Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-08-2021 Exécuté par user (administrateur) sur LAPTOP-QOA41I0N (HP HP Pavilion Laptop 14-ce0xxx) (16-08-2021 15:22:50) Exécuté depuis C:\Users\user\Desktop Profils chargés: user Platform: Windows 10 Home Version 20H2 19042.1165 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\25.0.1.192\DiscoverySrv.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3> (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_35df954651b1f88f\x64\TouchpointAnalyticsClientService.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c95e7d335bd30097\x64\AppHelperCap.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c95e7d335bd30097\x64\DiagsCap.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c95e7d335bd30097\x64\NetworkCap.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c95e7d335bd30097\x64\SysInfoCap.exe (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.11.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_618947f7f882ca01\igfxCUIService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_618947f7f882ca01\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_618947f7f882ca01\IntelCpHDCPSvc.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_618947f7f882ca01\IntelCpHeciSvc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MSPaint_6.2105.4017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8> (PC HELPSOFT LABS INC. -> PC Helpsoft) C:\Program Files (x86)\PC Cleaner\PCCNotifications.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe (WildTangent Inc -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-04-18] (Realtek Semiconductor Corp. -> Realtek) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.) HKU\S-1-5-21-181118740-191555053-1946996836-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [525312 2021-08-03] (HP Inc.) [Fichier non signé] HKU\S-1-5-21-181118740-191555053-1946996836-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5550304 2021-07-24] (Adobe Inc. -> Adobe Systems Incorporated) HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [239704 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [55392 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0358CEFC-43F5-41DE-B064-6AE325069960} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644984 2018-07-18] (HP Inc. -> HP Inc.) Task: {279D005E-C047-41F5-B6B5-FA72B2C79DCF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139112 2021-08-09] (Microsoft Corporation -> Microsoft Corporation) Task: {2DE2FC97-24A9-4D60-B370-CCC0AA8D0C08} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {48015893-6EAB-40B4-B184-E7BDC95F8617} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139112 2021-08-09] (Microsoft Corporation -> Microsoft Corporation) Task: {4A61F767-01E5-47BB-BA48-235467CDD386} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23252888 2021-07-30] (Microsoft Corporation -> Microsoft Corporation) Task: {4C5018F5-D607-462D-A12A-99DC9FE2B3F0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1118896 2021-07-09] (HP Inc. -> HP Inc.) Task: {5418B481-3A5E-4993-843E-AC2CF4D7E726} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23252888 2021-07-30] (Microsoft Corporation -> Microsoft Corporation) Task: {5452F278-880E-42B9-8A22-5E4F8F3076F6} - System32\Tasks\RtkAudUService64_BG => C:\windows\system32\RtkAudUService64.exe [868128 2019-04-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {82B2623C-653F-4633-AC06-75BA808E007B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [673720 2021-08-12] (Mozilla Corporation -> Mozilla Foundation) Task: {83F6E9CB-28AC-49A1-B0FB-CB421DDFD14B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-181118740-191555053-1946996836-500 => C:\Users\user\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {8F700C6B-4320-4CD8-97FA-A7639B59D8C6} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [957528 2021-08-02] (Bitdefender SRL -> Bitdefender) Task: {98C92609-EF73-4729-9463-1263CBBB70EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2021-07-09] (HP Inc. -> HP Inc.) Task: {AB4C5BE5-DE46-4296-BEE6-EE1557FB29ED} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\25.0.1.192\WatchDog.exe [937064 2021-06-08] (Bitdefender SRL -> Bitdefender) Task: {AC217086-129E-45BB-B1CE-7E94F899751B} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice Task: {CE5FFA92-18D6-4744-8894-021CAF91E20C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1118896 