Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2021 Exécuté par rénald (administrateur) sur DESKTOP-4G798N4 (MSI MS-7817) (19-04-2021 18:57:04) Exécuté depuis C:\Users\rénald\Desktop Profils chargés: rénald Platform: Windows 10 Home Version 2004 19041.867 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Safe Mode (with Networking) ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <18> (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_151\bin\javaw.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9072128 2016-11-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7991528 2021-04-12] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [haleng] => C:\Users\RNALD~1\AppData\Local\Temp\haleng.exe <==== ATTENTION HKLM\...\RunOnce: [system recover] => C:\Program Files (x86)\TeamViewer\Sitekesybae.exe [99328 2021-04-11] (BlueTooth) [Fichier non signé] HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-4001625071-1540241157-4076497465-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-04-14] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-4001625071-1540241157-4076497465-1001\...\Run: [Windows Host] => C:\ProgramData\Windows Host\Windows Host.exe <==== ATTENTION HKU\S-1-5-21-4001625071-1540241157-4076497465-1001\...\Run: [RoughSunset] => C:\WINDOWS\rss\csrss.exe [4555264 2021-04-11] () [Fichier non signé] <==== ATTENTION HKU\S-1-5-21-4001625071-1540241157-4076497465-1001\...\Run: [Prun] => "C:\Program Files (x86)\PublicGaming\prun.exe" HKU\S-1-5-21-4001625071-1540241157-4076497465-1001\...\Run: [9009059] => "C:\Users\rénald\AppData\Roaming\awt00dtwf4y\ycxzl1vdbrp.exe" /VERYSILENT HKU\S-1-5-21-4001625071-1540241157-4076497465-1001\...\Run: [WUFServices.exe] => C:\Users\RNALD~1\AppData\Local\Temp\WUFServices.exe <==== ATTENTION HKU\S-1-5-21-4001625071-1540241157-4076497465-1001\...\Run: [PULServices.exe] => C:\Users\RNALD~1\AppData\Local\Temp\PULServices.exe <==== ATTENTION HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\WINDOWS\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [Fichier non signé] HKLM\...\Print\Monitors\EPSON XP-412 413 415 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMBLEE.DLL [179712 2014-12-02] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) HKLM\...\Print\Monitors\EPSON XP-422 423 425 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBNDE.DLL [179712 2013-12-06] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [116736 2018-12-21] (pdfforge GmbH) [Fichier non signé] HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.128\Installer\chrmstp.exe [2021-04-14] (Google LLC -> Google LLC) GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {06758103-2182-4F5D-A4BF-FFF4BB37AA0F} - System32\Tasks\Microsoft\OneCore\DirectX\NlsDdmin => C:\WINDOWS\microsoft.net\framework\v4.0.30319\RegSvcs.exe /nologo C:\ProgramData\CommonMove\FajtBxatus\ANBm_Prext.dll Task: {0A9EF2E5-ACF8-45C8-802B-9AE1749726AA} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {2E2D93F9-B4D2-444F-971F-165A9F79E4D7} - System32\Tasks\Firefox Default Browser Agent 9A7D13A20593B8E6 => C:\Users\rénald\AppData\Roaming\gtugvae.exe <==== ATTENTION Task: {30E40536-435A-491F-B25E-7AB48A74690B} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION Task: {33D4924F-EEEB-4E8D-9095-E5E1A08A43DA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {54CB4EC3-2786-4095-8D1B-A2856D586D33} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-27] (Dropbox, Inc -> Dropbox, Inc.) Task: {663839B5-06E5-417F-9DBE-28D3F603EA85} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-27] (Dropbox, Inc -> Dropbox, Inc.) Task: {707F1E18-0D29-4AF4-A438-8A1E2CB7606B} - System32\Tasks\EPSON XP-422 423 425 Series Update {D2D93D99-1B60-432F-A2FB-83806F57741E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNDE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Task: {7402D8E9-912C-4D02-B4F7-7A1969CB38DD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7697F54C-D5F5-4810-84B7-6C5C314EB92A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-24] (Google Inc -> Google Inc.) Task: {78076439-D06E-4518-95FE-837C238EEC21} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {85AE0380-7A59-493B-989C-CBAC71B997FC} - System32\Tasks\DropboxUpdateTaskMachineUA1d55d9572f578ea => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-27] (Dropbox, Inc -> Dropbox, Inc.) Task: {8A060CD8-F41B-48A0-B79A-5EFE7F77C729} - System32\Tasks\{BADF96B6-BFC6-43E3-9C19-D4ED78DB7A9C} => C:\WINDOWS\system32\pcalua.exe -a C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IINSLEE.EXE -c /R /APD /P:"EPSON XP-412 413 415 Series" Task: {9B7F3B9F-E6FC-4F9D-9CBE-A8C5BF8BED3D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {AC6F6657-BCA0-4E90-9BB9-07FF63097E7D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B4A09332-645D-4822-AC0D-66A70CDC5E21} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B7B2DAC5-E5DC-434D-8C74-8728147C2DAB} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-05] (Mozilla Corporation -> Mozilla Foundation) Task: {BAF30EF6-070C-4012-93DF-C350CDFE6080} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {BD00DD2E-5AB0-447D-8EB9-3BC2CCA76EE9} - System32\Tasks\DropboxUpdateTaskMachineCore1d55d9572e99308 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-27] (Dropbox, Inc -> Dropbox, Inc.) Task: {D270B4B2-C90B-4C61-B9EC-5EDA95C1D27F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-24] (Google Inc -> Google Inc.) Task: {D2C533BC-472E-4037-A0D1-8747FD24EC14} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {D5ECBD2B-7610-444D-8303-1FFE88A73D7A} - System32\Tasks\csrss => C:\Windows\rss\csrss.exe [4555264 2021-04-11] () [Fichier non signé] <==== ATTENTION (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d55d9572e99308.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d55d9572f578ea.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\EPSON XP-422 423 425 Series Update {D2D93D99-1B60-432F-A2FB-83806F57741E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNDE.EXE:/EXE:{D2D93D99-1B60-432F-A2FB-83806F57741E} /F:UpdateWORKGROUP\DESKTOP-4G798N4$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) ProxyServer: [S-1-5-21-4001625071-1540241157-4076497465-1001] => 127.0.0.1:8003 Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{072c47f8-9a69-4aa5-8ac9-33716dbe3b0e}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{1465b352-737b-471c-aba5-6b9ec18eef4b}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{5c856c8d-feb7-4ab8-bb1e-7f641c7478fd}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{5ceb8415-a2a3-4ab6-9fe4-e95f772b3d31}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{c7c0eea2-1470-4193-be23-69cbea3e9704}: [NameServer] 194.2.0.20 Edge: ======= DownloadDir: C:\Users\rénald\Downloads FireFox: ======== FF DefaultProfile: po2nv8e5.default FF ProfilePath: C:\Users\rénald\AppData\Roaming\Mozilla\Firefox\Profiles\po2nv8e5.default [2021-04-10] FF ProfilePath: C:\Users\rénald\AppData\Roaming\Mozilla\Firefox\Profiles\ilky3st4.default-release-1616957216105 [2021-04-19] FF NetworkProxy: Mozilla\Firefox\Profiles\ilky3st4.default-release-1616957216105 -> type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> ) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> ) FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-31] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-31] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-02-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-14] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-4001625071-1540241157-4076497465-1001: @squareclock.com/SQ3DPlayer_Production_Castorama_Dressing_Internet -> C:\Users\rénald\AppData\Local\SquareClock.Production_Castorama_Dressing_Internet\NPSQ3D.dll [2020-11-22] (DASSAULT SYSTEMES SE -> SquareClock SAS) [Fichier non signé] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\rénald\AppData\Local\Google\Chrome\User Data\Default [2021-04-19] CHR Notifications: Default -> hxxps://www.cnetfrance.fr CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxps://www.google.fr/" CHR Extension: (Slides) - C:\Users\rénald\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14] CHR Extension: (Docs) - C:\Users\rénald\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14] CHR Extension: (Google Drive) - C:\Users\rénald\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22] CHR Extension: (YouTube) - C:\Users\rénald\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-24] CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\rénald\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-28] CHR Extension: (Custom) - C:\Users\rénald\AppData\Local\Google\Chrome\User Data\Default\Extensions\colgdlijdieibnaccfdcdbpdffofkfeb [2021-04-10] CHR Extension: (Adobe Acrobat) - C:\Users\rénald\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-11] CHR Extension: (Sheets) - C:\Users\rénald\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14] CHR Extension: (Google Docs hors connexion) - C:\Users\rénald\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-15] CHR Extension: (Recettes: le marque-page de recettes en ligne) - C:\Users\rénald\AppData\Local\Google\Chrome\User