Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 12-10-2021 Exécuté par pierr (administrateur) sur DESKTOP-1N2EDLV (15-10-2021 22:24:51) Exécuté depuis C:\Users\pierr\Desktop Profils chargés: pierr Platform: Microsoft Windows 10 Famille Version 20H2 19042.1288 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe (Hoting) [Fichier non signé] C:\Users\pierr\AppData\Roaming\WinHost\WinHoster.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_7aa6ca9dbb25bff8\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_5d10f2aad7f84bec\LMS.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_5c2831a2e251017a\RstMwService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe --checkInstall HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [601784 2020-05-13] (Razer USA Ltd. -> Razer Inc.) HKLM-x32\...\Run: [Kraken0510Helper] => C:\Program Files (x86)\Razer\Razer_Kraken0510_Driver\Drivers\SysAudio\Kraken0510Helper.exe [1599432 2016-09-08] (Razer USA Ltd. -> Razer Inc) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation) HKLM\...\Policies\Explorer: [NoRecentDocsNetHood] 0 HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-2421347315-1938180677-2919578915-1001\...\Run: [Discord] => C:\Users\pierr\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub) HKU\S-1-5-21-2421347315-1938180677-2919578915-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33698888 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2421347315-1938180677-2919578915-1001\...\Run: [Spotify] => C:\Users\pierr\AppData\Roaming\Spotify\Spotify.exe [24049800 2021-07-20] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-2421347315-1938180677-2919578915-1001\...\Run: [GameCenter] => C:\Users\pierr\AppData\Local\GameCenter\GameCenter.exe [11126584 2021-08-07] (LLC Mail.Ru -> ) HKU\S-1-5-21-2421347315-1938180677-2919578915-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33223648 2021-06-09] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-2421347315-1938180677-2919578915-1001\...\Run: [WinHost] => C:\Users\pierr\AppData\Roaming\WinHost\WinHoster.exe [68608 2021-10-04] (Hoting) [Fichier non signé] <==== ATTENTION HKU\S-1-5-21-2421347315-1938180677-2919578915-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0 HKU\S-1-5-21-2421347315-1938180677-2919578915-1001\...\Policies\Explorer: [HideClock] 0 HKU\S-1-5-21-2421347315-1938180677-2919578915-1001\...\Policies\Explorer: [HideSCANetwork] 0 HKU\S-1-5-21-2421347315-1938180677-2919578915-1001\...\Policies\Explorer: [HideSCAVolume] 0 HKLM\...\Windows x64\Print Processors\Canon TS5000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDF.DLL [30720 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5000 series: C:\Windows\system32\CNMLMDF.DLL [485376 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\94.0.4606.81\Installer\chrmstp.exe [2021-10-14] (Google LLC -> Google LLC) Startup: C:\Users\pierr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uoYoZA2sgoS0S1yQ.exe [2021-10-04] () [Fichier non signé] GroupPolicy\User: Restriction ? <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION HKU\S-1-5-21-2421347315-1938180677-2919578915-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {03D444AD-260C-427B-86E2-9B0D6D1E86E8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21976976 2021-09-25] (Microsoft Corporation -> Microsoft Corporation) Task: {117417FE-E723-4152-8DFD-6A9637384D5D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134488 2021-10-12] (Microsoft Corporation -> Microsoft Corporation) Task: {197EB61B-CD08-4EB0-BA84-84A36C321CD6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134488 2021-10-12] (Microsoft Corporation -> Microsoft Corporation) Task: {2445B89E-2238-4C40-9C44-A89CF8EBE558} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5729184 