Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2021 Exécuté par georg (administrateur) sur GEORGES (LENOVO 10132) (26-08-2021 11:54:01) Exécuté depuis C:\Users\georg\Desktop Profils chargés: georg Platform: Windows 10 Home Version 21H1 19043.1165 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <9> (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16412952 2015-09-30] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1413384 2015-09-30] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-1802578464-2306559272-1428237014-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35144320 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd) GroupPolicy-Firefox: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {005C723D-D194-45EE-802E-13870B11F34F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {0096DD46-1F75-4669-8B5E-F6253EA42DC1} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {013D091D-5109-4236-B345-94BAC72A2352} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-08-16] (Piriform Software Ltd -> Piriform) Task: {08022E08-5685-46AD-8347-70C7BABD0B3B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24164440 2018-09-26] (Microsoft Corporation -> Microsoft Corporation) Task: {1F34E605-C78A-4FA1-ABEA-7FB9CFED304A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {2D195AC4-DE66-4B52-8C58-962B2CB5870E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd) Task: {3397355C-147E-49E1-A2C2-38AD515128D7} - System32\Tasks\AAct => C:\Windows\AAct_Tools\AAct.exe [1452872 2018-10-04] (WZTeam -> ) [Fichier non signé] Task: {4D6FA1B5-4802-4916-866C-896F524036A6} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208208 2021-08-12] (Microsoft Corporation -> Microsoft Corporation) Task: {51CADB31-CD92-4BDC-92FF-48ED09061711} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24164440 2018-09-26] (Microsoft Corporation -> Microsoft Corporation) Task: {63BA68A6-FC9D-417D-94BD-E39C78513F97} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512720 2021-08-12] (Microsoft Corporation -> Microsoft Corporation) Task: {6A52A901-5372-478A-B6ED-CACA720E9ACA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [673720 2021-08-25] (Mozilla Corporation -> Mozilla Foundation) Task: {7545800F-C9D1-4C32-8336-B646A22BB41D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208208 2021-08-12] (Microsoft Corporation -> Microsoft Corporation) Task: {7964EFEF-FB95-4B6D-981C-E5F7115E3E34} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512720 2021-08-12] (Microsoft Corporation -> Microsoft Corporation) Task: {85D6585F-5E6D-4137-8219-51B6CFCC9FA1} - System32\Tasks\CCleanerSkipUAC - georg => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd) Task: {873D3090-EABE-4E16-B450-8487D7CF61A2} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1802578464-2306559272-1428237014-500 => C:\Users\georg\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {B9869F5B-D82E-455B-AD81-9D0F46B0FB41} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E359824D-E169-4BCB-B34A-68574A4D8F87} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E79717DA-1029-4261-B3D8-BC2D5755F97B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241 Tcpip\..\Interfaces\{78448c25-f06b-47e4-811a-b6b4f65160b6}: [DhcpNameServer] 212.27.40.240 212.27.40.241 Edge: ======= DownloadDir: C:\Users\georg\Downloads Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge Profile: C:\Users\georg\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-26] Edge StartupUrls: Default -> "hxxp://google.fr/" FireFox: ======== FF ProfilePath: C:\Users\georg\AppData\Roaming\Mozilla\Firefox\Profiles\xrbuzbwz.default-release [non trouvé(e)] <==== ATTENTION FF DefaultProfile: hju4t8qo.default-1511988771137 FF ProfilePath: C:\Users\georg\AppData\Roaming\Mozilla\Firefox\Profiles\hju4t8qo.default-1511988771137 [2021-08-26] FF Homepage: Mozilla\Firefox\Profiles\hju4t8qo.default-1511988771137 -> hxxps://www.google.fr/ FF Extension: (Hoxx VPN Proxy) - C:\Users\georg\AppData\Roaming\Mozilla\Firefox\Profiles\hju4t8qo.default-1511988771137\Extensions\@hoxx-vpn.xpi [2021-04-25] FF Extension: (uBlock Origin) - C:\Users\georg\AppData\Roaming\Mozilla\Firefox\Profiles\hju4t8qo.default-1511988771137\Extensions\uBlock0@raymondhill.net.xpi [2021-07-31] FF Extension: (Video DownloadHelper) - C:\Users\georg\AppData\Roaming\Mozilla\Firefox\Profiles\hju4t8qo.default-1511988771137\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-01] FF Extension: (SaveFrom.net Helper) - C:\Program Files\Mozilla Firefox\distribution\extensions\helper@savefrom.net.xpi [2021-02-05] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-08-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-08-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9680472 2018-09-26] (Microsoft Corporation -> Microsoft Corporation) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-18] (Malwarebytes Inc -> Malwarebytes) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 16419798; C:\WINDOWS\System32\drivers\55139438.sys [208216 2021-01-17] () [Fichier non signé] S3 60513929; C:\WINDOWS\System32\drivers\17139464.sys [208216 2021-01-17] () [Fichier non signé] R3 bcmsmbsp; C:\WINDOWS\System32\drivers\bcmsmbsp.sys [54552 2015-12-17] (Broadcom Corporation -> Broadcom Corporation.