2021-07-09] (HP Inc. -> HP Inc.) Task: {E63C3E75-FB14-4044-81F5-1E091C0F7527} - System32\Tasks\PC Cleaner automatic scan and notifications => C:\Program Files (x86)\PC Cleaner\PCCNotifications.exe [4499480 2021-07-20] (PC HELPSOFT LABS INC. -> PC Helpsoft) <==== ATTENTION (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{684d82e1-3c5d-4b6f-a06c-575592d8cbb7}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge Profile: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-16] FireFox: ======== FF DefaultProfile: ksyhtol4.default FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ksyhtol4.default [2021-08-16] FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\l50al4dh.default-release [2021-08-16] FF Extension: (Add-ons Search Detection) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\l50al4dh.default-release\features\{40d249bd-d301-432d-b6e1-44f9ce6f5774}\addons-search-detection@mozilla.com.xpi [2021-08-13] FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2021-08-02] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/wallet/updates.json ] FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi FF Extension: (Bitdefender Anti-tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2020-11-15] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2021-08-03] [] [non signé] FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-30] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-30] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2019-10-09] <==== ATTENTION (Pointe vers un fichier *.cfg) FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2019-10-09] <==== ATTENTION Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [817216 2021-08-02] (Bitdefender SRL -> Bitdefender) R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [817216 2021-08-02] (Bitdefender SRL -> Bitdefender) R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195320 2018-03-22] (Bitdefender SRL -> Bitdefender) R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [1899112 2018-03-22] (Bitdefender SRL -> Bitdefender) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9142136 2021-07-30] (Microsoft Corporation -> Microsoft Corporation) R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.) R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c95e7d335bd30097\x64\AppHelperCap.exe [738368 2021-06-27] (HP Inc. -> HP Inc.) R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c95e7d335bd30097\x64\DiagsCap.exe [735832 2021-06-27] (HP Inc. -> HP Inc.) R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c95e7d335bd30097\x64\NetworkCap.exe [735824 2021-06-27] (HP Inc. -> HP Inc.) R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c95e7d335bd30097\x64\SysInfoCap.exe [737368 2021-06-27] (HP Inc. -> HP Inc.) R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_35df954651b1f88f\x64\TouchpointAnalyticsClientService.exe [489584 2021-06-18] (HP Inc. -> HP Inc.) R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [774760 2021-06-08] (Bitdefender SRL -> Bitdefender) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [306776 2021-08-02] (Bitdefender SRL -> Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [817216 2021-08-02] (Bitdefender SRL -> Bitdefender) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1637936 2021-07-13] (WildTangent Inc -> ) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [108480 2019-02-26] (Alcorlink Corp. -> ) R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [3414928 2021-08-02] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA) R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [802976 2021-04-20] (Bitdefender SRL -> Bitdefender) S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22976 2021-04-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender) R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [46056 2021-04-28] (Bitdefender SRL -> © Bitdefender SRL) R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96616 2020-05-28] (Bitdefender SRL -> BitDefender) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] R0 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [488592 2021-04-20] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA) R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [195232 2020-11-15] (Bitdefender SRL -> BitDefender LLC) R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [25024 2019-04-18] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.) R2 