Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2021
Exécuté par Romio (administrateur) sur DESKTOP-FBQVH2D (Micro-Star International Co., Ltd. MS-7B51) (22-09-2021 13:19:07)
Exécuté depuis C:\Users\romio\Desktop
Profils chargés: Romio
Platform: Windows 10 Pro Version 20H2 19042.1237 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.CpuIdRemote64.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.DisplayAdapter.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairMsiPluginService.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE.exe
(Corsair Memory, Inc. -> Corsair) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUEDevicePluginHost.exe <7>
(EPOS Group A/S -> ) C:\Program Files (x86)\EPOS\Gaming Suite\EPOSGamingSuiteService
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <21>
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\pacjsworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Nicolas Coolman -> Nicolas Coolman) [Fichier non signé] C:\Users\romio\AppData\Roaming\ZHP\ZHPCleaner.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5d5c294bb8d17217\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_01042bb7f11c17c4\RtkAudUService64.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\AMSPTelemetryService.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\module\10011\8.2.1138\8.2.1138\TmsaInstance64.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\DiamondRing\DrSDKCaller.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_01042bb7f11c17c4\RtkAudUService64.exe [1256824 2021-04-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [SmartAudio] => C:\Program Files\Sennheiser\SA3\Sennheiser\SACpl.exe [1830232 2016-03-08] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [ctfmon] => C:\Windows\System32\ctfmon.exe [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [213696 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1233328 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-09-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [CORSAIR iCUE 4 Software] => C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE Launcher.exe [321240 2021-07-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3180256 2021-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-2887478810-2401684599-1784179501-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2887478810-2401684599-1784179501-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [34508416 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2887478810-2401684599-1784179501-1001\...\Run: [Wargaming.net Game Center] => K:\Wargaming.net\GameCenter\wgc.exe [2147776 2021-09-18] (Wargaming.net Limited -> Wargaming.net)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\93.0.4577.82\Installer\chrmstp.exe [2021-09-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\EPOS Gaming Suite.lnk [2021-05-30]
ShortcutTarget: EPOS Gaming Suite.lnk -> C:\Program Files (x86)\EPOS\Gaming Suite\EPOSGamingSuite.exe (EPOS Group A/S -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ROCCAT Swarm Monitor.lnk [2021-07-10]
ShortcutTarget: ROCCAT Swarm Monitor.lnk -> C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe (Voyetra Turtle Beach, Inc. -> ROCCAT)

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {7AFEB35E-E818-4FF8-AEE1-9D4DA986594B} - System32\Tasks\KMSpico Automatic Update Scheduler => C:\Program Files\KMSpico\KMSUPD.exe [89272 2021-02-11] (KMSpico ByELDI LTD -> @ByELDI)
Task: {855F1E7F-8DC3-48B5-9006-F4069A1E39C5} - System32\Tasks\Intel Rapid => C:\Users\romio\AppData\Roaming\Intel Rapid\IntelRapid.exe [3496448 2021-09-22] () [Fichier non signé]
Task: {EC03A147-D7ED-499D-9FD7-5CB79637DC97} - System32\Tasks\Optimize Thumbnail Cache => C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\isupdate.exe [61104 2020-09-26] (Flexera Software LLC -> InstallShield®) [Fichier non signé] <==== ATTENTION
Task: {EFE1F83B-EC8C-4948-B5D7-D95D150C59F0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-04] (Mozilla Corporation -> Mozilla Foundation)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== ATTENTION (Restriction - ProxySettings)
AutoConfigURL: [HKLM] => hxxp://127.0.0.1:86/
AutoConfigURL: [HKLM-x32] => hxxp://127.0.0.1:86/
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{299ebb42-1345-42a3-9661-559aa6755bd3}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{d9372309-4a02-4db4-931e-ef59d74c97ad}: [DhcpNameServer] 192.168.1.254
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge: 
=======
Edge Profile: C:\Users\romio\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-22]

FireFox:
========
FF DefaultProfile: ph2bvm6s.default
FF ProfilePath: C:\Users\romio\AppData\Roaming\Mozilla\Firefox\Profiles\ph2bvm6s.default [2021-06-01]
FF ProfilePath: C:\Users\romio\AppData\Roaming\Mozilla\Firefox\Profiles\ix9eubo6.default-release [2021-09-22]
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Fichier non signé]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-06-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default [2021-09-22]
CHR DownloadDir: L:\Téléchargé
CHR StartupUrls: Default -> "hxxp://ecosia.org/"
CHR NewTab: Default ->  Active:"chrome-extension://eedlgdlajadkbbjoobobefphmfkcchfk/newtab.html"
CHR DefaultSearchURL: Default -> hxxps://www.ecosia.org/search?q={searchTerms}&addon=chrome&addonversion=3.4.0&method=topbar