2021-10-12] (Microsoft Corporation -> Microsoft Corporation) Task: {3D1C9F38-32F2-43F7-94EF-04B7FFB047B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {44773D78-81F3-4CC5-BCFD-15CAC56019E2} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696816 2021-03-18] (Mozilla Corporation -> Mozilla Foundation) Task: {4A61F231-762E-418A-B2BE-04DB9736A7D7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4E4A4C6C-3056-4710-9ED7-9110D45973E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-06] (Google LLC -> Google LLC) Task: {6A18F8C5-AEBF-4FD9-A990-A2FBDBEB4103} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28082760 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd) Task: {827BDA29-BFEC-4BC2-9691-F8EF0391D4DF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-06] (Google LLC -> Google LLC) Task: {8A387411-ED7A-4F7C-8CC6-D465D2BBE034} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_a93205b6238060e4\lib\IntelPTTEKRecertification.exe [919832 2020-12-27] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {9735238A-2708-42A4-8FCF-73531D5B12E1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5729184 2021-10-12] (Microsoft Corporation -> Microsoft Corporation) Task: {AB75A7F6-C38C-40E8-8019-1AD604855472} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21976976 2021-09-25] (Microsoft Corporation -> Microsoft Corporation) Task: {C3D0E580-B1F9-47A4-978C-9F214EC60703} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {DAA68BE3-6515-4EC8-8241-A428E00A815C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {DC94B41D-0933-42DA-95AD-85B1FA28B632} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-04-22] (Piriform Software Ltd -> Piriform) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{7659dbfb-8db1-4ff9-b922-3442b92b23a9}: [DhcpNameServer] 192.168.1.1 HKU\S-1-5-21-2421347315-1938180677-2919578915-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge Profile: C:\Users\pierr\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-04] FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2021-08-08] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2021-08-08] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\pierr\AppData\Local\Google\Chrome\User Data\Default [2021-10-15] CHR DefaultSearchURL: Default -> hxxps://www.gstatic.com/youtube/img/branding/favicon/favicon_144x144.png CHR Extension: (Slides) - C:\Users\pierr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-04-06] CHR Extension: (YouTube) - C:\Users\pierr\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnkijcaahngcdmfeangaknmldooml [2021-05-23] CHR Extension: (Docs) - C:\Users\pierr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-04-06] CHR Extension: (Google Drive) - C:\Users\pierr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-04-06] CHR Extension: (YouTube) - C:\Users\pierr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-04-06] CHR Extension: (Ruffle) - C:\Users\pierr\AppData\Local\Google\Chrome\User Data\Default\Extensions\donbcfbmhbcapadipfkeojnmajbakjdc [2021-08-14] CHR Extension: (Sheets) - C:\Users\pierr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-04-06] CHR Extension: (Google Docs hors connexion) - C:\Users\pierr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-23] CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\pierr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-10-14] CHR Extension: (IGRAAL : Cashback & codes promo) - C:\Users\pierr\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2021-10-15] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\pierr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-06] CHR Extension: (Gmail) - C:\Users\pierr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-04-06] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-08-08] (BattlEye Innovations e.K. -> ) R2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [153736 2016-06-02] (Canon Inc. -> CANON INC.