Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021 Exécuté par Ben (administrateur) sur LAPTOP-U2KA1QTO (HP ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ) (01-03-2021 12:20:34) Exécuté depuis C:\Users\Ben\Desktop Profils chargés: Ben Platform: Windows 10 Home Version 2004 19041.804 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\NisSrv.exe (NGWIN Software Co. -> NGWIN) C:\Program Files (x86)\PicPick\picpick.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269112 2018-11-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [701984 2017-07-13] (HP Inc. -> HP Inc.) HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324600 2017-04-25] (HP Inc. -> HP) HKU\S-1-5-21-1461752567-2188266108-2820365753-1001\...\Run: [Chromium] => "c:\users\ben\appdata\local\chromium\application\chrome.exe" --profile-directory="Default" --auto-launch-at-startup --restore-last-session HKU\S-1-5-21-1461752567-2188266108-2820365753-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [30870200 2020-09-22] (Piriform Software Ltd -> Piriform Software Ltd) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-02-25] (Google LLC -> Google LLC) GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {064D2CC7-CDC2-4861-BA5C-CF8488B7C89A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [25492152 2020-09-22] (Piriform Software Ltd -> Piriform Software Ltd) Task: {0CA4056A-9314-4B2A-9F38-9BEDE2625342} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-04-03] (Advanced Micro Devices, Inc.) [Fichier non signé] Task: {266F701C-678C-4CEB-925F-3A8E37505ACC} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe Task: {34762223-3600-44BF-9D5F-1892DC44692B} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe Task: {58F55DD4-9749-49C3-9934-63DCB5F3784E} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-04-03] (Advanced Micro Devices, Inc.) [Fichier non signé] Task: {61916D3D-F85B-4D96-8C13-1922280D766C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Task: {628927C3-BDA4-45B2-B95C-D299A9804DF2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.) Task: {6BE488C6-2879-4E70-BAB2-406B206E2D8E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-24] (Google Inc -> Google Inc.) Task: {6CBABC36-4D1B-4CB7-BC8A-32EF42AB2151} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [127176 2020-05-29] (Mozilla Corporation -> Mozilla Foundation) Task: {7C1CE08A-8CCA-4BAF-8389-D1652069E3D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-02-24] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {808FE692-C3D9-4293-A2C2-BF25E4D8A5C3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {82F0656A-B115-4E18-BD0E-60304F766A77} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [4102848 2017-09-08] (Microsoft Corporation -> Microsoft Corporation) Task: {83F84EEC-174E-4708-A02E-AF8F2CF317EA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-02-24] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {93D74412-A1F2-4870-891A-E148850D83D6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-02-24] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9913F256-E3DD-406A-A82C-33AB34B66552} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.) Task: {A2868322-9572-4AE4-911C-314575B9F055} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Task: {A88B5858-D497-4AA7-86F6-EC4FC7FD5AC1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [4102848 2017-09-08] (Microsoft Corporation -> Microsoft Corporation) Task: {ADAD73BE-EBBF-4BE1-80FB-74AF065667B2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.) Task: {B097F5C4-4F50-4D6F-8EDF-B1BD4720621B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-02-24] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B4084625-3B14-4860-A802-D813241F4CAD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.) Task: {BAF4D7D0-F10C-44F2-B4A6-0710FFAF08C8} - System32\Tasks\{2E91BAAB-64F1-4210-A5EE-AA9823271D8C} => C:\windows\system32\pcalua.exe -a C:\Users\Ben\Downloads\Programs\lide25vst11012fr.exe -d C:\Users\Ben\Downloads\Programs Task: {C39FF212-0EE7-4F16-901B-AAF28FD9BB1B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe Task: {C5481CB4-FEDA-4A1F-BFA7-32A047691048} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\BingPopup\BingPopup.exe Task: {DED7FE1D-2B84-4057-AD47-3E492920EAB8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe Task: {EC7EBA74-1A2C-4A29-AAE8-F1B3B05CC2CE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-24] (Google Inc -> Google Inc.) Task: {ED20B385-53AB-4B12-8B3F-FB2CFA0AB089} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-09-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {F09ED211-12E4-4905-8312-F9E669296DF0} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software) Task: {FFA47418-9951-4A3D-8B50-ADD1077C16D2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-09-22] (Piriform Software Ltd -> Piriform Software Ltd) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{090f1008-762f-4b84-9918-4226e32d89bc}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{3dcd4aeb-f2f7-419b-bdac-de181b559ded}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{e2e72f45-40e3-42ed-b9ad-7d98bc0c8ce7}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{e2e72f45-40e3-42ed-b9ad-7d98bc0c8ce7}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{ec65984d-2f69-453a-a8b2-1e0852cd85ec}: [DhcpNameServer] 8.8.8.8 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Ben\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-01] FireFox: ======== FF DefaultProfile: cn6kddza.default-1525325426571 FF ProfilePath: C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\pot9x4r8.default-release-1571598752237 [2020-11-28] FF ProfilePath: C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\cn6kddza.default-1525325426571 [2020-11-28] FF Extension: (Avast Online Security) - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\cn6kddza.default-1525325426571\Extensions\wrc@avast.com.xpi [2019-06-16] FF Extension: (Search Manager) - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\cn6kddza.default-1525325426571\Extensions\{24436206-088d-4a1a-8d0e-cf93ca7a2d23} [2019-08-25] [hxxps://qupotomu.com/update?x=restype=ffjson] FF HKLM-x32\...\Firefox\Extensions: [eagleget_ffext@eagleget.com] - C:\Program Files (x86)\EagleGet\addon\eagleget_ffext@eagleget.com.xpi => non trouvé(e) FF HKLM-x32\...\Thunderbird\Extensions: [eagleget_ffext@eagleget.com] - C:\Program Files (x86)\EagleGet\addon\eagleget_ffext@eagleget.com.xpi => non trouvé(e) FF HKU\S-1-5-21-1461752567-2188266108-2820365753-1001\...\Firefox\Extensions: [eagleget_ffext@eagleget.com] - C:\Program Files (x86)\EagleGet\addon\eagleget_ffext@eagleget.com.xpi => non trouvé(e) FF HKU\S-1-5-21-1461752567-2188266108-2820365753-1001\...\SeaMonkey\Extensions: [eagleget_ffext@eagleget.com] - C:\Program Files (x86)\EagleGet\addon\eagleget_ffext@eagleget.com.xpi => non trouvé(e) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @chbrowserupdate.com/Chromium Update;version=3 -> C:\Program Files (x86)\Chromium\Update\1.3.99.0\npChromiumUpdate3.dll [Pas de fichier] FF Plugin-x32: @chbrowserupdate.com/Chromium Update;version=9 -> C:\Program Files (x86)\Chromium\Update\1.3.99.0\npChromiumUpdate3.dll [Pas de fichier] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-25] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: PDF Architect 5 -> C:\Program Files (x86)\PDF Architect 5\np-previewer.dll [2017-07-05] (pdfforge GmbH -> pdfforge GmbH) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default [2021-03-01] CHR Extension: (Slides) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-28] CHR Extension: (Docs) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-28] CHR Extension: (Google Drive) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-28] CHR Extension: (AdGuard AdBlocker) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2020-12-25] CHR Extension: (YouTube) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-28] CHR Extension: (Copy All Urls) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\djdmadneanknadilpjiknlnanaolmbfk [2019-10-22] CHR Extension: (Video Downloader professional) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooikgjpbiiaebbbnjbcnmgggekfnhfj [2020-06-20] CHR Extension: (MyJDownloader Browser Extension) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2020-11-21] CHR