CHR DefaultSearchKeyword: Default -> ecosia
CHR DefaultSuggestURL: Default -> hxxps://ac.ecosia.org/?q={searchTerms}&type=list&mkt=fr
CHR Extension: (Slides) - C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-05-30]
CHR Extension: (Docs) - C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-05-30]
CHR Extension: (Google Drive) - C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-05-30]
CHR Extension: (YouTube) - C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-04-20]
CHR Extension: (Unknown Space) - C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpjdbdbhiomamecfnjahemfimgjamhjd [2021-04-20]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-09-01]
CHR Extension: (Ecosia Search) - C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Extensions\eedlgdlajadkbbjoobobefphmfkcchfk [2021-05-20]
CHR Extension: (Sheets) - C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-05-30]
CHR Extension: (Google Docs hors connexion) - C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-26]
CHR Extension: (Grammarly for Chrome) - C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-09-20]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-19]
CHR Extension: (Gmail) - C:\Users\romio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-04-20]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 Amsp; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [391032 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 AMSPTLM; C:\Program Files\Trend Micro\AMSP\AMSPTelemetryService.exe [250136 2020-12-30] (Trend Micro, Inc. -> Trend Micro Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8914856 2021-06-16] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9179528 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
S2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [616360 2021-05-24] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe [456408 2021-07-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairMsiPluginService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairMsiPluginService.exe [451800 2021-07-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe [80608 2021-07-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S2 CxUtilSvc; C:\Program Files\Sennheiser\SA3\Sennheiser\CxUtilSvc.exe [109184 2021-04-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2021-01-07] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.160.0808.0002\FileSyncHelper.exe [3249512 2021-09-17] (Microsoft Corporation -> Microsoft Corporation)
S2 HerculesWiFi; C:\Windows\SysWOW64\\HerculesWiFiService.exe [78232 2012-09-26] (Guillemot Corporation -> Guillemot Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.160.0808.0002\OneDriveUpdaterService.exe [3711848 2021-09-17] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2557144 2021-09-18] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3475672 2021-09-18] (Electronic Arts, Inc. -> Electronic Arts)
S2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1141680 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2021-06-26] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-09-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 TmWscSvc; C:\Program Files\Trend Micro\Titanium\TmWscSvc\TmWscSvc.exe [401448 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
S2 UIUMPService; C:\Windows\SysWOW64\UIUMPSrv.exe [104960 2021-04-20] (Conexant Systems, Inc.) [Fichier non signé]
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10202040 2021-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.5-0\NisSrv.exe [2599296 2021-04-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.5-0\MsMpEng.exe [128360 2021-04-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 EPOSGamingSuiteService; "C:\Program Files (x86)\EPOS\Gaming Suite\EPOSGamingSuiteService"  /start EPOSGamingSuiteService [X]
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5d5c294bb8d17217\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5d5c294bb8d17217\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R2 CmUpx; C:\Windows\system32\drivers\CmUpx.sys [30184 2021-05-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60328 2021-05-24] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccessC2D033F14715AA7325305EA42FBFC65BF867CC1D; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairLLAccess64.sys [21752 2021-05-24] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [45984 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21920 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz150; C:\Windows\temp\cpuz150\cpuz150_x64.sys [44832 2021-09-21] (CPUID S.A.R.L.U. -> CPUID)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2021-04-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [59360 2021-04-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [44080 2018-01-25] (Shaul Eizikovich -> Nefarius Software Solutions)
R0 secnvme; C:\Windows\System32\drivers\secnvme.sys [133944 2020-01-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [74760 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [147672 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
S0 tmel; C:\Windows\System32\DRIVERS\tmel.sys [39872 2021-04-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Trend Micro Inc.)