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 dc3d; C:\WINDOWS\System32\drivers\dc3d.sys [47616 2011-05-18] (Hardware Group Test Cert -> Microsoft Corporation) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-15] (Malwarebytes Inc -> Malwarebytes) S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-10] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-10] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-08-26 11:54 - 2021-08-26 11:55 - 000014808 _____ C:\Users\georg\Desktop\FRST.txt 2021-08-26 11:53 - 2021-08-26 11:53 - 002300928 _____ (Farbar) C:\Users\georg\Desktop\FRST64.exe 2021-08-25 00:17 - 2021-08-25 00:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-08-22 00:14 - 2021-08-22 00:14 - 000002888 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - georg 2021-08-21 23:29 - 2021-08-21 23:52 - 000000000 ____D C:\Users\georg\AppData\Local\ZHP 2021-08-21 23:23 - 2021-08-21 23:25 - 000000000 ____D C:\AdwCleaner 2021-08-21 23:15 - 2021-08-21 23:16 - 008553680 _____ (Malwarebytes) C:\Users\georg\Desktop\adwcleaner_8.3.0.exe 2021-08-19 18:54 - 2021-08-19 18:54 - 000000000 ____D C:\Users\georg\Documents\Modèles Office personnalisés 2021-08-16 05:34 - 2021-08-16 05:34 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7863a22cd24bb 2021-08-13 07:01 - 2021-08-13 07:01 - 000000000 ____D C:\ProgramData\DriversCloud.com 2021-08-12 18:11 - 2021-08-12 18:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2021-08-12 10:24 - 2021-08-12 10:24 - 000001784 _____ C:\Users\georg\Desktop\EXCEL.EXE - Raccourci.lnk 2021-08-12 10:23 - 2021-08-12 10:23 - 000001804 _____ C:\Users\georg\Desktop\WINWORD.EXE - Raccourci.lnk 2021-08-12 10:15 - 2021-08-19 20:00 - 000000000 ____D C:\WINDOWS\AAct_Tools 2021-08-12 10:09 - 2021-08-12 10:15 - 000003870 _____ C:\WINDOWS\system32\Tasks\AAct 2021-08-12 10:07 - 2021-08-12 18:11 - 000002472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2021-08-12 10:07 - 2021-08-12 18:11 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2021-08-12 10:07 - 2021-08-12 18:11 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2021-08-12 10:07 - 2021-08-12 10:07 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2021-08-12 10:04 - 2021-08-12 10:04 - 000000000 ____D C:\Program Files\Microsoft Office 15 2021-08-12 09:36 - 2021-08-12 10:13 - 000000000 ____D C:\Users\georg\AppData\Roaming\UBitMenu 2021-08-12 09:31 - 2021-08-12 14:36 - 000000000 ____D C:\Program Files\Microsoft Office 2021-08-11 03:01 - 2021-08-11 03:01 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-08-11 03:01 - 2021-08-11 03:01 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-08-11 03:01 - 2021-08-11 03:01 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-08-11 03:01 - 2021-08-11 03:01 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-08-11 03:01 - 2021-08-11 03:01 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-08-11 03:01 - 2021-08-11 03:01 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-08-11 03:00 - 2021-08-11 03:00 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2021-08-11 02:47 - 2021-08-11 02:47 - 000000000 ___HD C:\$WinREAgent 2021-08-10 23:33 - 2021-08-10 23:33 - 000000000 ____D C:\Users\georg\AppData\Local\Windows_8 2021-07-31 21:03 - 2021-07-31 21:03 - 000000000 ___HD C:\$Windows.~WS 2021-07-31 20:40 - 2021-07-31 20:40 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2021-07-31 20:38 - 2021-07-31 20:38 - 000000020 ___SH C:\Users\georg\ntuser.ini 2021-07-31 20:37 - 2021-08-26 11:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-07-31 20:37 - 2021-08-22 00:14 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-07-31 20:37 - 2021-08-16 05:34 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-07-31 20:37 - 2021-07-31 20:37 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2021-07-31 20:37 - 2021-07-31 20:37 - 000003336 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-07-31 20:37 - 2021-07-31 20:37 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1802578464-2306559272-1428237014-500 2021-07-31 20:37 - 2021-07-31 20:37 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2021-07-31 