 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 006521768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 006227104 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 003791360 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 003728384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-11-13 10:31 - 2019-11-13 10:31 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 002988344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2019-11-13 10:31 - 2019-11-13 10:31 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2019-11-13 10:31 - 2019-11-13 10:31 - 002763016 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-11-13 10:31 - 2019-11-13 10:31 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 002284032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 002114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 002081976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 001920512 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 001664688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 001656392 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 001647064 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 001413864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-11-13 10:31 - 2019-11-13 10:31 - 001327064 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 001171704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-11-13 10:31 - 2019-11-13 10:31 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-11-13 10:31 - 2019-11-13 10:31 - 001017680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000874936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000822200 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2019-11-13 10:31 - 2019-11-13 10:31 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2019-11-13 10:31 - 2019-11-13 10:31 - 000768488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2019-11-13 10:31 - 2019-11-13 10:31 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000679152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2019-11-13 10:31 - 2019-11-13 10:31 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe 2019-11-13 10:31 - 2019-11-13 10:31 - 000551736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys 2019-11-13 10:31 - 2019-11-13 10:31 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2019-11-13 10:31 - 2019-11-13 10:31 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000517432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2019-11-13 10:31 - 2019-11-13 10:31 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000477712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2019-11-13 10:31 - 2019-11-13 10:31 - 000466928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000461320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000452920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2019-11-13 10:31 - 2019-11-13 10:31 - 000404904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000380944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000372752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys 2019-11-13 10:31 - 2019-11-13 10:31 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2019-11-13 10:31 - 2019-11-13 10:31 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2019-11-13 10:31 - 2019-11-13 10:31 - 000220472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2019-11-13 10:31 - 2019-11-13 10:31 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2019-11-13 10:31 - 2019-11-13 10:31 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe 2019-11-13 10:31 - 2019-11-13 10:31 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys 2019-11-13 10:31 - 2019-11-13 10:31 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvPlatform.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2019-11-13 10:31 - 2019-11-13 10:31 - 000089568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys 2019-11-13 10:31 - 2019-11-13 10:31 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2019-11-13 10:31 - 2019-11-13 10:31 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usp10.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usp10.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe 2019-11-13 10:31 - 2019-11-13 10:31 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\reg.exe 2019-11-13 10:31 - 2019-11-13 10:31 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000061240 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe 2019-11-13 10:31 - 2019-11-13 10:31 - 000047616 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe 2019-11-13 10:31 - 2019-11-13 10:31 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL 2019-11-13 10:31 - 2019-11-13 10:31 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dstokenclean.exe 2019-11-13 10:31 - 2019-11-13 10:31 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll 2019-11-13 10:31 - 2019-11-13 10:31 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll 2019-11-13 09:43 - 2019-10-17 07:17 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2019-11-13 09:43 - 2019-10-17 07:01 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2019-11-12 09:59 - 2019-11-12 09:59 - 000000146 _____ C:\Users\edwar\Desktop\groupe.url 2019-11-12 09:35 - 2019-11-12 09:36 - 000000112 _____ C:\Users\edwar\Desktop\googel.url 2019-11-12 09:33 - 2019-11-12 09:34 - 000000127 _____ C:\Users\edwar\Desktop\Face Book.url 2019-11-11 20:33 - 2019-11-24 06:08 - 000000290 __RSH C:\ProgramData\ntuser.pol 2019-11-11 09:02 - 2019-11-11 09:02 - 000000000 ____D C:\Users\edwar\Documents\NWO ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2019-12-09 10:22 - 2019-11-02 00:10 - 000000872 _____ C:\Users\edwar\Desktop\ZHPDiag.lnk 2019-12-09 10:05 - 2019-09-05 18:11 - 000000000 ____D C:\Users\edwar\AppData\Roaming\ZHP 2019-12-09 09:44 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-12-09 09:43 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2019-12-09 09:34 - 2019-08-30 20:25 - 000000000 __SHD C:\Users\edwar\IntelGraphicsProfiles 2019-12-09 09:33 - 2019-09-05 08:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-12-09 09:33 - 2019-09-01 17:30 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForedwar.job 2019-12-09 09:32 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2019-12-09 09:31 - 2018-06-22 10:28 - 000000000 ____D C:\ProgramData\Hewlett-Packard 2019-12-09 09:31 - 2018-06-22 10:27 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard 2019-12-08 21:56 - 2019-09-05 12:30 - 000000000 ____D C:\Users\edwar\Documents\Collectivités europeenes 2019-12-08 21:27 - 2019-09-05 07:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-12-07 21:28 - 2019-09-05 08:42 - 000003256 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForedwar 2019-12-07 19:56 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps 2019-12-07 19:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-12-07 19:44 - 2019-09-05 08:01 - 000000000 ____D C:\Users\edwar 2019-12-07 14:09 - 2018-04-28 07:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2019-12-06 09:57 - 2019-11-04 21:36 - 000002078 _____ C:\Users\edwar\Desktop\Gilets jaunes le clip qui pourrait valoir deux ans de prison ferme à Alain Soral - Raccourci.lnk 2019-12-05 22:59 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF 2019-11-26 07:41 - 2019-11-07 05:22 - 000000000 ____D C:\Users\edwar\Documents\Site 2019-11-24 07:12 - 2019-11-07 05:17 - 000000000 ____D C:\Users\edwar\Documents\PC 2019-11-24 06:57 - 2019-10-17 10:59 - 000000000 ____D C:\Users\edwar\Documents\Jesus 2019-11-23 15:29 - 2019-09-05 08:42 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1254648378-2022100744-2433976430-1001 2019-11-23 15:29 - 2019-09-05 08:01 - 000002412 _____ C:\Users\edwar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-11-23 15:29 - 2019-08-30 22:04 - 000000000 ___RD C:\Users\edwar\OneDrive 2019-11-22 14:04 - 2019-09-05 13:22 - 000748816 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2019-11-20 21:39 - 2019-09-17 05:50 - 000000000 ____D C:\Users\edwar\AppData\Roaming\HpUpdate 2019-11-20 19:57 - 2018-06-22 19:12 - 000000000 ____D C:\SWSetup 2019-11-20 19:22 - 2018-06-22 10:28 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support 2019-11-20 18:49 - 2019-08-30 20:25 - 000000000 ____D C:\Users\edwar\AppData\Local\Packages 2019-11-20 08:08 - 2019-09-05 08:42 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2019-11-20 08:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF 2019-11-19 08:47 - 2019-08-30 23:24 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-11-14 13:15 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2019-11-14 13:15 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed 2019-11-13 11:19 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-11-13 10:52 - 2019-09-05 08:14 - 001926018 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-11-13 10:52 - 2019-03-19 13:00 - 000834642 _____ C:\WINDOWS\system32\perfh00C.dat 2019-11-13 10:52 - 2019-03-19 13:00 - 000168258 _____ C:\WINDOWS\system32\perfc00C.dat 2019-11-13 10:47 - 2019-09-05 07:52 - 000530128 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-11-13 10:42 - 2019-08-30 21:39 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-11-13 10:42 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources 2019-11-13 10:41 - 2019-08-30 21:39 - 128443096 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-11-13 10:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-11-13 10:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-11-11 20:33 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2019-11-11 20:33 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy ==================== Fichiers à la racine de certains dossiers ======== 2019-08-31 09:09 - 2018-03-08 21:57 - 000665448 _____ (WildTangent, Inc.) C:\ProgramData\uninstall578868.exe 2019-08-31 09:10 - 2018-03-08 21:57 - 000665448 _____ (WildTangent, Inc.) C:\ProgramData\uninstall609501.exe 2019-08-31 09:10 - 2018-03-08 21:57 - 000665448 _____ (WildTangent, Inc.) C:\ProgramData\uninstall648691.exe 2019-11-21 09:08 - 2019-11-21 09:07 - 003249536 _____ (Nicolas Coolman) C:\Users\edwar\ZHPDiag3.exe 2019-10-11 21:07 - 2019-10-11 21:07 - 000000017 _____ () C:\Users\edwar\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================