R1 tmeyes; C:\Windows\system32\DRIVERS\tmeyes.sys [673832 2021-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Trend Micro Inc.)
R3 tmnciesc; C:\Windows\system32\DRIVERS\tmnciesc.sys [562296 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 tmumh; C:\Windows\system32\DRIVERS\TMUMH.sys [161280 2021-03-15] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmusa; C:\Windows\system32\DRIVERS\tmusa.sys [137112 2020-07-29] (Trend Micro, Inc. -> Trend Micro, Inc.)
R3 usbaud; C:\Windows\system32\DRIVERS\usbaud64.sys [1911288 2021-04-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8234240 2021-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
R3 VirtualHID; C:\Windows\System32\drivers\VirtualHID.sys [26768 2020-10-26] (Voyetra Turtle Beach, Inc. -> TurtleBeach)
S3 vmulti; C:\Windows\System32\drivers\vmulti.sys [19304 2018-01-25] (ROCCAT GmbH -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49544 2021-04-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [421112 2021-04-20] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [73952 2021-04-20] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-09-22 13:19 - 2021-09-22 13:19 - 000020747 _____ C:\Users\romio\Desktop\FRST.txt
2021-09-22 13:09 - 2021-09-22 13:09 - 002304512 _____ (Farbar) C:\Users\romio\Desktop\FRST64-2.1.exe
2021-09-22 13:01 - 2021-09-22 13:01 - 008553680 _____ (Malwarebytes) C:\Users\romio\Desktop\adwcleaner_8.3.0.exe
2021-09-22 10:56 - 2021-09-22 11:04 - 000000000 ____D C:\Users\romio\AppData\Local\MSfree Inc
2021-09-22 10:56 - 2021-09-22 11:04 - 000000000 ____D C:\Program Files (x86)\folder1
2021-09-22 10:56 - 2021-09-22 10:56 - 000003090 _____ C:\Windows\system32\Tasks\Intel Rapid
2021-09-22 10:56 - 2021-09-22 10:56 - 000000000 ____D C:\Users\romio\AppData\Roaming\orchel
2021-09-22 10:56 - 2021-09-22 10:56 - 000000000 ____D C:\Users\romio\AppData\Roaming\Intel Rapid
2021-09-22 10:49 - 2021-09-22 10:49 - 000003802 _____ C:\Windows\system32\Tasks\Optimize Thumbnail Cache
2021-09-22 10:49 - 2021-09-22 10:49 - 000003354 _____ C:\Windows\system32\Tasks\KMSpico Automatic Update Scheduler
2021-09-22 10:49 - 2021-09-22 10:49 - 000000000 ____D C:\Program Files\KMSpico
2021-09-22 10:46 - 2021-09-22 10:46 - 000004608 _____ C:\Windows\SECOH-QAD.exe
2021-09-22 10:46 - 2021-09-22 10:46 - 000003584 _____ C:\Windows\SECOH-QAD.dll
2021-09-20 09:25 - 2021-09-20 09:46 - 000188191 _____ C:\Users\romio\Documents\suivi edf2.xlsx
2021-09-20 09:02 - 2021-09-20 09:02 - 001313608 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-09-20 09:02 - 2021-09-20 09:02 - 000672768 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2021-09-20 09:02 - 2021-09-20 09:02 - 000570368 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-09-20 09:02 - 2021-09-20 09:02 - 000452096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-09-20 09:02 - 2021-09-20 09:02 - 000170496 _____ C:\Windows\system32\DeviceUpdateCenterCsp.dll
2021-09-20 09:02 - 2021-09-20 09:02 - 000011355 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-09-20 09:01 - 2021-09-20 09:01 - 002295296 _____ (Digimarc) C:\Windows\system32\DMRCDecoder.dll
2021-09-20 09:01 - 2021-09-20 09:01 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-09-20 09:01 - 2021-09-20 09:01 - 002111488 _____ (Digimarc) C:\Windows\SysWOW64\DMRCDecoder.dll
2021-09-20 09:01 - 2021-09-20 09:01 - 001823304 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-09-20 09:01 - 2021-09-20 09:01 - 001393480 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-09-20 09:01 - 2021-09-20 09:01 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-09-20 09:01 - 2021-09-20 09:01 - 001164288 _____ C:\Windows\system32\MBR2GPT.EXE