Data\Default\Extensions\giceanipjojfnkbciljjblakfkihbjdb [2017-04-04] CHR Extension: (Xirvik .torrent to seedbox uploader) - C:\Users\rénald\AppData\Local\Google\Chrome\User Data\Default\Extensions\gljdkkichjgocpdmiaachhlfccddcjgb [2021-02-12] CHR Extension: (PConverter) - C:\Users\rénald\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpkhmmacbjndakceaikggpnnnddijeen [2020-06-13] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\rénald\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Remote Torrent Adder) - C:\Users\rénald\AppData\Local\Google\Chrome\User Data\Default\Extensions\oabphaconndgibllomdcjbfdghcmenci [2020-12-18] CHR Extension: (Gmail) - C:\Users\rénald\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24] CHR Extension: (Chrome Media Router) - C:\Users\rénald\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-14] CHR Extension: (XSuperFlow) - C:\ProgramData\Ecuo\Smzt [2021-04-10] CHR Profile: C:\Users\rénald\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-05-20] CHR Profile: C:\Users\rénald\AppData\Local\Google\Chrome\User Data\System Profile [2020-05-22] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] ==================== Services (Avec liste blanche) =================== ===================== Pilotes (Avec liste blanche) =================== ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-04-19 18:57 - 2021-04-19 18:57 - 000018832 _____ C:\Users\rénald\Desktop\FRST.txt 2021-04-19 18:56 - 2021-04-19 18:55 - 002298368 _____ (Farbar) C:\Users\rénald\Desktop\FRST64.exe 2021-04-19 18:55 - 2021-04-19 18:57 - 000000000 ____D C:\FRST 2021-04-19 18:55 - 2021-04-19 18:55 - 002298368 _____ (Farbar) C:\Users\rénald\Downloads\FRST64.exe 2021-04-19 18:55 - 2021-04-19 18:55 - 002010624 _____ (Farbar) C:\Users\rénald\Downloads\FRST.exe 2021-04-19 18:28 - 2021-04-19 18:28 - 000397468 _____ C:\Users\rénald\Desktop\ZHPDiag.txt 2021-04-19 18:23 - 2021-04-19 18:56 - 000088632 _____ C:\WINDOWS\ntbtlog.txt 2021-04-19 18:23 - 2021-04-19 18:23 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2021-04-19 18:02 - 2021-04-19 18:02 - 000000911 _____ C:\Users\rénald\Desktop\ZHPSuite.lnk 2021-04-19 18:01 - 2021-04-19 18:01 - 003468440 _____ (Nicolas Coolman) C:\Users\rénald\Downloads\ZHPSuite.exe 2021-04-19 17:59 - 2021-04-19 17:59 - 003333936 _____ (Trend Micro Inc.) C:\Users\rénald\Downloads\HousecallLauncher64 (4).exe 2021-04-19 17:45 - 2021-04-19 17:45 - 003333936 _____ (Trend Micro Inc.) C:\Users\rénald\Downloads\HousecallLauncher64 (3).exe 2021-04-19 17:30 - 2021-04-19 17:30 - 003333936 _____ (Trend Micro Inc.) C:\Users\rénald\Downloads\HousecallLauncher64 (2).exe 2021-04-19 17:27 - 2021-04-19 17:28 - 003333936 _____ (Trend Micro Inc.) C:\Users\rénald\Downloads\HousecallLauncher64 (1).exe 2021-04-19 17:24 - 2021-04-19 17:24 - 002002424 _____ (Trend Micro Inc.) C:\Users\rénald\Downloads\HousecallLauncher.exe 2021-04-18 22:45 - 2021-04-18 22:45 - 000637454 _____ C:\Users\rénald\Downloads\Chapitre 2 les chrétiens dans l'Empire.odt 2021-04-16 16:03 - 2021-04-16 16:03 - 000000000 ____D C:\Users\rénald\Desktop\Parra for Cuva,Anna Naklab 2021-04-16 15:47 - 2021-04-16 15:47 - 000000000 ____D C:\Users\rénald\Documents\49ers 2021-04-16 15:43 - 2021-04-16 15:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2021-04-13 12:17 - 2021-04-13 12:17 - 000000000 ____D C:\Users\rénald\Documents\Modèles Office personnalisés 2021-04-12 14:39 - 2021-04-12 14:39 - 000017266 _____ C:\Users\rénald\Downloads\LOUIS_SERRA.pdf 2021-04-12 12:51 - 2021-04-12 12:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2021-04-12 12:51 - 2021-04-12 12:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2021-04-12 12:51 - 2021-04-12 12:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2021-04-12 12:51 - 2021-04-12 12:51 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2021-04-12 11:55 - 2021-04-12 11:55 - 000015367 _____ C:\Users\rénald\Downloads\justificatif_reglement_avis_33337492459831.pdf 2021-04-12 10:52 - 2021-04-12 10:52 - 002814156 _____ C:\Users\rénald\Downloads\Attachment-1.pdf 2021-04-11 19:22 - 2021-04-11 19:22 - 000437166 _____ C:\Users\rénald\Downloads\03-04-2021-attestation-de-deplacement-derogatoire-pdf.pdf 2021-04-11 12:50 - 2021-04-11 12:50 - 001987072 ____H C:\WINDOWS\windefender.exe 2021-04-11 12:20 - 2021-04-11 12:49 - 000000000 ____D C:\AdwCleaner 2021-04-11 12:19 - 2021-04-19 18:20 - 000003274 _____ C:\WINDOWS\system32\Tasks\csrss 2021-04-11 11:54 - 2021-04-11 11:54 - 003325592 _____ (Nicolas Coolman) C:\Users\rénald\Downloads\ZHPCleaner (2).exe 2021-04-11 11:53 - 2021-04-11 12:21 - 000000921 _____ C:\Users\rénald\Desktop\ZHPCleaner.lnk 2021-04-11 11:53 - 2021-04-11 12:17 - 000000000 ____D C:\Users\rénald\Doctor Web 2021-04-11 11:53 - 2021-04-11 11:53 - 003325592 _____ (Nicolas Coolman) C:\Users\rénald\Downloads\ZHPCleaner.exe 2021-04-11 11:53 - 2021-04-11 11:53 - 003325592 _____ (Nicolas Coolman) C:\Users\rénald\Downloads\ZHPCleaner (1).exe 2021-04-11 11:52 - 2021-04-11 11:53 - 243736464 _____ C:\Users\rénald\Downloads\omdtn187.exe 2021-04-11 11:42 - 2021-04-11 11:42 - 008534696 _____ (Malwarebytes) C:\Users\rénald\Downloads\adwcleaner_8.2.exe 2021-04-11 11:06 - 2021-04-11 11:06 - 000001316 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidify Spotify Music Converter.lnk 2021-04-11 11:02 - 2021-04-11 11:02 - 000000000 ____D C:\Users\rénald\Documents\Sidify Music Converter 2021-04-11 10:47 - 2021-04-11 11:23 - 000000000 ____D C:\Program Files (x86)\Trend Micro 2021-04-11 10:47 - 2021-04-11 11:20 - 000000000 ____D C:\Users\rénald\AppData\Local\Trend Micro 2021-04-11 10:46 - 2021-04-11 10:46 - 000000000 _____ C:\Users\rénald\Downloads\HousecallLauncher64(4).exe 2021-04-11 10:33 - 2021-04-19 17:38 - 000000010 _____ C:\Users\rénald\AppData\Local\sponge.last.runtime.cache 2021-04-11 10:29 - 2021-04-11 10:29 - 000000000 ____D C:\WINDOWS\Trend Micro 2021-04-11 10:28 - 2021-04-11 10:28 - 003333936 _____ (Trend Micro Inc.) C:\Users\rénald\Downloads\HousecallLauncher64(3).exe 2021-04-11 10:27 - 2021-04-19 17:31 - 000000000 ____D C:\ProgramData\Trend Micro 2021-04-11 10:27 - 2021-04-11 10:27 - 000640416 _____ (Trend Micro Inc.) C:\Users\rénald\Downloads\HouseCallforHomeNetworks(2).exe 2021-04-11 10:27 - 2021-04-11 10:27 - 000640416 _____ (Trend Micro Inc.) C:\Users\rénald\Downloads\HouseCallforHomeNetworks(1).exe 2021-04-11 10:26 - 2021-04-11 10:26 - 000000000 _____ C:\Users\rénald\Downloads\HouseCallforHomeNetworks.exe 2021-04-11 10:25 - 2021-04-11 10:25 - 003333936 _____ (Trend Micro Inc.) C:\Users\rénald\Downloads\HousecallLauncher64(2).exe 2021-04-11 10:25 - 2021-04-11 10:25 - 000000000 _____ C:\Users\rénald\Downloads\HousecallLauncher64(1).exe 2021-04-11 10:21 - 2021-04-11 10:21 - 002405672 _____ (Trend Micro Inc.) C:\Users\rénald\Downloads\HousecallLauncher64.exe 2021-04-10 18:00 - 2021-04-18 22:45 - 000000000 ___HD C:\ProgramData\Ecuo 2021-04-10 17:28 - 2021-04-15 17:49 - 000000000 ____D C:\Users\rénald\Documents\VirtualDJ 2021-04-10 17:04 - 2021-04-11 11:06 - 000000000 ____D C:\Program Files (x86)\Sidify Spotify Music Converter 2021-04-10 14:40 - 2021-04-11 10:11 - 000000000 ____D C:\Program Files (x86)\Picture Lab 2021-04-10 14:39 - 2021-04-11 10:11 - 000000000 ____D C:\Users\rénald\AppData\Roaming\sPiAfuTGyyVOZKeaLf 2021-04-10 14:37 - 2021-04-11 10:11 - 000000000 ____D C:\Users\rénald\AppData\Roaming\medspolish 2021-04-10 14:37 - 2021-04-11 10:11 - 000000000 ____D C:\Users\rénald\AppData\Roaming\llYHlSDJxbwekicZbE 2021-04-10 14:37 - 2021-04-11 10:11 - 000000000 ____D C:\ProgramData\65 2021-04-10 14:37 - 2021-04-11 10:11 - 000000000 ____D C:\Program Files (x86)\MaskVPN 2021-04-10 14:37 - 2021-04-10 14:38 - 000000000 ____D C:\Users\rénald\AppData\Roaming\CleanerTools 2021-04-10 14:37 - 2021-04-10 14:37 - 001564823 _____ C:\ProgramData\6577 2021-04-10 14:37 - 2021-04-10 14:37 - 000000000 ____D C:\ProgramData\VFEBHDTLXXE03R1JXH6J5RFDV 2021-04-10 14:37 - 2021-04-10 14:37 - 000000000 ____D C:\Program Files (x86)\94c45254-6d52-40cc-93fb-b69707383880 2021-04-10 14:37 - 2019-04-23 10:16 - 000037360 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys 2021-04-10 14:36 - 2021-04-11 10:11 - 000000000 ____D C:\Users\rénald\AppData\Roaming\Weather 2021-04-10 14:36 - 2021-04-11 10:11 - 000000000 ____D C:\Users\rénald\AppData\Roaming\awt00dtwf4y 2021-04-10 14:36 - 2021-04-11 10:11 - 000000000 ____D C:\Program Files\WHZ0X31IQF 2021-04-10 14:33 - 2021-04-11 10:11 - 000000000 ____D C:\ProgramData\61 2021-04-10 14:33 - 2021-04-10 14:33 - 001564823 _____ C:\ProgramData\6171 2021-04-10 14:33 - 2021-04-10 14:33 - 001564823 _____ C:\ProgramData\5563 2021-04-10 14:33 - 2021-04-10 14:33 - 000202587 _____ C:\ProgramData\85062.85062 2021-04-10 14:29 - 2021-04-10 14:29 - 000000000 ____D C:\ProgramData\9YYURFTG2GDWOB2A9EU64PE6C 2021-04-10 14:26 - 2021-04-10 14:21 - 003407872 _____ C:\Users\rénald\AppData\LocalLow\IDCdJOyapn 2021-04-10 14:25 - 2021-04-10 14:25 - 000000000 ____D C:\ProgramData\JNASH8T319291IXXCCD0XUMYY 2021-04-10 14:24 - 2021-04-10 14:24 - 000000000 ____D C:\ProgramData\Posse 2021-04-10 14:23 - 2021-04-11 10:11 - 000000000 ____D C:\Users\rénald\AppData\Roaming\EDaAWpVqIpDsMJw 2021-04-10 14:23 - 2021-04-10 14:37 - 000000745 _____ C:\Users\rénald\AppData\LocalLow\outlook.txt 2021-04-10 14:19 - 2021-04-10 14:19 - 000000000 ____D C:\Users\rénald\AppData\Roaming\Yusjd 2021-04-10 14:17 - 2021-04-10 14:23 - 000000000 ____D C:\Users\rénald\AppData\Roaming\JhzdIWgScVIcbs 2021-04-10 14:06 - 2021-04-11 12:47 - 000000000 ___HD C:\WINDOWS\rss 2021-04-10 14:05 - 2021-04-11 10:11 - 000000000 ____D C:\Program Files (x86)\i-record 2021-04-10 14:05 - 2021-04-10 14:05 - 000001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-record.lnk 2021-04-10 14:05 - 2021-04-10 14:05 - 000000000 _____ C:\ProgramData\8336794.exe 2021-04-10 14:05 - 2021-04-10 14:05 - 000000000 _____ C:\ProgramData\7522682.exe 2021-04-10 14:05 - 2021-04-10 14:05 - 000000000 _____ C:\ProgramData\470233.exe 2021-04-10 14:04 - 2021-04-10 14:05 - 000000000 ____D C:\ProgramData\P83F7JUCPY087M851CDTNBOFT 2021-04-10 14:03 - 2021-04-11 12:17 - 000000000 ____D C:\Users\rénald\Documents\VlcpVideoV1.0.1 2021-04-10 14:03 - 2021-04-10 14:44 - 000000000 ___HD C:\ProgramData\Windows Host 2021-04-10 14:03 - 2021-04-10 14:10 - 000003736 _____ C:\WINDOWS\system32\Tasks\Firefox Default Browser Agent 9A7D13A20593B8E6 2021-04-10 14:03 - 2021-04-10 14:04 - 000000000 ____D C:\ProgramData\LY42KD5DNNFCI5WYEPGXB7O9S 2021-04-10 14:03 - 2021-04-10 14:03 - 001461264 _____ (Luiz Henrique Miranda) C:\ProgramData\8450218.exe 2021-04-10 14:03 - 2021-04-10 14:03 - 000164880 _____ (asfadfasdasdsa) C:\ProgramData\8003914.exe 2021-04-10 14:03 - 2021-04-10 14:03 - 000144912 _____ (WinSyst3m) C:\ProgramData\2206664.exe 2021-04-10 14:03 - 2021-04-10 14:03 - 000108016 _____ (Oracle Corporation) C:\Program Files\eula.dll 2021-04-10 14:01 - 2021-04-11 10:11 - 000000000 ____D C:\Program Files (x86)\PublicGaming 2021-04-10 14:01 - 2021-04-10 14:01 - 000000000 ____D C:\Users\rénald\AppData\Roaming\Vjuhs 2021-04-10 12:34 - 2021-04-10 12:34 - 000000000 ____H C:\Users\rénald\MJKJRegInfo_I4HXU4CXO7RTUXPVB34C3QXNE63PV2RP 2021-04-10 12:33 - 2021-04-15 17:47 - 000000000 ____D C:\Users\rénald\AppData\Roaming\Sidify Music Converter 2021-04-10 12:33 - 2021-04-11 11:03 - 000000000 ____D C:\Users\rénald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sidify 2021-04-10 12:32 - 2021-04-11 11:03 - 000000000 ____D C:\Program Files (x86)\Sidify 2021-04-10 12:27 - 2021-04-10 12:28 - 084700080 _____ (Sidify) C:\Users\rénald\Downloads\spotify-music-converter-free.exe 2021-04-10 11:55 - 2021-04-11 10:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tenorshare ReiBoot 2021-04-10 11:55 - 2021-04-11 10:11 - 000000000 ____D C:\Program Files (x86)\Tenorshare ReiBoot 2021-04-10 11:55 - 2021-04-10 11:55 - 000001187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tenorshare ReiBoot.lnk 2021-04-10 11:55 - 2021-04-10 11:55 - 000001175 _____ C:\Users\Public\Desktop\Tenorshare ReiBoot.lnk 2021-04-10 11:54 - 2021-04-10 11:54 - 021035896 _____ (Tenorshare, Inc. ) C:\Users\rénald\Downloads\reiboot-bing.exe 2021-04-07 18:05 - 2021-04-07 18:05 - 000000162 ____H C:\Users\rénald\Documents\~$UL SERRA 6e5 HOPPER.odt 2021-04-07 16:51 - 2021-04-07 16:51 - 000005715 _____ C:\Users\rénald\Downloads\DICTEE PAUL SERRA 6e5.odt 2021-04-07 11:42 - 2021-04-07 11:42 - 000000162 ____H C:\Users\rénald\Documents\~$CTEE PAUL SERRA 6e5.odt 2021-04-03 20:19 - 2021-04-03 20:19 - 000000162 ____H C:\Users\rénald\Downloads\~$njugaison du passé simple.odt 2021-04-03 20:18 - 2021-04-03 20:18 - 000000162 ____H C:\Users\rénald\Downloads\~$avail 6.5 (1).odt 2021-03-31 18:23 - 2021-03-31 18:23 - 011321472 _____ (Tim Kosse) C:\Users\rénald\Downloads\FileZilla_3.52.2_win64-setup.exe 2021-03-30 19:55 - 2021-03-30 19:55 - 000782108 _____ C:\WINDOWS\Minidump\033021-28484-01.dmp 2021-03-29 09:56 - 2021-04-11 10:11 - 000000000 ____D C:\Users\rénald\Documents\Nduoa 2021-03-28 20:35 - 2021-04-11 09:51 - 000000000 ____D C:\WINDOWS\Panther 2021-03-28 18:40 - 2021-04-11 10:07 - 000000000 ____D C:\Users\rénald\Documents\MoboPlay 2021-03-16 13:49 - 2021-03-16 13:49 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-03-16 13:48 - 2021-03-16 13:48 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-03-16 13:48 - 2021-03-16 13:48 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-03-16 13:48 - 2021-03-16 13:48 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-03-16 13:48 - 2021-03-16 13:48 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-03-16 13:48 - 2021-03-16 13:48 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-03-16 