Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 12-08-2020 Exécuté par leghz (administrateur) sur DESKTOP-K5F4NHU (17-08-2020 15:26:59) Exécuté depuis C:\Users\leghz\OneDrive\Bureau Profils chargés: leghz Platform: Windows 10 Pro Version 2004 19041.388 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0356013.inf_amd64_61ba7b1fb4cf4aec\B355483\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0356013.inf_amd64_61ba7b1fb4cf4aec\B355483\atiesrxx.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe (Enmotus Inc. -> ) C:\Program Files\AMD\StoreMI\ECmd\entierservice.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google LLC -> Google) C:\Users\leghz\AppData\Local\Google\Chrome\User Data\SwReporter\83.238.200\software_reporter_tool.exe <4> (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.320.6242.0_x64__8wekyb3d8bbwe\GameBar.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdlogsr.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\NisSrv.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <6> (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [EnTierSystray] => C:\Program Files\AMD\StoreMI\ECmd\EApps\StoreMISystray.exe [303048 2019-10-10] (Enmotus Inc. -> AMD) HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [410152 2020-06-11] (Corsair Memory, Inc. -> Corsair Memory, Inc.) HKU\S-1-5-21-2917975093-671552084-3155095093-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3377440 2020-07-24] (Valve -> Valve Corporation) HKU\S-1-5-21-2917975093-671552084-3155095093-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32350096 2020-07-11] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-2917975093-671552084-3155095093-1001\...\Run: [Discord] => C:\Users\leghz\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-06-09] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-2917975093-671552084-3155095093-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [28990136 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2917975093-671552084-3155095093-1001\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\leghz\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" HKU\S-1-5-21-2917975093-671552084-3155095093-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\leghz\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" HKU\S-1-5-21-2917975093-671552084-3155095093-1001\...\RunOnce: [Uninstall 20.114.0607.0002\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\leghz\AppData\Local\Microsoft\OneDrive\20.114.0607.0002\amd64" HKU\S-1-5-21-2917975093-671552084-3155095093-1001\...\RunOnce: [Uninstall 20.114.0607.0002] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\leghz\AppData\Local\Microsoft\OneDrive\20.114.0607.0002" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.125\Installer\chrmstp.exe [2020-08-17] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2020-06-20] ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS) ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {01BF60DF-DAB7-48DE-B26D-84FC4E3F88BE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MpCmdRun.exe [516776 2020-07-25] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {0B64A5F4-BE2A-4DFB-AB14-DB7C82AC6B9B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-18] (Google LLC -> Google LLC) Task: {15050E78-C788-4592-B756-9C0B23B64A65} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Common\Red Giant Link.exe [70104 2011-11-23] (red giant software llc -> ) Task: {1B429ABA-9CFE-4A9F-A8B8-A16B342CD43F} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-05-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {261B6F8E-A9C2-4267-8858-A57FFA1B742E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MpCmdRun.exe [516776 2020-07-25] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {349265AB-C61A-442A-8253-EB650534425F} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-05-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {43E8B5DC-619C-4043-A1AB-47E6F90D8AB4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MpCmdRun.exe [516776 2020-07-25] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {53D13895-91D7-4D0F-BF8B-A1635270EEEF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-18] (Google LLC -> Google LLC) Task: {64C9B343-4096-4B27-B1A6-1F8C91B90009} - System32\Tasks\ChromiumUpdateTaskUserS-1-5-21-2917975093-671552084-3155095093-1001UA => C:\Users\leghz\AppData\Local\Chromium\Update\ChromiumUpdate.exe [100352 2020-07-01] (Chromium.) [Fichier non signé] <==== ATTENTION Task: {66D25178-DF7F-42EC-B58D-D9147F0DC225} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd) Task: {9549083A-8BA3-4864-8804-4E79C8394D36} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [677624 2019-11-21] (Advanced Micro Devices INC. -> ) Task: {C3620649-C8C1-4261-A99B-EEF8DE8CEB75} - System32\Tasks\ChromiumUpdateTaskUserS-1-5-21-2917975093-671552084-3155095093-1001Core => C:\Users\leghz\AppData\Local\Chromium\Update\ChromiumUpdate.exe [100352 2020-07-01] (Chromium.) [Fichier non signé] <==== ATTENTION Task: {D3F3DD46-082D-4D60-BF42-FB2C624EB996} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1627648 2020-05-25] (Advanced Micro Devices, Inc.) [Fichier non signé] Task: {DEAD3CE9-825B-47A0-B9D6-4EAB2FF9444D} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1627648 2020-05-25] (Advanced Micro Devices, Inc.) [Fichier non signé] Task: {E425352A-4036-4590-8307-863439748188} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd) Task: {E6C959AB-D1C2-4117-8BCB-FEC21BA46823} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MpCmdRun.exe [516776 2020-07-25] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {EA639BE8-50B2-4190-BD52-D01F42B9E58D} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1627648 2020-05-25] (Advanced Micro Devices, Inc.) [Fichier non signé] (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) ProxyEnable: [.DEFAULT] => Proxy est activé. ProxyServer: [.DEFAULT] => 127.0.0.1:8080 ProxyEnable: [S-1-5-19] => Proxy est activé. ProxyServer: [S-1-5-19] => 127.0.0.1:8080 ProxyEnable: [S-1-5-20] => Proxy est activé. ProxyServer: [S-1-5-20] => 127.0.0.1:8080 ProxyServer: [S-1-5-21-2917975093-671552084-3155095093-1001] => 127.0.0.1:8080 Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 1.1.1.1 1.0.0.1 Tcpip\..\Interfaces\{bc09a071-4211-46a7-a0bb-219e9448012c}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{bc09a071-4211-46a7-a0bb-219e9448012c}: [DhcpNameServer] 1.1.1.1 1.0.0.1 Internet Explorer: ================== HKU\S-1-5-21-2917975093-671552084-3155095093-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP SearchScopes: HKU\S-1-5-21-2917975093-671552084-3155095093-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FireFox: ======== FF Plugin HKU\S-1-5-21-2917975093-671552084-3155095093-1001: @chbrowserupdate.com/Chromium Update;version=3 -> C:\Users\leghz\AppData\Local\Chromium\Update\1.3.99.0\npChromiumUpdate3.dll [2020-07-01] (Chromium.) [Fichier non signé] FF Plugin HKU\S-1-5-21-2917975093-671552084-3155095093-1001: @chbrowserupdate.com/Chromium Update;version=9 -> C:\Users\leghz\AppData\Local\Chromium\Update\1.3.99.0\npChromiumUpdate3.dll [2020-07-01] (Chromium.) [Fichier non signé] Chrome: ======= CHR Profile: C:\Users\leghz\AppData\Local\Google\Chrome\User Data\Default [2020-08-17] CHR Notifications: Default -> hxxps://www.faceit.com; hxxps://www1a.michellehardin.pro; hxxps://www1a.samcunningham.pro CHR StartupUrls: Default -> "hxxp://www.google.fr/" CHR NewTab: Default -> Not-active:"chrome-extension://pcjjkghbnihffeclkjabhalikfagkfbc/html/1/background.html" CHR Extension: (Slides) - C:\Users\leghz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-18] CHR Extension: (Docs) - C:\Users\leghz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-18] CHR Extension: (Google Drive) - C:\Users\leghz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-06-18] CHR Extension: (YouTube) - C:\Users\leghz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-06-18] CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\leghz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-08-17] CHR Extension: (Sheets) - C:\Users\leghz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-06-18] CHR Extension: (Google Docs hors connexion) - C:\Users\leghz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-18] CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\leghz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-08-17] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\leghz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-06-18] CHR Extension: (Yahoo Homepage) - C:\Users\leghz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojfilbbecboffgonioffpjjhcobjahoe [2020-07-01] CHR Extension: (Naruto Shippuden Tab) - C:\Users\leghz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcjjkghbnihffeclkjabhalikfagkfbc [2020-06-18] CHR Extension: (Gmail) - C:\Users\leghz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-06-18] CHR Extension: (Chrome Media Router) - C:\Users\leghz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-07-17] CHR HKU\S-1-5-21-2917975093-671552084-3155095093-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bnbbhgcfmdnamgfgjfgjdkcjbofkjihb] CHR HKU\S-1-5-21-2917975093-671552084-3155095093-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ojfilbbecboffgonioffpjjhcobjahoe] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8615864 2020-07-11] (BattlEye Innovations e.K. -> ) R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [421928 2020-06-11] (Corsair Memory, Inc. -> Corsair Memory, Inc.) R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [56872 2020-06-11] (Corsair Memory, Inc. -> Corsair Memory, Inc.) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811120 2020-07-11] (EasyAntiCheat Oy -> Epic Games, Inc) R2 EnTier Service; C:\Program Files\AMD\StoreMI\ECmd\entierservice.exe [986056 2019-10-10] (Enmotus Inc. -> ) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4956856 2020-05-11] (Microsoft Windows Publisher -> Microsoft Corporation) S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2020-06-18] () [Fichier non signé] S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesUpdateService.exe [32648 2020-06-10] (SteelSeries ApS -> ) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\NisSrv.exe [2169568 2020-07-25] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MsMpEng.exe [128376 2020-07-25] (Microsoft Windows Publisher -> Microsoft Corporation) U3 wuauserv; C:\Windows\system32\svchost.exe [57368 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL) U3 wuauserv; C:\Windows\SysWOW64\svchost.exe [47232 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL) S2 EED1B9F4; C:\ProgramData\EED1B9F4\DC2C67CD.dll [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AMDRyzenMasterDriverV16; C:\Program Files\AMD\RyzenMaster\bin\AMDRyzenMasterDriver.sys [69936 2020-05-07] (Advanced Micro Devices INC. -> Advanced Micro Devices) R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [60216 2020-03-31] (Advanced Micro Devices, Inc. -> ) S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2020-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [45968 2020-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21904 2020-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 cpuz149; C:\Windows\temp\cpuz149\cpuz149_x64.sys [44320 2020-07-27] (CPUID S.A.R.L.U. -> CPUID) R0 envirtahci; C:\Windows\System32\drivers\envirtahci.sys [798448 2019-10-03] (Enmotus Inc. -> AMD) R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [46776 2019-12-23] (SteelSeries ApS -> ) R3 sshid; C:\Windows\System32\drivers\sshid.sys [47824 2019-12-23] (SteelSeries ApS -> SteelSeries ApS) R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2018-08-29] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [78216 2020-07-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [430320 2020-07-25] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [98520 2020-07-25] (Microsoft Windows -> Microsoft Corporation) S3 VBAudioVMVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) =================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2020-08-17 15:24 - 2020-08-17 15:24 - 002296320 _____ (Farbar) C:\Users\leghz\Downloads\FRST64 (1).exe 2020-07-27 01:45 - 2020-08-17 15:27 - 000000000 ____D C:\FRST 2020-07-27 01:44 - 2020-07-27 01:45 - 002295808 _____ (Farbar) C:\Users\leghz\Downloads\FRST64.exe 2020-07-27 00:52 - 2020-07-27 00:52 - 000000000 ____D C:\Users\leghz\AppData\Local\mbam 2020-07-27 00:49 - 2020-07-27 01:27 - 000000000 ____D C:\Program Files\GridinSoft Anti-Malware 2020-07-27 00:06 - 2020-07-27 01:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware 2020-07-27 00:06 - 2020-07-27 00:06 - 000000000 ____D C:\ProgramData\GridinSoft 2020-07-26 23:37 - 2020-07-26 23:57 - 000000000 ____D C:\Users\leghz\AppData\Roaming\ZHP 2020-07-26 23:37 - 2020-07-26 23:37 - 000000000 ____D C:\Users\leghz\AppData\Local\ZHP 2020-07-26 18:20 - 2020-07-27 00:53 - 000000000 ____D C:\Program Files (x86)\hlamow 2020-07-26 18:20 - 2020-07-26 23:41 - 