2021-09-20 09:01 - 2021-09-20 09:01 - 000566784 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-09-20 09:01 - 2021-09-20 09:01 - 000426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-09-20 09:01 - 2021-09-20 09:01 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-09-20 09:01 - 2021-09-20 09:01 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-09-20 09:01 - 2021-09-20 09:01 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-09-20 09:01 - 2021-09-20 09:01 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2021-09-20 09:01 - 2021-09-20 09:01 - 000122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2021-09-20 09:01 - 2021-09-20 09:01 - 000098816 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-09-20 08:58 - 2021-09-20 08:58 - 000000000 ___HD C:\$WinREAgent
2021-09-06 18:48 - 2021-09-21 11:47 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2021-09-05 22:55 - 2021-09-05 22:55 - 000253301 _____ C:\Users\romio\Documents\Par défaut.cueprofile
2021-09-04 16:27 - 2000-01-01 10:10 - 000001098 _____ C:\Users\romio\Desktop\config.ini

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-09-22 13:19 - 2021-05-31 17:42 - 000000000 ____D C:\FRST
2021-09-22 13:19 - 2021-05-30 21:06 - 000000000 ____D C:\Users\romio\AppData\Roaming\ZHP
2021-09-22 13:18 - 2021-05-30 21:06 - 000000882 _____ C:\Users\romio\Desktop\ZHPCleaner.lnk
2021-09-22 13:03 - 2021-04-19 23:14 - 000000000 ____D C:\ProgramData\NVIDIA
2021-09-22 13:03 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-22 13:00 - 2021-04-21 19:26 - 000485320 _____ (Trend Micro Inc.) C:\Windows\RegBootClean64.exe
2021-09-22 12:53 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-09-22 11:09 - 2021-04-19 23:17 - 000000000 ____D C:\Users\romio\AppData\Roaming\discord
2021-09-22 11:05 - 2021-04-19 23:07 - 000000000 ____D C:\Users\romio\AppData\Local\Discord
2021-09-22 10:33 - 2021-04-19 23:07 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-22 10:10 - 2021-04-20 19:27 - 000000000 ____D C:\Program Files\CCleaner
2021-09-22 10:10 - 2021-04-20 07:08 - 000000000 ____D C:\ProgramData\Riot Games
2021-09-21 13:12 - 2021-04-19 23:07 - 000000000 ____D C:\Users\romio\AppData\Local\Battle.net
2021-09-21 11:51 - 2021-04-19 23:02 - 001774848 _____ C:\Windows\system32\PerfStringBackup.INI
2021-09-21 11:51 - 2019-12-07 16:50 - 000792920 _____ C:\Windows\system32\perfh00C.dat
2021-09-21 11:51 - 2019-12-07 16:50 - 000150584 _____ C:\Windows\system32\perfc00C.dat
2021-09-21 11:46 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-09-21 11:44 - 2020-09-27 09:34 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-09-21 11:44 - 2020-09-27 07:33 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-21 11:44 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-09-20 12:13 - 2021-06-26 14:23 - 000000000 ____D C:\Users\romio\AppData\Roaming\Origin
2021-09-20 12:13 - 2021-04-20 07:17 - 000000000 ____D C:\ProgramData\Origin
2021-09-20 11:33 - 2021-06-26 14:28 - 000000000 ____D C:\Program Files (x86)\Origin Games
2021-09-20 11:33 - 2021-06-26 14:23 - 000000000 ____D C:\Users\romio\AppData\Local\Origin
2021-09-20 09:11 - 2021-04-19 23:19 - 000031301 _____ C:\Users\romio\Documents\Compte courses.xlsx
2021-09-20 09:07 - 2020-09-27 07:33 - 000531800 _____ C:\Windows\system32\FNTCACHE.DAT