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9250696 2021-10-01] (Microsoft Corporation -> Microsoft Corporation) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2021-08-08] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> ) S3 mracsvc; C:\Windows\System32\mracsvc.exe [21816880 2021-04-17] (Mail.Ru LLC -> LLC Mail.Ru) R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [447080 2019-07-24] (Razer USA Ltd. -> Razer Inc.) R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [943240 2019-07-24] (Razer USA Ltd. -> Razer Inc.) S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1783704 2021-04-27] (Rockstar Games, Inc. -> Rockstar Games) S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13257000 2021-07-01] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe [2855512 2021-10-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe [128392 2021-10-07] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 mracdrv; C:\Windows\System32\drivers\mracdrv1.sys [21049568 2021-04-17] (Mail.Ru LLC -> LLC Mail.Ru) S3 rzbtendpt; C:\Windows\System32\drivers\rzbtendpt.sys [52232 2017-07-19] (Razer USA Ltd. -> Razer Inc) S3 rzdaendpt; C:\Windows\System32\drivers\rzdaendpt.sys [42000 2017-07-19] (Razer USA Ltd. -> Razer Inc) R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [52240 2017-07-19] (Razer USA Ltd. -> Razer Inc) S3 rzhnet; C:\Windows\System32\Drivers\rzhnet.sys [29712 2017-07-19] (Razer USA Ltd. -> Razer Inc) S3 rzjstk; C:\Windows\System32\drivers\rzjstk.sys [36360 2017-07-19] (Razer USA Ltd. -> Razer Inc) S3 rzkeypadendpt; C:\Windows\System32\drivers\rzkeypadendpt.sys [46088 2017-07-19] (Razer USA Ltd. -> Razer Inc) S3 rzmpos; C:\Windows\System32\drivers\rzmpos.sys [48648 2017-07-19] (Razer USA Ltd. -> Razer Inc) S3 rzp1endpt; C:\Windows\System32\drivers\rzp1endpt.sys [52232 2017-07-19] (Razer USA Ltd. -> Razer Inc) S3 rzvkeyboard; C:\Windows\System32\drivers\rzvkeyboard.sys [44040 2017-07-19] (Razer USA Ltd. -> Razer Inc) S3 rzvmouse; C:\Windows\System32\drivers\rzvmouse.sys [44048 2017-07-19] (Razer USA Ltd. -> Razer Inc) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48520 2021-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [434424 2021-10-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86264 2021-10-07] (Microsoft Windows -> Microsoft Corporation) S3 MpKsl12f03854; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8557F8ED-D54B-4E5D-8111-F42878024AA4}\MpKslDrv.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-10-15 22:24 - 2021-10-15 22:26 - 000019283 _____ C:\Users\pierr\Desktop\FRST.txt 2021-10-15 22:24 - 2021-10-15 22:25 - 000000000 ____D C:\FRST 2021-10-15 22:24 - 2021-10-15 22:24 - 002310656 _____ (Farbar) C:\Users\pierr\Downloads\FRST64.exe 2021-10-15 22:24 - 2021-10-15 22:24 - 002310656 _____ (Farbar) C:\Users\pierr\Desktop\FRST64.exe 2021-10-15 22:23 - 2021-10-15 22:20 - 002019328 _____ (Farbar) C:\Users\pierr\Desktop\FRST.exe 2021-10-15 22:20 - 2021-10-15 22:20 - 002019328 _____ (Farbar) C:\Users\pierr\Downloads\FRST.exe 2021-10-14 21:32 - 2021-10-14 21:32 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2021-10-14 21:32 - 2021-10-14 21:32 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2021-10-14 21:31 - 2021-10-14 21:31 - 000611960 _____ C:\Windows\SysWOW64\TextShaping.dll 2021-10-14 21:31 - 2021-10-14 21:31 - 000570368 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2021-10-14 21:31 - 2021-10-14 21:31 - 000452096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2021-10-14 21:31 - 2021-10-14 21:31 - 