13:48 - 2021-03-16 13:48 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-03-16 13:48 - 2021-03-16 13:48 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2021-03-16 13:48 - 2021-03-16 13:48 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-03-16 13:48 - 2021-03-16 13:48 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-03-16 13:47 - 2021-03-16 13:47 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll 2021-02-25 10:24 - 2021-02-25 10:24 - 000000162 ____H C:\Users\rénald\Documents\~$CHES DE LECTURE PAUL.odt 2021-02-21 20:38 - 2021-02-21 20:38 - 000000000 ___RD C:\Users\rénald\Desktop\Sans titre Project 2021-02-12 10:12 - 2021-02-12 10:12 - 000000000 ____D C:\Users\rénald\AppData\Roaming\com.sviesolutions.viaapp 2021-02-05 20:23 - 2021-03-06 21:50 - 000000000 ____D C:\Users\rénald\AppData\Roaming\.minecraft 2021-02-05 20:23 - 2021-03-06 21:36 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher 2021-02-05 20:23 - 2021-02-05 20:23 - 000001103 _____ C:\Users\Public\Desktop\Minecraft Launcher.lnk 2021-02-05 20:23 - 2021-02-05 20:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher 2021-01-22 10:19 - 2021-04-02 19:19 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-04-19 18:52 - 2020-08-21 00:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-04-19 18:29 - 2020-08-21 00:53 - 000747022 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-04-19 18:29 - 2019-12-07 16:49 - 000929552 _____ C:\WINDOWS\system32\perfh00C.dat 2021-04-19 18:29 - 2019-12-07 16:49 - 000191490 _____ C:\WINDOWS\system32\perfc00C.dat 2021-04-19 18:28 - 2019-12-07 14:29 - 000000000 ____D C:\Users\rénald\AppData\Roaming\ZHP 2021-04-19 18:23 - 2020-08-29 11:33 - 000008192 ___SH C:\DumpStack.log.tmp 2021-04-19 18:23 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-04-19 18:21 - 2020-08-21 00:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-04-19 18:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\registration 2021-04-19 18:19 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-04-19 18:19 - 2017-08-12 14:28 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2021-04-19 18:19 - 2016-12-26 13:03 - 000000000 __SHD C:\Users\rénald\IntelGraphicsProfiles 2021-04-19 18:02 - 2019-12-07 14:29 - 000000000 ____D C:\Users\rénald\AppData\Local\ZHP 2021-04-19 17:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-04-18 22:46 - 2017-04-13 15:33 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-04-18 22:45 - 2017-12-12 17:52 - 000000000 ____D C:\Users\rénald\AppData\Local\Packages 2021-04-17 21:10 - 2016-12-24 17:17 - 000000000 ____D C:\Users\rénald\AppData\Local\Google 2021-04-16 16:55 - 2018-02-26 17:01 - 000000000 ____D C:\Users\rénald\AppData\Roaming\WindSolutions 2021-04-16 16:51 - 2018-02-26 17:01 - 000000000 ____D C:\ProgramData\WindSolutions 2021-04-16 16:51 - 2017-01-11 13:55 - 000000000 ____D C:\Users\rénald\AppData\Roaming\vlc 2021-04-16 15:43 - 2017-06-27 22:59 - 000000000 ____D C:\Program Files (x86)\Dropbox 2021-04-15 17:49 - 2020-01-14 13:39 - 000000000 ____D C:\Program Files\VirtualDJ 2021-04-12 10:54 - 2020-08-21 00:52 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4001625071-1540241157-4076497465-1001 2021-04-12 10:54 - 2020-08-21 00:44 - 000002453 _____ C:\Users\rénald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-04-12 10:54 - 2016-12-24 17:11 - 000000000 __RDL C:\Users\rénald\OneDrive 2021-04-11 12:34 - 2020-08-21 00:44 - 000000000 ____D C:\Users\rénald 2021-04-11 11:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-04-11 11:18 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-04-11 11:05 - 2021-01-15 14:06 - 000000000 ____D C:\Users\rénald\AppData\LocalLow\Mozilla 2021-04-11 10:38 - 2019-12-07 14:29 - 001249566 _____ C:\Users\rénald\AppData\Local\census.cache 2021-04-11 10:37 - 2019-12-07 14:29 - 000133575 _____ C:\Users\rénald\AppData\Local\ars.cache 2021-04-11 10:19 - 2021-01-15 14:06 - 000000000 ____D C:\ProgramData\Mozilla 2021-04-11 10:18 - 2021-01-15 14:06 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-04-11 10:18 - 2021-01-15 14:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-04-11 10:17 - 2016-12-27 14:51 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-04-11 10:11 - 2020-12-18 19:28 - 000000000 ____D C:\Users\rénald\AppData\Roaming\NCH Software 2021-04-11 10:11 - 2020-12-18 19:28 - 000000000 ____D C:\Program Files (x86)\NCH Software 2021-04-11 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2021-04-11 10:11 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-04-11 10:11 - 2017-02-04 17:43 - 000000000 ___HD C:\$SysReset 2021-04-11 09:48 - 2017-02-02 22:51 - 000000000 ____D C:\Users\rénald\AppData\Local\ElevatedDiagnostics 2021-04-11 09:46 - 2018-03-02 10:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-04-11 04:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-04-10 23:51 - 2016-12-27 11:06 - 000000000 ____D C:\Users\rénald\AppData\Roaming\FileZilla 2021-04-10 17:51 - 2017-12-12 18:07 - 000000000 ___HD C:\Users\rénald\MicrosoftEdgeBackups 2021-04-10 16:55 - 2016-12-27 15:04 - 000000600 _____ C:\Users\rénald\AppData\Local\PUTTY.RND 2021-04-10 14:40 - 2020-06-10 19:01 - 000000218 _____ C:\Users\rénald\AppData\Local\recently-used.xbel 2021-04-10 14:13 - 2018-06-21 18:24 - 000000000 ____D C:\Users\rénald\AppData\Local\D3DSCache 2021-04-10 13:59 - 2020-11-17 10:14 - 000000000 ____D C:\Program Files (x86)\Xianzhi 2021-04-10 13:46 - 2020-08-12 16:22 - 000000000 ____D C:\tenorshare 2021-04-10 12:38 - 2018-08-06 19:42 - 000000000 ____D C:\ProgramData\Packages 2021-04-10 12:38 - 2017-12-22 23:17 - 000000000 ____D C:\Users\rénald\AppData\Local\PlaceholderTileLogoFolder 2021-04-10 12:32 - 2017-05-14 15:10 - 000000000 ____D C:\Program Files\Common Files\Apple 2021-04-04 11:59 - 2016-12-27 14:51 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk 2021-04-04 11:59 - 2016-12-27 14:51 - 000001028 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk 2021-03-30 19:56 - 2020-11-17 10:49 - 000000000 ____D C:\WINDOWS\Minidump 2021-03-30 19:55 - 2020-04-13 16:45 - 000000000 ____D C:\Program Files (x86)\iMobie 2021-03-30 18:37 - 2016-12-27 14:51 - 000000000 ____D C:\Users\rénald\AppData\Roaming\TeamViewer 2021-03-28 18:52 - 2020-08-12 16:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2021-03-28 18:52 - 2020-08-12 16:42 - 000000000 ____D C:\Program Files (x86)\Wondershare 2021-03-28 18:52 - 2018-01-21 17:42 - 000000000 ____D C:\ProgramData\Package Cache 2021-03-28 18:50 - 2020-08-12 16:42 - 000000000 ____D C:\Users\rénald\AppData\Roaming\Wondershare 2021-03-28 16:07 - 2017-01-11 13:55 - 000001143 _____ C:\Users\Public\Desktop\VLC media player.lnk 2021-03-21 17:52 - 2020-11-22 13:42 - 000002469 _____ C:\Users\rénald\Desktop\Casto 3D Rangement.lnk 2021-03-21 17:52 - 2020-08-23 10:59 - 000000992 _____ C:\Users\rénald\Desktop\DCC-E2.lnk 2021-03-21 17:52 - 2020-01-14 13:39 - 000001057 _____ C:\Users\rénald\Desktop\VirtualDJ.lnk 2021-03-21 17:52 - 2017-06-27 23:15 - 000001303 _____ C:\Users\rénald\Desktop\Dropbox.lnk ==================== Fichiers à la racine de certains dossiers ======== 2021-04-10 14:03 - 2021-04-10 14:03 - 000144912 _____ (WinSyst3m) C:\ProgramData\2206664.exe 2021-04-10 14:05 - 2021-04-10 14:05 - 000000000 _____ () C:\ProgramData\470233.exe 2021-04-10 14:05 - 2021-04-10 14:05 - 000000000 _____ () C:\ProgramData\7522682.exe 2021-04-10 14:03 - 2021-04-10 14:03 - 000164880 _____ (asfadfasdasdsa) C:\ProgramData\8003914.exe 2021-04-10 14:05 - 2021-04-10 14:05 - 000000000 _____ () C:\ProgramData\8336794.exe 2021-04-10 14:03 - 2021-04-10 14:03 - 001461264 _____ (Luiz Henrique Miranda) C:\ProgramData\8450218.exe 2021-04-10 14:03 - 2021-04-10 14:03 - 000108016 _____ (Oracle Corporation) C:\Program Files\eula.dll 2016-12-24 17:17 - 2016-12-24 17:17 - 007065600 _____ () C:\Program Files (x86)\GUT4928.tmp 2017-01-30 17:05 - 2019-02-24 16:52 - 000000600 _____ () C:\Users\rénald\AppData\Roaming\PUTTY.RND 2019-12-07 14:29 - 2021-04-11 10:37 - 000133575 _____ () C:\Users\rénald\AppData\Local\ars.cache 2019-12-07 14:29 - 2021-04-11 10:38 - 001249566 _____ () C:\Users\rénald\AppData\Local\census.cache 2019-12-07 13:35 - 2019-12-07 13:35 - 000000036 _____ () C:\Users\rénald\AppData\Local\housecall.guid.cache 2016-12-27 15:04 - 2021-04-10 16:55 - 000000600 _____ () C:\Users\rénald\AppData\Local\PUTTY.RND 2020-06-10 19:01 - 2021-04-10 14:40 - 000000218 _____ () C:\Users\rénald\AppData\Local\recently-used.xbel 2021-04-11 10:33 - 2021-04-19 17:38 - 000000010 _____ () C:\Users\rénald\AppData\Local\sponge.last.runtime.cache 2017-08-07 12:09 - 2017-08-07 12:09 - 000000000 _____ () C:\Users\rénald\AppData\Local\{8F987761-0DF4-44A0-A417-06473B8B6D7A} ==================== FLock ============================== 2021-04-11 12:50 C:\WINDOWS\windefender.exe ==================== SigCheckExt ========================= 2016-07-16 13:42 - 2016-07-16 13:42 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AllJoynDiscoveryPlugin.dll 2015-07-10 13:00 - 2015-07-10 13:00 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe 2019-11-27 18:18 - 2015-03-17 09:51 - 000375296 