2021-09-20 09:07 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-09-20 09:07 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-09-20 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2021-09-20 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-09-20 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-09-20 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-09-20 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2021-09-20 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-09-20 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-09-20 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2021-09-20 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2021-09-20 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2021-09-20 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser
2021-09-20 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2021-09-20 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2021-09-20 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-09-20 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-09-20 09:07 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2021-09-20 09:03 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-09-20 09:00 - 2021-04-20 20:24 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-09-20 08:56 - 2021-04-19 23:41 - 000000000 ____D C:\Windows\system32\MRT
2021-09-20 08:55 - 2021-04-19 23:41 - 135637312 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-09-20 08:53 - 2021-06-12 20:00 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2021-09-20 08:53 - 2020-05-07 12:56 - 000000000 ____D C:\Program Files\Riot Vanguard
2021-09-18 19:17 - 2021-04-19 23:16 - 000000000 ____D C:\Users\romio\AppData\Roaming\Blitz
2021-09-18 19:16 - 2021-04-19 23:15 - 000000000 ____D C:\Users\romio\AppData\Local\Ubisoft Game Launcher
2021-09-18 19:16 - 2020-09-27 07:33 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-09-18 18:49 - 2021-06-26 14:24 - 000000000 ____D C:\Program Files (x86)\Origin
2021-09-18 18:47 - 2021-07-11 21:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlestate Games
2021-09-18 18:46 - 2021-05-18 20:53 - 000000032 _____ C:\Users\romio\AppData\Roaming\.machineId
2021-09-18 18:43 - 2020-09-27 09:36 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-18 18:43 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-18 18:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-09-17 13:44 - 2021-04-20 17:29 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-09-17 13:41 - 2021-06-11 20:39 - 000002177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-17 13:41 - 2021-04-19 23:39 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-09-17 13:39 - 2021-04-22 17:58 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-17 13:38 - 2021-04-20 18:57 - 000000000 ____D C:\ProgramData\Trend Micro
2021-09-07 23:06 - 2021-04-19 23:07 - 000000000 ____D C:\Users\romio\AppData\Local\CrashDumps
2021-09-05 14:32 - 2021-04-19 23:18 - 000000000 ____D C:\Users\romio\AppData\Roaming\vlc
2021-09-02 17:18 - 2021-04-19 23:07 - 000000000 ____D C:\Users\romio\AppData\Local\D3DSCache
2021-08-23 20:48 - 2021-04-19 22:58 - 000000000 ____D C:\Users\romio

==================== Fichiers à la racine de certains dossiers ========

2021-05-31 18:00 - 2021-05-31 18:00 - 003255448 _____ (Nicolas Coolman) C:\Users\romio\ZHPCleaner.exe
2021-05-18 20:53 - 2021-09-18 18:46 - 000000032 _____ () C:\Users\romio\AppData\Roaming\.machineId
2021-04-19 23:15 - 2021-04-12 20:32 - 000000034 _____ () C:\Users\romio\AppData\Roaming\AdobeWLCMCache.dat
2021-04-19 23:07 - 2018-12-08 15:57 - 000000036 _____ () C:\Users\romio\AppData\Local\housecall.guid.cache
2021-04-19 23:07 - 2020-03-25 14:59 - 000000000 _____ () C:\Users\romio\AppData\Local\oobelibMkey.log
2021-04-19 23:07 - 2021-04-18 18:15 - 000007650 _____ () C:\Users\romio\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================