000449024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2021-10-14 21:31 - 2021-10-14 21:31 - 000011495 _____ C:\Windows\system32\DrtmAuthTxt.wim 2021-10-14 21:30 - 2021-10-14 21:30 - 001823296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2021-10-14 21:30 - 2021-10-14 21:30 - 001393504 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2021-10-14 21:30 - 2021-10-14 21:30 - 000706536 _____ C:\Windows\system32\TextShaping.dll 2021-10-14 21:30 - 2021-10-14 21:30 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2021-10-14 21:30 - 2021-10-14 21:30 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll 2021-10-14 21:30 - 2021-10-14 21:30 - 000098304 _____ C:\Windows\system32\Drivers\cimfs.sys 2021-10-14 21:14 - 2021-10-14 21:16 - 000000000 ___HD C:\$WinREAgent 2021-10-12 20:52 - 2021-10-12 20:52 - 000000000 ____D C:\Users\pierr\Desktop\Nouveau dossier 2021-10-12 20:15 - 2021-10-12 20:15 - 000259013 _____ C:\Users\pierr\Desktop\ZHPDiag.txt 2021-10-12 20:11 - 2021-10-12 20:11 - 003281560 _____ (Nicolas Coolman) C:\Users\pierr\Downloads\ZHPDiag3.exe 2021-10-12 20:11 - 2021-10-12 20:11 - 003281560 _____ (Nicolas Coolman) C:\Users\pierr\Desktop\ZHPDiag3.exe 2021-10-12 20:11 - 2021-10-12 20:11 - 000000877 _____ C:\Users\pierr\Desktop\ZHPDiag.lnk 2021-10-09 21:19 - 2021-10-09 21:19 - 001446590 _____ C:\Users\pierr\Documents\IMG_20211009_0001.pdf 2021-10-04 23:29 - 2021-10-04 23:29 - 000164874 _____ C:\Users\pierr\Desktop\ZHPCleaner (R).html 2021-10-04 23:29 - 2021-10-04 23:29 - 000122056 _____ C:\Users\pierr\Desktop\ZHPCleaner (R).txt 2021-10-04 23:23 - 2021-10-04 23:23 - 000165353 _____ C:\Users\pierr\Desktop\ZHPCleaner (S).html 2021-10-04 23:23 - 2021-10-04 23:23 - 000122135 _____ C:\Users\pierr\Desktop\ZHPCleaner (S).txt 2021-10-04 23:14 - 2021-10-12 20:15 - 000000000 ____D C:\Users\pierr\AppData\Roaming\ZHP 2021-10-04 23:14 - 2021-10-12 20:11 - 000000000 ____D C:\Users\pierr\AppData\Local\ZHP 2021-10-04 23:14 - 2021-10-04 23:14 - 000000887 _____ C:\Users\pierr\Desktop\ZHPCleaner.lnk 2021-10-04 23:13 - 2021-10-04 23:13 - 003289752 _____ (Nicolas Coolman) C:\Users\pierr\Downloads\ZHPCleaner.exe 2021-10-04 23:09 - 2021-10-04 23:09 - 002667008 _____ C:\Users\pierr\AppData\Roaming\8322856.scr 2021-10-04 23:09 - 2021-10-04 23:09 - 002572288 _____ C:\Users\pierr\AppData\Roaming\5365469.scr 2021-10-04 23:09 - 2021-10-04 23:09 - 000209408 _____ (gsdfdsfds) C:\Users\pierr\AppData\Roaming\2599439.scr 2021-10-04 23:09 - 2021-10-04 23:09 - 000206848 _____ (hfashdasj) C:\Users\pierr\AppData\Roaming\1858545.scr 2021-10-04 23:09 - 2021-10-04 23:09 - 000068608 _____ (Hoting) C:\Users\pierr\AppData\Roaming\4806980.scr 2021-10-04 23:09 - 2021-10-04 23:09 - 000000000 ___HD C:\Users\pierr\AppData\Roaming\WinHost 2021-10-04 23:09 - 2021-10-04 23:09 - 000000000 ____D C:\Users\pierr\Documents\VlcpVideoV1.0.1 2021-10-04 23:07 - 2021-10-04 23:08 - 000000000 ____D C:\Users\pierr\AppData\LocalLow\uS0wV5wY9qH3 2021-10-04 23:07 - 2021-10-04 23:07 - 000000000 ____D C:\Users\pierr\AppData\LocalLow\discord_files 2021-10-04 23:06 - 2021-10-04 23:06 - 000000000 ____D C:\Users\pierr\AppData\Roaming\NVIDIA 2021-10-04 23:05 - 2021-10-04 23:05 - 000884736 _____ C:\Users\pierr\Documents\PlsWnEU2.exe 2021-10-04 23:05 - 2021-10-04 23:05 - 000000000 _____ C:\Users\pierr\AppData\Roaming\FAEF.tmp 2021-10-04 23:05 - 2021-10-04 23:05 - 000000000 _____ C:\Users\pierr\AppData\Roaming\F9C5.tmp 2021-10-04 23:05 - 2021-10-04 23:05 - 000000000 _____ C:\Users\pierr\AppData\Roaming\F35C.tmp 2021-10-04 23:01 - 2021-10-04 23:00 - 006075107 ____N C:\Users\pierr\Desktop\Ballistik_v1_0_8_keygen.zip 2021-10-04 23:00 - 2021-10-04 23:00 - 006075311 _____ C:\Users\pierr\Downloads\Ballistik_v1_0_8_keygen.zip 2021-09-19 21:00 - 2021-09-19 