Extension: (1clickVPN - VPN gratuit pour Chrome) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfhplploccackoneaefokcmbjfbkenj [2020-12-18] CHR Extension: (Sheets) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-28] CHR Extension: (Google Docs hors connexion) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-28] CHR Extension: (Google Play) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2019-10-22] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30] CHR Extension: (Correcteur de texte — LanguageTool) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\oldceeleldhonbafppcapldpdifcinji [2021-02-12] CHR Extension: (Gmail) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-28] CHR Extension: (Chrome Media Router) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-28] CHR Profile: C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-10-22] CHR Profile: C:\Users\Ben\AppData\Local\Google\Chrome\User Data\System Profile [2019-10-22] CHR HKLM\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx CHR HKU\S-1-5-21-1461752567-2188266108-2820365753-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hdkdmoacnkphoadmfidlhfdobieblphn] - C:\Program Files (x86)\EagleGet\addon\eagleget_newtab.crx CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [hdkdmoacnkphoadmfidlhfdobieblphn] - C:\Program Files (x86)\EagleGet\addon\eagleget_newtab.crx ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2017-09-25] (Advanced Micro Devices, Inc. -> ) S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424392 2017-09-08] (Microsoft Corporation -> Microsoft Corporation) S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP) S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.) S2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-28] (Malwarebytes Inc -> Malwarebytes) S3 PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2709176 2017-07-05] (pdfforge GmbH -> pdfforge GmbH) S3 PDF Architect 5 CrashHandler; C:\Program Files\PDF Architect 5\crash-handler-ws.exe [1051312 2017-07-05] (pdfforge GmbH -> pdfforge GmbH) S2 PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator-ws.exe [859312 2017-07-05] (pdfforge GmbH -> pdfforge GmbH) S2 PDF Architect 5 Manager; C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (pdfforge GmbH -> © pdfforge GmbH.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-02-24] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-02-24] (Microsoft Windows Publisher -> Microsoft Corporation) S2 HPJumpStartBridge; "c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe" [X] S2 HPTouchpointAnalyticsService; "C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe" [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-09-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-02-28] (Malwarebytes Inc -> Malwarebytes) S3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7116288 2016-07-16] (Intel Corporation) [Fichier non signé] R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49544 2021-02-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420088 2021-02-24] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-02-24] (Microsoft Windows -> Microsoft Corporation) R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP) S3 MpKslf146033f; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FB1E6759-0BD4-48F8-AE66-8F5C8CB8B811}\MpKslDrv.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-03-01 11:11 - 2021-03-01 11:11 - 000003108 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate 2021-02-28 21:48 - 2021-02-28 22:48 - 000039238 _____ C:\Users\Ben\Desktop\Fixlog.txt 2021-02-28 21:48 - 2021-02-28 21:48 - 000000120 _____ C:\Users\Ben\Desktop\mqhlsynbmgtvqv.txt 2021-02-28 21:46 - 2021-02-28 21:46 - 000008951 _____ C:\Users\Ben\Desktop\AdwCleaner[C00].txt 2021-02-28 21:32 - 2021-02-28 21:35 - 000000000 ____D C:\AdwCleaner 2021-02-28 21:29 - 2021-02-28 21:29 - 008463216 _____ (Malwarebytes) C:\Users\Ben\Downloads\adwcleaner_8.1.exe 2021-02-28 21:26 - 2021-02-28 21:26 - 000000000 ____D C:\Users\Ben\AppData\LocalLow\AMD 2021-02-28 21:25 - 2021-02-28 21:25 - 000050207 _____ C:\Users\Ben\Desktop\ZHPCleaner (R).txt 2021-02-28 21:17 - 2021-02-28 21:17 - 000049519 _____ C:\Users\Ben\Desktop\ZHPCleaner (S).txt 2021-02-28 20:48 - 2021-02-28 20:48 - 000000880 _____ C:\Users\Ben\Desktop\ZHPCleaner.lnk 2021-02-28 20:47 - 2021-02-28 20:47 - 003324568 _____ (Nicolas Coolman) C:\Users\Ben\Desktop\ZHPCleaner.exe 2021-02-28 20:02 - 2021-02-28 20:02 - 000001529 _____ C:\Users\Ben\Desktop\malware.txt 2021-02-28 19:24 - 2021-02-28 19:24 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-02-28 19:24 - 2020-09-23 22:58 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-02-28 19:18 - 2020-10-19 15:38 - 000000000 ____D C:\Users\Ben\Desktop\Wub 2021-02-28 19:13 - 2021-02-28 19:13 - 001002364 _____ C:\Users\Ben\Desktop\Wub (1).zip 2021-02-28 19:11 - 2021-02-28 19:12 - 001002364 _____ C:\Users\Ben\Desktop\Wub.zip 2021-02-28 18:19 - 2021-02-28 18:19 - 000050400 _____ C:\Users\Ben\Desktop\Shortcut.txt 2021-02-28 18:04 - 2021-02-28 18:19 - 000052951 _____ C:\Users\Ben\Desktop\Addition.txt 2021-02-28 17:45 - 2021-03-01 12:24 - 000021707 _____ C:\Users\Ben\Desktop\FRST.txt 2021-02-28 17:44 - 2021-03-01 12:22 - 000000000 ____D C:\FRST 2021-02-28 17:43 - 2021-02-28 17:43 - 002301440 _____ (Farbar) C:\Users\Ben\Desktop\FRST64 (1).exe 2021-02-28 01:21 - 2021-02-28 01:21 - 003466392 _____ (Nicolas Coolman) C:\Users\Ben\Desktop\ZHPSuite (1).exe 2021-02-27 18:40 - 2021-02-27 22:19 - 663977648 _____ C:\Users\Ben\Desktop\Club.libertin.22.mp4.crdownload 2021-02-22 22:19 - 2021-02-22 22:20 - 1010472452 _____ C:\Users\Ben\Desktop\C4_Good_Kitty_February-21-2021_19-46-08.mp4 2021-02-22 22:12 - 2021-02-22 22:16 - 319883532 _____ C:\Users\Ben\Desktop\C4_Good_Kitty_February-21-2021_21-49-13.mp4 2021-02-22 22:11 - 2021-02-22 22:14 - 265911846 _____ C:\Users\Ben\Desktop\C4_Good_Kitty_February-21-2021_18-56-13.mp4 2021-02-12 01:48 - 2021-02-12 01:48 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-02-12 01:47 - 2021-02-12 01:47 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-02-12 01:46 - 2021-02-12 01:46 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-02-12 01:46 - 2021-02-12 01:46 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-02-12 01:43 - 2021-02-12 01:43 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2021-02-01 12:38 - 2021-02-01 12:38 - 000073945 _____ C:\Users\Ben\Desktop\AffichageResultats.pdf 2021-01-31 12:43 - 2021-01-31 12:43 - 000128180 _____ C:\Users\Ben\Desktop\_0008417345_.pdf 2021-01-31 12:43 - 2021-01-31 12:43 - 000087440 _____ C:\Users\Ben\Desktop\FGDR_0008417345_20210129.pdf 2021-01-26 18:23 - 2021-03-01 11:58 - 003466904 _____ (Nicolas Coolman) C:\Users\Ben\ZHPSuite.exe 2021-01-24 06:24 - 2021-02-22 12:43 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-01-23 16:14 - 2021-01-23 16:14 - 000288478 _____ C:\Users\Ben\Downloads\Daniel Riolo - Cher football francais .epub 2021-01-23 16:12 - 2021-01-23 16:12 - 000000626 _____ C:\Users\Ben\Desktop\Daniel Riolo - Cher football francais .epub.torrent 2021-01-20 04:59 - 2021-01-20 04:59 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2021-01-20 04:59 - 2021-01-20 04:59 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2021-01-20 04:59 - 2021-01-20 04:59 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll 2021-01-20 04:59 - 2021-01-20 04:59 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2021-01-20 04:58 - 2021-01-20 04:58 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2021-01-20 04:58 - 2021-01-20 04:58 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax 2021-01-20 04:57 - 2021-01-20 04:57 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx 2021-01-20 04:57 - 2021-01-20 04:57 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl 2021-01-20 04:57 - 2021-01-20 04:57 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2021-01-20 04:57 - 2021-01-20 04:57 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll 2021-01-20 04:56 - 2021-01-20 04:56 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax 2021-01-20 04:56 - 2021-01-20 04:56 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2021-01-20 04:55 - 2021-01-20 04:55 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2021-01-20 04:54 - 2021-01-20 04:54 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2021-01-20 