Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2021 Exécuté par PC du camping car (administrateur) sur LAPTOP-39NBC6V6 (LENOVO 80TJ) (17-04-2021 10:27:44) Exécuté depuis C:\Users\PC du camping car\Desktop Profils chargés: defaultuser0 & PC du camping car Platform: Windows 10 Home Version 2004 19041.630 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (ABBYY SOLUTIONS LIMITED -> ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\Power2Go\CLVDLauncher.exe (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe (Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\GUBootService.exe (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7E470D04-4C6C-4651-8F94-A7B829AB9A19}\MicrosoftEdge_X64_90.0.818.39.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <4> (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Temp\EDGEMITMP_57763.tmp\setup.exe <2> (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotification.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotificationUx.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\sc.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WaaSMedicAgent.exe (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <8> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.243\WsAppService.exe (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18242048 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (LENOVO -> Lenovo(beijing) Limited) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKU\S-1-5-21-2348191869-1658706661-1089226288-1001\...\Run: [BingSvc] => C:\Users\PC du camping car\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (Microsoft Corporation -> © 2015 Microsoft Corporation) HKU\S-1-5-21-2348191869-1658706661-1089226288-1001\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [89600 2014-09-19] () [Fichier non signé] HKU\S-1-5-21-2348191869-1658706661-1089226288-1001\...\Run: [PhotoMasterImportAgent] => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe [675608 2016-04-22] (CyberLink Corp. -> CyberLink Corp.) HKU\S-1-5-21-2348191869-1658706661-1089226288-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44360 2021-04-09] (Glarysoft LTD -> Glarysoft Ltd) HKU\S-1-5-21-2348191869-1658706661-1089226288-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [580096 2020-10-11] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Print\Monitors\EPSON SX420W Series 64MonitorBE: C:\WINDOWS\system32\E_ILMGCE.DLL [118784 2008-11-12] (SEIKO EPSON CORPORATION) [Fichier non signé] HKLM\...\Print\Monitors\HP E511 Status Monitor: C:\WINDOWS\system32\hpinkstsE511LM.dll [393352 2017-03-10] (Hewlett Packard -> HP Inc.) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.128\Installer\chrmstp.exe [2021-04-16] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2018-11-18] ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) [Fichier non signé] BootExecute: autocheck autochk * GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0162CF55-4D9C-407B-9AA9-2FF8EC14CE78} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {0CA17767-3A56-48BA-8D5E-A12C6957B0CC} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [143888 2021-03-02] (Lenovo -> Lenovo Group Ltd.) Task: {18725603-046F-4288-84BB-2C043A0EC0EC} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8c448031-6226-430c-ab79-8035408aceb2 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.) Task: {1C9F8C69-32FF-484A-9B7C-351101276158} - System32\Tasks\HPCustParticipation HP OfficeJet 3830 series => C:\Program Files\HP\HP OfficeJet 3830 series\Bin\HPCustPartic.exe [6438536 2017-03-27] (Hewlett Packard -> HP Inc.) Task: {2C073849-AC37-4AE3-A1F2-C6EF826844FE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {35244812-9A09-478A-96C8-9E238B1846C6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\94197452-1eec-46a0-bbde-644205395735 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.) Task: {382E15F8-55B6-4751-AD27-5E9962933D41} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [917832 2021-04-09] (Glarysoft LTD -> Glarysoft Ltd) Task: {3F420E9A-2202-40FF-8132-869227988345} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software) Task: {58B177A2-8EF3-49E1-8EC2-37A0BD0B5EE2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f8096039-bbf0-439b-b396-4aae7718a589 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.) Task: {6A074B83-55D7-4793-BA00-8D9A14DAA856} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-18] (Google