21:02 - 002379469 _____ C:\Users\pierr\Desktop\cg.pdf 2021-09-15 19:02 - 2021-09-15 19:02 - 002111488 _____ (Digimarc) C:\Windows\SysWOW64\DMRCDecoder.dll 2021-09-15 19:02 - 2021-09-15 19:02 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll 2021-09-15 19:02 - 2021-09-15 19:02 - 001313608 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi 2021-09-15 19:02 - 2021-09-15 19:02 - 001164288 _____ C:\Windows\system32\MBR2GPT.EXE 2021-09-15 19:02 - 2021-09-15 19:02 - 000672768 _____ C:\Windows\system32\FsNVSDeviceSource.dll 2021-09-15 19:02 - 2021-09-15 19:02 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe 2021-09-15 19:02 - 2021-09-15 19:02 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2021-09-15 19:02 - 2021-09-15 19:02 - 000122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx 2021-09-15 19:01 - 2021-09-15 19:01 - 002295296 _____ (Digimarc) C:\Windows\system32\DMRCDecoder.dll 2021-09-15 19:01 - 2021-09-15 19:01 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll 2021-09-15 19:01 - 2021-09-15 19:01 - 000272384 _____ C:\Windows\system32\TpmTool.exe 2021-09-15 19:01 - 2021-09-15 19:01 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-10-15 22:22 - 2021-04-05 22:18 - 001681370 _____ C:\Windows\system32\PerfStringBackup.INI 2021-10-15 22:22 - 2019-12-07 16:49 - 000755174 _____ C:\Windows\system32\perfh00C.dat 2021-10-15 22:22 - 2019-12-07 16:49 - 000141980 _____ C:\Windows\system32\perfc00C.dat 2021-10-15 22:22 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2021-10-15 22:21 - 2021-04-06 19:43 - 000000000 ____D C:\Program Files\CCleaner 2021-10-15 22:19 - 2021-04-06 17:20 - 000000000 ____D C:\Program Files (x86)\Google 2021-10-15 22:19 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2021-10-15 22:18 - 2021-04-06 16:36 - 000000000 ____D C:\Users\pierr 2021-10-15 22:18 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-10-15 22:17 - 2021-04-07 15:19 - 000000000 ____D C:\ProgramData\NVIDIA 2021-10-15 22:16 - 2021-04-05 21:56 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-10-15 22:16 - 2021-04-05 21:55 - 000294672 _____ C:\Windows\system32\FNTCACHE.DAT 2021-10-15 22:15 - 2021-04-05 21:55 - 000008192 ___SH C:\DumpStack.log.tmp 2021-10-15 22:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState 2021-10-15 22:15 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI 2021-10-15 22:14 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP 2021-10-15 22:14 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2021-10-15 22:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe 2021-10-15 22:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources 2021-10-15 22:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2021-10-15 22:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe 2021-10-15 22:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2021-10-15 22:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\DiagTrack 2021-10-15 22:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr 2021-10-15 22:13 - 2021-04-05 21:55 - 000000000 ____D C:\Windows\system32\SleepStudy 2021-10-14 21:42 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp 2021-10-14 21:14 - 2021-04-06 18:01 - 000000000 ____D C:\Windows\system32\MRT 2021-10-14 21:11 - 2021-04-06 18:00 - 139806512 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2021-10-14 18:09 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-10-14 18:08 - 2021-04-14 23:30 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-10-14 18:08 - 2021-04-14 23:30 - 000002292 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-10-14 18:07 - 2021-04-06 17:21 - 000002257 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-10-14 18:07 - 2021-04-06 17:21 - 000002216 