20:37 - 2021-07-31 20:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-1802578464-2306559272-1428237014-1001 2021-07-31 20:37 - 2021-07-31 20:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\OfficeSoftwareProtectionPlatform 2021-07-31 20:37 - 2020-09-27 09:59 - 000003394 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3815178331-2204352776-922299370-500._hidden_ 2021-07-31 20:37 - 2020-09-27 09:59 - 000003394 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3815178331-2204352776-922299370-500 2021-07-31 20:36 - 2021-07-31 20:37 - 000007623 _____ C:\WINDOWS\diagwrn.xml 2021-07-31 20:36 - 2021-07-31 20:37 - 000007623 _____ C:\WINDOWS\diagerr.xml 2021-07-31 20:35 - 2021-08-26 11:35 - 001681370 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-07-31 20:27 - 2015-08-31 21:43 - 000105464 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2021-07-31 20:27 - 2015-08-31 21:43 - 000102888 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2021-07-31 20:25 - 2021-08-26 09:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-07-31 20:25 - 2021-08-12 14:21 - 000463504 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-07-31 20:10 - 2021-07-31 21:24 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2021-07-31 20:09 - 2021-07-31 20:38 - 000000000 ____D C:\Users\georg 2021-07-31 20:09 - 2021-07-31 20:09 - 000000000 _SHDL C:\Users\georg\Voisinage réseau 2021-07-31 20:09 - 2021-07-31 20:09 - 000000000 _SHDL C:\Users\georg\Voisinage d'impression 2021-07-31 20:09 - 2021-07-31 20:09 - 000000000 _SHDL C:\Users\georg\Modèles 2021-07-31 20:09 - 2021-07-31 20:09 - 000000000 _SHDL C:\Users\georg\Mes documents 2021-07-31 20:09 - 2021-07-31 20:09 - 000000000 _SHDL C:\Users\georg\Menu Démarrer 2021-07-31 20:09 - 2021-07-31 20:09 - 000000000 _SHDL C:\Users\georg\Documents\Mes vidéos 2021-07-31 20:09 - 2021-07-31 20:09 - 000000000 _SHDL C:\Users\georg\Documents\Mes images 2021-07-31 20:09 - 2021-07-31 20:09 - 000000000 _SHDL C:\Users\georg\Documents\Ma musique 2021-07-31 20:09 - 2021-07-31 20:09 - 000000000 _SHDL C:\Users\georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2021-07-31 20:09 - 2021-07-31 20:09 - 000000000 _SHDL C:\Users\georg\AppData\Local\Historique 2021-07-31 20:09 - 2019-12-07 11:10 - 000001105 _____ C:\Users\georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-07-31 20:06 - 2021-07-31 20:10 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2021-07-31 19:55 - 2021-07-31 19:55 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb 2021-07-31 19:55 - 2021-07-31 19:55 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb 2021-07-31 19:55 - 2021-07-31 19:55 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb 2021-07-31 19:55 - 2021-07-31 19:55 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb 2021-07-31 19:54 - 2021-07-31 19:54 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll 2021-07-31 19:54 - 2021-07-31 19:54 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll 2021-07-31 19:54 - 2021-07-31 19:54 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2021-07-31 19:54 - 2021-07-31 19:54 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2021-07-31 19:54 - 2021-07-31 19:54 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2021-07-31 19:54 - 2021-07-31 19:54 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2021-07-31 19:53 - 2021-07-31 19:53 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll 2021-07-31 19:53 - 2021-07-31 19:53 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-07-31 19:53 - 2021-07-31 19:53 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-07-31 19:53 - 2021-07-31 19:53 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2021-07-31 19:53 - 2021-07-31 19:53 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2021-07-31 19:53 - 2021-07-31 19:53 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-07-31 19:53 - 2021-07-31 19:53 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-07-31 19:52 - 2021-07-31 19:52 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-07-31 19:52 - 2021-07-31 19:52 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll 2021-07-31 19:52 - 2021-07-31 19:52 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2021-07-31 19:52 - 2021-07-31 19:52 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-07-31 19:52 - 2021-07-31 19:52 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-07-31 19:52 - 2021-07-31 19:52 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-07-31 19:51 - 2021-07-31 19:51 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-07-31 19:51 - 2021-07-31 19:51 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2021-07-31 19:51 - 2021-07-31 19:51 