04:53 - 2021-01-20 04:53 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx 2021-01-20 04:53 - 2021-01-20 04:53 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl 2021-01-20 04:53 - 2021-01-20 04:53 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll 2021-01-20 04:52 - 2021-01-20 04:52 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl 2021-01-20 04:52 - 2021-01-20 04:52 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl 2021-01-20 04:51 - 2021-01-20 04:51 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2021-01-20 04:50 - 2021-01-20 04:50 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-01-20 04:50 - 2021-01-20 04:50 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll 2021-01-20 04:49 - 2021-01-20 04:49 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-01-20 04:49 - 2021-01-20 04:49 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll 2021-01-20 04:49 - 2021-01-20 04:49 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl 2021-01-20 04:48 - 2021-01-20 04:48 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-01-20 04:47 - 2021-01-20 04:47 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll 2021-01-20 04:47 - 2021-01-20 04:47 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl 2021-01-20 04:46 - 2021-01-20 04:46 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl 2021-01-20 04:46 - 2021-01-20 04:46 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll 2021-01-20 04:46 - 2021-01-20 04:46 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe 2021-01-20 04:45 - 2021-01-20 04:45 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2021-01-20 04:44 - 2021-01-20 04:44 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-01-20 04:44 - 2021-01-20 04:44 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll 2021-01-20 04:43 - 2021-01-20 04:43 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-01-20 04:42 - 2021-01-20 04:42 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-01-20 04:42 - 2021-01-20 04:42 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll 2021-01-20 04:42 - 2021-01-20 04:42 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl 2021-01-20 04:42 - 2021-01-20 04:42 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll 2021-01-18 21:58 - 2021-03-01 12:18 - 000423799 _____ C:\Users\Ben\Desktop\ZHPDiag.html 2021-01-18 21:58 - 2021-03-01 12:18 - 000345057 _____ C:\Users\Ben\Desktop\ZHPDiag.txt 2021-01-18 21:22 - 2021-03-01 11:58 - 000000733 _____ C:\Users\Ben\Desktop\ZHPSuite.lnk 2021-01-18 21:15 - 2021-01-18 21:19 - 003480200 _____ (Nicolas Coolman) C:\Users\Ben\Desktop\ZHPSuite.exe 2021-01-14 22:46 - 2021-01-14 22:48 - 1038493455 _____ C:\Users\Ben\Desktop\C4_lilithopium_January-09-2021_23-34-13.mp4 2021-01-14 20:06 - 2021-01-14 20:07 - 023904633 _____ (The qBittorrent project) C:\Users\Ben\Desktop\qbittorrent_4.3.2_setup.exe 2021-01-08 00:43 - 2021-01-08 00:46 - 371527837 _____ C:\Users\Ben\Desktop\CB_neon_felix_January-05-2021_18-09-21.mp4 2021-01-08 00:39 - 2021-01-08 00:39 - 000720889 _____ C:\Users\Ben\Desktop\zvW9B3.mp4 2020-12-23 06:23 - 2020-12-23 06:23 - 000000000 ____D C:\ProgramData\UniqueId 2020-12-11 13:01 - 2020-12-11 13:01 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll 2020-12-11 13:01 - 2020-12-11 13:01 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl 2020-12-11 13:01 - 2020-12-11 13:01 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2020-12-11 13:00 - 2020-12-11 13:00 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll 2020-12-11 13:00 - 2020-12-11 13:00 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl 2020-12-11 13:00 - 2020-12-11 13:00 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2020-12-11 13:00 - 2020-12-11 13:00 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe 2020-12-11 12:59 - 2020-12-11 12:59 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2020-12-11 12:59 - 2020-12-11 12:59 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2020-12-11 12:59 - 2020-12-11 12:59 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2020-12-11 12:59 - 2020-12-11 12:59 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt 2020-12-11 12:58 - 2020-12-11 12:58 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll 2020-12-11 12:57 - 2020-12-11 12:57 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2020-12-11 12:57 - 2020-12-11 12:57 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2020-12-11 12:57 - 2020-12-11 12:57 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2020-12-11 12:57 - 2020-12-11 12:57 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2020-12-06 13:41 - 2020-12-06 13:41 - 000128160 _____ C:\Users\Ben\Desktop\RELEVES_0008417345_20200729 (1).pdf 2020-12-06 13:41 - 2020-12-06 13:41 - 000127934 _____ C:\Users\Ben\Desktop\RELEVES_0008417345_20200829.pdf 2020-12-06 13:40 - 2020-12-06 13:41 - 000128160 _____ C:\Users\Ben\Desktop\RELEVES_0008417345_20200729.pdf ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-03-01 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-03-01 12:18 - 2018-06-29 17:38 - 000000000 ____D C:\Users\Ben\AppData\Roaming\ZHP 2021-03-01 11:58 - 2020-09-19 03:39 - 000000000 ____D C:\Users\Ben 2021-02-28 22:45 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-02-28 21:39 - 2020-09-19 04:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-02-28 21:39 - 2020-09-19 03:33 - 000008192 ___SH C:\DumpStack.log.tmp 2021-02-28 21:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-02-28 21:38 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-02-28 21:38 - 2017-09-01 16:28 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2021-02-28 21:36 - 2020-10-09 08:36 - 000000000 ____D C:\Users\Ben\AppData\Local\Lavasoft 2021-02-28 21:36 - 2016-09-29 15:44 - 000000000 ___HD C:\HP 2021-02-28 21:36 - 2016-09-29 06:19 - 000000000 ____D C:\ProgramData\HP 2021-02-28 21:36 - 2016-09-29 06:19 - 000000000 ____D C:\ProgramData\Hewlett-Packard 2021-02-28 21:36 - 2016-09-29 06:19 - 000000000 ____D C:\Program Files\HP 2021-02-28 21:36 - 2016-09-29 06:19 - 000000000 ____D C:\Program Files (x86)\HP 2021-02-28 21:35 - 2017-08-04 12:19 - 000000000 ____D C:\Users\Ben\AppData\Local\Hewlett-Packard 2021-02-28 21:35 - 2017-08-04 12:18 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Hewlett-Packard 2021-02-28 21:35 - 2016-09-29 06:18 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard 2021-02-28 20:48 - 2020-04-20 21:34 - 000000000 ____D C:\Users\Ben\AppData\Local\ZHP 2021-02-28 20:44 - 2018-06-28 19:10 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Apowersoft 2021-02-28 20:43 - 2019-10-20 20:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-02-28 20:43 - 2018-03-13 19:15 - 000000000 ____D C:\Users\Ben\AppData\Roaming\DevEject 2021-02-28 20:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2021-02-28 20:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed 2021-02-28 20:36 - 2019-04-10 17:26 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Discord 2021-02-28 20:36 - 2019-04-10 17:25 - 000000000 ____D C:\Users\Ben\AppData\Local\Discord 2021-02-28 20:31 - 2020-10-09 08:36 - 000000000 ____D C:\ProgramData\WinZip 2021-02-28 20:27 - 2017-02-13 19:55 - 000000000 ____D C:\ProgramData\Temp 2021-02-28 20:27 - 2017-02-13 19:55 - 000000000 ____D C:\ProgramData\SUPPORTDIR 2021-02-28 20:27 - 2017-02-13 19:55 - 000000000 ____D C:\ProgramData\install_backup 2021-02-28 20:27 - 2016-09-29 06:19 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2021-02-28 20:26 - 2017-02-13 19:57 - 000000000 ____D C:\ProgramData\CyberLink 2021-02-28 19:24 - 2020-09-23 23:01 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-02-28 19:24 - 2020-06-19 18:58 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-02-28 19:24 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-02-28 19:19 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy 2021-02-28 19:14 - 2017-09-06 16:32 - 000000000 ____D C:\Users\Ben\AppData\Roaming\vlc 2021-02-28 19:03 - 2017-08-04 12:17 - 000000000 ___RD C:\Users\Ben\OneDrive 2021-02-28 18:09 - 2017-08-11 15:51 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-02-28 12:16 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2021-02-28 01:27 - 2019-01-31 03:51 - 000000000 ____D C:\Users\Ben\AppData\Local\CrashDumps 2021-02-28 00:25 - 2020-09-19 03:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-02-27 