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6PPM.DLL 2019-11-27 18:18 - 2015-03-17 09:51 - 000039424 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6UI.DLL 2015-07-10 13:01 - 2015-07-10 13:01 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll 2017-04-13 11:53 - 2017-03-28 07:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll 2017-05-11 18:44 - 2017-03-04 08:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-07-16 13:43 - 2016-07-17 00:45 - 003584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll 2018-12-21 00:31 - 2018-12-21 00:31 - 000116736 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll 2015-07-10 13:00 - 2015-07-10 13:00 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll 2016-07-16 13:42 - 2016-07-16 13:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDiscoveryPlugin.dll 2016-07-16 13:42 - 2016-07-16 13:42 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiOnboardingPlugin.dll 2021-04-11 12:50 - 2021-04-11 12:50 - 001987072 ____H C:\WINDOWS\windefender.exe 2019-11-27 18:18 - 2015-03-17 09:50 - 000380928 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNMNPPM.DLL 2016-07-16 13:43 - 2016-07-16 13:43 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\configmanager2.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coredpus.dll 2015-07-10 13:01 - 2015-07-10 13:01 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll 2017-03-15 22:14 - 2017-03-04 08:18 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2016-07-16 13:44 - 2016-07-17 00:45 - 002549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll 2021-04-10 14:03 - 2021-04-10 14:03 - 000144912 _____ (WinSyst3m) C:\ProgramData\2206664.exe 2021-04-10 14:05 - 2021-04-10 14:05 - 000000000 _____ C:\ProgramData\470233.exe 2021-04-10 14:05 - 2021-04-10 14:05 - 000000000 _____ C:\ProgramData\7522682.exe 2021-04-10 14:03 - 2021-04-10 14:03 - 000164880 _____ (asfadfasdasdsa) C:\ProgramData\8003914.exe 2021-04-10 14:05 - 2021-04-10 14:05 - 000000000 _____ C:\ProgramData\8336794.exe 2021-04-10 14:03 - 2021-04-10 14:03 - 001461264 _____ (Luiz Henrique Miranda) C:\ProgramData\8450218.exe 2021-04-19 18:56 - 2021-04-19 18:55 - 002298368 _____ (Farbar) C:\Users\rénald\Desktop\FRST64.exe 2021-04-19 18:55 - 2021-04-19 18:55 - 002010624 _____ (Farbar) C:\Users\rénald\Downloads\FRST.exe 2021-04-19 18:55 - 2021-04-19 18:55 - 002298368 _____ (Farbar) C:\Users\rénald\Downloads\FRST64.exe 2021-04-11 10:26 - 2021-04-11 10:26 - 000000000 _____ C:\Users\rénald\Downloads\HouseCallforHomeNetworks.exe 2021-04-11 10:25 - 2021-04-11 10:25 - 000000000 _____ C:\Users\rénald\Downloads\HousecallLauncher64(1).exe 2021-04-11 10:46 - 2021-04-11 10:46 - 000000000 _____ C:\Users\rénald\Downloads\HousecallLauncher64(4).exe 2021-04-11 11:53 - 2021-04-11 11:53 - 003325592 _____ (Nicolas Coolman) C:\Users\rénald\Downloads\ZHPCleaner (1).exe 2021-04-11 11:54 - 2021-04-11 11:54 - 003325592 _____ (Nicolas Coolman) C:\Users\rénald\Downloads\ZHPCleaner (2).exe 2021-04-11 11:53 - 2021-04-11 11:53 - 003325592 _____ (Nicolas Coolman) C:\Users\rénald\Downloads\ZHPCleaner.exe 2021-04-19 18:01 - 2021-04-19 18:01 - 003468440 _____ (Nicolas Coolman) C:\Users\rénald\Downloads\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {eb5610c6-e33e-11ea-b757-eba84252608a} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Chargeur de d‚marrage Windows ----------------------------- identificateur {a33ebacf-e336-11ea-9d97-8624f46b263d} device ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{a33ebad0-e336-11ea-9d97-8624f46b263d} path \windows\system32\winload.exe description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{a33ebad0-e336-11ea-9d97-8624f46b263d} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.exe description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {a33ebacf-e336-11ea-9d97-8624f46b263d} displaymessageoverride Recovery recoveryenabled Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {eb5610c6-e33e-11ea-b757-eba84252608a} nx OptIn bootmenupolicy Standard Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {eb5610c6-e33e-11ea-b757-eba84252608a} device partition=C: path \WINDOWS\system32\winresume.exe description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {a33ebacf-e336-11ea-9d97-8624f46b263d} recoveryenabled Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \boot\memtest.exe description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {a33ebad0-e336-11ea-9d97-8624f46b263d} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume3 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================