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-07-31 19:51 - 2021-07-31 19:51 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2021-07-31 19:40 - 2019-10-15 13:53 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml 2021-07-31 19:40 - 2019-04-18 18:49 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml 2021-07-31 19:25 - 2021-07-31 19:25 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2021-07-31 16:06 - 2021-08-11 21:54 - 000000000 ___DC C:\WINDOWS\Panther 2021-07-31 01:43 - 2021-08-01 00:32 - 000000000 ____D C:\ESD ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-08-26 11:54 - 2021-01-20 23:15 - 000000000 ____D C:\FRST 2021-08-26 11:35 - 2019-12-07 16:49 - 000755174 _____ C:\WINDOWS\system32\perfh00C.dat 2021-08-26 11:35 - 2019-12-07 16:49 - 000141980 _____ C:\WINDOWS\system32\perfc00C.dat 2021-08-26 11:35 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-08-26 11:31 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-08-26 11:31 - 2017-09-19 22:45 - 000000000 ____D C:\Program Files\CCleaner 2021-08-26 11:30 - 2019-02-05 06:28 - 000000000 ____D C:\ProgramData\Mozilla 2021-08-26 11:29 - 2020-09-27 07:51 - 000008192 ___SH C:\DumpStack.log.tmp 2021-08-26 11:29 - 2017-05-26 18:43 - 000000000 ____D C:\Users\georg\AppData\LocalLow\Mozilla 2021-08-26 11:29 - 2017-05-26 18:32 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2021-08-26 11:29 - 2017-05-26 18:32 - 000000000 __SHD C:\Users\georg\IntelGraphicsProfiles 2021-08-26 11:28 - 2019-12-07 11:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI 2021-08-26 11:28 - 2019-07-19 20:53 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-08-26 11:28 - 2017-11-29 22:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-08-25 02:04 - 2017-12-09 08:43 - 000000000 ___RD C:\Users\georg\3D Objects 2021-08-25 01:53 - 2020-03-31 16:22 - 000000000 ____D C:\Users\georg\AppData\Roaming\uTorrent 2021-08-24 20:07 - 2021-03-02 20:30 - 000000000 ____D C:\Users\georg\AppData\Roaming\vlc 2021-08-23 11:04 - 2020-03-14 16:23 - 000000000 ____D C:\Users\georg\AppData\LocalLow\uTorrent 2021-08-23 11:04 - 2019-03-23 10:45 - 000000000 ____D C:\Users\georg\AppData\Local\BitTorrentHelper 2021-08-21 01:42 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-08-21 01:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-08-21 01:41 - 2020-09-27 09:54 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-08-21 01:41 - 2020-09-27 09:54 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-08-20 01:42 - 2017-08-18 14:13 - 000000000 ____D C:\ProgramData\Package Cache 2021-08-16 08:42 - 2017-12-09 08:31 - 000000000 ____D C:\Users\georg\AppData\Local\Packages 2021-08-13 10:23 - 2021-02-21 04:37 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-08-12 16:36 - 2017-05-26 19:53 - 000000000 ____D C:\Users\georg\AppData\Roaming\dvdcss 2021-08-12 10:07 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2021-08-12 09:56 - 2021-01-17 21:28 - 000000000 ____D C:\ProgramData\Licenses 2021-08-12 09:20 - 2017-03-18 23:03 - 000000076 _____ C:\WINDOWS\win.ini 2021-08-11 03:31 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-08-11 03:31 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-08-11 03:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-08-11 03:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-08-11 03:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-08-11 03:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-08-11 03:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-08-11 03:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-08-11 03:31 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing 2021-08-11 03:07 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-08-10 04:56 - 2020-09-27 09:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-08-01 05:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat 2021-07-31 21:24 - 2021-03-02 20:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2021-07-31 21:24 - 2020-08-19 23:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters 2021-07-31 21:24 - 2020-03-31 12:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2021-07-31 21:24 - 2019-12-07 11:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2021-07-31 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2021-07-31 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2021-07-31 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2021-07-31 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\spool 2021-07-31 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-07-31 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Macromed 2021-07-31 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-07-31 