000000000 ____D C:\Program Files (x86)\AER 2020-07-26 18:20 - 2020-07-26 18:20 - 041135502 _____ C:\Users\leghz\OneDrive\Documents\Download.zip 2020-07-26 18:20 - 2018-08-29 15:48 - 000027136 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys 2020-07-26 02:08 - 2020-07-26 02:10 - 000000000 ____D C:\Users\leghz\AppData\Roaming\StreamLabels 2020-07-26 02:08 - 2020-07-26 02:08 - 000002386 _____ C:\Users\leghz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StreamLabels.lnk 2020-07-26 02:08 - 2020-07-26 02:08 - 000000000 ____D C:\Users\leghz\AppData\Local\streamlabels-updater 2020-07-24 15:38 - 2020-07-24 16:00 - 000004666 _____ C:\Users\leghz\AppData\Roaming\VoiceMeeterDefault.xml 2020-07-24 15:37 - 2020-07-24 19:54 - 000000000 ____D C:\Users\leghz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio 2020-07-24 15:37 - 2020-07-24 19:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio 2020-07-24 15:37 - 2020-07-24 19:54 - 000000000 ____D C:\Program Files\VB 2020-07-24 15:37 - 2020-07-24 15:37 - 000000000 ____D C:\Program Files (x86)\VB 2020-07-18 00:19 - 2020-07-18 00:19 - 000000000 ____D C:\Users\leghz\AppData\Roaming\GenArts 2020-07-18 00:00 - 2020-07-18 00:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2020-07-18 00:00 - 2020-07-18 00:00 - 000000000 ____D C:\Program Files (x86)\Sony Setup 2020-07-18 00:00 - 2020-07-18 00:00 - 000000000 ____D C:\Program Files (x86)\Sony ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2020-08-17 15:26 - 2020-06-18 21:05 - 000000000 ____D C:\Program Files (x86)\Steam 2020-08-17 15:26 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-08-17 15:23 - 2020-06-18 19:40 - 000000000 ____D C:\AMD 2020-08-17 15:18 - 2020-07-16 16:47 - 000002404 _____ C:\Users\leghz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-08-17 15:18 - 2020-06-18 19:27 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2917975093-671552084-3155095093-1001 2020-08-17 15:18 - 2020-06-18 19:27 - 000000000 ___RD C:\Users\leghz\OneDrive 2020-08-17 15:16 - 2020-06-18 21:44 - 000000000 ____D C:\Warzone 2020-08-17 15:16 - 2020-06-18 20:32 - 000000154 _____ C:\Windows\SysWOW64\machineclass.txt 2020-08-17 15:15 - 2020-07-11 14:03 - 000003112 _____ C:\Windows\system32\Tasks\AMDLinkUpdate 2020-08-17 15:15 - 2020-06-18 20:20 - 000003126 _____ C:\Windows\system32\Tasks\AMDInstallLauncher 2020-07-28 04:00 - 2020-06-18 19:27 - 000000000 ____D C:\Windows\system32\AMD 2020-07-28 03:45 - 2020-06-19 01:22 - 000000000 ____D C:\Windows\system32\SleepStudy 2020-07-28 02:28 - 2020-06-19 00:39 - 000000000 ____D C:\Users\leghz\AppData\Local\Battle.net 2020-07-28 00:35 - 2020-06-18 19:27 - 000000000 ____D C:\Users\leghz\AppData\Local\D3DSCache 2020-07-27 17:57 - 2020-06-18 22:02 - 000000001 _____ C:\Windows\vgkbootstatus.dat 2020-07-27 17:57 - 2020-06-18 21:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games 2020-07-27 02:12 - 2020-06-19 01:22 - 000008192 ___SH C:\DumpStack.log.tmp 2020-07-27 02:12 - 2020-06-19 01:22 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-07-27 02:12 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI 2020-07-27 01:25 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2020-07-27 01:25 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM 2020-07-27 01:08 - 2020-07-05 22:30 - 000000000 ____D C:\Program Files\CCleaner 2020-07-27 01:04 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2020-07-26 17:34 - 2020-06-18 21:23 - 000000000 ____D C:\Users\leghz\AppData\Roaming\discord 2020-07-26 03:06 - 2020-07-07 01:20 - 000000000 ____D C:\Users\leghz\AppData\Roaming\obs-studio 2020-07-26 01:23 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2020-07-26 01:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2020-07-25 17:39 - 2020-06-19 01:22 - 000000000 ____D C:\Windows\system32\Drivers\wd 2020-07-24 06:38 - 2020-06-18 20:20 - 000000000 ____D C:\Users\leghz\AppData\Local\AMD 2020-07-24 03:30 - 2020-06-18 19:27 - 000000000 ____D C:\Users\leghz\AppData\Local\PlaceholderTileLogoFolder 2020-07-18 00:15 - 2020-06-18 19:26 - 000000000 ____D C:\Users\leghz\AppData\Local\VirtualStore ==================== Fichiers à la racine de certains dossiers ======== 2020-07-24 15:38 - 2020-07-24 16:00 - 000004666 _____ () C:\Users\leghz\AppData\Roaming\VoiceMeeterDefault.xml ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================