16:24 - 2020-09-19 04:26 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1461752567-2188266108-2820365753-1001 2021-02-27 16:23 - 2020-09-19 03:39 - 000002406 _____ C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-02-27 14:12 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-02-27 14:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-02-26 19:53 - 2020-10-14 23:55 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-02-25 00:32 - 2020-09-19 04:00 - 001924270 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-02-25 00:32 - 2019-12-07 15:49 - 000833138 _____ C:\WINDOWS\system32\perfh00C.dat 2021-02-25 00:32 - 2019-12-07 15:49 - 000167868 _____ C:\WINDOWS\system32\perfc00C.dat 2021-02-24 10:10 - 2018-02-24 18:28 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-02-19 12:52 - 2020-09-19 04:26 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-02-13 06:36 - 2020-09-19 03:34 - 000428904 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-02-13 06:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords 2021-02-13 06:29 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-02-13 06:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-02-13 06:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-02-13 06:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords 2021-02-13 06:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-02-13 06:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-02-13 06:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-02-13 06:29 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System 2021-02-13 06:29 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2021-02-12 21:14 - 2020-09-19 04:26 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2021-02-12 00:23 - 2017-08-05 13:56 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-02-12 00:07 - 2017-08-05 13:56 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-02-11 04:56 - 2020-10-14 23:54 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-02-11 04:56 - 2020-10-14 23:54 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-02-10 18:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-02-05 11:34 - 2020-09-19 04:26 - 000003588 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-02-05 11:34 - 2020-09-19 04:26 - 000003464 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-02-03 13:19 - 2018-11-08 20:50 - 000000923 _____ C:\Users\Public\Desktop\VLC media player.lnk 2021-01-31 17:13 - 2017-11-23 18:42 - 000000000 ____D C:\Users\Ben\AppData\Local\Packages ==================== Fichiers à la racine de certains dossiers ======== 2018-02-11 17:40 - 2018-02-11 17:40 - 003058048 _____ () C:\Users\Ben\ZHPCleaner.exe 2021-01-26 18:23 - 2021-03-01 11:58 - 003466904 _____ (Nicolas Coolman) C:\Users\Ben\ZHPSuite.exe 2020-01-21 13:11 - 2020-01-21 13:10 - 014634624 _____ (BlueStack Systems Inc.) C:\Program Files (x86)\Common Files\BlueStacks.exe 2018-06-28 18:26 - 2018-06-28 18:42 - 000000096 _____ () C:\Users\Ben\AppData\Roaming\version2.xml 2019-08-25 23:54 - 2019-08-25 23:54 - 000000044 _____ () C:\Users\Ben\AppData\Roaming\WB.CFG 2019-02-27 19:21 - 2019-02-27 19:21 - 000003584 _____ () C:\Users\Ben\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2020-03-20 20:43 - 2020-05-09 03:43 - 000000207 _____ () C:\Users\Ben\AppData\Local\package.nw.new 2018-07-10 16:29 - 2018-07-10 16:29 - 000007605 _____ () C:\Users\Ben\AppData\Local\Resmon.ResmonCfg ==================== SigCheckExt ========================= 2016-07-16 12:42 - 2016-07-16 12:42 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AllJoynDiscoveryPlugin.dll 2017-08-16 15:11 - 2006-03-24 09:43 - 000193024 _____ (CANON INC.) C:\WINDOWS\system32\CNQL1213.DLL 2017-08-16 15:11 - 2006-03-02 09:07 - 000064512 _____ (CANON INC.) C:\WINDOWS\system32\CNQU110.DLL 2017-08-04 17:18 - 2017-03-28 06:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll 2017-12-22 00:59 - 2017-12-22 00:59 - 000105984 _____ (Beepa P/L) C:\WINDOWS\system32\frapsv64.dll 2017-08-04 17:19 - 2017-03-04 07:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-07-16 12:43 - 2016-07-16 15:15 - 003584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll 2016-07-16 12:42 - 2016-07-16 12:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDiscoveryPlugin.dll 2016-07-16 12:42 - 2016-07-16 12:42 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiOnboardingPlugin.dll 2019-06-12 17:32 - 2019-06-12 17:32 - 000010752 _____ C:\WINDOWS\SetupAfterRebootService.exe 2016-07-16 12:43 - 2016-07-16 12:43 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\configmanager2.dll 2016-07-16 12:43 - 2016-07-16 12:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coredpus.dll 2017-12-22 00:59 - 2017-12-22 00:59 - 000094208 _____ (Beepa P/L) C:\WINDOWS\SysWOW64\frapsvid.dll 2017-02-13 19:51 - 2016-07-16 12:43 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEShims.dll 2017-08-04 17:20 - 2017-03-04 07:18 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2016-07-16 12:44 - 2016-07-16 15:16 - 002549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll 2017-02-13 19:43 - 2010-12-01 09:31 - 000451072 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe 2018-11-19 03:26 - 2010-12-29 23:38 - 000380928 _____ (Ratajik Software) C:\WINDOWS\SysWOW64\RSLSP.dll 2018-03-04 21:09 - 2018-03-04 21:09 - 000164352 _____ C:\WINDOWS\SysWOW64\SpoonUninstall.exe 2018-02-11 17:40 - 2018-02-11 17:40 - 003058048 _____ C:\Users\Ben\ZHPCleaner.exe 2021-01-26 18:23 - 2021-03-01 11:58 - 003466904 _____ (Nicolas Coolman) C:\Users\Ben\ZHPSuite.exe 2021-02-28 17:43 - 2021-02-28 17:43 - 002301440 _____ (Farbar) C:\Users\Ben\Desktop\FRST64 (1).exe 2021-01-14 20:06 - 2021-01-14 20:07 - 023904633 _____ (The qBittorrent project) C:\Users\Ben\Desktop\qbittorrent_4.3.2_setup.exe 2021-02-28 20:47 - 2021-02-28 20:47 - 003324568 _____ (Nicolas Coolman) C:\Users\Ben\Desktop\ZHPCleaner.exe 2021-02-28 01:21 - 2021-02-28 01:21 - 003466392 _____ (Nicolas Coolman) C:\Users\Ben\Desktop\ZHPSuite (1).exe 2021-01-18 21:15 - 2021-01-18 21:19 - 003480200 _____ (Nicolas Coolman) C:\Users\Ben\Desktop\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {6719a3d5-cd75-11e9-94b9-806e6f6e6963} {6719a3d3-cd75-11e9-94b9-806e6f6e6963} {6719a3d4-cd75-11e9-94b9-806e6f6e6963} timeout 0 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {a6e31c45-fa28-11ea-90ad-f36f9d3f224c} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {6719a3d3-cd75-11e9-94b9-806e6f6e6963} description USB Drive (UEFI) Application logicielle (101fffff) -------------------------------- identificateur {6719a3d4-cd75-11e9-94b9-806e6f6e6963} description Internal CD/DVD ROM Drive (UEFI) Application logicielle (101fffff) -------------------------------- identificateur {6719a3d5-cd75-11e9-94b9-806e6f6e6963} description Internal Hard Disk or Solid State Disk Application logicielle (101fffff) -------------------------------- identificateur {86068a44-f273-11e6-b476-806e6f6e6963} description Internal Hard Disk or Solid State Disk Application logicielle (101fffff) -------------------------------- identificateur {fe293a04-f269-11e6-9120-30e1712953bc} description Internal Hard Disk or Solid State Disk Application logicielle (101fffff) -------------------------------- identificateur {fe293a08-f269-11e6-9120-30e1712953bc} description Internal Hard Disk or Solid State Disk Application logicielle (101fffff) -------------------------------- identificateur {fe293a0b-f269-11e6-9120-30e1712953bc} description Internal Hard Disk or Solid State Disk Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {d128be57-fa20-11ea-94f3-a958f5356c43} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {a6e31c45-fa28-11ea-90ad-f36f9d3f224c} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {d128be57-fa20-11ea-94f3-a958f5356c43} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{d128be58-fa20-11ea-94f3-a958f5356c43} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{d128be58-fa20-11ea-94f3-a958f5356c43} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {a6e31c45-fa28-11ea-90ad-f36f9d3f224c} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {d128be57-fa20-11ea-94f3-a958f5356c43} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {d128be58-fa20-11ea-94f3-a958f5356c43} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================