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-07-31 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System 2021-07-31 21:24 - 2019-09-30 00:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFsam Basic 2021-07-31 21:24 - 2018-03-17 22:36 - 000000000 ____D C:\WINDOWS\system32\appmgmt 2021-07-31 21:24 - 2018-02-20 16:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2021-07-31 21:24 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2021-07-31 21:24 - 2017-09-19 22:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2021-07-31 21:24 - 2017-06-11 14:04 - 000000000 ____D C:\WINDOWS\en 2021-07-31 21:24 - 2017-05-26 22:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2021-07-31 21:24 - 2017-05-26 22:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 12 2021-07-31 21:24 - 2017-05-26 22:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Audio Extractor 2021-07-31 21:24 - 2017-05-26 20:28 - 000000000 ____D C:\Users\georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2021-07-31 21:24 - 2017-05-26 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2021-07-31 21:24 - 2017-05-26 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64 2021-07-31 21:24 - 2017-05-26 18:32 - 000000000 ____D C:\Program Files\Intel 2021-07-31 21:24 - 2017-03-18 23:03 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2021-07-31 20:55 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-07-31 20:38 - 2020-09-27 09:55 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-07-31 20:37 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT 2021-07-31 20:37 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender 2021-07-31 20:37 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2021-07-31 20:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration 2021-07-31 20:32 - 2017-12-09 08:40 - 000023208 _____ C:\WINDOWS\system32\emptyregdb.dat 2021-07-31 20:31 - 2019-12-07 11:14 - 000000000 __RSD C:\WINDOWS\Media 2021-07-31 20:27 - 2017-05-26 18:32 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2021-07-31 20:27 - 2017-05-26 18:22 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2021-07-31 20:27 - 2017-05-26 18:22 - 000000000 ____D C:\WINDOWS\system32\DAX2 2021-07-31 20:20 - 2019-12-07 11:18 - 000000000 ____D C:\WINDOWS\Setup 2021-07-31 20:16 - 2019-12-07 11:14 - 000000000 __RHD C:\Users\Public\Libraries 2021-07-31 20:16 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate 2021-07-31 20:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-07-31 20:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Resources 2021-07-31 20:10 - 2020-09-21 12:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medieval Software 2021-07-31 20:10 - 2020-06-21 12:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solveig Multimedia 2021-07-31 20:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Help 2021-07-31 20:10 - 2019-02-11 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2021-07-31 20:10 - 2017-05-26 18:22 - 000000000 ____D C:\Program Files\Realtek 2021-07-31 20:00 - 2019-12-07 16:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2021-07-31 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2021-07-31 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-07-31 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-07-31 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2021-07-31 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2021-07-31 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2021-07-31 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2021-07-31 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2021-07-31 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-07-31 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-07-31 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-07-31 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-07-31 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-07-31 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-07-31 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-07-31 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-07-31 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-07-31 20:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack 2021-07-31 19:59 - 2019-12-07 16:53 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2021-07-29 22:30 - 2017-05-26 22:33 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-07-28 12:44 - 2017-09-19 22:45 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk ==================== Fichiers à la racine de certains dossiers ======== 2017-08-22 10:13 - 2017-12-04 00:57 - 000007605 _____ () C:\Users\georg\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================