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-10-14 18:00 - 2021-04-06 19:43 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update 2021-10-12 20:14 - 2021-05-23 19:25 - 000002969 _____ C:\Users\pierr\Desktop\YouTube.lnk 2021-10-12 20:14 - 2021-04-27 01:13 - 000001121 _____ C:\Users\pierr\Desktop\Rockstar Games Launcher.lnk 2021-10-12 20:14 - 2021-04-08 14:18 - 000002103 _____ C:\Users\pierr\Desktop\MY.GAMES GameCenter.lnk 2021-10-12 20:14 - 2021-04-07 19:55 - 000002026 _____ C:\Users\pierr\Desktop\Razer Synapse.lnk 2021-10-12 20:14 - 2021-04-07 19:54 - 000002451 _____ C:\Users\pierr\Desktop\Word.lnk 2021-10-12 20:14 - 2021-04-07 19:54 - 000002450 _____ C:\Users\pierr\Desktop\PowerPoint.lnk 2021-10-12 20:14 - 2021-04-07 19:53 - 000002413 _____ C:\Users\pierr\Desktop\Excel.lnk 2021-10-12 20:14 - 2021-04-07 19:53 - 000001049 _____ C:\Users\pierr\Desktop\Firefox.lnk 2021-10-12 20:14 - 2021-04-06 17:23 - 000002243 _____ C:\Users\pierr\Desktop\Discord.lnk 2021-10-12 20:08 - 2021-05-22 20:43 - 000000000 ____D C:\Program Files\Microsoft Office 2021-10-10 21:14 - 2021-04-14 23:30 - 000003634 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-10-10 21:14 - 2021-04-14 23:30 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-10-09 21:19 - 2021-07-15 18:35 - 000000000 ____D C:\ProgramData\CanonIJPLM 2021-10-07 20:27 - 2021-04-05 21:56 - 000000000 ____D C:\Windows\system32\Drivers\wd 2021-10-04 23:26 - 2021-04-06 17:22 - 000000000 ____D C:\ProgramData\SquirrelMachineInstalls 2021-10-02 13:42 - 2021-04-06 16:39 - 000000000 ____D C:\Users\pierr\AppData\Local\Packages 2021-10-02 12:03 - 2021-04-06 18:05 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-10-02 12:01 - 2021-04-06 17:20 - 000003590 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2021-10-02 12:01 - 2021-04-06 17:20 - 000003466 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2021-09-16 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2021-09-16 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2021-09-16 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata 2021-09-16 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz 2021-09-16 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism 2021-09-16 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs 2021-09-16 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser 2021-09-16 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents 2021-09-16 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning 2021-09-16 21:02 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing 2021-09-16 21:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports ==================== Fichiers à la racine de certains dossiers ======== 2021-10-04 23:09 - 2021-10-04 23:09 - 000206848 _____ (hfashdasj) C:\Users\pierr\AppData\Roaming\1858545.scr 2021-10-04 23:09 - 2021-10-04 23:09 - 000209408 _____ (gsdfdsfds) C:\Users\pierr\AppData\Roaming\2599439.scr 2021-10-04 23:09 - 2021-10-04 23:09 - 000068608 _____ (Hoting) C:\Users\pierr\AppData\Roaming\4806980.scr 2021-10-04 23:09 - 2021-10-04 23:09 - 002572288 _____ () C:\Users\pierr\AppData\Roaming\5365469.scr 2021-10-04 23:09 - 2021-10-04 23:09 - 002667008 _____ () C:\Users\pierr\AppData\Roaming\8322856.scr 2021-04-08 20:36 - 2021-04-08 20:36 - 000000531 _____ () C:\Users\pierr\AppData\Roaming\AdobeWLCMR2Cache.dat 2021-10-04 23:05 - 2021-10-04 23:05 - 000000000 _____ () C:\Users\pierr\AppData\Roaming\F35C.tmp 2021-10-04 23:05 - 2021-10-04 23:05 - 000000000 _____ () C:\Users\pierr\AppData\Roaming\F9C5.tmp 2021-10-04 23:05 - 2021-10-04 23:05 - 000000000 _____ () C:\Users\pierr\AppData\Roaming\FAEF.tmp 2021-04-06 18:34 - 2021-04-06 18:34 - 000007605 _____ () C:\Users\pierr\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================