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [185312 2020-12-10] (Bitdefender SRL -> Bitdefender) R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [641728 2021-03-24] (Bitdefender SRL -> Bitdefender) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation) R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-08-16 15:22 - 2021-08-16 15:23 - 000019645 _____ C:\Users\user\Desktop\FRST.txt 2021-08-16 15:22 - 2021-08-16 15:23 - 000000000 ____D C:\FRST 2021-08-16 15:21 - 2021-08-16 15:19 - 002300416 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe 2021-08-16 15:18 - 2021-08-16 15:19 - 002300416 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe 2021-08-16 15:08 - 2021-08-16 15:08 - 000257120 _____ C:\Users\user\Desktop\ZHPDiag.txt 2021-08-16 14:57 - 2021-08-16 14:57 - 000000871 _____ C:\Users\user\Desktop\ZHPSuite.lnk 2021-08-16 14:52 - 2021-08-16 14:53 - 003019629 _____ C:\Users\user\Downloads\ZHPSuite.zip 2021-08-16 10:59 - 2021-08-16 13:09 - 000003178 _____ C:\WINDOWS\system32\Tasks\PC Cleaner automatic scan and notifications 2021-08-16 10:59 - 2021-08-16 11:07 - 000000000 ____D C:\ProgramData\PC Cleaner 2021-08-16 10:59 - 2021-08-16 10:59 - 000000000 ____D C:\Users\user\AppData\Roaming\PC Cleaner 2021-08-16 10:59 - 2021-08-16 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Cleaner 2021-08-16 10:59 - 2021-08-16 10:59 - 000000000 ____D C:\Program Files (x86)\PC Cleaner 2021-08-16 10:21 - 2021-08-16 10:21 - 000000000 ____D C:\AdwCleaner 2021-08-16 10:06 - 2021-08-16 10:12 - 008553680 _____ (Malwarebytes) C:\Users\user\Downloads\adwcleaner_8.3.0.exe 2021-08-15 21:18 - 2021-08-15 21:18 - 000000000 ____D C:\Program Files\Avast Software 2021-08-15 21:17 - 2021-08-15 21:17 - 000000000 ____D C:\ProgramData\Avast Software 2021-08-15 20:52 - 2021-08-15 21:05 - 036238456 _____ (Piriform Software Ltd) C:\Users\user\Downloads\ccsetup583.exe 2021-08-13 13:55 - 2021-08-13 13:55 - 000000000 ___HD C:\$WinREAgent 2021-08-13 13:45 - 2021-08-13 13:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-08-13 13:45 - 2021-08-13 13:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-08-13 13:45 - 2021-08-13 13:45 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-08-13 13:45 - 2021-08-13 13:45 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-08-13 13:45 - 2021-08-13 13:45 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-08-13 13:45 - 2021-08-13 13:45 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-08-13 13:44 - 2021-08-13 13:44 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2021-08-13 10:55 - 2021-08-13 10:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-08-12 22:58 - 2021-08-13 13:51 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-07-26 16:52 - 2021-07-26 16:52 - 000496555 _____ C:\Users\user\Downloads\IMG_83131.3gp 2021-07-19 17:23 - 2021-07-19 17:23 - 000379717 _____ C:\Users\user\Downloads\Avenant BARSALOU.pdf 2021-07-19 11:06 - 2021-07-19 11:11 - 006678132 _____ C:\Users\user\Downloads\Re support roue secours premium 150.zip 2021-07-16 14:29 - 2021-07-16 14:29 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb 2021-07-16 14:29 - 2021-07-16 14:29 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb 2021-07-16 14:29 - 2021-07-16 14:29 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb 2021-07-16 14:29 - 2021-07-16 14:29 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb 2021-07-12 13:50 - 2021-07-12 13:50 - 000023789 _____ C:\Users\user\Downloads\Doc_ATTEVAMVEC_20210712134552698_78389N_1.pdf 2021-07-12 13:14 - 2021-07-12 13:14 - 001098305 _____ C:\Users\user\Downloads\FIESTA FL-951-ZQ.pdf 2021-07-12 10:05 - 2021-07-12 10:05 - 000042739 _____ C:\Users\user\Downloads\attestation-weber-richard.pdf 2021-07-09 12:06 - 2021-07-09 12:06 - 000042578 _____ C:\Users\user\Downloads\Attestation_vaccination_covid.pdf 2021-07-09 12:06 - 2021-07-09 12:06 - 000010653 _____ C:\Users\user\Downloads\DetailMessage.pdf 2021-07-07 18:23 - 2021-07-07 18:23 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll 2021-07-07 18:23 - 2021-07-07 18:23 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-07-07 18:23 - 2021-07-07 18:23 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2021-07-07 18:23 - 2021-07-07 18:23 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2021-07-07 18:23 - 2021-07-07 18:23 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2021-07-07 