Inc -> Google Inc.) Task: {7BD65493-1DFC-49EE-8A07-5800D80BA815} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [745240 2016-04-22] (CyberLink Corp. -> CyberLink Corp.) Task: {7E0FF964-3F5E-4544-AF22-906FC11C4F36} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION Task: {859CB954-0FA2-4478-946F-63AC69481F12} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8B1BAF12-ECCA-4F19-ACAA-346B43EDFC87} - System32\Tasks\{1900BD74-D293-4331-899B-10DEBBEAEF17} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\AlerteGPS\G200NEOV2\driver\Install.exe" -d "C:\Program Files (x86)\AlerteGPS\G200NEOV2\driver" Task: {97108DD2-C9F1-4E8F-A1DA-F93D7148BF95} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService Task: {9B954975-FF0C-485D-B420-DE502CBA7FA1} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [642544 2021-03-24] (Mozilla Corporation -> Mozilla Foundation) Task: {9F36B9FA-2A37-4E70-89BA-E911DAC87443} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62392 2021-03-14] (Lenovo -> Lenovo Group Ltd.) Task: {A0A43CC6-2D21-4188-878A-7E6F338165B6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A385A723-E107-44B3-9487-00AB8AC15BF6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B6613497-9DBE-4F31-B518-77797EEC0EF1} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\Lenovo\Power2Go\CLVDLauncher.exe [340440 2015-07-06] (CyberLink Corp. -> CyberLink Corp.) Task: {C09B45C7-6180-4873-B17F-88E518B3E327} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {CA1722B4-9855-4152-B746-FB6CE089F20D} - System32\Tasks\PDVDServ14 Task => C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe [85432 2016-04-08] (CyberLink Corp. -> CyberLink Corp.) Task: {CB82FC6D-E294-45CC-B7DD-1315E404DCA9} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c8022655-b368-4533-924c-6a31fbe894cb => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.) Task: {D075E25F-A0F2-4E05-910D-2AF1A97AA693} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [118552 2016-08-12] (CyberLink Corp. -> CyberLink) Task: {E39E5E1B-9847-4D67-8860-ED72D3C3BC36} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-03-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {FB0AF6AF-2BF7-4FAD-9BA4-2179A8AE0716} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-18] (Google Inc -> Google Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{e52a3da5-b3a2-403d-8f6d-5209e2324c98}: [DhcpNameServer] 192.168.1.1 Edge: ======= DownloadDir: C:\Users\PC du camping car\Downloads Edge DefaultProfile: Default Edge Profile: C:\Users\PC du camping car\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-16] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\PC du camping car\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-04-16] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: 0u7x8cbk.default-1542443623732 FF ProfilePath: C:\Users\PC du camping car\AppData\Roaming\Mozilla\Firefox\Profiles\0u7x8cbk.default-1542443623732 [2021-04-17] FF DownloadDir: C:\Users\PC du camping car\Desktop FF Homepage: Mozilla\Firefox\Profiles\0u7x8cbk.default-1542443623732 -> hxxps://www.orange.fr/portail FF Notifications: Mozilla\Firefox\Profiles\0u7x8cbk.default-1542443623732 -> hxxps://emailing.jsmediaperf.fr; hxxps://www.sorcieremonique.com; hxxps://camping-car.vraiforum.com; hxxps://fccgp.forumactif.org FF HomepageOverride: Mozilla\Firefox\Profiles\0u7x8cbk.default-1542443623732 -> Disabled: web@00022358-d56d-4f5e-a89c-d4534d7c5565 FF HomepageOverride: Mozilla\Firefox\Profiles\0u7x8cbk.default-1542443623732 -> Disabled: qwantcomforfirefox@jetpack FF HomepageOverride: Mozilla\Firefox\Profiles\0u7x8cbk.default-1542443623732 -> Disabled: _koMembers_@www.quickpdfmerger.com FF HomepageOverride: Mozilla\Firefox\Profiles\0u7x8cbk.default-1542443623732 -> Disabled: _dpMembers_@free.findyourmaps.com FF NewTabOverride: Mozilla\Firefox\Profiles\0u7x8cbk.default-1542443623732 -> Disabled: web@00022358-d56d-4f5e-a89c-d4534d7c5565 FF NewTabOverride: Mozilla\Firefox\Profiles\0u7x8cbk.default-1542443623732 -> Disabled: _koMembers_@www.quickpdfmerger.com FF NewTabOverride: Mozilla\Firefox\Profiles\0u7x8cbk.default-1542443623732 -> Disabled: _dpMembers_@free.findyourmaps.com FF NewTabOverride: Mozilla\Firefox\Profiles\0u7x8cbk.default-1542443623732 -> Disabled: qwantcomforfirefox@jetpack FF NewTabOverride: Mozilla\Firefox\Profiles\0u7x8cbk.default-1542443623732 -> Enabled: @contain-facebook FF NewTabOverride: Mozilla\Firefox\Profiles\0u7x8cbk.default-1542443623732 -> Enabled: wikipedia@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\0u7x8cbk.default-1542443623732 -> Enabled: qwant@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\0u7x8cbk.default-1542443623732 -> Enabled: ebay@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\0u7x8cbk.default-1542443623732 -> Enabled: ddg@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\0u7x8cbk.default-1542443623732 -> Enabled: amazon@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\0u7x8cbk.default-1542443623732 -> Enabled: bing@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\0u7x8cbk.default-1542443623732 -> Enabled: google@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\0u7x8cbk.default-1542443623732 -> Enabled: _j5Members_@ext.ask.com FF Extension: (Facebook Container) - C:\Users\PC du camping car\AppData\Roaming\Mozilla\Firefox\Profiles\0u7x8cbk.default-1542443623732\Extensions\@contain-facebook.xpi [2020-09-30] FF Extension: (Pas de nom) - C:\Users\PC du camping car\AppData\Roaming\Mozilla\Firefox\Profiles\0u7x8cbk.default-1542443623732\Extensions\qwantcomforfirefox@jetpack.xpi [2020-10-13] FF Extension: (Malwarebytes Browser Guard) - C:\Users\PC du camping car\AppData\Roaming\Mozilla\Firefox\Profiles\0u7x8cbk.default-1542443623732\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2020-12-22] FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-14] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR HKU\S-1-5-21-2348191869-1658706661-1089226288-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY SOLUTIONS LIMITED -> ABBYY) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [688992 2017-02-27] (LENOVO -> Lenovo) R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1210352 2016-03-22] (LENOVO -> Lenovo) R2 GUBootService; C:\Program Files (x86)\Glary Utilities 5\GUBootService.exe [865608 2021-04-09] (Glarysoft LTD -> Glarysoft Ltd) R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.) R2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [51208 2017-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.243\WsAppService.exe [495392 2019-06-13] (Wondershare Technology Co.,Ltd -> Wondershare) R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-07-09] (Wondershare Technology Co.,Ltd -> Wondershare) R2 ZoomCptService; "C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\PC du camping car\AppData\Roaming\Zoom" ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 BR_MCU; C:\WINDOWS\System32\Drivers\br_mcu2usb.sys [23552 2009-12-08] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [30720 2021-02-10] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd) S3 KMWDFILTER; C:\WINDOWS\System32\drivers\KMWDFILTER.sys [30208 2009-04-29] (MLK Technologies Limited -> Windows (R) Codename Longhorn DDK provider) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421088 2021-04-11] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-11] (Microsoft Windows -> Microsoft Corporation) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-04-17 10:27 - 2021-04-17 10:35 - 000023441 _____ C:\Users\PC du camping car\Desktop\FRST.txt 2021-04-17 10:25 - 2021-04-17 10:32 - 000000000 ____D C:\FRST 2021-04-17 10:24 - 2021-04-17 10:24 - 002298368 _____ (Farbar) C:\Users\PC du camping car\Desktop\FRST64.exe 2021-04-16 18:39 - 2021-04-16 18:39 - 000000884 _____ C:\Users\PC du camping car\Desktop\ZHPDiag.lnk 2021-04-16 18:38 - 2021-04-16 18:38 - 003274392 _____ (Nicolas Coolman) C:\Users\PC du camping car\Downloads\ZHPDiag3.exe 2021-04-16 12:05 - 2021-04-16 12:05 - 019609216 _____ (Glarysoft Ltd) C:\Users\PC du camping car\Downloads\Glary_Utilities_v5.164.0.190.exe 2021-04-13 10:09 - 2021-04-13 10:09 - 010279424 _____ C:\Users\PC du camping car\Downloads\Manufrance-Les 100 ans1.pps 2021-04-09 17:22 - 2021-04-09 17:22 - 000018432 _____ C:\Users\PC du camping car\Documents\appartement loyers et charges 2020.2021.xls 2021-04-09 11:07 - 2021-04-09 11:07 - 019515088 _____ (Glarysoft Ltd) C:\Users\PC du camping car\Downloads\Glary_Utilities_v5.163.0.189.exe 2021-04-01 09:54 - 2021-04-01 09:54 - 009999872 _____ C:\Users\PC du camping car\Downloads\LA CORSE TELLE QU-ELLEEST11.pps 2021-03-24 13:24 - 2021-03-24 13:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-03-24 10:42 - 2021-03-24 17:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-04-17 10:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-04-17 10:31 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-04-17 10:30 - 2020-06-25 10:16 - 000002432 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-04-17 10:30 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-04-17 10:27 - 2019-02-06 10:50 - 000000000 ____D C:\ProgramData\Mozilla 2021-04-17 10:27 - 2016-12-17 19:49 - 000000000 ____D C:\Users\PC du camping car\AppData\LocalLow\Mozilla 2021-04-17 09:14 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-04-16 19:05 - 2017-09-22 17:46 - 000000135 _____ C:\Users\PC 2021-04-16 19:05 - 2017-01-09 20:29 - 000000000 ____D C:\Users\PC du camping car\AppData\Roaming\ZHP 2021-04-16 18:47 - 2018-08-04 12:08 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-04-16 18:39 - 2020-11-04 10:10 - 000000000 ____D C:\Users\PC du camping car\AppData\Local\ZHP 2021-04-16 18:39 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-04-16 12:14 - 2020-10-11 14:01 - 000000000 ____D C:\Users\defaultuser0 2021-04-16 12:07 - 2021-02-10 17:43 - 000003066 _____ C:\WINDOWS\system32\Tasks\GU5SkipUAC 2021-04-16 12:07 - 2021-02-10 17:43 - 000001172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk 2021-04-16 12:07 - 2021-02-10 17:43 - 000001160 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk 2021-04-16 12:07 - 2021-02-10 17:42 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5 2021-04-16 11:45 - 2020-10-11 13:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-04-16 10:19 - 2021-02-10 18:10 - 000000757 _____ C:\Users\PC du camping car\Desktop\ZHPCleaner.lnk 2021-04-16 10:18 - 2020-10-13 18:46 - 003326104 _____ (Nicolas Coolman) C:\Users\PC du camping car\ZHPCleaner.exe 2021-04-16 10:18 - 2020-10-11 14:01 - 000000000 ____D C:\Users\PC du camping car 2021-04-15 10:02 - 2017-01-04 19:01 - 000000146 _____ C:\Users\PC du camping car\Desktop\Options Internet.lnk 2021-04-15 09:58 - 2017-01-04 19:00 - 000001194 _____ C:\Users\PC du camping car\Desktop\Disk Cleanup (2).lnk 2021-04-13 16:11 - 2020-10-11 14:15 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-04-13 16:11 - 2019-12-07 16:49 - 000792836 _____ C:\WINDOWS\system32\perfh00C.dat 2021-04-13 16:11 - 2019-12-07 16:49 - 000149966 _____ C:\WINDOWS\system32\perfc00C.dat 2021-04-13 16:03 - 2020-10-11 14:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-04-13 16:03 - 2020-10-11 13:52 - 000008192 ___SH C:\DumpStack.log.tmp 2021-04-13 16:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-04-11 11:58 - 2018-08-01 11:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-04-09 11:16 - 2017-01-09 12:35 - 000000000 ____D C:\ProgramData\Glarysoft 2021-04-02 17:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-03-27 12:58 - 2018-06-27 09:45 - 000000000 ____D C:\Users\PC du camping car\AppData\Local\CrashDumps 2021-03-27 12:51 - 2016-12-18 19:51 - 000000825 _____ C:\Users\PC du camping car\Desktop\Documents.lnk 2021-03-24 17:11 - 2016-12-17 19:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-03-24 13:24 - 2016-12-17 19:48 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-03-24 12:09 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-03-24 12:08 - 2017-05-21 11:27 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin ==================== Fichiers à la racine de certains dossiers ======== 2020-10-13 18:46 - 2021-04-16 10:18 - 003326104 _____ (Nicolas Coolman) C:\Users\PC du camping car\ZHPCleaner.exe 2012-07-02 15:34 - 2020-10-09 13:07 - 000000832 _____ () C:\Users\PC du camping car\AppData\Roaming\sticky.rec 2012-07-02 15:34 - 2020-10-09 12:58 - 000000832 _____ () C:\Users\PC du camping car\AppData\Roaming\sticky.rec_priorsave 2012-07-02 15:34 - 2020-10-09 13:07 - 000000000 _____ () C:\Users\PC du camping car\AppData\Roaming\sticky.str 2012-07-02 15:34 - 2020-10-09 12:58 - 000000000 _____ () C:\Users\PC du camping car\AppData\Roaming\sticky.str_priorsave 2012-07-02 15:34 - 2020-10-09 13:07 - 000000000 _____ () C:\Users\PC du camping car\AppData\Roaming\sticky_chklist.str 2012-07-02 15:34 - 2020-10-09 12:58 - 000000000 _____ () C:\Users\PC du camping car\AppData\Roaming\sticky_chklist.str_priorsave 2016-12-22 19:46 - 2016-12-22 19:46 - 000000000 _____ () C:\Users\PC du camping car\AppData\Local\{B512DE84-B756-495A-84B4-DD16853814A1} ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================