18:23 - 2021-07-07 18:23 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2021-07-07 18:22 - 2021-07-07 18:22 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-07-07 18:22 - 2021-07-07 18:22 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-07-07 18:22 - 2021-07-07 18:22 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-07-06 18:06 - 2021-07-06 18:06 - 000153396 _____ C:\ProgramData\agent.update.1625587558.bdinstall.v2.bin 2021-06-22 18:12 - 2021-06-22 18:13 - 000000000 ____D C:\Users\user\Documents\Paroisses Communauté de Châtenois 2021-06-20 16:39 - 2021-06-20 16:39 - 000365565 _____ C:\Users\user\Downloads\vosTimbres.pdf 2021-06-11 22:44 - 2021-06-11 22:44 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll 2021-06-11 22:44 - 2021-06-11 22:44 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2021-06-11 22:44 - 2021-06-11 22:44 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-06-11 22:44 - 2021-06-11 22:44 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-06-11 22:43 - 2021-06-11 22:43 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll 2021-06-11 22:43 - 2021-06-11 22:43 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2021-06-11 22:42 - 2021-06-11 22:42 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-06-11 22:42 - 2021-06-11 22:42 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2021-06-11 22:42 - 2021-06-11 22:42 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-06-04 11:31 - 2021-06-04 11:31 - 000135534 _____ C:\Users\user\Downloads\RB210604037.pdf 2021-06-03 18:09 - 2021-06-03 18:09 - 000021944 _____ C:\Users\user\Downloads\Facture_PDF_AF201551373875.pdf 2021-06-01 12:12 - 2021-06-01 12:12 - 000191434 _____ C:\Users\user\Downloads\RB210519042(1).pdf 2021-06-01 12:08 - 2021-06-01 12:08 - 000059047 _____ C:\Users\user\Downloads\Billets WEBER Richard 24732.pdf 2021-05-19 15:40 - 2021-05-19 15:40 - 000191434 _____ C:\Users\user\Downloads\RB210519042.pdf ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-08-16 15:12 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-08-16 15:08 - 2019-10-09 11:24 - 000000000 ____D C:\Users\user\AppData\Roaming\ZHP 2021-08-16 14:57 - 2019-10-09 11:24 - 000000000 ____D C:\Users\user\AppData\Local\ZHP 2021-08-16 14:55 - 2019-10-09 10:33 - 000000000 ____D C:\Users\user\Documents\Richard 2021-08-16 14:32 - 2020-11-19 00:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-08-16 13:55 - 2019-10-09 13:42 - 000000000 ____D C:\ProgramData\Mozilla 2021-08-16 13:54 - 2019-10-09 13:42 - 000000000 ____D C:\Users\user\AppData\LocalLow\Mozilla 2021-08-16 13:32 - 2019-11-04 19:10 - 000002466 _____ C:\Users\user\Desktop\ZHPCleaner.txt 2021-08-16 11:24 - 2019-10-09 09:11 - 000000000 __SHD C:\Users\user\IntelGraphicsProfiles 2021-08-16 10:03 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-08-15 21:21 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-08-15 21:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-08-15 21:18 - 2021-05-16 20:41 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps 2021-08-15 21:18 - 2021-02-23 16:00 - 000000000 ___DC C:\WINDOWS\Panther 2021-08-15 21:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-08-13 22:35 - 2020-11-19 01:31 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-08-13 22:35 - 2020-11-19 01:31 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-08-13 14:41 - 2021-02-23 18:40 - 001789580 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-08-13 14:41 - 2019-12-07 16:49 - 000797844 _____ C:\WINDOWS\system32\perfh00C.dat 2021-08-13 14:41 - 2019-12-07 16:49 - 000160198 _____ C:\WINDOWS\system32\perfc00C.dat 2021-08-13 14:34 - 2021-02-23 18:30 - 000008192 ___SH C:\DumpStack.log.tmp 2021-08-13 14:34 - 2020-11-19 01:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-08-13 14:34 - 2020-11-19 00:28 - 000540304 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-08-13 14:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-08-13 14:33 - 2021-02-23 18:05 - 000000000 ____D C:\WINDOWS\HoloShell 2021-08-13 14:33 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-08-13 14:33 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-08-13 14:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-08-13 14:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-08-13 14:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-08-13 14:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-08-13 14:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-08-13 14:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-08-13 14:33 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-08-13 14:33 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing 2021-08-13 14:31 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-08-13 13:51 - 2019-12-07 11:03 - 000065536 _____ C:\WINDOWS\system32\config\ELAM 2021-08-13 13:51 - 2019-10-09 13:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-08-13 12:52 - 2019-10-11 18:13 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-08-13 12:30 - 2019-10-11 18:13 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-08-13 10:55 - 2019-10-09 13:42 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-08-12 20:37 - 2019-10-09 09:11 - 000000000 ____D C:\Users\user\AppData\Local\Packages 2021-08-12 19:42 - 2019-10-09 10:27 - 000000000 ____D C:\Users\user\Documents\Clé USB D 2021-08-09 11:24 - 2019-05-17 15:18 - 000000000 ____D C:\Program Files\Microsoft Office 2021-08-06 12:44 - 2020-09-30 10:12 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-08-02 17:38 - 2019-10-09 14:02 - 003414928 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys 2021-08-02 09:29 - 2021-03-05 12:00 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d70a01d0044da5 2021-08-02 09:29 - 2020-11-19 01:31 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-07-30 17:26 - 2020-12-18 20:05 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-07-30 17:25 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared ==================== Fichiers à la racine de certains dossiers ======== 2020-08-05 21:37 - 2020-08-05 21:37 - 000003099 _____ () C:\Users\user\AppData\Local\recently-used.xbel ==================== SigCheckExt ========================= 2019-07-29 17:25 - 2019-04-09 03:15 - 000050912 _____ C:\WINDOWS\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new.dll 2019-07-29 17:25 - 2019-04-09 03:15 - 000050860 _____ C:\WINDOWS\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new_s1.dll 2019-07-29 17:25 - 2019-04-09 03:15 - 000060412 _____ C:\WINDOWS\rtl8723d_mp_chip_bt40_fw_asic_rom_patch_new.dll 2019-07-29 17:25 - 2019-04-09 03:15 - 000045608 _____ C:\WINDOWS\rtl8821c_mp_chip_bt40_fw_asic_rom_patch_new.dll 2019-07-29 17:25 - 2019-04-09 03:15 - 000049604 _____ C:\WINDOWS\rtl8822b_mp_chip_bt40_fw_asic_rom_patch_new.dll 2019-07-29 17:25 - 2019-04-09 03:15 - 000051776 _____ C:\WINDOWS\rtl8822c_mp_chip_bt40_fw_asic_rom_patch_new.dll 2021-08-16 15:21 - 2021-08-16 15:19 - 002300416 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe 2019-11-04 19:11 - 2017-03-24 14:35 - 002753024 _____ C:\Users\user\Desktop\ZHPCleaner.exe 2021-08-16 15:18 - 2021-08-16 15:19 - 002300416 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {c7eda70f-746f-11eb-81be-806e6f6e6963} {bf749a81-b265-11e9-b0ac-f8b46aa22ed3} timeout 0 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {5eb3f297-75f4-11eb-b4dc-a91632a118ac} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {bf749a81-b265-11e9-b0ac-f8b46aa22ed3} description EFI USB Device Application logicielle (101fffff) -------------------------------- identificateur {c7eda70f-746f-11eb-81be-806e6f6e6963} description Internal Hard Disk or Solid State Disk Chargeur de d‚marrage Windows ----------------------------- identificateur {004700cd-b26e-11e9-8643-f8b46aa22ed3} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{004700ce-b26e-11e9-8643-f8b46aa22ed3} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{004700ce-b26e-11e9-8643-f8b46aa22ed3} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {5eb3f299-75f4-11eb-b4dc-a91632a118ac} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {5eb3f297-75f4-11eb-b4dc-a91632a118ac} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {5eb3f299-75f4-11eb-b4dc-a91632a118ac} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{5eb3f29a-75f4-11eb-b4dc-a91632a118ac} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{5eb3f29a-75f4-11eb-b4dc-a91632a118ac} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {5eb3f297-75f4-11eb-b4dc-a91632a118ac} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {5eb3f299-75f4-11eb-b4dc-a91632a118ac} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {5eb3f29a-75f4-11eb-b4dc-a91632a118ac} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================